adding azure enterprise apps to cloud app security

Skipster311-1 · ‎Aug 05 2021

Hello

We have many saml enterprise apps that have been added to Azure enterprise apps. Some of the apps are accessed using a client app that's on the users mobile device. When looking at the default message in cloud app security, below its suggesting that the application can only be accessed from a browser. When people see this message , they associate "web browser" with desktop or laptop, not a mobile client app thats on a mobile device. I have tested this and against one of our saml apps "Zendesk" using the mobile client, and everything works, but considering every modern saml app has a mobile app, why would this be the default message ?

JaredPoeppelman · ‎Dec 03 2021

Mobile client apps cannot be reliably supported for session policies because it requires that the client be redirected (via 302 redirects) to the session proxy. Many mobile client apps use SSO authentication flows that do not use these redirects, providing no opportunity to point the client app to the reverse proxy. This means that if you want session controls, they should be applied to browser access in the required scenarios alongside blocking the app-based access entirely. Otherwise, the browser experience may lead you to a false presumption of how app-based apps will honor the policy or not.

Products (50)

Special Topics (27)

Video Hub (462)

Most Active Hubs

Most Active Hubs

Video Hub

adding azure enterprise apps to cloud app security