Long lived credentials such as those received from managed identity authentication include additional metadata concerning when a token can/should be refreshed. Our authentication policies should take this information into account when refreshing access tokens.
This involves:
Modifying relevant authentication policies
Modifying the AccessToken type to include this optional information
Modifying Azure.Identity credential implementations to populate the refresh_on information in the AccessToken
joshfree
commented
2 months ago
Long lived credentials such as those received from managed identity authentication include additional metadata concerning when a token can/should be refreshed. Our authentication policies should take this information into account when refreshing access tokens.
This involves:
AccessTokentype to include this optional informationAccessToken