Microsoft Security Tech Accelerator
Dec 06 2023, 07:00 AM - 12:00 PM (PST)
Microsoft Tech Community

AAD device attributes cross tenant

Copper Contributor


will it become possible to evaluate AAD device attributes like extension attributes cross tenant?

Would be nice/helpful to utilize/enforce extension attribute values via Conditional ACcess.

Thank you


1 Reply

I can see that there might be privacy issues with providing attributes from another tenant, but it would be good if extension attributes set on an Azure “registered” device in the home tenant (which was Azure AD “joined” in another tenant) were honoured in Conditional Access.

Right now the device ID from a registered device can be used in a filter but an extension attribute set on the registered device object cannot.