Forum Discussion
How to force user-sign in with the Desktop App? (GPO/Intune)
Hi Everyone,
How can I force user's to sign into the Copilot desktop application with their Work account? Or put differently, how can I auto sign-in users with their work account for the desktop Copilot application?
Thanks everyone!
1 Reply
1. Basic Configuration
Log in to the Azure AD portal
Create Conditional Access Policy:
Target Application: Microsoft 365 Copilot
Client Type: "Desktop Client Only"
Authorization Controls: Require Device Compliance
2. Quick PowerShell Commands
powershell
# Connect to Azure AD
Connect-AzureAD
# Create Policy
New-AzureADMSConditionalAccessPolicy -DisplayName "Copilot Desktop Restrictions" `
-State "Enabled" `
-Conditions @{
ClientAppTypes = @("Desktop") Applications = @{Include = "Microsoft 365 Copilot"}
} `
-GrantControls @{Operator="OR";BuiltInControls=@("RequireCompliantDevice")}
3. Validation Methods
Tests Web login should be blocked
Desktop client login should be successful
Check login logs to confirm policy is in effect
