none
AzureAD Graph - Invalidate all refresh tokens for a user

    Question

  • Hello

    I have question about following AzureAD Graph function 

    Invalidate all refresh tokens for a user

    AzureAD Graph - https://msdn.microsoft.com/en-us/library/azure/ad/graph/api/users-operations#invalidate-all-refresh-tokens-for-a-user

    What type of tokens are invalidated?  Both JWT/SAML2.0 ? or only JWT (Oauth/OpenID-Connect) ?

    Regards,

    Maqsood Ali Bhatti

    Wednesday, April 12, 2017 12:56 PM

Answers

  • The function call invalidateAllRefreshTokens basically clears all refresh tokens and cookies issues to a user.  It does not affect the existing SAML or JWTTokens that are held by an application.  These tokens will expire according to their expirations.

    However, when the tokens expire, the authentication process will need to be repeated to obtain a new code to redeem for a JWT or SAML token.

    Regards,
    MaxV (MSFT)

    Wednesday, April 19, 2017 7:10 PM

All replies

  • The function call invalidateAllRefreshTokens basically clears all refresh tokens and cookies issues to a user.  It does not affect the existing SAML or JWTTokens that are held by an application.  These tokens will expire according to their expirations.

    However, when the tokens expire, the authentication process will need to be repeated to obtain a new code to redeem for a JWT or SAML token.

    Regards,
    MaxV (MSFT)

    Wednesday, April 19, 2017 7:10 PM
  • Thank you for your answer :-)

    Regards,

    Maqsood.

    Wednesday, April 19, 2017 7:21 PM