Forum Discussion

KevinWheeler2024's avatar
KevinWheeler2024
Brass Contributor
Mar 23, 2020

LOB apps and "Require approved client app"

Is it true that LOB Apps can not be added to the "Approved Client App" list for cloud app access with Conditional Access "Require approved client app"?  So basically, is the following true?

"As for the conflict you were assuming with the Conditional Access policy settings, you are correct.  If you do set the "Require approved client app" control under Access Controls > Grant, this requires devices to use an approved client app to access the services.  At this moment, LOB apps are no considered so.  You can see the current list of approved apps here: https://docs.microsoft.com/en-us/azure/active-directory/conditional-access/app-based-conditional-access

As you can see in the document, it states "This setting applies to the following iOS and Android apps" and will only work on the apps on this list.

The Intune SDK package will allow the app to be recognized and protected with Intune's App protection policies, but does not consider it an approved app."

Resources