在Global.cs中:

 公共静态字符串OfflineAccessScope = ApiIdentifier + ConfigurationManager.AppSettings ["api:OfflineAccessScope"];public static string [] Scopes = new string [] {ReadTasksScope，WriteTasksScope，OfflineAccessScope}; 

In this documentation it gives a complete flow for a web application that calls a web API:

1. The web application executes a policy and the user completes the user experience.
2. Azure AD B2C returns an (OpenID Connect) id_token and an authorization code to the browser.
3. The browser posts the id_token and authorization code to the redirect URI.
4. The web server validates the id_token and sets a session cookie.
5. The web server asks Azure AD B2C for an access_token by providing it with the authorization code, application client ID, and client credentials.
6. The access_token and refresh_token are returned to the web server.
7. The web API is called with the access_token in an authorization header.
8. The web API validates the token.
9. Secure data is returned to the web application.

Looking at 6. and using the code in the Azure-Samples repository active-directory-b2c-dotnet-webapp-and-webapi , I cannot get the line

AuthenticationResult result = await confidentialClient.AcquireTokenByAuthorizationCode(Globals.Scopes, notification.Code).ExecuteAsync();

to return a refresh_token. It returns an IdToken and AccessToken but no RefreshToken.

By using my browser and Postman and following the steps in this document with the same B2C tenant and application I do get the refresh token as expected.

This question is similar to mine and the blog post mentioned in one of the answers provides a work around to the symptom of not having a refresh token but my question remains:

How can I get AcquireTokenByAuthorizationCode to return a refresh_token?

The offline_access scope is optional for web apps. It indicates that your app needs a refresh token for long-lived access to resources.

Go to web.config add below:

 <add key ="api:OfflineAccessScope" value="offline_access "/>

And in Global.cs :

public static string OfflineAccessScope = ApiIdentifier + ConfigurationManager.AppSettings["api:OfflineAccessScope"];
public static string[] Scopes = new string[] { ReadTasksScope, WriteTasksScope, OfflineAccessScope};

Then the Globals.Scopes in AcquireTokenByAuthorizationCode will return refresh token.