Updating Access Tokens in Postman
Microsoft recently changed their rules regarding Azure issued token expirations. Tokens will now expire after an hour and it appears there's very little you can do about that. So, what do you do? You need to make use of the refresh token. A refresh token allows you go generate a new token and will have a much longer expiration time - Azure tokens have a three month lifespan by default. When you generate a new token, you get a new refresh token also. This means that while your token only lasts an hour, you can go as long as three months before you need to actually go through the token request process again. As long as you use your refresh token before it expires (and it's not revoked), your access will effectively never expire. From a security perspective, this is a good thing as it limits the damage that a misplaced token can do since a token can be revoked in no more than an hour. From a development perspective, it means that applications using these tokens will now h