Josiah,
Thank you for the reply!
Sorry that I am not quite familiar with refresh token, so I would like to confirm whether if the “Success Exchange” event happens continuously is only because of refresh token. By the way, I had checked the details of log, it is “Successful exchange of Password for Access Token” (sepft).
The application our users are login to is a “Machine to Machine” application, which has none of “Refresh token rotation” and “Refresh token expiration” enabled. Whenever user “logins”, it is actually getting new access token and id token. (We are using C# AuthenicationApiClient.GetTokenAsync())
I had also checked the device credentials of the user is holding using Management API (/api/v2/device-credentials). The user is having zero device credentials , but still getting “Success Exchange”.
So, is refresh token still the reason for user getting “Success Exchange” in log events?
If it is not, what kind of action will cause “Success Exchange” event change back to “Success Login”?
Best regards,
Lai