Support conditional access for MyApps.microsoft.com
We need myapps.microsoft.com (Access Panel) to support conditional access. Currently it is a quit bad user experience when accepting an Azure B2B invite in a tenant that have implemented Azure Conditional Access that does not have the option to exclude "myapps.microsoft.com (Access Panel)"
We’re looking at how best to implement this, given various service dependencies with the myapp portal. Thank you for the continued feedback.
Chris Roberson commented
Peter Selch Dahl | Azure MVP commented
It's important that "Security Info" (Password Reset and Registration) be split from the myapps endpoint in Azure AD as the current setup is not very flexible.
One endpoint, One Purpose ;)
/Peter Selch Dahl
Please speed up the implementation, because we are being enforced to use the combined registration at mysignins.microsoft.com on September 25, 2019. This is a big impact, that affects our external users.
Same issue as everyone else.
Same issue as everyone else. Our default security position is that all apps should have CA on rather than off as Microsoft always invent a new O365 app for which we need to make sure there isn't a single factor of authentication to get into it. Since there is such a huge number of apps it is better to have a default as CA on and then exclude apps where we need customised CA policies.
Sancha S. commented
We face the same problem. We need the option in condition access to exclude Microsoft App Access Panel (myapps.microsoft.com)
Eli L commented
we need to have the option to exclude "myapps.microsoft.com"
This is an issue for us too. We need to be able to configure Conditional Access Policies for Microsoft App Access Panel
Rich Ivey commented
Is this still under review? We need to be able to enforce conditional access on Microsoft App Access Panel, or myapps.microsoft.com. This page is currently accessible to any bad actor who obtains a successful password authentication. Once logged into that page, there are many access points to many apps and websites that contain Personally Identifiable Information (PII). This is a big security hole for us and probably for many other organizations.
Even worse. With conditional access to block all apps except SharePoint, the external users won't be able to access myapps.microsoft.com to remove themselves from the external tenants.
Peter Selch Dahl commented
This remain an issue.... https://imgur.com/a/V5kDV
John Kyle Dalfrey commented
Same here. I need to create a conditional access policy but i don't see it in the cloud apps section.
Do you know how this is fixed? I don't see it listed in Cloud Apps