Intune app protection policy device based conditions

Iron Contributor

Does the device based condition settings within an Intune App Protection policy requires device to be enrolled and MDM managed?


E.g., Does the APP policy settings such as jailbroken/rooted devices and SafetyNet device attestation work if the device is not enrolled.

1 Reply

Hi Gurdev Singh,

Those policies can be applied to devices that aren’t enrolled, there is a similar setting in Compliance Policies for enrolled devices.

Hope this helps!

From MSFT Documentation:
“Conditional launch settings can apply for device based conditions through your app protection policy.

Similar device based settings can be configured for enrolled devices.”