I am using Azure Entra Id for authentication and Microsoft Graph Api token acquiring. When I'm logging-in I'm only receiving access token which I'm then saving in local storage.
Can someone guide me how can I get refresh token along with it and then how would I use that refresh token to acquire new access token automatically. What will be the flow for acquiring mew access token and whats the best workflow in which a refresh token is used to get new access token?
Furthermore, whats best place to store token session storage or local storage?
My frontend is on react and backend is on asp.net core web apis, login logic is implemented on react side.
const handleRedirect = async () => {
let auth = await instance.loginPopup(loginRequest);
localStorage.setItem("user", JSON.stringify(auth));
localStorage.setItem("access_token", auth.accessToken);
};