Only browser activities can be found in Activity Log for Conditional Access App control App

Copper Contributor

We have add Deskbird into Microsoft Defender for Cloud Apps via Entra ID CA policy, and it is listed in MDCA - Cloud apps - Activity log now. However, we found only the activities via web browser were logged, the activities trigged from mobile Apps are not. But those activities can be found in Sign-in Logs from Azure enterprise application portal.

 

How to make MDCA receive all activities include both browser and App? We want to setup access control policy, without the visibility to Mobile App activities, the policy can't cover all scenarios. 

2 Replies

@etimer today session control will only cover browser not native clients.  One way to address this is to block access to native clients on unmanaged devices and force those clients to go through session control.

@Keith_Fleming Hi Keith, thanks! However the problem is I in Activity Log, only browser sessions are captured. Without seeing the activities, the policy won't work.