azureazure-active-directoryazure-ad-b2c

Azure B2C access & refresh token costing

We are trying to figure out pricing option for Azure B2C. Few questions:

  1. Is it possible to have access_Token expiry time set to 30 days(without usage of refresh token)

  2. If we use Azure B2C as IDAM for securing Azure APIs, does the token validation (offline or online) is also charged by Azure B2C?

  3. If we have refresh token setup for 90 days and we use it to request for access token (if point 1 is invalid), will it be charged?

  4. If accesstoken is setup for 24 hrs and we use refresh token for fetching new access token, will it 2 authentication request on Azure B2C.

Is there any cheaper identity provider which can be considered?

Solution

  • You are charged for each user token (i.e. an ID and/or access token) that is issued. A user token is issued as result of a user authentication (i.e. as result of a user flow) and as result of a token refresh (i.e. using a refresh token).

    So:

    1. No. The maximum lifetime for a user token is 1,440 minutes.
    2. Validation of tokens is "offline" so you aren't charged for this.
    3. Yes.
    4. Yes. You are charged for the first token as well as the token refresh.