Reputation: 552
Android : Refresh token not returned in OAuth Microsoft cloud health API
After hitting the login URL of Microsoft band with my credentials, i am redirected to a URL which contains the access token but it doesn't return the refresh token for the authorisation scope (offline_access). Do we have to make any changes in the Microsoft account for offline access ?
Note : offline_access scope missing in redirected URL
Login URL : (To get access token)
https://login.live.com/oauth20_authorize.srf?client_id=0000000067E8E&scope=offline_access mshealth.ReadDevices mshealth.ReadActivityHistory&response_type=token &redirect_uri=https://login.live.com/oauth20_desktop.srf
Redirected URL
Upvotes: 0
Views: 489
Answers (1)
Reputation: 2016
You're trying to use 'response_type=token' but the Microsoft Health API uses the 2-step 'response_type=code' authentication flow. See section 4.8 of the Getting Started guide. The redirect URL for the first call contains the authorization code as a query parameter. You use that code in a second call which returns a JSON response body containing the access token and (if offline_access scope was requested) a refresh token.
Upvotes: 1
Related Questions
- Microsoft Graph API not returning refresh token
- Not getting a refresh token https://login.microsoftonline.com/common/oauth2/v2.0/token
- Android Microsoft Authentication Library (MSAL) : Facing issue in token expiry handling, how to refresh token using MSAL Android SDK
- How to get refresh token using Microsoft Authentication Library (Msal) in android
- Microsoft Graph APIs handling of oAuth2.0 refresh tokens
- Oauth2 refresh token renewal in Android
- Getting refresh token in Android application from Spring OAuth2 based authentication server
- Unable to get refresh token with google OAuth 2
- Oauth 2.0 refresh token expiration
- Android oAuth Refresh Token returns null