Is it possible to revoke refresh token when user changes password in Azure AD?

We have a requirement to logout the user when they change their password in Microsoft AD. I know the best I can do is revoke the token. My question is, does Auth0 even know if this occurs and are there any actions that would be fired that I could use? We are using the Microsoft Azure AD connection with common endpoint configured.

Hi @adam.bate,

Welcome to the Auth0 Community!

Unfortunately, Auth0 is unaware when a user changes their password in Microsoft AD because It doesn’t receive notifications from Microsoft Azure AD when a user changes their password.

Therefore, Auth0 does not have a built-in trigger that can automatically log out a user when their password is changed in Azure AD.

Since Auth0 is unaware of the password change, you need to revoke the refresh tokens, as you mentioned.

Please refer to our Revoke Refresh Tokens documentation.

Let me know if you have any questions.


This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.