request is getting authenticated with old cookie value even after logging out from browser and hitting the same request from postman or any other similer app

Sreerag Ss - Vendor 1 Reputation point

i am using azure ad authentication (microsoft login page) and on logout application is getting redirected on the{tanant id}/oauth2/logout?post_logout_redirect_uri={logouturl} and its working perfectly from browser side but if we again hit the old request with old cookie from fidler or some tool then it gets authenticated.

Requesting help here!!

Azure Active Directory
Azure Active Directory
An Azure enterprise identity service that provides single sign-on and multi-factor authentication.
13,646 questions
No comments
{count} votes

1 answer

Sort by: Most helpful
  1. Alfredo Revilla (MSFT) 17,096 Reputation points Microsoft Employee

    Hello @Sreerag Ss - Vendor , this is expected as Azure AD stores the session information in a session cookie which can last from 24 (non persistent) hours to 90 days (persistent trough the Keep me signed in option).

    Please let me know if you need more help. If the answer was helpful to you, please accept it and, optionally, provide feedback so that other members in the community can benefit from it.