为什么我的Office 365的OAuth2刷新令牌不断到期的如此迅速？ [英] Why do my Office 365 OAuth2 refresh tokens keep expiring so quickly?

问题描述

我知道，Office 365刷新令牌到期，当用户更改其密码，但我看到他们到期几乎每周都会为我的客户。

I'm aware that the Office 365 refresh tokens expire when the user changes their password, but I'm seeing them expire almost weekly for my customers.

有什么设置在Azure中我的OAuth2应用程序时，我已经配置错误？

Is there something I've misconfigured when setting up my OAuth2 app in Azure?

推荐答案

一般情况下，访问令牌持续1个小时，刷新令牌持续14天。

Usually, the access token lasts 1 hours, the refresh token lasts 14 days.

根据该文件授权code格兰特流量刷新令牌的寿命变化的基础上的策略设置即可。在这种情况下，你可以检查的Azure AD策略设置。

According to the document Authorization Code Grant Flow, the lifetime of refresh token varies based on policy settings. In this case, you may check the Azure AD policy settings.

刷新令牌的使用寿命不提供和变化的基础上
  策略设置和时间当授权code补助
  通过Azure的AD撤销。该应用程序应该期望和当新的访问令牌请求失败办案。在这种情况下，它应该返回到code请求新的访问令牌

The lifetime of the refresh token is not provided and varies based on policy settings and the time when the authorization code grant is revoked by Azure AD. The application should expect and handle cases when the request for a new access token fails. In that case, it should return to the code that requests a new access token.

在访问令牌到期后，您可以使用刷新令牌请求新的访问令牌。包括新的访问令牌和一个新的刷新令牌的响应。

When the access token expires, you can use the Refresh Token to Request a New Access Token. The response including a new access token and a new refresh token.

旧刷新令牌将持续14天，作为一种解决方法，您可以使用新的刷新令牌这将持续另一个14天。

The old refresh token will last 14 days, as a workaround, you can use the new refresh token which will lasts another 14 days.

这篇关于为什么我的Office 365的OAuth2刷新令牌不断到期的如此迅速？的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！