We have a client that uses ADFS 3.0, our web application redirects the user to the IDP to authenticate after they authenticate the user is redirected back to our web application. By default the access token has a TTL of 60 min in our web application before
it expires.
The problem is we use a lot of XHR requests to post and get data, if the client is sitting on a web form and the token has expired and they do a post using AJAX to send data to the server the request fails, and they lose their data. If they refresh the page
IIS redirects to the ADFS server which then redirects back to our web application and they lose their data.
Once the token is expired and there is a AJAX request to the sever the request is redirected to the IDP url then the response fails with the CORS javascript error.
Access to XMLHttpRequest at has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
My question is in this scenario how can I refresh the token before it expires with a WIF .Net web application?
