{var%20f='http://v.t.sina.com.cn/share/share.php?appkey=1515056452',u=z||d.location,p=['&url=',e(u),'&title=',e(t||d.title),'&source=',e(r),'&sourceUrl=',e(l),'&content=',c||'gb2312','&pic=',e(p||'')].join('');function%20a(){if(!window.open([f,p].join(''),'mb',['toolbar=0,status=0,resizable=1,width=440,height=430,left=',(s.width-440)/2,',top=',(s.height-430)/2].join('')))u.href=[f,p].join('');};if(/Firefox/.test(navigator.userAgent))setTimeout(a,0);else%20a();})(screen,document,encodeURIComponent,'','','https://www.manongdao.com/data/attach/logo/logo.png', '推荐 We Are One 的问题《Revoke a refresh token on Azure AD B2C》','https://www.manongdao.com/q-403389.html','页面编码gb2312|utf-8默认gb2312'));){kind=link}
I don't know if there is a solution to revoke a refresh token when : - a user reset its own password with the reset password policy ? - a user change its own password with a specific form based on Graph API ?
I think it must be implemented for security reason but I don't if it's possible for now and if not when will it be available ?
Thanks in advance
I found a similar questions to your question Costs of B2C and Refresh tokens.
The essential part of the answer from the other question is:
I did some own tests using the Azure AD Graph API and was unable to get the refresh token to expire, even when resetting the password of the user accessing the resources.
As far as I know, there doesn't seem to be any way to expire the token at the moment, except for contacting Azure support and having them expire the token.