Forum Discussion
Timothy
Jul 21, 2025Copper Contributor
How do I sign out of my OIDC Entra ID Application?
We have an application protected with Entra ID using ODIC. To sign into our application or SPA goes through a series of redirects before getting a JWT and refresh token at the end of the Entra ID OID...
Kidd_Ip
Jul 22, 2025MVP
May consider on below:
- Use Microsoft Graph API
You can revoke a user's refresh tokens using the Microsoft Graph PowerShell SDK or REST API:Revoke-MgUserSignInSession -UserId <user-object-id>
- Use invalidateAllRefreshTokens endpoint
If you're automating this via backend logic, you can call the Microsoft Graph endpoint:POST https://graph.microsoft.com/v1.0/users/{id}/invalidateAllRefreshTokens
This revokes all refresh tokens and forces reauthentication across apps using Entra ID.