How to use the refresh token?

[chauhansaurabhb]

Hello,

Thanks for contributing this library. I am following your login example code and everything is working fine (I can get access and refresh tokens).

My question is that: How can I use the refresh token? What is the use of the refresh token? I have noticed that the access token is valid for ~30 mins. After 30 mins, I have to authenticate again in order to get the new valid access token. I would like to avoid this (repetitive login).

Can you point to me any example where you have used the refresh token or is there any approach to refresh the access token?

I am using the following configuration code:

passport.use(new MicrosoftStrategy({
  clientID: MICROSOFT_GRAPH_CLIENT_ID,
  clientSecret: MICROSOFT_GRAPH_CLIENT_SECRET,
  callbackURL: 'http://localhost:3000/auth/microsoft/callback',
  scope: ['openid','offline_access','user.read','Files.Read','Files.Read.All'],
  tenant: 'xxxxxxxxxxxxxxxxx',
},

Thanking you,
Saurabh

[seanfisher]

@chauhansaurabhb - The refresh token lets you request new access tokens when they have expired. Typically refresh tokens are long-living. Here's a resource for understanding refresh tokens, and here's a library that wraps some of the refresh logic for you while using Passport.js: passport-oauth2-refresh. Note that I haven't used passport-oauth2-refresh, so I can't vouch for it's quality, but it should hopefully at least point you in a good direction.