Forum Discussion
Revoke access to Office 365 applications
Well, with the AzureAD PowerShell module we finally have a proper way to revoke refresh tokens for Office 365 users. Namely, we can use the Revoke-AzureADUserAllRefreshToken cmdlet to invalidate the refresh token. Here's an example:
Revoke-AzureADUserAllRefreshToken -ObjectId 582b2b38-888c-4b85-8471-c9716cb4791b
and a more useful one:
Get-AzureADUser -SearchString huku | Revoke-AzureADUserAllRefreshToken
You'll need the AzureAD PowerShell module V2 available here: https://www.powershellgallery.com/packages/AzureAD
Just to clarify, the user will still be able to access data for some time (until the access token is revoked or the app is closed).
1 Reply
Oh well, here's the AzureAD PowerShell v2.0 GA announcement: https://blogs.technet.microsoft.com/enterprisemobility/2016/12/05/azuread-powershell-v2-0-is-now-ga/
