Reputation: 9745
How long does Microsoft Office Graph API refresh token lives?
We've configured an AAD multi-tenant app and we are aquiring tokens from following endpoint: https://login.microsoftonline.com/common/oauth2/v2.0/token using the code we've got from user authorisation.
Endpoint provides no information about the refresh token lifetime.
This document states it should always have a default value of 90 days: https://learn.microsoft.com/en-us/azure/active-directory/develop/active-directory-configurable-token-lifetimes#refresh-and-session-token-lifetime-policy-properties
Is it always 90 days, can we be sure it'll live that long or it still depends on the user's organization configuration?
Upvotes: 0
Views: 638
Answers (1)
Reputation: 181
Yes, per the document unless you specify otherwise via conditional access the token lifetime is 90 days.
Upvotes: 1
Related Questions
- Microsoft graph API access tokens lifetime
- Microsoft Graph API - not receiving refresh token
- Microsoft Graph refresh token expiry
- What is the token validity time when using Graph API
- Microsoft Azure Refresh Token Expires after 90 days
- Refresh Token Lifespan (Microsoft Graph)
- What is the expiry time of refresh token issued by Microsoft Azure OAuth2.0?
- Microsoft Graph API Refresh Token Expired
- Azure Active Directory graph api - How to regenerate expired page token
- Is there an expiration for refresh_token in Azure AD OAuth2