SOLVED

Access to Viva Engage in Teams but not to Yammer/Engage web portal?

Brass Contributor

I believe the answer to this is no, but I wanted to confirm with the experts. Is it possible to set it up so users can access the Viva Engage app in Teams, but cannot access the Engage/Yammer web portal?

7 Replies
Unfortunately, I don't believe it is possible through the standard configuration. You may be able to use Defender for Cloud Apps (formerly Cloud App Security) to block access to the web portal but not sure on the impact to the Teams App when doing that. It would be useful to understand why you are looking to do that?
Tell us more why you would want to do this? I don't know of a way off hand, but curious to hear more.
Blocking the web would also block the Viva Engage app in Outlook on Web, which has the same "one click away from where you're already working" use case as the Viva Engage app in the Teams app.
Thank you for everyone's feedback. It's what I expected and we're looking at another option.
The situation is that we have frontline workers who use "point of sale" laptops in retail stores that have customer data on them. Our security team sees Engage as a vulnerability for these machines because employees could potentially log into Engage with a personal account or they could switch to an external network other than our organization's Engage network. This is risky since those machines have customer data.
I believe the person asking me this question about blocking the web version of Engage while allowing the Teams Engage app thought that this would help control that vulnerability, but you can still switch external networks via the Teams Engage app.
So, what we're testing now is locking down the external network settings to see if this solves it. I know that it removes the "Browse external networks" link, but I don't know what it does for those who are already members of a different Engage network.
Are these frontline workers invited to external Yammer networks? That seems like an extraordinarily unlikely scenario.
I was looking for this option as well. Wanted to limit Viva Engage access only to certain group of employees and thought about doing this by Teams Admin Center app permission policy.
But it turns out an employee can access viva engage from yammer web and from Viva Engage android app, and thus bypass the restriction.
I guess it's possible to block the app via conditional access.
best response confirmed by KevinCrossman (MVP)
Solution
Remove Viva Engage Core license from all users and then just let some users have it via and AD group, those can access Viva Engage. And then you block access to viva engage for users without license

https://learn.microsoft.com/en-us/viva/engage/manage-engage-licenses-microsoft-365#block-users-who-d...

1 best response

Accepted Solutions
best response confirmed by KevinCrossman (MVP)
Solution
Remove Viva Engage Core license from all users and then just let some users have it via and AD group, those can access Viva Engage. And then you block access to viva engage for users without license

https://learn.microsoft.com/en-us/viva/engage/manage-engage-licenses-microsoft-365#block-users-who-d...

View solution in original post