According to this site , "AcquireTokenSilent is capable... of refreshing a token when it's getting close to expiration (as the token cache also contains a refresh token)" which is great, but what are the restrictions on when MSAL is allowed to refresh a token?
This stackoverflow question implies that sometimes the server sends a special refresh token, but when I call App.PCA.AcquireToken...() it returns an object of type AuthenticationResult which doesn't have any members named anything like Refresh (in our Xamarin/C# app) so it doesn't seem like there is actually a separate token only used to figure out refreshing?
Does AcquireTokenSilent() require Internet access? Does it always check in with the server?
AcquireTokenSilent will search an access token in the token cache for the current account. If it's not found it will throw an MsalUiRequiredException:
There are subtle cases where, while refreshing the token, the Microsoft identity platform will decide that MFA is needed, or some kind of interaction, and in that case AcquireTokenSilent may also throw a MsalUiRequiredException. See https://docs.microsoft.com/en-us/azure/active-directory/develop/msal-handling-exceptions#msaluirequiredexception for details
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.