Sign-ins

%3CLINGO-SUB%20id%3D%22lingo-sub-1485666%22%20slang%3D%22en-US%22%3ESign-ins%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-1485666%22%20slang%3D%22en-US%22%3E%3CP%3EHi%26nbsp%3B%3CBR%20%2F%3EI%20would%20like%20to%20block%20for%20all%20legacy%20Authentification%20-%20and%20followed%20a%20guide%20from%20MS%20to%20see%20which%20usage%26nbsp%3B%26nbsp%3B%3CBR%20%2F%3Ein%20Monitor%20-%26gt%3B%20Sign-ins%20-%26gt%3B%20Add%20filter%3A%20Client%20Apps%20-%20one%20can%20filter%20on%2013%20legacy%20Apps%20-%20all%20good%20%3A)%3C%2Fimg%3E%26nbsp%3B%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EHowever%2C%20most%20have%20in%20the%20'Application'%20column%20listed%20%22Common%20Data%20Service%22%3CBR%20%2F%3E%3CBR%20%2F%3E%3CSPAN%20class%3D%22lia-inline-image-display-wrapper%20lia-image-align-inline%22%20image-alt%3D%2211.png%22%20style%3D%22width%3A%20273px%3B%22%3E%3CIMG%20src%3D%22https%3A%2F%2Fgxcuf89792.i.lithium.com%2Ft5%2Fimage%2Fserverpage%2Fimage-id%2F200694i113CEC26DC82084D%2Fimage-size%2Flarge%3Fv%3D1.0%26amp%3Bpx%3D999%22%20title%3D%2211.png%22%20alt%3D%2211.png%22%20%2F%3E%3C%2FSPAN%3E%3CBR%20%2F%3E%3CBR%20%2F%3E-%20is%20this%20a%20PowerApp%20developed%20that%20uses%20legacy%20auth.%20or%3F%20-%20how%20to%20remediate%20this%3F%26nbsp%3B%20%26nbsp%3B%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-LABS%20id%3D%22lingo-labs-1485666%22%20slang%3D%22en-US%22%3E%3CLINGO-LABEL%3EAccess%20Management%3C%2FLINGO-LABEL%3E%3CLINGO-LABEL%3EAzure%20AD%3C%2FLINGO-LABEL%3E%3CLINGO-LABEL%3EIdentity%20Management%3C%2FLINGO-LABEL%3E%3C%2FLINGO-LABS%3E%3CLINGO-SUB%20id%3D%22lingo-sub-1486851%22%20slang%3D%22en-US%22%3ERe%3A%20Sign-ins%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-1486851%22%20slang%3D%22en-US%22%3E%3CP%3ECan%20you%20see%20the%20applicationID%3F%20Here's%20what%20I%20see%20in%20my%20tenant%3A%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3E%3CSPAN%20style%3D%22color%3A%20%23032f62%3B%22%3E%3CFONT%20style%3D%22background-color%3A%20%23ffffff%3B%22%20color%3D%22%23006000%22%3ECommon%20Data%20Service%3C%2FFONT%3E%20'00000007-0000-0000-c000-000000000000'%3C%2FSPAN%3E%3CSPAN%20style%3D%22color%3A%20%2324292e%3B%22%3E%3A%20%3C%2FSPAN%3E%3CSPAN%20style%3D%22color%3A%20%23032f62%3B%22%3E'Dynamics%20CRM%20Online'%3C%2FSPAN%3E%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3E%3CSPAN%20style%3D%22color%3A%20%2324292e%3B%22%3EThose%20are%20all%20using%20modern%20auth%20though.%3C%2FSPAN%3E%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-1488046%22%20slang%3D%22en-US%22%3ERe%3A%20Sign-ins%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-1488046%22%20slang%3D%22en-US%22%3E%3CP%3E%3CA%20href%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fuser%2Fviewprofilepage%2Fuser-id%2F58%22%20target%3D%22_blank%22%3E%40Vasil%20Michev%3C%2FA%3E%26nbsp%3B%20-%20Thanks%20%3A)%3C%2Fimg%3E%20-%20it's%20the%20same%20AppId%26nbsp%3B%20-%20if%20modern%20is%20used%20in%20common%20data%20service%20-%20why%20is%20it%20then%20listed%20under%20'insights%20and%20reporting'%20in%20Cond.%20access%20sign%20in%20details%20and%20in%20the%20Identity%20Protection%20as%20Legacy%20Auth.%20sign%20in%3F%26nbsp%3B%26nbsp%3B%3CBR%20%2F%3EI've%20read%20this%3A%26nbsp%3B%3CA%20href%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fazure-active-directory-identity%2Fnew-tools-to-block-legacy-authentication-in-your-organization%2Fba-p%2F1225302%23%22%20target%3D%22_blank%22%3Ehttps%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fazure-active-directory-identity%2Fnew-tools-to-block-legacy-authentication-in-your-organization%2Fba-p%2F1225302%23%3C%2FA%3E%3C%2FP%3E%3CP%3E%3CBR%20%2F%3EAnd%20the%20common%20data%20service%20is%20also%20listed%20in%20the%20workbook%20'Sign-in%20using%20Legacy%20Authentification'%3C%2FP%3E%3CP%3E%3CBR%20%2F%3EI%20made%20(several)%20Cond.%20Access%20-%20all%20running%20in%20reporting%20mode%20to%20get%20an%20overview%20of%20the%20impact%2C%20what%20is%20using%20leg.%20auth.%20etc.%20-%20one%20CA%20is%20to%20Block%20Legacy%20Auth.%20and%20followed%20this%3A%26nbsp%3B%26nbsp%3B%3CA%20href%3D%22https%3A%2F%2Fdocs.microsoft.com%2Fen-us%2Fazure%2Factive-directory%2Fconditional-access%2Fblock-legacy-authentication%22%20target%3D%22_blank%22%20rel%3D%22noopener%20noreferrer%22%3Ehttps%3A%2F%2Fdocs.microsoft.com%2Fen-us%2Fazure%2Factive-directory%2Fconditional-access%2Fblock-legacy-authentication%3C%2FA%3E%26nbsp%3B%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-1488153%22%20slang%3D%22en-US%22%3ERe%3A%20Sign-ins%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-1488153%22%20slang%3D%22en-US%22%3E%3CP%3EWell%2C%20I'm%20not%20sure%2C%20you%20can%20ask%20Alex%20in%20the%20blog%20comments%20%3A)%3C%2Fimg%3E%3C%2FP%3E%3C%2FLINGO-BODY%3E
Super Contributor

Hi 
I would like to block for all legacy Authentification with CA - and followed a guide from MS to see which usage  
in Monitor -> Sign-ins -> Add filter: Client Apps - one can filter on 13 legacy Apps - all good :) 

 

However, most have in the 'Application' column listed "Common Data Service"

11.png

- is this a PowerApp developed that uses legacy auth. or? - how to remediate this?   

3 Replies

Can you see the applicationID? Here's what I see in my tenant:

 

Common Data Service '00000007-0000-0000-c000-000000000000': 'Dynamics CRM Online'

 

Those are all using modern auth though.

@Vasil Michev  - Thanks :) - it's the same AppId  - if modern is used in common data service - why is it then listed under 'insights and reporting' in Cond. access sign in details and in the Identity Protection as Legacy Auth. sign in?  
I've read this: https://techcommunity.microsoft.com/t5/azure-active-directory-identity/new-tools-to-block-legacy-aut...


And the common data service is also listed in the workbook 'Sign-in using Legacy Authentification'


I made (several) Cond. Access - all running in reporting mode to get an overview of the impact, what is using leg. auth. etc. - one CA is to Block Legacy Auth. and followed this:  https://docs.microsoft.com/en-us/azure/active-directory/conditional-access/block-legacy-authenticati... 

Well, I'm not sure, you can ask Alex in the blog comments :)