Troubleshooting: The SAML2 token is not valid because its validity period has ended
When using Azure Active Directory authentication, while working in the client, users get an error similar to the following:
Connection is not longer available or was lost
The event log includes the following error for the Microsoft Dynamics NAV Server instance:
The SAML2 token is not valid because its validity period has ended.
Resolution
This error occurs because the security token that used by Azure AD has exceeded its specified lifetime. By default, the lifetime, which is determined by Azure AD, is 1 hour. However, the Microsoft Dynamics NAV Server includes a configuration setting called ExtendedSecurityTokenLifetime which you can set to add additional time to the security token lifetime. If this issue becomes a problem, you can increase the value of the ExtendedSecurityTokenLifetime setting. Before you do this though, we recommend that you read more about the Azure AD token lifetime policies at Configurable token lifetimes in Azure Active Directory.