Essentially, Office checks the validity of the user's credentials every ~10 minutes - in order to avoid the millions (one per user) of authentication requests it would be getting each minute, Okta uses a hash of the user's password, to respond to the Office requests.Office applications will not require a user to update their password immediately after change, due to how the credential hashing system works.I was able to confirm my previous suspicions on the following: I spoke internally on this case and can confirm that this is the Service Provider (Microsoft) that is forcing reauthentication. "Thanks for your patience while I further looked into this. If a password is changed, then Okta creates a new hash, would it not create/push a new has to O365? How can it keep a hash and validate it every "10min" if the password was changed? What I'm not clear on is when a change is made that pushes to O365, what/why in the transaction is making O365 say "hey reauth yourself"? This is what Okta Support explained to me, which mostly makes sense.
0 kommentar(er)
