Unable to get Refresh token from Azure B2C
Question
Can anyone please tell me the steps to get a refresh token from Azure B2C, although we already have authorization token from Azure B2C.
We are following below user flow for getting the active token from Azure B2C but we are not receiving Refresh Token
https://tenant.b2clogin.com/tenant.onmicrosoft.com/oauth2/v2.0/authorize?
client_id=feerer72-615a-4851-af2b-78786bhgg
&response_type=id_token+token
&redirect_uri=https%3A%2F%2Fjwt.ms
&scope=openid%20offline_access
&state=arbitrary_data_you_can_receive_in_the_response
&nonce=defaultNonce
&p=userflowName
Description: Have given all permissions on azure B2C tenant as shown in screenshots attached below:
So please can anyone tell me how can I receive refresh token in response so that I can use that refresh token for getting an another active token from Azure B2C without login in the user on Azure B2C.
NOTE: Check the response given below: We are getting Active Token but not receiving Refresh Token
{
"typ": "JWT",
"alg": "RS256",
"kid": "X5eXk4xyojNFum1kl2Ytv8dlNP4-c57dO6QGTVBwaNk"
}.{
"exp": 1582120656,
"nbf": 1582034256,
"ver": "1.0",
"iss": "https://tenant.b2clogin.com/c9fabc17-7ff9-4cdf17-b175-945gfgdf9ac/v2.0/",
"sub": "842e9ee3-28dfd02-4a29-ba95-b5228616e9fe",
"aud": "fecd3e72-615a-4851-af2b-d2b5171735erer4d",
"nonce": "defaultNonce",
"iat": 1582034256,
"auth_time": 1582034256,
"oid": "898hfhfe3-2802-4a29-ba95-b5228616e9fe",
"emails": [
"nikhil.sharma@gmail.com"
],
"tfp": "B2C_1_Sign_Up_Policy",
"c_hash": "vAb2w438XDmZpZBzEYMcZ2rA"
}
2 answers
solution1
2 2020-02-24 06:43:21
It is really simple just have to understand the way to get the access_token with the refresh_token. The complete flow comprised of three steps.
1) Get the code from Azure user flow by redirecting the application to the Azure login screen. This is going to be a GET request.
https://{tenant}.b2clogin.com/{tenant}.onmicrosoft.com/{userflow}/oauth2/v2.0/authorize?
client_id=abcd3e72-615a-8745-af2b-d2b51717354d
&response_type=code
&redirect_uri=https%3A%2F%2Fjwt.ms
&response_mode=query
&scope=abcd3e72-615a-8745-af2b-d2b51717354d%20offline_access
&state=arbitrary_data_you_can_receive_in_the_response
After successfully login, Azure redirect with code param in query string.
2) Use above code to get the access_token and refresh_token by using below POST URL request.
https://{tenant}.b2clogin.com/{tenant}.onmicrosoft.com/{userflow}/oauth2/v2.0/token
3) After expiration of access_token use refresh_token with the below POST URL to get the access token along with refresh token.
https://{tenant}.b2clogin.com/{tenant}.onmicrosoft.com/{userflow}/oauth2/v2.0/token
solution2
0 2020-02-19 10:49:14
Try using the following endpoint to make the same request and check if you get in the response the refresh token:
https://{tenant}.b2clogin.com/{tenant}.onmicrosoft.com/oauth2/v2.0/token
If not, then potentially there is some misconfiguration with your AD B2C instance.
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.