In Microsoft 365, native and third-party applications are seamlessly integrated with Azure AD, utilizing the OAuth protocol for user authentication and login processes. In certain situations, administrators required to revoke a user’s all sign-in sessions, which involves invalidating all refresh tokens and browser session cookies. This operation forces the user to sign in again to all applications where they have previously logged in.
Specmasoft’s Office 365 Manager is a desktop-based Microsoft 365 user reporting and management tool. It assists in monitoring user login activity and identifying the last sign-in date time for users. Encompassing both interactive and non-interactive logins. Additionally, the tool allows you to revoke all the user’s refresh and session tokens that have been issued to applications.
Steps to Revoke All User Sign-In Sessions and Refresh Tokens
Follow the steps below to revoke access for one or multiple Azure AD user accounts from all the Microsoft 365 and third-party applications:
- Open the user interface console of the Office 365 Manager application.
- Go to the Azure AD page.
- In the Office 365 Users tab, select the appropriate report that aligns with your needs.
- Choose the necessary user accounts from the report grid.
- Within the Update Users section, click on the More Actions button, then select Revoke Sign In Sessions.
- In the subsequent pop-up window, click OK to confirm and start the access revocation operation for the selected users.