Use the ValidFrom and ValidTo properties to determine the time period in which a SamlSecurityToken token is valid. The ValidFrom and ValidTo properties represent the first and last instants in time in which the security token is valid, respectively.
By default, a 5-minute clock skew is allowed between the sender and receiver of the security token. So, if the NotOnOrAfter property is set to 1:00 PM, then the ValidFrom property is set to 1:05 PM.
When the ValidTo property is set to MaxValue, then the SAML assertion associated with this SamlSecurityToken security token does not have any conditions set.
Windows 8.1, Windows Server 2012 R2, Windows 8, Windows Server 2012, Windows 7, Windows Vista SP2, Windows Server 2008 (Server Core Role not supported), Windows Server 2008 R2 (Server Core Role supported with SP1 or later; Itanium not supported)