I am using Azure Active Directory for Authentication to my azure hosted cloud app. I am using the ADAL .Net library and all is working well when logging in to the web app.
However as part of my solution I also have an Outlook add-in. When Outlook opens the add-in needs to connect to the server and do some work. Popping up a browser control on open of Outlook is messy and I want to avoid this.
I thought storing the refresh token could be a good solution but unlike other providers, the azure AD refresh tokens only last 1 day so doesn't help.
I therefore have been looking into getting an access token directly using a username and password stored locally (in windows vault or something). Having read this:
it didn't seem possible. However I have since had success with the following format of request:
POST TO:
https://login.windows.net/orgname.onmicrosoft.com/oauth2/token
grant_type=password&username=username%40orgname.onmicrosoft.com&password=password&client_id=clientid&resource=resource
This gives me an access token back which works great. So I am wondering why this was not mentioned in the link above? Is this not supported or a bad idea? Or is there any other solution to my problem - e.g. is there any way of increasing the expiration time on the refresh tokens?
Thanks