Forum Discussion
AzureAD RefreshToken Lifetime fixed instead of Expiration sliding window
When requesting an access_token for an app on AzureAD, getting an AccessToken as well as a RefreshToken. The Refresh token has a specific Lifetime (Expiration) configured via Conditional Access Polic...
There are some limitations on this:
- Maximum Lifetime: The maximum lifetime for a refresh token is 14 days. After this period, the user will need to re-authenticate to obtain a new refresh token.
- Minimum Lifetime: The minimum lifetime for a refresh token is 24 hours. This means that even if the refresh token is used frequently, it cannot be renewed more often than every 24 hours.