Refresh token lifetime and refresh

Snow Jon 31 Reputation points
2022-02-07T05:42:31.28+00:00

Hi,

I try to use device code authorization and get refresh token from response,

And I have some questions:

(1) The refresh token lifetime is 90 days, when I get a refresh token A (create date: 2022/02/07, expired date: 2022/05/08), after 30 days, I use refresh api to get new refresh token B (create date: 2022/03/09, expired date: ?) by token A, is token B has new 90 days lifetime?

It means refresh token B will expire on 2022/06/07? or token B's lifetime is same as refresh token A?(expired date: 2022/05/08)

It is possible to refresh token cyclical and use new refresh token for keep access graph api?

(2) The refresh token lifetime is 90 days, so after 90 days, it means can't use refresh api to get new refresh token by expired refresh token?

Thanks for your help.

Microsoft Graph
Microsoft Graph
A Microsoft programmability model that exposes REST APIs and client libraries to access data on Microsoft 365 services.
10,861 questions
0 comments No comments
{count} votes

Accepted answer
  1. CarlZhao-MSFT 37,871 Reputation points
    2022-02-07T07:42:02.077+00:00

    Hi @Snow Jon

    It is possible to refresh token cyclical and use new refresh token for keep access graph api?

    During the lifetime of the refresh token, you can obtain new access tokens and refresh tokens through it, the new refresh token you get will also have a lifetime of 90 days, it lifetime is not affected by your initial refresh token. But according to the OAuth 2.0 specification, the old refresh token should be discarded when you get a new refresh token.

    The refresh token lifetime is 90 days, so after 90 days, it means can't use refresh api to get new refresh token by expired refresh token?

    Yes, sure.


    If the answer is helpful, please click "Accept Answer" and kindly upvote it. If you have extra questions about this answer, please click "Comment".
    Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.

    2 people found this answer helpful.

0 additional answers

Sort by: Most helpful