We have an unexpected issue: When we are hitting endpoint: https://login.microsoftonline.com/common/oauth2/v2.0/token, we are not getting the refresh token anymore as seen in the picture attached, have not changed anything code side. It seems that this has recently stopped working on 27th November.
Some things to note:
- we've tried with two different application id + secret and still same issue, any ideas? Any help would greatly be appreciated.
- We've already added offline access as per here: https://docs.microsoft.com/en-us/azure/active-directory/develop/v2-permissions-and-consent#offline_access
I have attached the following screenshot:
Update solution found: previously, in the authorization code, we were using the default, and it was working fine. However, something seems to be changed at the Azure Active Directory side. So we changed the request authorization code scope, and that resolved the issue.
Changed from this:
let URL = https://login.microsoftonline.com/common/oauth2/v2.0/authorize?client_id=000000000-af44-44c9-a967-000000000000&response_type=code&redirect_uri=http://localhost:3000/token&response_mode=query&scope=https://graph.microsoft.com/.default&state=12345
To this:
let url = https://login.microsoftonline.com/common/oauth2/v2.0/authorize?client_id=000000-af44-44c9-a967-00000&response_type=code&redirect_uri=http://localhost:3000/token&response_mode=query&scope=openid%20offline_access%20https%3A%2F%2Fgraph.microsoft.com%2Fmail.read&state=12345
offline_accessscope when requesting the tokens? I think that's required to get refresh tokens. – juunas