Microsoft Security Tech Accelerator
Dec 06 2023, 07:00 AM - 12:00 PM (PST)
Microsoft Tech Community

Conditional Access to Proxied Enterprise App by IP only

Not applicable



I'd like to restrict access to Azure enterprise app by IP only. I can create a location with IPs, but then I am forced to pick something in "Grant" or "Session" category - which I don't want, I just want to restict by IP. How do I go about that?


1 Reply

@Deleted Hi, given that you want to configure so that only corporate IPs can connect to the app I would use the guidance from doc:


If you need to configure a location condition that applies to all connections made from outside your organization's network:

  • Include All locations
  • Exclude All trusted IPs


And the action would then be "Block" to that specific app.