Conditional Access app control

Skipster311-1 · ‎Jul 07 2021

I have configured a CA policy to use a custom policy for CA app control. When i navigate to cloud app security and "Conditional Access App Control apps" and add an app, i search for Sharepoint. I then receive the message below. When i click "start wizard" its asking for a metadata file. Does this feature not work with O365 applications like SharePoint and Exchange online ? Also if i navigate to polices in MCAS, click on "Conditional access" and create a new session policy i receive the below message. Its asking me to first create CA app control , but as i previously mentioned its asking me for metadata file, but im trying to protect sharepoint online. Very confused here.

https://docs.microsoft.com/en-us/cloud-app-security/proxy-deployment-aad

pvanberlo · ‎Jul 07 2021

For the featured apps (mostly Office 365 related) you can set up a CA policy directly in Azure AD to enable CAAC. Create a new policy, make sure that you select the correct cloud app under the Assignments tab, and then go to Session and select the 'Conditional Access App Control' checkbox. It'll allow you to block downloads or monitor only. You still won't be able to define custom policies there for these apps though. The custom policies at a high level also offer the same actions.

This is documented at https://docs.microsoft.com/en-us/cloud-app-security/proxy-deployment-aad#step-1--configure-your-idp-...

Also, for greater insight into Office 365, I would recommend connecting Office 365 to MCAS.

Skipster311-1 · ‎Jul 08 2021

@pvanberlo Thank you for the info. O365 is connected to MCAS. I will read the article you posted. Thank you again

Conditional Access app control

Conditional Access app control

Re: Conditional Access app control

Re: Conditional Access app control

Products (50)

Special Topics (27)

Video Hub (462)

Most Active Hubs

Most Active Hubs

Video Hub

Conditional Access app control