According to Microsoft you won't be able to use, Configurable Token Lifetime policy after 1 November 2019. AD Conditional Access would replace this option.
So I made a CA that would apply to "Office 365 Exchange Online"and with the condition that it would only apply when accessed through a browser. I changed the Sign-in frequency to 1 hour as a test.
An hour after being signed-in I can still access outlook.office.com without having to sign in again. Anyone know what I am doing wrong?
We still use ADFS 2016.