Forum Discussion
Conditional Access Policy - Persistent Browser Session exemptions
Hi, We are looking at introducing Conditional Access policies with Persistent Browser sessions enabled. Part of this particular access policy is to have it assigned to "All cloud apps". On a sid...
You can implement your conditional access policy to exclude devices that are compliant in Microsoft Intune so that they are not prompted for MFA in that specific condition.
Another solution is to grant access in the policy and use the OR scenario which means PASS the policy when a user performs MFA prompt or is compliant in Microsoft Endpoint Manager:
- That will only work after the device has completed the remote mobile management set up, I'm coming from a point of a refresh device being enrolled via Mac DEP enrollment
vas_ppabp_90 We are also running into this issue: CA policies with persistent browser session and we are trying to implement Intune and auto register devices. Were you ever able to find a solution or workaround? Thanks
