- under the OIDC Az code flow, the IdTokenExpirySecs in the tenant settings are not getting reflected to the generated ID tokens 

- reproduced on 2.1.5 and 2.2.2 and 2.2.3 .

-  ID token expiry is set to 12 hrs, however its not reflecting in ID Token expiry time, In ID token, the validity is coming as 15 mins, however it should be 12 hrs.

Tenant setting:

{

"name": "idTokenExpirySecs",

"value": "43200",

"origin": "tenant"

    }

{

"name": "accessTokenExpirySecs",

"value": "960",

"origin": "tenant"

    }

{

"name": "useOriginalIdentityTokenExpiry",

"value": "false",

"origin": "global"

    }

2.x up till 2.2.3 

This is a Defect in the release from 2.x up till 2.2.3 where  the expiration as the exp: claim in the id_token is actually being based on the accessTokenExpirySecs setting. 

This Defect is fixed in release 2.2.4.

If you are on a release prior of 2.2.4 and you want a quick workaround till you upgrade, you can increase the  accessTokenExpirySecs in the tenant settings