Possible to expand Azure B2C invitelink lifetime?

Question

I currently have an Azure B2C setup, where I send out an invitelink via mail. This expires after 24h, but from what I can see in the documentation I can expand the lifetime for up to 90 days. I thought this would be done using a custom policy and setting this parameter:

  <Item Key="id_token_lifetime_secs">300</Item>
  <Item Key="token_lifetime_secs">300</Item>
  <Item Key="refresh_token_lifetime_secs">7776000</Item> <-- THIS ONE

according to this answer here:
The maximum lifetime of the Refresh Token is 7776000 seconds (90 days) in the case of Azure AD B2C and it cannot be extended. Unlike Azure AD, you cannot use Conditional Access or Azure AD Policy for token lifetime management in the B2C tenant as it has to be done by using IEF i.e., either by configuring user flow or custom policy. https://learn.microsoft.com/en-us/answers/questions/760503/override-refresh-token-lifetime-maximum-in-azure-a But when I do that, and upload my custom policy I see that it still expires after 24h. What am I doing wrong - where do I set the "expiration time" for the invite link, so it doesn't expire after 24h?

Answer 1

Hi @Fister Dister , the refresh_token_lifetime_secs policy key is used to set the maximum lifetime of a refresh token, not the invitation link. The invitation link lifetime is controlled by the Invitation Redemption Policy in Azure AD B2C.

To change the lifetime of the invitation link, you need to create a custom policy and modify the Invitation Redemption Policy. You can set the lifetime of the invitation link by modifying the TokenLifetimeInSeconds parameter in the SendInvitation technical profile.

You can follow this document to do this!

Please let me know if you have any questions and I can help you further.

If this answer helps you please mark "Accept Answer" so other users can reference it.

Thank you,

James