Yes, you can use refresh tokens alongside access and ID tokens in Azure Logic Apps. Here's how it works:
1. Access Tokens: These are short-lived tokens used to access protected resources. They typically expire after a short period, such as one hour[1][3].
2. Refresh Tokens: These are longer-lived tokens used to obtain new access tokens when the current one expires. In Azure, refresh tokens can last up to 90 days for most scenarios[3]. You can use a refresh token to get a new access token by sending a request to the token endpoint with the refresh token[1][6].
3. ID Tokens: These are used for authentication and contain user information. While they are not directly related to the refresh process, they are part of the OAuth flow that also includes access and refresh tokens[8].
To implement refresh tokens in Azure Logic Apps, you can create a workflow that checks if an access token is about to expire and then uses the refresh token to obtain a new access token. This can be automated by scheduling the Logic App to run periodically, such as every 59 minutes, to ensure the access token remains valid[7][6].
Here is a basic outline of how you might implement this in a Logic App:
- Step 1: Obtain an initial access token and refresh token.
- Step 2: Use the access token to perform actions.
- Step 3: Before the access token expires, use the refresh token to obtain a new access token.
- Step 4: Update any stored access tokens with the new one.
- Step 5: Repeat the process as needed.
This approach ensures continuous access to protected resources without manual intervention.
Citations:
[1] https://devforum.zoom.us/t/access-token-expires-after-one-hour-so-my-logic-app-flowstep-runs-only-one-hour-no-renew/99225
[2] https://security.stackexchange.com/questions/194774/how-to-handle-refresh-tokens
[3] https://learn.microsoft.com/en-us/entra/identity-platform/refresh-tokens
[4] https://auth0.com/blog/refresh-tokens-what-are-they-and-when-to-use-them/
[5] https://github.com/Azure/logicapps/discussions/664
[6] https://gotoguy.blog/2020/12/05/blog-series-powering-up-your-home-office-lights-part-4-using-logic-apps-to-get-access-token-and-renew-access-token-if-needed/
[7] https://www.reddit.com/r/AZURE/comments/xl06hh/new_to_azure_can_azure_logic_apps_help_me_keep_an/
[8] https://learn.microsoft.com/en-us/azure/active-directory-b2c/tokens-overview
[9] https://stackoverflow.com/questions/77085349/azure-logic-apps-azure-ad-refresh-token-module