Forum Discussion
Conditional Access App Control issues
I'm trying to create a Cloud App policy to detect and block logins to any of our cloud apps that are leveraging SSO with Entra from Tor or anonymous IP's. I read an article where you can use Condi...
Try to take action at the following:
- Deploy the App in Defender for Cloud Apps
Go to Microsoft Defender Portal → Settings → Cloud Apps → Conditional Access App Control apps.
From there, click + Add and follow the wizard to onboard the app:
- Provide the app name
- SAML metadata or manual configuration (Assertion Consumer Service URL, SAML cert, etc.)
- Verify Prerequisites
- Ensure the app uses SAML 2.0 or OpenID Connect for SSO
- Necessary licenses (Microsoft Defender for Cloud Apps + Microsoft Entra ID P1/P2)
- The CA policy is set to Use custom policy and not just Monitor only