Microsoft Entra ID (formerly Azure AD) - Revoke Users Session
  • 18 Sep 2024
  • 1 Minute to read
  • Dark
    Light
  • PDF

Microsoft Entra ID (formerly Azure AD) - Revoke Users Session

  • Dark
    Light
  • PDF

Article summary

Microsoft Entra ID (formerly Azure AD) - Revoke Users Session triggers a "revoke session" command on a user account in Entra ID.

See Creating Enforcement Sets to learn more about adding Enforcement Actions to Enforcement Sets.

Note:

General Settings

  • Action name - The name of this Enforcement Action. The system sets a default name. You can change the name.
  • Configure Dynamic Values - Toggle on to enter a Dynamic Value statement. See Creating Enforcement Action Dynamic Value Statements to learn more about Dynamic Value statement syntax.

  • Use Adapter Credentials - Select this option to use the first connected Entra ID adapter credentials.
Note:

To use this option, you must successfully configure an Entra ID adapter connection.

Required Fields

These fields must be configured to run the Enforcement Set.

Additional Fields

Note:

If Use stored credentials from the Entra ID adapter is not enabled, these fields are need to be configured. For definitions for these fields see the Entra ID adapter page.

  • Azure Client ID
  • Azure Client Secret
  • Azure Tenant ID
  • Verify SSL
  • Account Sub Domain
  • User Name
  • Password
  • 2FA Secret Key
  • SSO Provider

APIs

Axonius uses the Revoke sign-in session API.

Required Permissions

This action requires the following additional Delegated (for work or school accounts) or Application permission to revoke a user session:

'Application User.ReadWrite.All'


For more details about other Enforcement Actions available, see Action Library.



Was this article helpful?