Sign out inactive users from the OneDrive and SharePoint mobile apps

By default, users will be signed out of the Microsoft SharePoint and OneDrive mobile apps (for Android, iOS, and Windows 10) if they haven't used either app in 90 days. To change this, follow these steps:

  1. Go to the Device access page of the OneDrive admin center.

  2. In the Mobile application management section, turn on Deploy this policy.

  3. Select Require Office 365 sign-in every 7 days.

  4. Click Save.

For more info, see Control access to features in the OneDrive and SharePoint mobile apps. You can also customize the inactive time by using Microsoft PowerShell to change the "Max Inactive Time" property of the refresh token in Azure Active Directory (Azure AD). Learn more about tokens and how to configure token lifetimes In addition, you can control access to the mobile apps by requiring a passcode.

Notes:

  • You can force a user to sign in again (revoke the refresh token) by resetting the user's password. Reset the password for a user in Azure AD

  • After 90 days, the refresh token expires even if it hasn't been used.

  • The default lifetime for the access token is 1 hour. To change this, go to the Device access page of the OneDrive admin center and enter a different number for Verify user access after.

  • The validity of a refresh token is checked every time the token is used.

Expand your Office skills
Explore training
Get new features first
Join Office Insiders

Was this information helpful?

Thank you for your feedback!

Thank you for your feedback! It sounds like it might be helpful to connect you to one of our Office support agents.

×