Forum Discussion
Lou Mickley
Apr 28, 2017Iron Contributor
Is there a way to force O365 sign out when browser closes?
My customer is concerned about licensed user logging in from home on the family computer, accessing the tenant, then closing the browser. Another family user opens the browser, opens some history, and sees all of the organizational data, SP sites, mail, etc. Is there a way to force the sign out when the browser closes? I know in Azure AD I can remove the "keep me signed in" check box, but duration of cached credentials is fuzzy across apps.
Good news - this feature is coming to O365 shortly for non-domain joined devices. It will warn after x minutes and then log user off after y minutes.
- Lou MickleyIron Contributor
Good news - this feature is coming to O365 shortly for non-domain joined devices. It will warn after x minutes and then log user off after y minutes.
And how do you detect the "browser close" even from O365 side? :) Especially now, with Modern auth, pretty much all the authentication related traffic is "browser traffic". If you are looking to restrict user logins from extranet locations, there are multiple options you can use, such as Conditional access or AD FS claims rules. You also have the option to immediately revoke access from all devices for a user, but that will of course also include domain machines, mobile devices, etc.