AAD sign-in frequency with persistent browser session

%3CLINGO-SUB%20id%3D%22lingo-sub-1903401%22%20slang%3D%22en-US%22%3EAAD%20sign-in%20frequency%20with%20persistent%20browser%20session%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-1903401%22%20slang%3D%22en-US%22%3E%3CP%3EHello%2C%26nbsp%3B%3C%2FP%3E%3CP%3EI%20have%20set%20up%20%3CSTRONG%3E%22sign-in%20frequency%22%26nbsp%3B%3C%2FSTRONG%3E%20session%20control%26nbsp%3B%20with%20%3CSTRONG%3E1%20hour.%3C%2FSTRONG%3E%3C%2FP%3E%3CP%3EI%20have%20NOT%20set%26nbsp%3B%26nbsp%3B%E2%80%9Cpersistent%20browser%20session%E2%80%9D%3C%2FP%3E%3CP%3EAs%20expected%2C%20I%20sign%20into%26nbsp%3B%20portal.azure.com%26nbsp%3B%20and%20kept%20the%20browser%20open%20for%20one%20hour.%3C%2FP%3E%3CP%3E%26nbsp%3BRight%20after%26nbsp%3B%20sign-in%20frequency%20time%20passed%2C%20I%20was%20asked%20to%20sign-in%20again.%26nbsp%3B%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EI%20just%20want%20to%20extend%20this%20conditional%20policy%20configuration%20with%20one%20more%20thing.%3C%2FP%3E%3CP%3EIf%20I%20had%20also%20turned%20%26nbsp%3BON%20%E2%80%9Cpersistent%20browser%20session%E2%80%9D%2C%26nbsp%3B%20what%20would%20be%20the%20change%20in%20the%20behavior%20once%20the%20configured%20sign-in%20frequency%20passed.%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EMy%20observation%20was%2C%20%E2%80%9CNO%20CHANGE%E2%80%9D%3C%2FP%3E%3CP%3EMeaning%20I%20was%20forced%20to%20sign%20in%20again.%26nbsp%3B%20My%20impression%20was%20that%20%E2%80%9Cpersistent%20browser%20session%E2%80%9D%20setting%20will%20avoid%20user%20%26nbsp%3Bto%20put%20his%20credentials%20again.%3C%2FP%3E%3CP%3EAm%20I%20missing%20some%20important%20thing%20here%20%3F%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EAppreciate%20your%20help%20!!!%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EThanks%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-LABS%20id%3D%22lingo-labs-1903401%22%20slang%3D%22en-US%22%3E%3CLINGO-LABEL%3EAccess%20Management%3C%2FLINGO-LABEL%3E%3CLINGO-LABEL%3EAzure%20AD%3C%2FLINGO-LABEL%3E%3CLINGO-LABEL%3EIdentity%20Management%3C%2FLINGO-LABEL%3E%3C%2FLINGO-LABS%3E
Occasional Contributor

Hello, 

I have set up "sign-in frequency"  session control  with 1 hour.

I have NOT set  “persistent browser session”

As expected, I sign into  portal.azure.com  and kept the browser open for one hour.

 Right after  sign-in frequency time passed, I was asked to sign-in again. 

 

 

I just want to extend this conditional policy configuration with one more thing.

If I had also turned  ON “persistent browser session”,  what would be the change in the behavior once the configured sign-in frequency passed.

 

My observation was, “NO CHANGE”

Meaning I was forced to sign in again.  My impression was that “persistent browser session” setting will avoid user  to put his credentials again.

Am I missing some important thing here ?

 

Appreciate your help !!!

 

Thanks

 

1 Reply

Hello!

 

To my knowledge, the persistent browser session is not overriding/affecting the actual token lifetime or the sign-in frequency configuration.
Just because you set this to persistent, the session won't live any longer then what you have configured.
This is simply an solution for making sure that the end-user is able to terminate the browser, reopen it during the token lifetime and remain signed-in.