I would like confirmation, on setup being possible, and direction on achieving the following:
Azure B2C Custom Policy OAuth2 bearer authentication with token that expires every 1 hour
Steps which would be part of the Custom Policy Orchestration steps:
- If not access token has been retrieved or it has expired (token are valid only for 1hr), then Custom Policy retrieves access token from a federated identity provider
a. Requires logging-in, then retrieving of access token (two different restful api calls)
b. Store access token with validaty of 1 hr
- Access token is used to access an external Api that verifies its validity
My question specifically in in regards to this caching mechanism, since this flow fits the static bearer token described here: https://learn.microsoft.com/en-us/azure/active-directory-b2c/secure-rest-api?tabs=windows&pivots=b2c-custom-policy#using-a-static-oauth2-bearer
Except the access token value would need to be set dynamically every 55 minutes.
Thank you
-Tony RR