How can I configure conditional access every time in a client app?

%3CLINGO-SUB%20id%3D%22lingo-sub-1044076%22%20slang%3D%22en-US%22%3EHow%20can%20I%20configure%20conditional%20access%20every%20time%20in%20a%20client%20app%3F%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-1044076%22%20slang%3D%22en-US%22%3E%3CP%3EHello.%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EEven%20if%20close%20the%20client%20app%2C%20Azure%20AD%20credential%20will%20remain.%3CBR%20%2F%3ETherefore%2C%20Azure%20AD%20authentication%20will%20not%20occur%20unless%20explicitly%20sign%20out%20of%20the%20client%20app.%3CBR%20%2F%3EWith%20this%20specification%2C%20conditional%20access%20will%20not%20useful%20in%20most%20scenarios.%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EAre%20there%20any%20updates%20planned%20that%20accordingly%20require%20Azure%20AD%20authentication%3F%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EI%20also%20found%20that%20I%20can%20reset%20Azure%20AD%20authentication%20by%20deleting%20the%20following%20registry%20value%3A%3C%2FP%3E%3CP%3E%3D%3D%3D%3C%2FP%3E%3CP%3ERegistry%20Key%20%3A%26nbsp%3B%3CSPAN%3EHKEY_CURRENT_USER%5CSoftware%5CMicrosoft%5CRdClientRadc%5C%3C%2FSPAN%3E%3CA%20title%3D%22https%3A%2F%2Fmrs-prod.ame.gbl%2Fmrs-rdinfra-prod%22%20href%3D%22https%3A%2F%2Fmrs-prod.ame.gbl%2Fmrs-RDInfra-prod%22%20target%3D%22_blank%22%20rel%3D%22noreferrer%20noopener%20nofollow%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%22%3Ehttps%3A%2F%2Fmrs-prod.ame.gbl%2Fmrs-RDInfra-prod%3C%2FA%3E%3C%2FP%3E%3CP%3EName%20%3A%26nbsp%3B%3CSPAN%3EWebAccountIdStore%3C%2FSPAN%3E%3C%2FP%3E%3CP%3E%3D%3D%3D%3C%2FP%3E%3CP%3EI%20will%20try%20to%20avoid%20this%20by%20scheduling%20a%20task%20to%20reset%20this%20value%20accordingly.%3CBR%20%2F%3E%3CSPAN%3EWhat%20do%20you%20think%20about%20this%3F%3C%2FSPAN%3E%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3E%3CSPAN%3EIs%20there%20another%20good%20way%3F%3C%2FSPAN%3E%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-LABS%20id%3D%22lingo-labs-1044076%22%20slang%3D%22en-US%22%3E%3CLINGO-LABEL%3Eacc%3C%2FLINGO-LABEL%3E%3CLINGO-LABEL%3EConditional%20Access%3C%2FLINGO-LABEL%3E%3CLINGO-LABEL%3EWindows%20Virtual%20Deskop%3C%2FLINGO-LABEL%3E%3C%2FLINGO-LABS%3E%3CLINGO-SUB%20id%3D%22lingo-sub-1056917%22%20slang%3D%22en-US%22%3ERe%3A%20How%20can%20I%20configure%20conditional%20access%20every%20time%20in%20a%20client%20app%3F%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-1056917%22%20slang%3D%22en-US%22%3E%3CP%3EIt%20was%20found%20that%20the%20expiration%20period%20of%20the%20authentication%20token%20is%20set%20by%20using%20the%20session%20function%20of%20Azure%20AD%20conditional%20access.%3C%2FP%3E%3C%2FLINGO-BODY%3E
Highlighted
Occasional Contributor

Hello.

 

Even if close the client app, Azure AD credential will remain.
Therefore, Azure AD authentication will not occur unless explicitly sign out of the client app.
With this specification, conditional access will not useful in most scenarios.

 

Are there any updates planned that accordingly require Azure AD authentication?

 

I also found that I can reset Azure AD authentication by deleting the following registry value:

===

Registry Key : HKEY_CURRENT_USER\Software\Microsoft\RdClientRadc\https://mrs-prod.ame.gbl/mrs-RDInfra-prod

Name : WebAccountIdStore

===

I will try to avoid this by scheduling a task to reset this value accordingly.
What do you think about this?

 

Is there another good way?

1 Reply
Highlighted

It was found that the expiration period of the authentication token is set by using the session function of Azure AD conditional access.