Refresh_token grant type does not return a new refresh_token

I am not sure about it, but I am under the impression that until a few days ago, the use of a refresh_token, generated another refresh_token back, is that correct?

I understand that I can use the current refresh_token I have to generate new access tokens, however I am having some trouble when I try to use the RefreshTokenHandler from the IdentityModel.OidcClient. When the user logs in the refresh token is properly stored in the httpclient coming directly from the LoginResult object.

However the first time that the access token expires, the handler automatically goes to the /token endpoint, correctly obtains a new access token but the refresh token is then overwritten to null, as the endpoint does not return a refresh token. So the next time the access token expires, the handler is unable to refresh the access token. That is not my expected behaviour.

Is there any easy way to resolve this without recoding the oidc library?

Thanks,

1 Like

Hi there @SergioETrillo, I apologize for the long delay in response.

After checking with one of our senior team members, I have been able to confirm that’s not expected behavior and in order to help resolve this we would need to see what calls are being made. If this is a challenge you are still facing please let us know and we can work through it together.

Due to the age of this topic I will keep it open for another ten days just in case you have any questions. Thank you.

This topic was automatically closed 10 days after the last reply. New replies are no longer allowed.