Revoke-EntraUserAllRefreshToken
Invalidates the refresh tokens issued to applications for a user.
Syntax
Default (Default)
Revoke-EntraUserAllRefreshToken
-UserId <String>
[<CommonParameters>]
Description
The Revoke-EntraUserAllRefreshToken cmdlet invalidates the refresh tokens issued to applications for a user.
The cmdlet also invalidates tokens issued to session cookies in a browser for the user.
The cmdlet operates by resetting the refreshTokensValidFromDateTime user property to the current date and time.
This operation is usually performed by the user or an administrator if the user's device is lost or stolen. It blocks access to the organization's data by requiring the user to sign in again to all previously authorized applications, regardless of the device.
Parameters
-UserId
Specifies the unique ID of a user.
Parameter properties
| Type: | System.String |
| Default value: | None |
| Supports wildcards: | False |
| DontShow: | False |
| Aliases: | ObjectId |
Parameter sets
(All)
| Position: | Named |
| Mandatory: | True |
| Value from pipeline: | True |
| Value from pipeline by property name: | True |
| Value from remaining arguments: | False |
CommonParameters
This cmdlet supports the common parameters: -Debug, -ErrorAction, -ErrorVariable, -InformationAction, -InformationVariable, -OutBuffer, -OutVariable, -PipelineVariable, -ProgressAction, -Verbose, -WarningAction, and -WarningVariable. For more information, see about_CommonParameters.