I am having a different issue where I can get the Graph API to work for a few hours (maybe a day?) and then I start getting:
{"error":{"code":"InvalidAuthenticationToken","message":"Lifetime validation failed, the token is expired.","innerError":{"date":"2023-10-02T10:27:56","request-id":"","client-request-id":""}}}"
There is not a clear method of how to enable refresh tokens
Hey @tbommer, as @khill-fbmc mentioned we have several users confirming that using https://graph.microsoft.com/.default for the audience works. Hope you find the same!
@khill-fbmc in general for refresh tokens to be given, the offline_access scope needs to be sent with the authorization request. Microsoft also has some docs here as well.