Troubleshooting Conditional Access On A Device
Removal of Office 365 Access Not Immediate
A common expectation is that users and/or devices* lose access as soon as the device becomes non-compliant. This is not always the case.
*Users lose access on devices registered as Microsoft User Mode. Devices lose access if registered as Microsoft Shared Mode.
Cause
The Microsoft authorization token refresh interval controls when conditional access changes take affect. A session condition on the conditional access policy determines this. Once the token expires, the user must log into the app again.
Remedy
Administrator
Procedure
Edit the conditional access policy to change the refresh
interval.