Conditional Access in CAS

%3CLINGO-SUB%20id%3D%22lingo-sub-390270%22%20slang%3D%22en-US%22%3EConditional%20Access%20in%20CAS%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-390270%22%20slang%3D%22en-US%22%3E%3CP%3EHola%20Everyone%2C%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EI%20was%20looking%20at%20the%20documentation%20on%20this%20and%20I%20see%20some%20options%20to%20set%20limited%20access%2C%20like%20read%20only%20to%20the%20conditional%20access%20apps%2C%20if%20certain%20criteria%20is%20met.%20I%20aslo%20see%20the%20option%20to%20block%20or%20set%20limited%20access%20to%20desktop%20and%20mobile%20apps%2C%20which%20I%20configure%20with%20an%20access%20policy%2C%20but%20I%20cannot%20find%20much%20documentation%20on%20this.%20Is%20it%20possible%20to%20to%20set%20a%20policy%20in%20CAS%20to%20for%20instance%20give%20read-only%20or%20block%20access%20to%20Outlook%20fat%20client%20and%20not%20just%20webmail%3F%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3E%3CA%20href%3D%22https%3A%2F%2Fdocs.microsoft.com%2Fen-us%2Fcloud-app-security%2Fproxy-intro-aad%22%20target%3D%22_blank%22%20rel%3D%22noopener%20noreferrer%20noopener%20noreferrer%22%3Ehttps%3A%2F%2Fdocs.microsoft.com%2Fen-us%2Fcloud-app-security%2Fproxy-intro-aad%3C%2FA%3E%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EPlease%20let%20me%20know.%3C%2FP%3E%3CP%3EThank%20you.%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-LABS%20id%3D%22lingo-labs-390270%22%20slang%3D%22en-US%22%3E%3CLINGO-LABEL%3ECloud%20App%20Security%3C%2FLINGO-LABEL%3E%3C%2FLINGO-LABS%3E%3CLINGO-SUB%20id%3D%22lingo-sub-391898%22%20slang%3D%22en-US%22%3ERe%3A%20Conditional%20Access%20in%20CAS%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-391898%22%20slang%3D%22en-US%22%3E%3CP%3E%3CA%20href%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fuser%2Fviewprofilepage%2Fuser-id%2F133930%22%20target%3D%22_blank%22%3E%40Alex%20Esibov%3C%2FA%3E%26nbsp%3B%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EThank%20you%20Alex.%20This%20is%20what%20we%20are%20looking%20to%20do.%3C%2FP%3E%3CP%3EDo%20you%20have%20documentation%20on%20how%20to%20set%20the%20policy%20in%20CAS%20to%20block%3F%20I%20am%20unable%20to%20find%20guidance%20on%20it.%20Of%20is%20it%20done%20in%20Azure%20AD%3F%26nbsp%3B%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EPlease%20let%20me%20know%20your%20thoughts.%3C%2FP%3E%3CP%3EThank%20you.%3C%2FP%3E%3CP%3EMaria%20Y.%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-390494%22%20slang%3D%22en-US%22%3ERe%3A%20Conditional%20Access%20in%20CAS%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-390494%22%20slang%3D%22en-US%22%3E%3CP%3E%3CA%20href%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fuser%2Fviewprofilepage%2Fuser-id%2F44888%22%20target%3D%22_blank%22%3E%40Ryan%20Heffernan%3C%2FA%3E%26nbsp%3B%3CA%20href%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fuser%2Fviewprofilepage%2Fuser-id%2F257155%22%20target%3D%22_blank%22%3E%40myacaman%3C%2FA%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3EHi%20there%2C%20Session%20controls%20to%20enable%20read-only%20access%20can%20be%20configured%20in%20browsers.%20Access%20controls%20to%20block%20access%20to%20client%20apps%20(mobile%2Fdesktop)%20can%20be%20used%20to%20force%20user%20to%20use%20the%20browser.%26nbsp%3B%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-390478%22%20slang%3D%22en-US%22%3ERe%3A%20Conditional%20Access%20in%20CAS%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-390478%22%20slang%3D%22en-US%22%3E%3CP%3E%3CA%20href%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fuser%2Fviewprofilepage%2Fuser-id%2F257155%22%20target%3D%22_blank%22%3E%40myacaman%3C%2FA%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3ECC%3A%26nbsp%3B%3CA%20href%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fuser%2Fviewprofilepage%2Fuser-id%2F133930%22%20target%3D%22_blank%22%3E%40Alex%20Esibov%3C%2FA%3E%26nbsp%3B%3C%2FP%3E%3C%2FLINGO-BODY%3E
Highlighted
Contributor

Hola Everyone,

 

I was looking at the documentation on this and I see some options to set limited access, like read only to the conditional access apps, if certain criteria is met. I aslo see the option to block or set limited access to desktop and mobile apps, which I configure with an access policy, but I cannot find much documentation on this. Is it possible to to set a policy in CAS to for instance give read-only or block access to Outlook fat client and not just webmail?

 

https://docs.microsoft.com/en-us/cloud-app-security/proxy-intro-aad

 

Please let me know.

Thank you.

3 Replies

@myacaman 

 

CC: @Alex Esibov 

Highlighted

@Ryan Heffernan @myacaman 

 

Hi there, Session controls to enable read-only access can be configured in browsers. Access controls to block access to client apps (mobile/desktop) can be used to force user to use the browser. 

Highlighted

@Alex Esibov 

 

Thank you Alex. This is what we are looking to do.

Do you have documentation on how to set the policy in CAS to block? I am unable to find guidance on it. Of is it done in Azure AD? 

 

Please let me know your thoughts.

Thank you.

Maria Y.