with Microsoft's identity foundation, you can reset the user's password and it generates a token. This token is used to validate the password and is self-signed and contains an expiry period.
Does anyone know what the default expiry period is?
Asked
Active
Viewed 104 times
1 Answers
0
The default security token lifetime is equal to 1 hour. You can manage this parameter by SecurityTokenServiceConfiguration.DefaultTokenLifetime. Please note one important moment. In point of fact the security token is valid whole lifetime + clock skew delta. You can set MaxClockSkew parameter by configuration STS by the same way.
dmitry gilyaev
- 41
- 5