How to change sign-in token lifetime - users have to sign-in every session

Z-Bas 1 Reputation point

I'm in IT for my company and I'm trying to create a system that uses the Microsoft365 API to generate new accounts for new hires. The issue is that the accounts created in this manner have sign-in token lifetimes that are too short, thereby requiring them to sign-in every day or every session.

For reference, I am using this call and I understand that users created this way have a default access token lifetime of 12 hours. However, I would like to understand how I can increase this value, as having to sign-in every day is inconvenient for our employees.

I am reading conflicting information of the mutability of this value from the linked material. Thank you in advance for any help.

Microsoft Authenticator
Microsoft Authenticator
A Microsoft app for iOS and Android devices that enables authentication with two-factor verification, phone sign-in, and code generation.
5,140 questions
Microsoft Graph
Microsoft Graph
A Microsoft programmability model that exposes REST APIs and client libraries to access data on Microsoft 365 services.
10,017 questions
Windows 365 Business
0 comments No comments
{count} votes

1 answer

Sort by: Most helpful
  1. Shivam Dhiman 5,871 Reputation points

    Hi @Z-Bas

    Hope you are doing well.
    TokenLifetimePolicy can help you in this scenario. As per this table the maximum value AccessTokenLifetime is 1day.

    Please refer to the above documentation for more details.

    You can also refer to refresh token. The default lifetime for the refresh tokens is 24 hours for single page apps and 90 days for all other scenarios.

    Please go through these relevant documentation also.
    Configurable token lifetimes in the Microsoft identity platform (preview)
    Configure token lifetime policies (preview)

    Hope this helps.

    If the answer is helpful, please click Accept Answer and kindly upvote. If you have any further questions about this answer, please click Comment.

    1 person found this answer helpful.