Closed idg-sam closed 1 year ago
In this PR, once the user's token expires:
our-app/login
. The user then clicks sign in
to be redirected to AAD/authorize
.AAD/authorize
endpoint, one of two things happens:
a. If the user has only have one signed-in account with AAD, it passes through silently
b. If the user has multiple signed-in accounts on AAD, AAD will ask the user to to choose oneAAD/authorize
)AAD/authorize
I'll check in a test that makes the ID token refresh seamless. I'll use the preferred_username
claim as the login_hint.
Thanks @idg-sam for the prototyping. We ended up choosing to move most of this kind of helper logic into a separate helper library, instead of adding more and more helpers into this sample. Closing this PR now.
new commit implements:
exp
claim