Menu
I'm having some trouble understanding how to get a Microsoft graph API token that lives more than 3599 seconds.
This is my first call to the API to get the first token:
And now that I got a refresh token I going to pass it through another call to get a new token:
This all works fine, except the new token also has a 3599 duration, so, my question is, is it possible to get a longer lived token, e.g. 14 days?
902
The default lifetime of the token is 1 hour.
The access token is set with a reasonably lower expiration time of 30 mins. The refresh token is set with a very long expiration time of 200 days. If the traffic to this API is 10 requests/second, then it can generate as many as 864,000 tokens in a day.
Tokens are valid for 30 days from creation or last use, so that the 30 day expiration automatically refreshes with each API call. Tokens that aren't used for 30 days expire. The 30-day period is currently fixed and can't be changed for your organization.
This actually isn't determined by Microsoft Graph but rather by Azure Active Directory.
For a given tenant, the life-time can be configured using Configurable token lifetimes in Azure Active Directory (Public Preview). There are a couple of important notes about this functionality:
This functionality is still in Preview, so functionality may change between now and general release.
This configuration is per tenant, service principal, or application. If you configure it on the application, then the policy will apply on multi-tenant applications unless superseded by a policy on the service principal or tenant level.
The maximum lifetime for an Access token is 24 hours (minimum is 10 minutes, default is 1 hour).
In general, rather than adjusting the lifetime of the Access Token you should rely on the Refresh Token instead. These have a much longer lifetime of 14 days.
120
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
