Forum Discussion

RahamimL's avatar
RahamimL
Iron Contributor
May 04, 2022

Allow SSPR only from Azure Joined Windows Devices

Hi everyone,

 

We want to use SSPR only from specific devices. I don't talk about registration.

The point is to use this link and deny SSPR from devices by using conditional access.

 

Any ideas?

 

Rahamim.

  • Don't think this functionality exists at the moment. At best you can restrict registration to a known location using CA, but that's about it.
  • rahuljindal-MVP's avatar
    rahuljindal-MVP
    Bronze Contributor

    Hi. You can enable the SSPR CSP policy and deploy it to a group containing only Azure AD devices.

     

    As for using CA to deny SSPR, what is the exact scenario?

    • RahamimL's avatar
      RahamimL
      Iron Contributor
      I want to allow users to reset their password from their Azure joined computers only. Not from a smart phone or a non Azure joined devices.
      • rahuljindal-MVP's avatar
        rahuljindal-MVP
        Bronze Contributor
        Don't think this functionality exists at the moment. At best you can restrict registration to a known location using CA, but that's about it.

Resources