I've been trying to understand the flow how the Azure conditional access works. Especially from a non-domain joined(Azure).
If I'm accessing a resource how Azure CA will come to know that I'm not accessing from a azure domain joined machine?
For example from a non-domain joined machine I opened browser and accessing O365 services where exactly the Azure checks will appear? Please let me know if anyone having an answer.
Basically the image under https://image.slidesharecdn.com/scugnorwayems-151025182017-lva1-app6891/95/enterprise-mobility-suite... shows the flow in a basic way.
The O365 service always checks to compliance state of that device with the AzureAD (which gets the device states from Intune)...
Hope your question is therefore answered...