Azure AAD token expire issue with web app

0
votes

We are using Azure AD authentication with a bootstrap MVC site. Everything is fine and dandy - except we have an issue with the token timeout. I have read multiple articles about the token lasting 1 hour before re-authenticating against Microsoft.

Our problem comes up when posting data. Efter we enter a page with a post form on it - and this hours expires when on the page - the post data gets lost when posting the data. Everything points in the direction of the problem occurring when the site goes to get a fresh 1-hour token.

Has anyone here had experience with this or have any idea of how to get around this problem?

1
azureazure-web-app-serviceazure-active-directory

1 Answers

1
votes

Not sure if this is the right way of doing things, but this is how we're handling this situation.

Basically when a user authenticates against Azure AD, you get 3 things back - Access Token (which expires after 60 minutes), Refresh Token and Token Expiry. What we do in our application is cache these three items.

Whenever we perform something that requires Access Token, we first check if the token has expired or not (by comparing the server date/time with the token expiry). If the token is not expired, we simply use that access token. However if the token is expired, we fetch new tokens using refresh token (fetching new tokens using refresh token will again return Access Token, Refresh Token and Token Expiry which we cache again in our application).