Forum Discussion
Solved
Did I accidentally provision Apple Internet Accounts with my own Azure AD user account
I was adding my O365 email account to my iPhone (Exchange Active-Sync) when I was prompted with the request below. I blindly tapped Accept (yes really should have read the fine print) and realised I ...
- Azure Basic has functionality to keep a tenant secure, but it is, well... basic
First of all, I would recommend turning off User Application consent (like mentioned in the blog I added previously).
Secondly, I would really recommend configuring Multifactor Authentication.
MFA can be configured through two ways: Conditional Access and Security Defaults.
Security Defaults are a free option, check out this blog for more information:
https://365bythijs.be/2019/11/26/what-is-azure-ad-security-defaults-should-you-be-using-it/
I wouldn't worry about MDM and PIM during this time.
If you have configured MFA, you have a good baseline
These application do have a security concern indeed. I blogged about it a while ago: https://365bythijs.be/2020/01/05/protecting-against-oauth-attacks-setting-up-admin-consent-workflow/
Nothing would happen if you made changes to the account.
An enterprise application is not dependent on a user account, it's an entity on it's own.
You received this prompt because you tried to configure the Apple Mail app on your iPhone.
Nothing would happen if you made changes to the account.
An enterprise application is not dependent on a user account, it's an entity on it's own.
You received this prompt because you tried to configure the Apple Mail app on your iPhone.
Thijs Lecomte, a user told me that they got the prompt when they tried to configure email on a Mac. Is this possible on a Mac and ipad as well? I may have misunderstood the user, but I would love to know the difference.
It's possible. I don't know exactly how the Mail app on MacOS works.
Most third party apps that integrate with Office 365 (like reading emails) will provide these pop-ups