Compared to Active Directory in on-premises networks, it is the equivalence to the Ticket Granting Ticket (TGT).īy accessing an application like Outlook on the web or Teams, the application requests an access token and redirects the user to Azure AD (Identity Provider IdP) by using the URI. In a nutshell, the Primary Refresh Token (PRT) is a special high privileged refresh token where you can request access tokens for any registered application in Azure and Microsoft 365 to authenticate against it.