I have an api with the following scopes (api_access and offline_access):
And a front end blazor app that uses code flow and consumes that api. Here's how I'm configuring authentication:
builder.Services.AddAuthentication(options => { options.DefaultScheme = CookieAuthenticationDefaults.AuthenticationScheme; options.DefaultChallengeScheme = OpenIdConnectDefaults.AuthenticationScheme; }) .AddCookie(CookieAuthenticationDefaults.AuthenticationScheme) .AddOpenIdConnect(OpenIdConnectDefaults.AuthenticationScheme, options => { options.SignInScheme = CookieAuthenticationDefaults.AuthenticationScheme; options.Authority = "xxxxx"; options.ClientId = "xxxxx"; options.ResponseType = "code"; options.SaveTokens = true; options.Scope.Add("api://xxxxx/api_access"); options.ClientSecret = "xxxxx";And here's how I'm requesting the access code to call the api:
var access_token = await httpContext.GetTokenAsync("access_token");This works, but the access token expires in one hour. I don't get a new token when I call httpContext.GetTokenAsync("access_token") again after it is expired. How to get a new valid token?