cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Microsoft Technical Takeoff
Nov 27 2023 07:00 AM - Nov 30 2023 11:30 AM (PST)
Microsoft Tech Community
LIVE
Find out more
SOLVED

Require approved client app vs Require app protection policy

Navishkar Sadheo
Steel Contributor

‎Jul 20 2020 03:07 PM

‎Jul 20 2020 03:07 PM

Require approved client app vs Require app protection policy

Hi All

 

Hope everyone is well.

 

Please can someone tell me what the difference between "Require approved client app" and "Require app protection policy" is?

 

In my conditional access policy whether I just select "Require approved client app" OR "Require approved client app and Require app protection policy" the result is the same.

 

Just trying to understand what "Require app protection policy" exactly does.

 

Appreciate any advice.

3,770 Views
0 Likes
1 Reply
Reply
1 Reply
best response confirmed by Oliver Kieselbach (MVP)
JanBakkerOrphaned

‎Jul 21 2020 12:13 AM

‎Jul 21 2020 12:13 AM

Solution

Re: Require approved client app vs Require app protection policy

@Navishkar Sadheo Good question. 

 

First of all:  Require approved client app grant control only supports iOS and Android and is used to only allow 1rst party apps to connect to Office 365, like the Outlook app.

 

Require app protection policy (preview) is all about Intune app protection. So when you select this option, the app cannot be used without an app protection policy in place. This is meant to protect the data from those apps. 

 

Please read these articles to learn all about that: https://www.petervanderwoude.nl/post/conditional-access-and-requiring-app-protection-policy/

&

https://samilamppu.com/2019/07/09/conditional-access-require-app-protection-policy/ 

&

https://www.inthecloud247.com/azure-ad-conditional-access-explained-android-and-ios/

 

1 Like
Reply