Credentials flow and token expiration

[vectar7]

I'm reading the docs for o365 and I'm confused by this. The docs have a section about "authenticating with your own identity" and then it says:

At this point you will have an access token stored that will provide valid credentials when using the api.

The access token only lasts 60 minutes, but the app will automatically request new access tokens if you added the ‘offline access’ permission.

But offline access is only available as a delegated permission, not as an application permission. Can you please clarify if this module is supposed to automatically request a new access token after the current one expires (when using client credentials grant flow), or do I need to handle that myself? Right now it does not seem to be getting a new token when the first one expires.

[alejcas]

Client credentials grant flow does not have refresh tokens (nor need offline access permission), but will request new access tokens as needed.
I will clarify the docs.

[alejcas]

To clarify it a bit:

It doesn't matter how you authenticate (public, client credentials, authorization code, etc), the library will detect that the token is expired and will try automatically to get a new one (with a refresh token or any other method defined by the type of msal client that is pre-configured for you).

If it is not refreshing the access token for you please try to call account.con.refresh_token() manually and see what happens. Although, as I said, O365 should have done that call for you automatically.