Forum Discussion
eliekarkafy
Mar 10, 2023MVP
Conditional Access: Token protection (preview)
Token protection creates a cryptographically secure tie between the token and the device (client secret) it's issued to. Without the client secret, the bound token is useless. When a user registers a Windows 10 or newer device in Azure AD, their primary identity is bound to the device. This connection means that any issued sign-in token is tied to the device significantly reducing the chance of theft and replay attacks. These sign-in tokens are specifically the session cookies in Microsoft Edge and most Microsoft product refresh tokens in this preview release.
https://learn.microsoft.com/en-us/azure/active-directory/conditional-access/concept-token-protection
 
No RepliesBe the first to reply