By default, users will be signed out of the Microsoft SharePoint and OneDrive mobile apps (for Android, iOS, and Windows 10) if they haven't used either app in 90 days. To change this, follow these steps:
-
Go to the Device access page of the OneDrive admin center.
-
In the Mobile application management section, turn on Deploy this policy.
-
Select Require Office 365 sign-in every 7 days.
-
Click Save.
For more info, see Control access to features in the OneDrive and SharePoint mobile apps. You can also customize the inactive time by using Microsoft PowerShell to change the "Max Inactive Time" property of the refresh token in Azure Active Directory (Azure AD). Learn more about tokens and how to configure token lifetimes In addition, you can control access to the mobile apps by requiring a passcode.
Notes:
-
You can force a user to sign in again (revoke the refresh token) by resetting the user's password. Reset the password for a user in Azure AD
-
After 90 days, the refresh token expires even if it hasn't been used.
-
The default lifetime for the access token is 1 hour. To change this, go to the Device access page of the OneDrive admin center and enter a different number for Verify user access after.
-
The validity of a refresh token is checked every time the token is used.