What are the details of Azure AD MFA?

Question

I am using Azure ADB2C for authentication. And we've introduced MFA. However, there is only one thing I don't understand. That's the default value for MFA. For example, the time it takes to get locked out or the lockout time. Where can I find these details? Please tell me!

Answer 1

I believe you're asking about the tokens lifetime. You can setup under User Flows / Properties:

Also, from the official documentation:

Access and ID token lifetimes (minutes) - The lifetime of the OAuth 2.0 bearer token and ID tokens. The default is 60 minutes (1 hour). The minimum (inclusive) is 5 minutes. The maximum (inclusive) is 1,440 minutes (24 hours).

Refresh token lifetime (days) - The maximum time period before which a refresh token can be used to acquire a new access token, if your application had been granted the offline_access scope. The default is 14 days. The minimum (inclusive) is one day. The maximum (inclusive) 90 days.

Refresh token sliding window lifetime - The refresh token sliding window type. Bounded indicates that the refresh token can be extended as specify in the Lifetime length (days). No expiry indicates that the refresh token sliding window lifetime never expires.

Lifetime length (days) - After this time period elapses the user is forced to reauthenticate, irrespective of the validity period of the most recent refresh token acquired by the application. The value must be greater than or equal to the Refresh token lifetime value.

https://learn.microsoft.com/en-us/azure/active-directory-b2c/configure-tokens?pivots=b2c-user-flow