How to change the token lifetime defaults for a custom-developed application

This article shows how to use Azure AD PowerShell to set a token lifetime policy. Azure AD Premium allows app developers and tenant admins to configure the lifetime of tokens issued for non-confidential clients. Token lifetime policies are set on a tenant-wide basis or the resources being accessed.

  1. To set a token lifetime policy, you need to download the Azure AD PowerShell Module.

  2. Run the Connect-AzureAD -Confirm command.

    Here’s an example policy that sets the max age single factor refresh token. Create the policy: New-AzureADPolicy -Definition @('{"TokenLifetimePolicy":{"Version":1, "MaxAgeSingleFactor":"until-revoked"}}') -DisplayName "OrganizationDefaultPolicyScenario" -IsOrganizationDefault $true -Type "TokenLifetimePolicy"

Next steps