I'm currently injecting ITokenAcquisition and invoking GetAccessTokenForAppAsync in order to attain an access token from Azure AD.
I've wired it up using AddInMemoryTokenCaches. This is my code from Startup.cs:
services.AddAuthentication(OpenIdConnectDefaults.AuthenticationScheme)
.AddMicrosoftIdentityWebApp(Configuration)
.EnableTokenAcquisitionToCallDownstreamApi(new[] { Configuration["scopes"] })
.AddInMemoryTokenCaches();
My question is does the implementation of ITokenAcquisition handle getting a refresh token when a currently cached token is nearing expiration? Aka, do I have to explicitly manage this in my code? If so, where are some good sample/docs of how to do that?
Also, if ITokenAcquisition does not handle token refresh based on expiration, will using IDownstreamWebApi handle it?
The IdentityModel library has really clear information about what it handles for you as far a token management.
On the Overview page, it clearly states (before diving into specifics or implementation) what you can expect to get out of using the library:
- automatic refresh of expired access tokens
- refresh token revocation
- token lifetime automation for HttpClient
Any help would be appreciated. Thanks!