How to change the token lifetime defaults for a custom-developed application

Azure AD Premium allows app developers and tenant admins to configure the lifetime of tokens issued for non-confidential clients. Token lifetime policies are set on a tenant-wide basis or the resources being accessed.

  • To set a token lifetime policy, you need to download the Azure AD PowerShell Module.

  • Run the Connect-AzureAD -Confirm command.

  • Here’s an example policy that sets the max age single factor refresh token. Create the policy: New-AzureADPolicy -Definition @('{"TokenLifetimePolicy":{"Version":1, "MaxAgeSingleFactor":"until-revoked"}}') -DisplayName "OrganizationDefaultPolicyScenario" -IsOrganizationDefault $true -Type "TokenLifetimePolicy"

  • Checkout the Configuring token lifetime document to learn how to create other custom.

Next steps

Configuring Token Lifetime

Azure AD Token Reference