Share via

OAuth2: refresh tokens being expired randomly

Duy Trong 1 Reputation point
2022-07-26T03:29:32.603+00:00

Hi everyone,

We have a system which allow us to access Microsoft Graph on the behalf of other users who have authenticated with OAuth2. Recently we are experiencing the following issue:

  • Refresh tokens being expired randomly and unexpectedly, for instance yesterday the refresh token was still valid but today turns out invalid, even it was issue less than 90 days

From this article https://learn.microsoft.com/en-us/advertising/guides/authentication-oauth-get-tokens?view=bingads-13#refresh-accesstoken

I understand that refresh tokens can be invalidated at any moment, my question is:

  • What are the reasons cause these tokens are being invalidated at any time? and then its invalidated
  • Can we acquire another refresh token without require users login again?

Thank you,

Duy

Microsoft Graph
Microsoft Graph
A Microsoft programmability model that exposes REST APIs and client libraries to access data on Microsoft 365 services.
12,253 questions
0 comments

1 answer

Sort by: Most helpful
Most helpful Newest Oldest
  1. Vasil Michev 107.7K Reputation points MVP
    2022-07-26T06:49:48.993+00:00

    There can be a number of reasons why a token is invalidated, ranging from user actions (password change) to organization configuration. Tokens can also be revoked manually/on demand. Generally speaking you are not in control of this, so the best approach is to code your application to request new tokens as necessary. And yes, this means having the user login again.

    0 comments

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.