Forum Discussion

testuser7's avatar
testuser7
Brass Contributor
Jun 24, 2021

conditional policy relaxation for a client-app

My OAuth client app is sending /authorize call to AAD with openid in the SCOPE

I have a conditional policy that says that access to any and ALL cloud-resource MUST be from COMPLIANT DEVICE.

 

I want to relax this policy only for this one and only client-application so that this client-app (web-app) can be hit from my personal device browser.

All other client-apps must  comply with COMPLIANT DEVICE policy.

 

Can I do that ?


Thanks.

  • pvanberlo's avatar
    pvanberlo
    Steel Contributor
    You can edit your Conditional Access policy and exclude this specific app from the policy that requires managed devices. You do this by editing the policy, selecting ‘Cloud apps or actions’ and then the ‘Exclude’ tab. Here you can select any apps that have been registered in your directory/tenant and to which this policy shouldn’t apply.

Resources