Users are authenticated despite the choice not to be remembered

davidjohanssonbf · February 2, 2022, 1:39pm

My users are authenticating through Microsoft Azure AD enterprise connection and it works great except for one scenario. The users are authenticated despite the choice not to be remembered.

When signing in, the users will be prompted with the question below. If the user clicks “Never” and “No” the expected behavior is, if the user closes the browser and enter the SPA again, they should not be authenticated, but they are.

When I have tested this I have done it in a browser session with cleared cache. I have set the lifetime of my access_token to be 5 minutes, still after 5 minutes the users are authenticated despite clicking “Never” and “No”.

Any suggestions on how to solve this?

dan.woda · February 22, 2022, 10:12pm

Hi @davidjohanssonbf,

Welcome to the Auth0 Community!

Sorry for the delayed response. It looks like you are declining the IdP (Azure AD) persistent session, and not allowing Chrome to set a password. That all makes sense.

Have you Configure Session Lifetime Settings in the Auth0 dashboard?

Topic		Replies	Views
Microsoft Azure AD won't forget last user (auth0-lock) Help lock , active-directory , auth0 , azure-ad , microsoft	1	4681	January 3, 2020
Logout from enterprise connection will logout from the auth0 account Help logout , azure-ad	2	2386	March 9, 2022
Microsoft Azure AD option not available through Auth0 SSO Help auth0	7	4236	January 11, 2019
How to Prevent Signup and Password Reset for Azure AD Enterprise Connection Users? Help connections , azure-ad-enterprise-connection	7	1150	July 31, 2024
Auth0 with Azure AD enterprise connection Help login-experience , login-prompt-new-experience	0	16	October 6, 2024

Users are authenticated despite the choice not to be remembered

Related topics