Forum Discussion
Restrict User Access to Specific Devices and Location Using Intune & Conditional Access
We have a customer requirement to restrict user sign-ins using Intune and Azure AD (Entra ID) Conditional Access. The goal is to allow access only from specific, managed devices and only from a speci...
The hard part is going to be the location access. Though the location data for IPs is about 95% accurate you'd run the risk of someone being in Mumbai and Conditional Access thinking your user is somewhere else. The problem is companies do buy and sell IPs and they can then change location and might take awhile before databases are up-to-date.
The managed device is a much easier to use conditional access with.
Edit:
Here's info on using Location in Conditional Access: https://learn.microsoft.com/en-us/entra/identity/conditional-access/policy-block-by-location