Azure Active Directory
An Azure enterprise identity service that provides single sign-on and multi-factor authentication.
12,637 questions
Change Office 365 Refresh Tocken Lifetime
AdrianC
1
Reputation point
Hi,
The organization I work for right now wants to reduce the refresh token lifetime for our Office 365 products from 90 days (which is the default) to 3 days as a security measure. Based on Microsoft's docs, we need to have at least Azure AD Premium P1 license, and we are OK with that since we are on P2.
I have configured a new Conditional Access policy (Sign in frequency option) and applied it to my corporate email account, to refresh the token every day, just as a test thing. It works, since every day I get the authentication box pop-up, but when looking at the token it does not reset.
Just one mention here is that we are using federation with Okta.
Any ideas?
{count} votes
-
James Hamil 11,796 Reputation points Microsoft Employee2021-04-13T20:30:24.79+00:00 -
AdrianC 1 Reputation point
2021-04-14T17:56:23.007+00:00 Hi James,
No, I did not configure it using the commands in that article. I was thinking this can be done from the GUI, but looks like that is just asking the user to re-authenticate every x hours or days and it does not reset the refresh token.Do you know if the PowerShell line from the article can be filtered per user or it can only be applied per organization/tenant?
Thanks,
Adrian
Sign in to comment