In conditional access, what is included in "Microsoft Azure Management"?

Brass Contributor

Microsoft recommends creating a policy that requires MFA when accessing the Azure administration portal (link). For this to work, the cloud app "Microsoft Azure Management" must be specified in the included scope.


However, the documentation does not give any indication on whether or not the various Microsoft 365 administration centers (e.g., SharePoint admin center, Exchange Admin Center, Teams Admin Center, Security center, Compliance center, etc.) would be impacted by this.


Should additional rules be created for Microsoft 365 administrative centers or should they be considered "Microsoft Azure Management"? If anyone has a Microsoft documented source on this that would be immensely appreciated.

2 Replies
Thank you Christian for the link.

Based on what I read, Microsoft 365 admin centers are not covered by a conditional access rule that specifies "Microsoft Azure Management" as the cloud app. It seems that access control to these centers it is purely role based and we can assume there is no need to govern their access by any other means than role assignments.
1 best response