Forum Discussion
Cameron_Stephens
Sep 12, 2024Copper Contributor
Access Policies not blocking existing Office app connections
I'm testing blocking the Office apps on unmanaged devices so users cannot use them to download sensitive data. While I have had success with preventing users from licensing their Office apps or setti...
Cameron_Stephens
Sep 18, 2024Copper Contributor
While investigating this issue I came across this https://samilamppu.com/2021/06/22/cloud-app-security-access-policies-common-use-cases/ from 2021 which says the following:
Native clients interactive sign-on can be seen in MCAS but when they are acquiring refresh-token it’s not visible in MCAS.
Looking at the existing Microsoft docs page for creating Access policies it says under the section, test your policy:
Sign out of all existing sessions before re-authenticating to your apps.
So if Access policies can only restrict interactive logins from client apps, that would explain why existing application sessions arent being restricted.