Revoke-EntraBetaUserAllRefreshToken

Reference

Module:: Microsoft.Entra.Beta

Invalidates the refresh tokens issued to applications for a user.

Syntax

Revoke-EntraBetaUserAllRefreshToken
      -UserId <String>
      [<CommonParameters>]

Description

The Revoke-EntraBetaUserAllRefreshToken cmdlet invalidates the refresh tokens issued to applications for a user.

The cmdlet also invalidates tokens issued to session cookies in a browser for the user.

The cmdlet operates by resetting the refreshTokensValidFromDateTime user property to the current date and time.

The user or an administrator usually performs this operation if the user's device is lost or stolen. It blocks access to the organization's data by requiring the user to sign in again to all previously authorized applications, regardless of the device

Examples

Example 1: Revoke refresh tokens for a user

Connect-Entra -Scopes 'User.RevokeSessions.All'
Revoke-EntraBetaUserAllRefreshToken -UserId '[email protected]'

Value
-----
True

This example demonstrates how to revoke the tokens for the specified user.

-UserId parameter specifies the unique identifier of a user.

Parameters

-UserId

Specifies the unique ID of a user.

Type:	System.String
Aliases:	ObjectId
Position:	Named
Default value:	None
Required:	True
Accept pipeline input:	True
Accept wildcard characters:	False

Revoke-EntraBetaSignedInUserAllRefreshToken

Share via