Conditional access policy (block with exception to trusted locations and hybrid joined devices

New Contributor

I'm trying to create a conditional access policy to block access to an enterprise app. I'd like this policy to apply to all users and all devices unless the device is hybrid joined and/or the devices in a trusted location.  I'm struggling to get this working and the policy ends up blocking access unless the device is both in a trusted location and hybrid joined. Any suggestions on the best way to configure this?

0 Replies