Forum Discussion

Brass Contributor

Feb 19, 2024

Conditional Access Applications

When I review the applicaitons in Conditional Access Overview, I see under Users without coverage Microsoft Authentication Broker with most employees listed (ie: 33 out of 33). Most status is Succes...

Conditional Access

G_Wilson3468

Iron Contributor

Feb 20, 2024

bfry2461 This is a normal behavior. The Microsoft Authentication Broker facilitates the SSO across a bunch of different services and apps. It handles token exchange so you don't have repeated authentication. Some devices have it built into the operating system while others like MacOS or iOS have the Microsoft Authenticator to use instead.

A "success" status with conditional access as "not applied" is also normal because the broker has enabled SSO. Its always a good idea to review your conditional access policies and check for any exclusion or by-pass rules that you may have set. It's likely you've done something like this, but it doesn't hurt to review it on a regular basis.

Hope this helps.

scottk_usc
Copper Contributor
May 03, 2024
G_Wilson3468 - Can you share MS documentation links explaining this about Authentication Broker ? Thanks!
bfry2461
Brass Contributor
Feb 21, 2024
Thank you for the reply. The conditional access policies we use are generic as to they came from Microsoft and we have not tweeked them.
Is it possible to get set it so the Microsoft Authentication Broker shows the success under User with coverage vs the Users without coverage?
- G_Wilson3468
  Iron Contributor
  Feb 21, 2024
  Not that I'm aware of.