request is getting authenticated with old cookie value even after logging out from browser and hitting the same request from postman or any other similer app

Sreerag Ss - Vendor 1 Reputation point
2020-12-04T14:30:36.857+00:00

i am using azure ad authentication (microsoft login page) and on logout application is getting redirected on the login.microsoftonline.com{tanant id}/oauth2/logout?post_logout_redirect_uri={logouturl} and its working perfectly from browser side but if we again hit the old request with old cookie from fidler or some tool then it gets authenticated.

Requesting help here!!

Microsoft Entra ID
Microsoft Entra ID
A Microsoft Entra identity service that provides identity management and access control capabilities. Replaces Azure Active Directory.
21,736 questions
0 comments No comments
{count} votes

1 answer

Sort by: Most helpful
  1. 2020-12-04T18:21:54.397+00:00

    Hello @Sreerag Ss - Vendor , this is expected as Azure AD stores the session information in a session cookie which can last from 24 (non persistent) hours to 90 days (persistent trough the Keep me signed in option).

    Please let me know if you need more help. If the answer was helpful to you, please accept it and, optionally, provide feedback so that other members in the community can benefit from it.

    0 comments No comments

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.