Application Type: Native (Desktop Application) Caching: Token is cached on the users machine using MSAL Scope String: "https://graph.microsoft.com/.default"
Everything is working fine with the application.
However, I just added a few new delegated permissions in the azure portal, and I'm finding that my application doesn't pick them up unless I delete the cached file first and rerun the application.
I thought using "/.default" in my scopes would automatically pickup whatever permissions I've assigned in the Azure portal.
Is there a way for my application to detect the new perms and prompt the user?
The application is not picking up the new permission in cache token because Once a token is issued, it cannot be modified/updated. If new permissions are added after issuance of a given token, those permissions cannot be dynamically added to the token. In order to get new permissions in the scp or roles claim in the token, a new token is needed to be acquired.
./default is only a path through application permission get requested.so if your app needs application permissions, make sure they're listed in the app registration portal.
Refer this MS document : https://learn.microsoft.com/en-us/azure/active-directory/develop/v2-permissions-and-consent