Microsoft Graph API 刷新令牌已过期 [英] Microsoft Graph API Refresh Token Expired
问题描述
我有一个使用 Microsoft 图形 API 集成到 Office 365 的 Web 应用程序.我已经使用该应用程序一年多了.最近我收到一条错误消息,指出 由于不活动而导致刷新令牌已过期,因此我无法在 3 天内更新该用户的订阅.
I have a web application integrated to Office 365 using Microsoft graph API. I have using the application for more than a year now. Lately I have been receiving an error stating the refresh token has expired due to inactivity hence I am not able to update that users subscription by 3 days.
现在,每当一封电子邮件进入用户收件箱时,侦听状态都会出现异常.
Now whenever an email hits the users inbox there is an exception in the listen state.
以下是错误信息
验证凭据时出错.AADSTS70008:由于不活动,刷新令牌已过期.该令牌于 2017-02-16T19:08:12.3388232Z 发行,并在 90.00:00:00 内处于非活动状态.
Error validating credentials. AADSTS70008: The refresh token has expired due to inactivity. The token was issued on 2017-02-16T19:08:12.3388232Z and was inactive for 90.00:00:00.
请帮助解决此错误
推荐答案
查看 本文档 关于默认和可配置的令牌生命周期.
Check out this document on default and configurable token lifetimes.
一般来说,刷新令牌的默认有效期为 14 天,并且可以为新的访问 + 刷新令牌对续订长达 90 天.90 天后,使用默认配置,用户将不得不再次以交互方式登录您的应用程序.
In general, the default lifetime of a refresh token is 14 days, and that can be renewed for new access + refresh token pairs for up to 90 days. After 90 days, with the default configuration, a user will have to interactively sign into your application again.
我相信你看到的错误是这个刷新令牌最大年龄"的结果.您可以配置此设置以使其永不过期,但此处更安全的做法是捕获此错误,并让用户再次登录.
I believe the error you are seeing is a result of this "Refresh Token Max Age". You have the ability to configure this setting so that it will never expire, but the safer practice here would be to catch this error, and have the user sign-in again.
这篇关于Microsoft Graph API 刷新令牌已过期的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
