This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(300.8, 80%, 39%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EH%3C/text%3E%3C/svg%3E)
I have B2C integrated with my Azure API Management service for authorization. I've been trying to adjust the session behavior in my user flow, setting the Web app session lifetime (minutes) to 15 minutes. In the token lifetime, I've also set the Access & ID token lifetimes (minutes) to 15. However, when I inspect the page and look at the token's headers, I see that the Set-Cookie header for the token states that it's going to expire in a hour. Why is this issue arising?
I've done some research into the issue, and found this post about this issue: https://stackoverflow.com/questions/58835708/changing-azure-ad-b2c-access-token-lifetime-doesnt-work They are encountering the same issue as me, however it hasn't been updated - I was wondering if this issue may have already been fixed as it was an issue back in 2019.