- 18 Sep 2024
- 1 Minute to read
- Print
- DarkLight
- PDF
Microsoft Entra ID (formerly Azure AD) - Revoke Users Session
- Updated on 18 Sep 2024
- 1 Minute to read
- Print
- DarkLight
- PDF
Microsoft Entra ID (formerly Azure AD) - Revoke Users Session triggers a "revoke session" command on a user account in Entra ID.
- Not all asset categories are supported for all Enforcement Actions.
- See Actions supported for Activity Logs, Adapters Fetch History, and Asset Investigation modules.
- See Actions supported for Vulnerabilities.
- See Actions supported for Software.
General Settings
- Action name - The name of this Enforcement Action. The system sets a default name. You can change the name.
- Configure Dynamic Values - Toggle on to enter a Dynamic Value statement. See Creating Enforcement Action Dynamic Value Statements to learn more about Dynamic Value statement syntax.
- Use Adapter Credentials - Select this option to use the first connected Entra ID adapter credentials.
To use this option, you must successfully configure an Entra ID adapter connection.
Required Fields
These fields must be configured to run the Enforcement Set.
Compute Node - The Axonius node to use when connecting to the specified host. For more details, see Connecting Additional Axonius Nodes.
Additional Fields
If Use stored credentials from the Entra ID adapter is not enabled, these fields are need to be configured. For definitions for these fields see the Entra ID adapter page.
- Azure Client ID
- Azure Client Secret
- Azure Tenant ID
- Verify SSL
- Account Sub Domain
- User Name
- Password
- 2FA Secret Key
- SSO Provider
APIs
Axonius uses the Revoke sign-in session API.
Required Permissions
This action requires the following additional Delegated (for work or school accounts) or Application permission to revoke a user session:
'Application User.ReadWrite.All'
For more details about other Enforcement Actions available, see Action Library.