Edit

Share via


Revoke-EntraUserAllRefreshToken

Invalidates the refresh tokens issued to applications for a user.

Syntax

Default (Default)

Revoke-EntraUserAllRefreshToken

    -UserId <String>
    [<CommonParameters>]

Description

The Revoke-EntraUserAllRefreshToken cmdlet invalidates the refresh tokens issued to applications for a user.

The cmdlet also invalidates tokens issued to session cookies in a browser for the user.

The cmdlet operates by resetting the refreshTokensValidFromDateTime user property to the current date and time.

This operation is usually performed by the user or an administrator if the user's device is lost or stolen. It blocks access to the organization's data by requiring the user to sign in again to all previously authorized applications, regardless of the device.

Parameters

-UserId

Specifies the unique ID of a user.

Parameter properties

Type:System.String
Default value:None
Supports wildcards:False
DontShow:False
Aliases:ObjectId

Parameter sets

(All)
Position:Named
Mandatory:True
Value from pipeline:True
Value from pipeline by property name:True
Value from remaining arguments:False

CommonParameters

This cmdlet supports the common parameters: -Debug, -ErrorAction, -ErrorVariable, -InformationAction, -InformationVariable, -OutBuffer, -OutVariable, -PipelineVariable, -ProgressAction, -Verbose, -WarningAction, and -WarningVariable. For more information, see about_CommonParameters.