25,180 questions
Idle time would have to be set at the app level. not at the Azure level.
You can control session lengths and sign-in frequency with a CA policy however:
SSO idle time-out of 15 minutes
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(182.40000000000003, 65%, 27%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EIS%3C/text%3E%3C/svg%3E)
I Siddiqui
0
Reputation points
On Azure EntraID How to add an idle time-out of 15 minutes to the existing SSO to ensure the app forces re-authentication.
Microsoft Security | Microsoft Entra | Microsoft Entra ID
2 answers
Sort by: Most helpful
-
Andy David - MVP 157.8K Reputation points MVP Volunteer Moderator2025-02-28T00:41:45.6366667+00:00 -
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(102.4, 55.00000000000001%, 19%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ESM%3C/text%3E%3C/svg%3E)
Sanoop M 4,310 Reputation points Moderator2025-03-03T18:51:18.26+00:00 Hello @I Siddiqui,
Thank you for posting your query on Microsoft Q&A.
In addition to the above answer provided by @Andy David - MVP , I would like to add few more additional details which will be helpful to you regarding the configuration of idle timeout for 15 minutes for the SSO application.
As @Andy David - MVP suggested, you can configure Sign in frequency under Session controls in the Conditional Access policy to set the Reauthentication time of the application, but please note that the minimum time interval of Reauthentication of the application that you can configure in the Sign in frequency is 1 hour and the maximum time interval is 90 days.
For more additional information, please refer to the below document for your reference.
Conditional Access adaptive session lifetime policies - Microsoft Entra ID | Microsoft Learn
Additionally, if you want to achieve the idle session timeout for 15 minutes for Microsoft 365 web apps, you can configure idle session timeout for 15 minutes from Microsoft 365 admin center.
When a user reaches the idle timeout session you've set, they'll get a notification that they're about to be signed out. They have to select to stay signed in or they'll be automatically signed out of all Microsoft 365 web apps.
Important
Idle session timeout doesn't affect your Microsoft 365 desktop and mobile apps.
Turn on Idle session timeout
You must be a member of the Security admin, Application admin, or Cloud Application admin roles to see the idle session timeout setting. The Global admin role is required for initial activation of Idle Session Timeout. All other noted roles can deactivate and/or modify timeout duration settings.
- In the Microsoft 365 admin center, select Org Settings -> Security & privacy tab and select Idle session timeout.
- On the Idle Session Timeout select the toggle to turn it on. You can choose a default setting or choose your own custom time. It'll take a few minutes before idle session is turned on in your organization.
What users will see
When a user has been inactive in Microsoft 365 web apps for the time period you chose, they'll see the following prompt. They have to select Stay signed in or they'll be signed out.
Details about idle session timeout
The following Microsoft 365 web apps are supported. More web apps will be added soon.
- Outlook Web App
- OneDrive
- SharePoint
- Microsoft Fabric
- Microsoft365.com and other start pages
- Microsoft 365 web apps (Word, Excel, PowerPoint)
- Microsoft 365 Admin Center
- M365 Defender Portal
- Microsoft Purview Compliance Portal
For more additional details regarding Idle session timeout for Microsoft 365 web apps, please refer to the below document for your reference.
Idle session timeout for Microsoft 365 - Microsoft 365 admin | Microsoft Learn
I hope this above information provided is helpful. Please feel free to reach out if you have any further questions.
If the answer is helpful, please click "Accept Answer" and kindly upvote it. If you have extra questions about this answer, please click "Comment".
-
Sanoop M 4,310 Reputation points Moderator
2025-03-04T19:28:30.5933333+00:00 Hello @I Siddiqui,
Following up to see if the above answer was helpful. If this answers your query, do click
Accept AnswerandYesfor was this answer helpful. And, if you have any further query please do let us know. -
Sanoop M 4,310 Reputation points Moderator
2025-03-06T00:06:46.81+00:00 Hello @I Siddiqui,
Following up to see if the above answer was helpful. If this answers your query, do click
Accept AnswerandYesfor was this answer helpful. And, if you have any further query please do let us know.
Sign in to comment