Microsoft’s Weekend Token Tango: When Refresh Became Regress!
Microsoft confirms Entra account lockouts were due to mistakenly logged refresh tokens, not compromised credentials. Impacted users thought it was linked to a new app rollout, but it was an internal error. Microsoft fixed the logging issue and is investigating further. Meanwhile, affected users can restore access by confirming them as safe in Microsoft Entra.
Hot Take:
Looks like Microsoft’s Entra refresh tokens took a wrong turn into the Twilight Zone, causing a weekend lockout drama. Who knew that a little token logging mix-up could trigger an unexpected episode of “Locked Out and Confused”? It’s a reminder that even the tech titans are just one typo away from a comedy of errors. Let’s hope they find the refresh button on their refresh tokens!
Key Points:
- Microsoft Entra account lockouts were due to mistakenly logged user refresh tokens.
- Organizations initially blamed a new application, “MACE Credential Revocation,” for the lockouts.
- The real issue stemmed from logging actual tokens instead of just their metadata.
- Microsoft has corrected the logging issue and is working on restoring account access.
- A Post Incident Review (PIR) will be shared with affected customers after the investigation.
Already a member? Log in here