Aug 25 2019 01:12 PM
I was reading through here and trying to figure out when my users will be prompted to re-authorize within their Outlooks as in the link below it seems like as long as they are using their existing computers and Outlook profiles, it won't bother them to re-auth. Is that correct? It's only really when logging in from new devices or creates new outlook profiles. Does that sound correct? Originally I thought it would prompt them in their existing Outlook profiles every 90 days
Aug 25 2019 09:32 PM
Aug 26 2019 05:23 AM
Aug 26 2019 09:15 AM
"Once every 90 days" is for the scenario when you don't use the application continuously. If you do, the token is renewed automatically, and unless something like a password change occurs it will never prompt for creds. Since multi-factor auth is considered more secure, for it the 90 days inactive period doesn't apply, and it is now indefinite. More details for example here: https://docs.microsoft.com/en-us/azure/active-directory/develop/active-directory-configurable-token-...
Aug 26 2019 10:35 AM
Aug 26 2019 10:49 AM
SolutionGenerally speaking, yes. The token can expire in the event of password change, or if revoked by admins.
Aug 26 2019 10:51 AM
Aug 26 2019 11:30 PM
They do not, but yeah you can revoke them as part of the "deprovisioning" workflow.
Sep 23 2019 11:04 AM
Aug 26 2019 10:49 AM
SolutionGenerally speaking, yes. The token can expire in the event of password change, or if revoked by admins.