Microsoft Graph API Refresh Token Expired

office365 webhooks microsoft-graph-api
11,000

Check out this document on default and configurable token lifetimes.

In general, the default lifetime of a refresh token is 14 days, and that can be renewed for new access + refresh token pairs for up to 90 days. After 90 days, with the default configuration, a user will have to interactively sign into your application again.

I believe the error you are seeing is a result of this "Refresh Token Max Age". You have the ability to configure this setting so that it will never expire, but the safer practice here would be to catch this error, and have the user sign-in again.

Share:
11,000
Alvindra Dutt
Author by

Alvindra Dutt

Updated on June 09, 2022

Comments

  • Alvindra Dutt
    Alvindra Dutt almost 2 years

    I have a web application integrated to Office 365 using Microsoft graph API. I have using the application for more than a year now. Lately I have been receiving an error stating the refresh token has expired due to inactivity hence I am not able to update that users subscription by 3 days.

    Now whenever an email hits the users inbox there is an exception in the listen state.

    below is the error message

    Error validating credentials. AADSTS70008: The refresh token has expired due to inactivity. The token was issued on 2017-02-16T19:08:12.3388232Z and was inactive for 90.00:00:00.

    snippet of the error message

    Please help on how to fix this error

  • Claude
    Claude about 5 years
    Things may have changed since this answer was written. Link is still valid. However, refresh tokens (may) remain valid forever, even though there is a "Refresh Token Max Inactive Time".
  • Alvindra Dutt
    Alvindra Dutt about 5 years
    On the date of this question asked. I had developed a way to refresh the token using a API call upon expiry as a work around and seems to be working till date. Hoping there is new documentation out now.
  • Konrad
    Konrad about 4 years
    Hello @Claude could you explain how to set refresh tokens so they are valid forever? Is this something the client asking for permissions can do, or is it something that is configured in the user's tenant? Many thanks
  • kcollignon
    kcollignon over 3 years
    Hi, did anyone figure out how to configure the Refresh Token to be valid forever and not 90 days?
  • perustaja
    perustaja almost 3 years
    @kcollignon "As of January 30, 2021 you can not configure refresh and session token lifetimes" from the linked document in the answer currently. Doesn't seem possible now.

Recents

Why Is PNG file with Drop Shadow in Flutter Web App Grainy?
How to troubleshoot crashes detected by Google Play Store for Flutter app
Cupertino DateTime picker interfering with scroll behaviour
Why does awk -F work for most letters, but not for the letter "t"?
Flutter change focus color and icon color but not works
How to print and connect to printer using flutter desktop via usb?
Critical issues have been reported with the following SDK versions: com.google.android.gms:play-services-safetynet:17.0.0
Flutter Dart - get localized country name from country code
navigatorState is null when using pushNamed Navigation onGenerateRoutes of GetMaterialPage
Android Sdk manager not found- Flutter doctor error
Flutter Laravel Push Notification without using any third party like(firebase,onesignal..etc)
How to change the color of ElevatedButton when entering text in TextField

Related

How to access shared calendars from Office REST API?
Office 365 API - Creating New User, Getting Licensing Information; Which API to use?
MS Graph API: invalid authentication token
Doing batch requests in the office 365 email rest api
Make Outlook add-ins working with Office 365 shared mailboxes
Java Mail using office365 account
Failure to generate access token using refresh token for O365 API
Microsoft Access Token Request Error - 400 Bad Request
Resource parameter when requesting access token?
bitbucket webhook to jenkins with branch name