Why am I receiving "reauthorizationRequired" lifecycle notifications when creating webhook subscriptions with a small expirationDateTime?

Question

I am using Microsoft webhook change notifications to listen to new emails in user's mailbox. The notifications are subscribed as follows:

{  
  "changeType": "created",  
  "notificationUrl": "{our-internal-api-endpoint}",  
  "resource": "/me/messages",  
  "expirationDateTime": "{expiry-time}",  
  "clientState": "SecretClientState"  
}  

As per documentation, the maximum expirationDateTime that can be used for message resource is currentDateTime + 4230 minutes. I have noticed that if I create a subscription using a small expiry time e.g., 60 minutes, I immediately receive a reauthorizationRequired lifecycle notification. Now as per reauthorizationRequired notification's documentation, there are multiple reasons that can can cause this notification and one of them is: "The subscription expires before you renew it".

I suspect that because the subscription is about to expire in short time, Microsoft sends me this notification to signal that I should renew it soon which is why I don't get this notification when I create the subscription with a longer expiry time (i.e. 4230 minutes) and only for lower expiry times like 60 minutes.

Can someone please confirm this behavior because the exact time interval at which Microsoft sends this notification before the subscription expires is not discussed in the documentation.

Answer 1

I have the same issue when implementing this feature. I guess you're right. But they should update the documentation with that note. I'm opening an issue.

Answer 2

This is currently by design. When the TokenTimeToExpirationInMinutes is less or equal to 60mins you will receive reauthorizationRequired notifications every 15mins until token expiry