Sign in
Microsoft.com
 
Microsoft
 
 
 

locked
question about bearer token RRS feed

 > 

  • Question

  • Question
    Sign in to vote
    0
    Sign in to vote

    We are  using azure ADAL to allow login to the application using azure bearer token

    adal.js in the front end and ADAL libraries in c# for the backend API, the validity of the token is 60 min from the time it is issued by Azure.

    But after you log out from the application (we are already clearing the client session cache), if you had access to the azure bearer token and the expiry time has not reached, the user will be able to use the bearer token to access the API directly.

     

    We want to know if there is any way to revoke the bearer token user was using after logging out from the application(Azure) using the javascript or c# libraries. 

     


    Friday, November 24, 2017 2:50 PM

All replies

  • Question
    Sign in to vote
    0
    Sign in to vote
    From my experience with Azure and B2C once issued it (the token) can't be revoked or invalidated via code.

    Please remember to mark the replies as answers if they help and unmark them if they provide no help, this will help others who are looking for solutions to the same or similar problem. Contact via my Twitter (Karen Payne) or Facebook (Karen Payne) via my MSDN profile but will not answer coding question on either.
    VB Forums - moderator
    profile for Karen Payne on Stack Exchange, a network of free, community-driven Q&A sites


    • Edited by KareninstructorMVP Friday, November 24, 2017 8:25 PM grammer
    • Proposed as answer by Hart Wang Monday, November 27, 2017 7:31 AM
    Friday, November 24, 2017 8:25 PM
  • Question
    Sign in to vote
    0
    Sign in to vote

    Hi,

    Thank you for posting here.

    According to the description, Your issue is related to Azure forum, please post the issue on azure forum.

    I will move the case to off-topic forum.

    Best Regards,

    Hart

    Please remember to click "Mark as Answer" the responses that resolved your issue, and to click "Unmark as Answer" if not. This can be beneficial to other community members reading this thread. If you have any compliments or complaints to MSDN Support, feel free to contact MSDNFSF@microsoft.com.

    Monday, November 27, 2017 7:31 AM