The true valid time for "user_code expires_in" is 300 seconds, but the microsoft server tells me that the "user_code expires_in" is 900 seconds

Question

I got user_code following https://learn.microsoft.com/en-us/azure/active-directory/develop/v2-oauth2-device-code .

Step 1. Execute the folowing command:
curl -vik -d "client_id=fb305542-dc39-4760-a8ac-2eebd9099dd9&scope=openid profile email https://outlook.office.com/POP.AccessAsUser.All+offline_access&" https://login.microsoftonline.com/consumers/oauth2/v2.0/devicecode

Microsoft server response:

Step 2.
Execute the following command every 15 seconds:
curl -vik -d "client_id=fb305542-dc39-4760-a8ac-2eebd9099dd9&device_code=HAQABAAEAAAD--DLA3VO7QrddgJg7WevrH4vzpebJBbwZWgG-RppRBsBr8DMJ3u96orVK1HX6IT0o8Otxz2qjU0Bn67iKworp7JyOaEi6RdcOxaSDr9HOAeZ22rbiObFh7K4DbE524nBYsytAskPg0uklRa5KgDFiINQ4EbPAbo6tHyhSh4ZYb2DEXb34CZYAKQHli-xr6URSZsPcR1SvPJOawhvSrrFIz0kKN-FZyoYEXqja4H-Ns0uSlBkAovjr_Dcrh7hABvd1j3uaRnRrGdXFGRc2cjzj2JSC3ZJ1U8dQPdItmJbXNN0sggnamGWWN2_4shF95l3dswQhVXz1aO5I7IwWDpr-4MLrX4Src_Sf3744y0Y_5No05mpSLwMLHBbOK3xvsc02wr25EFNQXUEz3cqtwTD0IAA&grant_type=urn:ietf:params:oauth:grant-type:device_code" -H "Content-Type: application/x-www-form-urlencoded" https://login.microsoftonline.com/consumers/oauth2/v2.0/token

Step 3.But after 300 seconds I visit the https://www.microsoft.com/link in the browser , and enter 452APQ3U get the following result:

Answer 1

Hi @scarecrow kakashi , 900 seconds is the "usual time" but it's pretty much arbitrary. Take a look at the OAuth doc here. You can change the token expiry time. So most likely you just need to edit your refresh token and it should work for you. I'm having a hard time following the steps you posted, but wherever you use the refresh token try updating the expiry time manually.

Please let me know if you have any questions.

If this answer helped you please mark it as "Verified" so other users can reference it.

Thank you,
James