Forum Discussion

Ares Chen's avatar
Ares Chen
Icon for Microsoft rankMicrosoft
Apr 15, 2018

Azure AD Oauth token revocation when user change their password

We have read the document as below https://github.com/MicrosoftDocs/azure-docs/blob/master/articles/active-directory/develop/active-directory-token-and-claims.md and we found the token revocation p...
Azure Active Directory (AAD)
Identity Management
VasilMichev's avatar
VasilMichev
MVP
Apr 15, 2018

Last time I played with this, only synced/federated users' tokens were affected by password changes, and by tokens I mean only the refresh tokens. For synced users, password changes didn't invalidate tokens, admin password resets did though. Things might have changed since though.

 

Are we talking about a custom app or O365 btw?

Ares Chen's avatar
Ares Chen
Icon for Microsoft rankMicrosoft
Apr 16, 2018

Thank you Vasil

 

yes, we are talking about a custom app which use Microsoft Graph to access office 365 resource.

  • yyaseminugur's avatar
    yyaseminugur
    Copper Contributor
    Jan 10, 2022
    Did you come up with any solution to this issue?

Resources