question

RonnieJorgensen-1084 avatar image
0 Votes"
RonnieJorgensen-1084 asked

Please can someone help me explain tokens in Azure AD SSO / SAML ??

First of all, please excuse my ignorance. I am somewhat new to the world of SAML and Azure AD SSO and can just barely get this stuff to work with Azure AD SSO for cloud apps.

I would like someone to help me explain how i could change lifetime tokens to help me get to our goal of less logins on some cloud apps we have set up.

I have read https://docs.microsoft.com/en-us/azure/active-directory/develop/active-directory-configurable-token-lifetimes

The problem i have, IT has received feedback from leadership and regular users that Workday app that we have set to use Azure AD SSO on mobile devices is not consistent in when it ask people to log in. Some says they can log in, then minimize the app and next day they can open the app again and they are not asked to re-authenticate. Then others say they authenticate and then also minimizes and a couple of hours later they are asked to re-authenticate.

I need to look for some diagram training i think that explains this in more detail. But if someone where could explain how this works and in which order do things happen.

Im reading about Access Tokens, SAML tokens, Single Sign On Session Tokens, Refresh tokens etc etc. But i am not understanding it. :(

azure-active-directory
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

1 Answer

michev avatar image
0 Votes"
michev answered

The method referenced above is going to be deprecated soon, you should use a Conditional Access policy instead: https://docs.microsoft.com/en-us/azure/active-directory/conditional-access/howto-conditional-access-session-lifetime

5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.