Troubleshooting: The SAML2 token is invalid because its validity period ended.

Your deployment is using Access Control Service (ACS) or Azure Active Directory (Azure AD) authentication. A client is disconnected from the Microsoft Dynamics NAV Server instance, and event log of the computer that is running of the server instance includes a warning event that has the following message:

The SAML2 token is invalid because its validity period ended.

Resolution

Azure AD issues a SAML security token which is used to authenticate client users. The security token has a lifetime, typically about 1 hour by default. When the lifetime expires, the client is disconnected from the server instance. If this issue becomes a problem, the server instance includes a configuration setting called Extended Security Token Lifetime (or ExtendedSecurityTokenLifetime) that you can set to increase the lifetime on hourly intervals, up to 24 hours. For more information, see Configuring Microsoft Dynamics NAV Server.

See Also

Authenticating Users with Azure Active Directory
Authenticating Users with Azure Access Control Service