Azure AD Conditional Access

Copper Contributor

Hi Everyone,


I've been trying to understand the flow how the Azure conditional access works. Especially from a non-domain joined(Azure). 


If I'm accessing a resource how Azure CA will come to know that I'm not accessing from a azure domain joined machine?


For example from a non-domain joined machine I opened browser and accessing O365 services where exactly the Azure checks will appear? Please let me know if anyone having an answer.





1 Reply


Basically the image under shows the flow in a basic way.

The O365 service always checks to compliance state of that device with the AzureAD (which gets the device states from Intune)...


Hope your question is therefore answered...