Office 365 API not returning refresh_token when tried to get access_token using v2 approach

Question

Hi Team,

                Created one sample project using v2 app model preview approach to use REST API's can able to send mail successfully. But problem is not able to get refresh_token if call the  below endpoint url.

                   

          https://login.microsoftonline.com/common/oauth2/v2.0/token

        Below is my json response once call the above endpoint in post method with the list of parameters including client_id, redirect_uri, grant_type and code(Authoriaztioncode).

{"token_type":"Bearer","expires_in":"3599","scope":"https:\/\/outlook.office.com\/mail.read https:\/\/outlook.office.com\/mail.send","access_token":"EwCAAul3BAAUo4xeBIbHjhBxWOFekj4Xy2fhaGQAAQWg7OHZ+yY9CXJ0IEHt4uGLfIr5z1Y5WrUOejs9x+axt8Up2ynjkbPYvpEeOD5BlfU7D5dkPtX7sVokCupgLmWiWGXBoAyudQM2j1dMamp++yfK7Ei2xbaKNlKcyvNQ821KdmBw3n+6SeHUQTaIeVTaOh6mIl2\/Mnu8tszWJnObZsCBC+Sfi1\/MLaCNVXVu2zRcugpQEJqTNfDrm1Kj\/K4lDHuEkhaZwx0vuMNHEa185dWRI67NWqzxsaGgWQLoVjMBdk1HuBuD\/QaA\/8hkSzCIrGl8Ak1nUnK8+Pv1LEoF4QxytYLfZPousKlZc2iHf54LmuVrljEmGcAoQGs0vWsDZgAACLjUSfvvK\/gjUAEgKZHFo6mPP+E31vBcfB2OfZtddb6UB1IZtuL5YL1cSykaKjiQm1G5rNWeqUj+pdnUEOjvYOWck\/xTLyXjt7Wbv3AdaR8MuS25OnZ8pwv8VTIrWSVuHU6uUkfpUuhEXMHGcXZyk+Ox+q6teLFF7i75aUtwc087ph8d4pMqpIDa0IxAKroJ1oz8C0l7r5BGhURPN8kSAoqNLPC1WXYwXKcbtC074n58A9zxSQdnpqmmgEbOUtoKLgZ1JcdBYgWsSgZJIEpFbjjgvPZ7x2F98+klLedAoIGErBJTGG74u+wZQ9u7RbHrJMmyT4DmUp\/AZZGpmc9bodDcJg2jNjwYgIpraDCyknOGRJSNPNnqEyVADa9CDGpY7dRgrHHXvymZdbnN8uptmOidfKK0xT\/tGPdUENRDHLiVS0+\/UGWcRDfZTj1W6sNjypUIqPgJRHyONKRnAQ=="}  

                  There is no refresh_token in response don't know what's the issue. Please guide me what am doing wrong. Any kind of help is appreciable.

Thanks,

Sriram.M

Answer 1

Hi Striram.M,

As far as I know, the application need offline_acesss scope to receive a refresh  in a token response. You can get more detail about permission and scope  in the v2.0 app model preview from link below:

Scopes, permissions, and consent in the v2.0 app model preview

And here are some helpful links about V2.0 app model preview for your reference:

Authentication protocols reference for the v2.0 app model preview

Token reference for the v2.0 app model preview

Regards & Fei

---

We are trying to better understand customer views on social support experience, so your participation in this interview project would be greatly appreciated if you have time. Thanks for helping make community forums a great place.
Click HERE to participate the survey.

Answer 2

Hi,

         Thanks for your valuable reply. But i'm working on a sample application in mobile platofrm(Android). What i gone  through in documentation is below

                 Note that the offline_access permission is not required for native applications, such as iOS, Android, Windows Desktop, and Windows Phone applications. These types of applications receive refresh_tokens by default, and no additional consent is required.

                 And moreover register my app in mobile platform and return back client id and hard coded redirect uri only for mobile platform. Using the following credentials in my application but still fails to get refresh_token.

Regards,

Sriram.M