Why is my Microsoft / Office365 account in a stopped or invalid state?

Accounts can become stopped or invalid due to the refresh token or the password being invalid.

 

Basic password (Outlook / Hotmail accounts).

  • If the account continuously goes invalid after logging in:

Refresh tokens (OAuth accounts / O365) can be invalidated by several events such as:

  • User's password has changed since the refresh token was issued.
  • An administrator can apply conditional access policies that restrict access to resources.

To determine what is causing tokens to be revoked the mail administrator needs to:

  • If using O365 / Azure, go to Monitor > Logins  - this will inform them why access was revoked.
  • Typically there will be a conditional access policy. Ask the mail admin to create a policy for your application that is NOT restrictive and has long session timeouts.

CAE Settings in a new Conditional Access policy in the Azure portal.

Resources:

Troubleshooting why an account has stopped or invalid

Microsoft article regarding refresh tokens 

 

 

Updated

Was this article helpful?

0 out of 0 found this helpful

Have more questions? Submit a request

Comments

0 comments

Please sign in to leave a comment.