Are users required to create and use a Quest Account to access On Demand and the modules, or can a Single Sign On, such as an Azure AD account,t be used?
Signing in to On Demand is performed through Microsoft Entra ID, which provides centralized configuration management and native granular access control. It also supports advanced security through Conditional Access policies, including MFA, integration with Okta, and other applications that use the Microsoft Authentication Library (MSAL).
Authentication issues a Microsoft Entra ID access token scoped to the Quest On Demand application.
The access token has a lifetime of 10 minutes and is automatically refreshed while the user is actively using the application.
Users are automatically signed out after a period of inactivity.
If the user token is revoked in Microsoft Entra ID, access to On Demand continues until the token expires, for a maximum of 10 minutes. Access to an On-Demand organization can also be revoked by an On-Demand Organization Administrator, with access being removed after token expiry.
