Forum Discussion
Conditional Access Application Protection Exemption
I have a conditional access policy scoped against "All Cloud Apps" - excluding "Apple Internet Accounts" (f8d98a96-0999-43f5-8af3-69971c7bb423). This policy requires approved client app and app prote...
Hi AndyK
IOS native mail App is not part of either the approved client apps or the Require App Protection list, so you can’t excluded it from CA.
It’s added in your tenant as an Enterprise App because your users has used it to access their email before, like any other enterprise app (Acrobat for example).
In another word, this CA grants access to the approved apps/ Require App Protection in the list below-
Hope this helps!
Moe
https://learn.microsoft.com/en-us/azure/active-directory/conditional-access/concept-conditional-access-grant#require-approved-client-app