Thanks Alex. This is good news! A clarification/question on using Sign-ins Frequency in CA rules
- If I configure the new Conditional Access policy with Sign-In Frequency set to 30 days for devices connecting to Exchange Online from an external network, users would be required to perform an interactive login (user must type in Id/password) every 30 days. AND if MFA was required on the CA rule as condition, the user would also be MFA challenged every 30 days. Correct?
- The authentication and MFA challenge above would be scoped to EXO and therefore if a separate CA rule had the same Sign-in Frequency and MFA configuration but set for Sharepoint Online, user would be authenticating and MFA challenged on 2 separate cycles, one cycle for EXO and another for SPO
- If the above are accurate, then I believe 1 CA rule for all O365 clouds apps (EXO, SPO, Yammer etc) with the same Sign-in and MFA configurations would have the effect of creating 1 sign-in/MFA challenge cycle for all the apps in the policy. Correct?
Microsoft