Is there a concept of Refresh token sliding window lifetime (days) for Azure AD refresh tokens

integ new 1 Reputation point

For Azure B2C tenants (user flow), there is a concept of Refresh token sliding window lifetime (days) as explained here Is there a similar concept in refresh tokens issued in Azure AD (not B2C) tenants? The documentations say that validity is 24 hrs (for SPAs) & 90 days for others, which can't be changed. My question is, can the process of re-generation of a new refresh token (using the old one) continue indefinitely or is there a hard limit beyond which users are forced to re-authenticate. Just to clarify, I'm talking about invalidation/revocation of refresh tokens here.

A cloud computing platform and infrastructure for building, deploying and managing applications and services through a worldwide network of Microsoft-managed datacenters.
1,068 questions
Microsoft Entra ID
Microsoft Entra ID
A Microsoft Entra identity service that provides identity management and access control capabilities. Replaces Azure Active Directory.
20,535 questions
0 comments No comments
{count} votes

1 answer

Sort by: Most helpful
  1. Vasil Michev 100K Reputation points MVP

    Yes, the same applies to "standard" Azure AD tenants - as long as there is usage, the refresh token is renewed automatically and can have indefinite validity.

    1 person found this answer helpful.
    0 comments No comments