I'm using Azure AD B2C custom policies. Can the password reset verification code expire time be changed and where? Has the default expire time been documented somewhere because I can’t find it. It seems to be 5min.
Asked
Active
Viewed 294 times
1 Answers
0
Yes, expiration time for the OTP code can be configured in the custom policies. To achieve this, you have to use Verification display control and modify GenerateCode technical profile. You have to modify CodeExpirationInSeconds metadata item:
<TechnicalProfile Id="GenerateOtp">
<DisplayName>Generate one time password</DisplayName>
<Protocol Name="Proprietary" Handler="Web.TPEngine.Providers.OneTimePasswordProtocolProvider, Web.TPEngine, Version=1.0.0.0, Culture=neutral, PublicKeyToken=null" />
<Metadata>
<Item Key="Operation">GenerateCode</Item>
<Item Key="CodeExpirationInSeconds">120</Item>
<Item Key="CodeLength">6</Item>
<Item Key="CharacterSet">0-9</Item>
<Item Key="NumRetryAttempts">2</Item>
</Metadata>
<InputClaims>
<InputClaim ClaimTypeReferenceId="email" PartnerClaimType="identifier" />
</InputClaims>
<OutputClaims>
<OutputClaim ClaimTypeReferenceId="otp" PartnerClaimType="otpGenerated" />
</OutputClaims>
</TechnicalProfile>
Daniel Krzyczkowski
- 2,732
- 2
- 20
- 30