Custom Access Token Lifetime for set of users in Azure AD B2C

0
votes

We are looking at using Azure AD B2C to manage our customer identities for us; however, we have a lot of customers that request custom access lifetimes within our applications. Meaning if the default access token lifetime for an application is 1 hour, for Customer A they may want that access token lifetime to be 30 minutes and Customer B may want that to be 2 hours.

I know there is a concept of creating custom policies, but none of those policies looked like they could be directed at a specific set of users. Am I missing something here?

1
openid-connectaccess-tokenazure-ad-b2cidp
If my answer is helpful for you, you can accept it as answer( click on the check mark beside the answer to toggle it from greyed out to filled in.). See meta.stackexchange.com/questions/5234/…. This can be beneficial to other community members. Thank you.Allen Wu

1 Answers

0
votes

Both user flow and custom policy can only provide consistent login behavior.

For example, if you configure 1 hour token lifetime in a signupsignin user flow / custom policy, anyone who logs in with this user flow / custom policy will have 1 hour token lifetime.

If you want to configure different access token lifetimes for different users, the only way is to configure multiple user flows or custom policies in your application and set different token lifetime for them. Specify different user flows or custom policies for different users to log in.