Forum Discussion
Block all 365 apps except Outlook via CA
Trying to block 365 for a subset of users, except email. The old app-based CA rules made this easy. The new 'resource' based setup... I'm not even sure if it's possible. CoPilot just keeps telling me...
Hi underQualifried, to block all 365 apps except Outlook on BYOD devices, you’ll likely need a combination of Conditional Access (CA) policies and App Protection Policies (APP). In the new resource-based CA setup, create a policy targeting all cloud apps and then exclude Exchange Online. Then, enforce APP on mobile devices to restrict access to only Outlook. Make sure the policy applies to the correct device platforms and user groups. This approach effectively blocks other 365 apps while allowing email on unmanaged devices.