cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

BYPASS SESSION CONTROL

richrico
Copper Contributor

‎Oct 29 2021 04:11 PM - edited ‎Nov 08 2021 09:40 AM

‎Oct 29 2021 04:11 PM - edited ‎Nov 08 2021 09:40 AM

BYPASS SESSION CONTROL

I am testing a real-time content inspection policy (Block upload) in conditional access app control. The policy is setup to block the upload of any files containing an SSN into a browser session app. The problem is the policy fails to block the upload although it logs a match anytime I try uploading a file into the app. I have tried with both Microsoft edge and Google chrome. Below is a screen shot. I will like to know what "Bypass session control" also means since that is what I suspect might be the clue to resolving the issue.

 

richrico_0-1635548373916.png

 

Labels:
4,325 Views
1 Like
3 Replies
Reply
3 Replies
Jonhed

‎Nov 01 2021 06:04 AM

‎Nov 01 2021 06:04 AM

Re: BYPASS SESSION CONTROL

@richrico

What does your policy look like?

Also, is the application onboarded for session controls in MCAS? 

0 Likes
Reply
richrico

‎Nov 01 2021 02:39 PM

‎Nov 01 2021 02:39 PM

Re: BYPASS SESSION CONTROL

 

I first used the template (Block upload based on real-time content inspection) and then created it from scratch. Both had the same result (didn't block the upload). And yes, the application is perfectly onboarded (shows connected) in MCAS

richrico_0-1635802629256.png

 

 

@Jonhed 

0 Likes
Reply
richrico

‎Jan 07 2022 09:32 AM

‎Jan 07 2022 09:32 AM

Re: BYPASS SESSION CONTROL

Never mind, I found a solution to the problem. The session is being bypassed because the app is using an Oauth code login flow. Hence enabling "Treat access token and code requests as app logins" on the configuration page of the app rectified the issue. 

 

richrico_0-1641576707052.png

 

@Jonhed 

1 Like
Reply