Share via

Is there any way to require MFA and reauthentication under 1 hour for an enterprise app in Azure AD?

Alan Dias 0 Reputation points
2023-02-16T21:13:00.2233333+00:00

Dear all, good afternoon.

I have an enterprise application that establishes SAML 2.0 SSO with an external application. I need this application to request reauthentication and MFA in less than an hour. Conditional access prompts to select all cloud apps and the accepted minimum for re-authentication is one hour.

Is there any way to invalidate this application's token or request re-authentication in less than an hour?

Microsoft Entra ID
Microsoft Entra ID
A Microsoft Entra identity service that provides identity management and access control capabilities. Replaces Azure Active Directory.
22,172 questions

1 answer

Sort by: Most helpful
Most helpful Newest Oldest
  1. Andy David - MVP 149.2K Reputation points MVP
    2023-02-16T21:25:12.69+00:00

    Hi, I know of no way to set to less than to an hour for sign-in frequency.

    You could try "Every Time" however it may not work for every app

    https://learn.microsoft.com/en-us/azure/active-directory/conditional-access/howto-conditional-access-session-lifetime#policy-1-sign-in-frequency-control

    User's image

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.