Microsoft
We are evaluating to use Conditional Access for our company.
One of the main feature that we would want is :
defining our own conditional access policy criteria. That is apart from geo-location, ip-addresses ,intune status etc.. we want to have our own criteria which will validate the request by its own logic.
Example of the logic could be : If the GeoLocation says Japan && Time is off-working hours && Our Anti-Virus says the device has some malware. Block the access
I can think of 2 way to do this :
1. Add another option in Conditional Access -> Conditions -> "Custom Policy Check". And have an option to add scripts or pass request to another Validation Proxy Server.
2. In Conditional Access -> Custom controls, allow us to define our own MFA provider. Basically, like DUO and others who do 2FA, we would want to setup our own validation server which does checks for our custom policies.
I am not sure if there is already a way to do something like this, I could't find it in docs yet.
Can you direct me to anything which could help us achieve C? Is there a plan in future to have
