Jan 20 2023 09:37 AM
1. Block login except from certain countries2. Block unused device operating systems3. Require compliant devices4. Require Hybrid Azure AD joined device5. Require an app protection policy6. Block high-user risk7. Block high sign-in risk8. Require MFA9. Block basic/legacy authentication
To learn how to set them up go to 9 Conditional Access Policies You'll Kick Yourself for Not Setting Up
View best response
Jan 22 2023 12:30 PM
Oct 16 2023 06:37 AM
@John Gruber - why require Hybrid Joined devices? This flies in the face of current Microsoft preference to move customers to a cloud-only solution, meaning Azure joined only.
Mar 19 2024 01:01 PM
@RonS_ except "hybrid" is an official end state.
View solution in original post
