My application is based on ASP.NET SDK sample for Microsoft graph from here: https://developer.microsoft.com/en-us/graph/docs/get-started/aspnetmvc
I successfully build an application which manages calendars (meeting rooms), but I come across the problem that user is logged out after 1 hour. Application is based on OpenID and lifetime of access token is 1 hour. I would assume that in SDK sample would automatically extend lifetime of access token through code bellow, so that I would not implement refresh token by self:
var cca = new ConfidentialClientApplication(appId, redirectUri, new ClientCredential(appSecret), tokenCache);
var result = await cca.AcquireTokenSilentAsync(scopes);
I was trying playing around with cookie and authentication options, but I want successful:
var cookieAuthenticationOptions = new CookieAuthenticationOptions();
cookieAuthenticationOptions.ExpireTimeSpan = TimeSpan.FromMinutes(90);
cookieAuthenticationOptions.SlidingExpiration = false;
new OpenIdConnectAuthenticationOptions{ UseTokenLifetime = true }
So basically I would like to know, how to keep user signed in for 90 days in my application so user don’t need to enter his credentials every hour.
Thank you very much for your help.
As mentioned by @Jason Johnston The SDK handles it by itself but there is one thing we have found out when we read this article - Focus on tenants section.
Most of our users had personal and even organization account and therefore when it tried to refresh the token you had to choose one of these accounts (when asked by MS login page after every hour.)
After changing our login URL to work with "organizations" tenant, no other action was needed and then all refreshing happened automatically, which was our intended behavior.