Office 365 - will access/refresh tokens be invalidated as a result of switching a managed domain to federated?

Question

In other words, will existing users who belong to a managed Office 365 domain be asked to re-authenticate (ex. in Outlook client) as a result of changing the authentication method of the Office 365 domain to federated?

I am aware that users are forced to re-authenticate (ex. in Outlook client) upon password change.

score 0 · Answer 1 · answered Oct 06 '18 at 03:10

0

Yes, it seems as though you will need to rea-authenticate when you convert from managed to federate. Please view the link below for a step by step conversion guide.

https://blogs.technet.microsoft.com/askpfeplat/2017/02/06/convert-a-managed-domain-in-azure-ad-to-a-federated-domain-using-adfs-for-on-premises-authentication-step-by-step/

answered Oct 06 '18 at 03:10

LaAerial

1
2

Please share the source of your answer. That link does not confirm your answer. – Jatin Oct 06 '18 at 06:06
Please refer to this link:https://support.microsoft.com/en-us/help/2530590/troubleshoot-account-issues-for-federated-users-in-office-365-azure-or. Hopefully it helps you. – Simon Li Oct 08 '18 at 08:33

score 0 · Answer 2 · answered Oct 23 '18 at 00:34

As per Microsoft support personnel and also as per my own experience, users are NOT forced to re-authenticate as a result of federating the Office 365 domain. In other words, a user's refresh token is NOT revoked simply as a result of federating the Office 365 domain.

Office 365 - will access/refresh tokens be invalidated as a result of switching a managed domain to federated?

2 Answers2