This is a huge problem for my application, that refresh tokens expire after 12 hours using Microsoft Entra External ID with Email OTP! We need the 90 days that we are used to!

There is no way to change it. And the last resort is now not possible, as you can't create b2c tenants anymore!!!

$policy = New-AzureADPolicy -Definition @('{"AccessTokenLifetime":"23:59:59","RefreshTokenLifetime":"90:00:00:00","RollingRefreshTokenLifetime":"90:00:00:00"}') -DisplayName "WebPolicyScenario" -IsOrganizationDefault $false -Type "TokenLifetimePolicy"
 
Get-AzureADPolicy -Id $policy.Id
 
$sp = Get-AzureADServicePrincipal -Filter "DisplayName eq 'XXX'"
Add-AzureADServicePrincipalPolicy -Id $sp.ObjectId -RefObjectId $policy.Id