My question: I am new to Postman and APIs in general, and I’ve somehow managed to create a working API call that returns the data I’m looking for, which is great! However, the authorization for this call seems to reset after an hour to a day or so, and I would like to get a refresh token to automatically refresh the token when it expires, but the option is greyed out.
On doing a bit of googling, I found that I need to add the offline_access scope to my token request to get a refresh token, seems simple enough! But I have discovered that neither that scope nor the one I already had entered are being sent with the request, so I’m a bit stumped on how the request was authorized in the first place.
I followed a guide online which did not include scope in the directions, so it seems it’s working as intended, but I’d really like to get a refresh token so I can not worry about the auth token expiring.
I’m using Postman as a test environment as the console is much nicer with it’s error reporting than what I’m ultimately trying to get connected to this API, so I suppose it’s possible the solution here won’t transfer, but it did before and I’m hoping it does again.
Details (like screenshots):
I’ve removed identifying information from the screenshots.
When I generate the token I get this after the token itself:
I’ve already tried: I’ve tried adding the simple names for the scopes( User.Read offline_access), I’ve tried the full URLs given in the azure app registration ( https://graph.microsoft.com/offline_access but for both) and the url/content in the Expose an API section in the app registration ( api://d74a0011-5c21-46a8-8828-680ba3d51fad/offline_access but for both) and no mention of a scope in the auth request.
I’ve also tried setting them as a variable all three ways with no help.