在 Azure Active Directory B2C 中配置会话行为Configure session behavior in Azure Active Directory B2C

使用 Azure Active Directory B2C (Azure AD B2C) 中的单一登录 (SSO) 会话管理,管理员可在用户已通过身份验证之后控制与用户的交互。Single sign-on (SSO) session management in Azure Active Directory B2C (Azure AD B2C) enables an administrator to control interaction with a user after the user has already authenticated. 例如,管理员可以控制是否显示所选的标识提供者,或是否需要再次输入帐户详细信息。For example, the administrator can control whether the selection of identity providers is displayed, or whether account details need to be entered again. 本文介绍如何配置 Azure AD B2C SSO 的设置。This article describes how to configure the SSO settings for Azure AD B2C.

会话行为属性Session behavior properties

可使用以下属性来管理 Web 应用程序会话:You can use the following properties to manage web application sessions:

  • Web 应用会话生存期(分钟) - 身份验证成功后,存储在用户浏览器上的 Azure AD B2C 会话 Cookie 的生存期。Web app session lifetime (minutes) - The lifetime of Azure AD B2C's session cookie stored on the user's browser upon successful authentication.
    • 默认值 = 1440 分钟。Default = 1440 minutes.
    • 最小值(含)= 15 分钟。Minimum (inclusive) = 15 minutes.
    • 最大值(含)= 1440 分钟。Maximum (inclusive) = 1440 minutes.
  • Web 应用会话超时 - 会话过期类型:“滚动”或“绝对” 。Web app session timeout - The session expiry type, Rolling, or Absolute.
  • 单一登录配置 - Azure AD B2C 租户中跨多个应用和用户流的单一登录 (SSO) 行为的会话范围Single sign-on configuration - The session scope of the single sign-on (SSO) behavior across multiple apps and user flows in your Azure AD B2C tenant.

配置属性Configure the properties

  1. 登录到 Azure 门户Sign in to the Azure portal.

  2. 请确保使用包含 Azure AD B2C 租户的目录,方法是选择顶部菜单中的“目录 + 订阅”筛选器,然后选择包含 Azure AD B2C 租户的目录。Make sure you're using the directory that contains your Azure AD B2C tenant by selecting the Directory + subscription filter in the top menu and choosing the directory that contains your Azure AD B2C tenant.

  3. 选择 Azure 门户左上角的“所有服务”,然后搜索并选择“Azure AD B2C” 。Choose All services in the top-left corner of the Azure portal, and then search for and select Azure AD B2C.

  4. 选择“用户流”****。Select User flows.

  5. 打开之前创建的用户流。Open the user flow that you previously created.

  6. 选择“属性”。Select Properties.

  7. 根据需要配置 Web 应用会话生存期(分钟)Web 应用会话超时单一登录配置在注销请求中需要 ID 令牌Configure Web app session lifetime (minutes), Web app session timeout, Single sign-on configuration, and Require ID Token in logout requests as needed.

    Azure 门户中的会话行为属性设置

  8. 单击“保存” 。Click Save.

后续步骤Next steps