azureactive-directoryazure-active-directoryskype-for-businessucwa

Azure Active Directory - Setting Token Expiry in java


I'm new to azure and I'm trying to set expiry time for my access token, in java, but im not able to find any examples to do how to set it. Please help how to set the expiry time, from 60 minutes to 1 day.

I want to increase the "expires_in": "3600", to atleast 8 hours or more than it.

In the code, here I'm not able to get any methods like set param or set headers. Please help me how i can .

Here is the link for params:

https://learn.microsoft.com/en-us/azure/active-directory/develop/active-directory-configurable-token-lifetimes#cmdlet-reference

Thank you.

AuthenticationContext context = null;
        AuthenticationResult result = null;
        ExecutorService service = null;
        try {

              String refreshToken = request.getParameter("refreshToken");
              String currentUri   = request.getRequestURL().toString();  

            service = Executors.newFixedThreadPool(1);
            context = new AuthenticationContext(authority + tenant + "/", true,
                    service);
            Future<AuthenticationResult> future = context
                    .acquireTokenByRefreshToken(refreshToken,
                            new ClientCredential(clientId, clientSecret), null,
                            null);

            result = future.get();

  //////////////////////////////////////////////////////////
  // token values I'm getting

{
 "access_token": "<requested-access-token>",
 "token_type": "<token-type-value>",
 "expires_in": "3600",

"expires_on": "<access-token-expiration-date-time>",
 "resource": "<app-id-uri>",
 "refresh_token": "<oauth2-refresh-token>",
 "scope": "user_impersonation",

 "id_token": "<unsigned-JSON-web-token>"
}

Solution

  • You will need to use Powershell script to create the policy. Here is the script for your reference.

    Install-Module -Name AzureADPreview -Force
    
    Connect-AzureAD -confirm
    
    $policy=New-AzureADPolicy -Definition @('{"TokenLifetimePolicy":{"Version":1,"AccessTokenLifetime":"08:00:00"}}') -DisplayName "tonytestpolicy" -IsOrganizationDefault $false -Type "TokenLifetimePolicy"
    

    If you must do this in your java code, you can use graph api.(The powershell script also calls this api). Here is the sample.

    POST https://graph.microsoft.com/beta/policies
    Content-Type: application/json
    
    {
      "displayName":"CustomTokenLifetimePolicy",
      "definition":["{\"TokenLifetimePolicy\":{\"Version\":1,\"AccessTokenLifetime\":\"8:00:00\"}}"],
      "type":"TokenLifetimePolicy"
    }