Revoke session not workin?

Frank 6 Reputation points
2022-12-06T13:08:28.91+00:00

I'm trying to revoke a session so that I can go throught the log in with a particular user. I'm using Revoke Session from the user. Seems to be no problems, no errors reported, but it's not really working. Still being logged straight in. Cleared browser cache, restarted my server.....still being logged straight in or in my case be directed to jwt.ms with no data.

Microsoft Security | Microsoft Entra | Microsoft Entra External ID
{count} votes

1 answer

Sort by: Most helpful
  1. Marilee Turscak-MSFT 37,206 Reputation points Microsoft Employee Moderator
    2022-12-09T00:26:42.333+00:00

    Hi @Frank ,

    What are you using to revoke the sign-in sessions and invalidate the SSO?

    Revoking the sessions clears the refresh token but doesn't expire the SSO cookies in the browser.

    Using custom policies you need to implement the following:

    https://github.com/azure-ad-b2c/samples/tree/master/policies/revoke-sso-sessions

    To test the policy:

    1) Use the SignUpOrSignIn policy to sign in or sign up.

    2) Wait 10 seconds, then using Powershell to revoke the user's refresh token:

    Revoke-AzureADUserAllRefreshToken -ObjectId <GUID>.  
    

    3) Launch the SignUpOrSignIn policy or the ProfileEdit policy (remove the prompt query parameter).

    4) Ensure that &prompt=login is removed.

    Also, if you used a B2C starter pack prior to 2022-08-09, then you should check your base and extension policies for the pre-requisites mentioned in this link:

    https://github.com/Azure-Samples/active-directory-b2c-custom-policy-starterpack#09-august-2022

    See also:
    revokeSignInSessions

    Let me know if this helps and if you have further questions.

    -
    If the information helped you, please Accept the answer. This will help us and other community members as well.

    0 comments No comments

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.