0

I have followed below article for configuring azure aad token lifetime to 10mins

How can I configure the expiration time of an Azure AD access token (using ADAL)?

I have used command below for assigning policy to app

Add-AzureADApplicationPolicy -Id <ObjectId of the AAD Application> -RefObjectId <ObjectId of the Policy>

Policy created but not reflected on new tokens created. Token expiry still showing as 1 hour for new tokens.

mklement0
  • 382,024
  • 64
  • 607
  • 775
S.Chandra Sekhar
  • 453
  • 3
  • 11
  • 22
  • Did you create the app under Web Apps in Azure or was it created in Enterprise Apps? This can only be applied to Web Apps directly. Enterprise apps rely on the default policy of the tenant. If it is a web app, then a default policy can override it. You should also check to see if a default policy exists too. – AdminOfThings Feb 22 '20 at 14:15

1 Answers1

0

As AdminOfThings said, this policy is applied to the web API. When the native app requests the web API as a resource, this policy is applied.

And you could try to set -IsOrganizationDefault as true to create a strict policy for a web API.

New-AzureADPolicy -Definition @('{"TokenLifetimePolicy":{"Version":1,"AccessTokenLifetime":"00:10:00","MaxAgeSessionSingleFactor":"00:10:00"}}') -DisplayName "WebPolicyScenario" -IsOrganizationDefault $true -Type "TokenLifetimePolicy"

You should also check to see if a default policy exists too, as long as it is not overridden by a policy with a higher priority.

Joey Cai
  • 18,968
  • 1
  • 20
  • 30