Nick Donovan

My feedback

  1. 84 votes
    Sign in
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    6 comments  ·  Azure Active Directory » Conditional Access  ·  Flag idea as inappropriate…  ·  Admin →
    Nick Donovan supported this idea  · 
    An error occurred while saving the comment
    Nick Donovan commented  · 


    I don't know if I'm also having a similar issue. Currently we are trying to build a LOB application for iOS. I am using MS Authenticator to handle to brokering of the authentication for my LOB app to Azure. We would like to use this app on both MDM and MAM-WE devices. We have the two options ticked in our conditional access policy which grant access: 'Require device to be marked as compliant' or 'Require approved client app'. Either of these will grant access from our CA policy.

    Obviously coming from a MAM-WE device then the device will not be compliant as it is not enrolled. However if I turn this option off then I will be presented with: "You can't get there from here. It looks like you are trying to open this resource with an app that hasn't been approved by your IT department. Ask them for a list of approved apps." This comes from the second option in my CA policy. I am receiving this message from a web view within the MS Authenticator iOS app.

    If MS Authenticator gets added as an approved app will this CA policy pass and let me access my LOB app?

    Been struggling to find something about this.

Feedback and Knowledge Base