Are you also facing an issue with unauthorized 401 errors? I'm experiencing a similar problem. I have an application registered in Azure with the following API permissions: User.Read, openid, offline_access, and Mail.Read.

When I sign in through the web client, the app receives an access token valid for 60 minutes. After the 60 minutes pass, the application tries to send a refresh token request, but it gets a 401 Unauthorized response, and the user is automatically logged out.