access only on corp network

Deleted · ‎Jan 24 2019

A quick question here for the community:

Requirement: No access to Office365 when outside the Corp network.

So we have adfs, and ca policies that i have played around with but the underlying problem is as follows:

1. User signs in to a Rich client - outlook on windows / mobile apps while on the Corp network.
2. User goes home/ basically of the corp network and is still signed in OR in other words not really restricted to just on "corp network"

With browsers, its fairly straight forward where a session expires and the next sign in would then follow the respective control , whether ADFS claim rules or CA policies.

The challenge here is with rich clients that use access and refresh tokens and stay signed in even outside the network.

Has anyone found an approach that Truly restricts access only on the Corp network/VPN?

Stephen McCartney · ‎Jan 27 2019

The user should be blocked after about 60 minutes when the access token expires, even if they change networks. Token lifetimes are configurable, so you can reduce that if you need to. See this article: https://www.risual.com/2018/01/17/modern-authentication-tokens/

Products (50)

Special Topics (27)

Video Hub (462)

Most Active Hubs

Most Active Hubs

Video Hub

access only on corp network

access only on corp network

Re: access only on corp network