为什么在 Microsoft Identity Platform 中自动添加离线范围
Why offline scope is added automatically in Microsoft Identity Platform
我正在尝试使用 Microsoft Graph api's using OAuth 2.0
https://login.microsoftonline.com/common/oauth2/v2.0/authorize?client_id=<client_id>&redirect_uri=https://mytestenv&response_type=code&prompt=select_account&scope=User.Read
尽管我提供了 User.Read 范围。 OAuth 同意屏幕还列出了离线权限。
如何删除它?
This permission currently appears on all consent pages, even for flows
that don't provide a refresh token (such as the implicit flow). This
setup addresses scenarios where a client can begin within the implicit
flow and then move to the code flow where a refresh token is expected.
On the Microsoft identity platform (requests made to the v2.0
endpoint), your app must explicitly request the offline_access scope,
to receive refresh tokens.
在将 v2 端点与 AAD 帐户一起使用时,目前无法从初始同意屏幕中删除 offline_access 范围。这个问题有反馈here.
我正在尝试使用 Microsoft Graph api's using OAuth 2.0
https://login.microsoftonline.com/common/oauth2/v2.0/authorize?client_id=<client_id>&redirect_uri=https://mytestenv&response_type=code&prompt=select_account&scope=User.Read
尽管我提供了 User.Read 范围。 OAuth 同意屏幕还列出了离线权限。
如何删除它?
This permission currently appears on all consent pages, even for flows that don't provide a refresh token (such as the implicit flow). This setup addresses scenarios where a client can begin within the implicit flow and then move to the code flow where a refresh token is expected.
On the Microsoft identity platform (requests made to the v2.0 endpoint), your app must explicitly request the offline_access scope, to receive refresh tokens.
在将 v2 端点与 AAD 帐户一起使用时,目前无法从初始同意屏幕中删除 offline_access 范围。这个问题有反馈here.