Questo browser non è più supportato.
Esegui l'aggiornamento a Microsoft Edge per sfruttare i vantaggi di funzionalità più recenti, aggiornamenti della sicurezza e supporto tecnico.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(128, 80%, 22%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ESS%3C/text%3E%3C/svg%3E)
Hi,
I'm integrating a Mobile app with B2C custom policies using MSAL with browser mode. I've a doubt on what is the expected behavior using the default values of tokens and session durations.
I left B2C session duration to 24h, access token to 1 hour, refresh token to 14 days.
What happens is that the mobile app keep on receiving a new token while the refresh token is valid so then it stays logged in for a few days but, as the B2C browser session expires after 24 hours, if the user tries to launch the edit profile policy the B2C requires the user to login.
It is correct? Theorically I don't want the user to relogin into the app after two or three days without using it, so the token based behavior works as expected, but, at the same time I should also expect that the profile edit should work without asking for login. Could someone clarify this to me? Thanks in advance.