# About A Temporary Access Pass is a time-limited passcode for [[Entra ID]] that can be configured for single use or multiple. Users can sign in with a **Temporary Access Pass** to onboard other authentication methods including passwordless methods such as [[Microsoft Authenticator]], FIDO2 or [[Windows Hello for Business]]. A Temporary Access Pass also makes recovery easier when a user has lost or forgotten their strong authentication factor like a [[FIDO2 security key]] or Microsoft Authenticator app, but needs to sign in to register new strong authentication methods. # Session Lifetime > Users need to reauthenticate with different authentication methods after the TAP is expired or deleted. > > The token lifetime (session token, refresh token, access token, and so on) obtained by using a TAP sign-in is limited to the TAP lifetime. When a TAP expires, it leads to the expiration of the associated token.^[https://learn.microsoft.com/en-us/entra/identity/authentication/howto-authentication-temporary-access-pass#expiration] I believe this means that the session is only guaranteed to last as long as the TAP is valid. # Sources [Configure a Temporary Access Pass in Azure AD to register passwordless authentication methods - Microsoft Entra | Microsoft Learn](https://learn.microsoft.com/en-us/azure/active-directory/authentication/howto-authentication-temporary-access-pass)