I use ws-federation with Azure AD in my web application. All is working except that i would like my users to be logged out after 30 minutes of inactivity.
Im using cookieauthentication:
AuthenticationType = DefaultAuthenticationTypes.ExternalCookie,
SlidingExpiration = true,
ExpireTimeSpan = new TimeSpan(0, 30, 0),
And my wsfederation:
Wtrealm = _appSettings.Realm,
MetadataAddress = _appSettings.Metadata,
AuthenticationMode = AuthenticationMode.Passive,
SignInAsAuthenticationType = DefaultAuthenticationTypes.ExternalCookie,
UseTokenLifetime = false,
The user is logged out of the web application after 30 minutes. But when they click the login url and gets redirected to Azure AD they're still logged in and gets automatically signed in to my application again.
I want the users to re enter their credentials before getting signed in again. Is there a way to achieve this?