1

I have a scenario where my API updates some claims in active directory via the Graph API.
In such case, I notify the client via response headers that it needs to refresh the access token, in order to get a token with the new claims.

The problem is that when I call acquireTokenSilent (in Msal.UserAgentApplication) in gives me the old token. I found out that it happens because Msal saves the access token in sessionStorage/localStorage.

Is there a way for me to explicitly request a new access token without directly removing the cache?

Tony Ju
  • 14,891
  • 3
  • 17
  • 31
areller
  • 4,800
  • 9
  • 29
  • 57
  • You could use the refresh token to get the new access token. If no refresh token, you could refer to this [doc](https://learn.microsoft.com/en-us/azure/active-directory-b2c/active-directory-b2c-reference-oidc) to get refresh token. – SunnySun Apr 10 '19 at 02:20

1 Answers1

1

acquireTokenSilent method will acquire and renew tokens silently in the background. The access token will expired in an hour by default. After 1 hour, you will get a new access token. You can refer to this document.

Usually we can use the refresh token to refresh access token. But in msal.js this is not transparent. Anyway, you can have a look at this answer.

You can sign out and sign in again. Then you will get a new access token.

You can also call acquireTokenPopup or acquireTokenRedirect method to acquire a new access token, but they are interactive methods.

Refer to How to renew tokens with MSAL.js for more details.

Tony Ju
  • 14,891
  • 3
  • 17
  • 31