ITokenAcquisition token refresh and expiration

Documentation Related To Component:

https://docs.microsoft.com/en-us/dotnet/api/microsoft.identity.web.itokenacquisition.getaccesstokenforappasync?view=azure-dotnet-preview https://docs.microsoft.com/en-us/azure/active-directory/develop/scenario-web-app-call-api-app-configuration?tabs=aspnetcore https://docs.microsoft.com/en-us/azure/active-directory/develop/scenario-web-app-call-api-acquire-token?tabs=aspnetcore https://docs.microsoft.com/en-us/azure/active-directory/develop/scenario-web-app-call-api-call-api?tabs=aspnetcore

Please check those that apply

• typo
• [x ] documentation doesn’t exist
• [x ] documentation needs clarification
• error(s) in example
• [ x] needs example

Description Of The Issue

I’m currently injecting ITokenAcquisition and invoking GetAccessTokenForAppAsync in order to attain an access token from Azure AD.

I’ve wired it up using AddInMemoryTokenCaches. This is my code from Startup.cs:

services.AddAuthentication(OpenIdConnectDefaults.AuthenticationScheme)
    .AddMicrosoftIdentityWebApp(Configuration)
    .EnableTokenAcquisitionToCallDownstreamApi(new[] { Configuration["scopes"] })
    .AddInMemoryTokenCaches();

My question is does the implementation of ITokenAcquisition handle getting a refresh token when a currently cached token is nearing expiration? Aka, do I have to explicitly manage this in my code? If so, where is a good sample/docs of how to do that?

Also, if ITokenAcquisition does not handle token refresh based on expiration, will using IDownstreamWebApi handle it?

An example of where documentation is clear is when I used IdentityModel as my OIDC/OAuth2.0 library against Auth0 as the IdentityProvider.

On the Overview page, it clearly states (before diving into specifics or implementation) what you can expect to get out of using the library:

• automatic refresh of expired access tokens
• refresh token revocation
• token lifetime automation for HttpClient

Thanks