Forum Discussion
Can we restrict Users from accessing Office 365 (on Azure) from certain IP address?
You either need to use Conditional Access (https://docs.microsoft.com/en-us/azure/active-directory/conditional-access/howto-conditional-access-policy-location) or redirect the auth process to some external system (federation) and impose the restrictions there.
Thanks Vasil. I doubt we have premium subscription to utilize conditional access. Can you share more details on option "redirect the auth process to some external system (federation) and impose the restrictions there".
VasilMichev I appreciate your valuable time in responding to my questions. We do have conditinal access feature. Our Application is registered to run as background service or daemon without a signed-in user. The application is accessed from AWS cloud through Oauth2.0 authentication. Can conditional access be still applied?
Conditional access doesnt apply to application logins, that's different from "user" access. Depending on the protocol your app is using, you might be able to restrict it via Client Access Rules: https://docs.microsoft.com/en-us/exchange/clients-and-mobile-in-exchange-online/client-access-rules/client-access-rules
Hi Vasil,
As Office 365 is accessed from AWS VPC cloud , what IP addresses I need to provide while whitelisting IP address using conditional access of Azure Active Directory. I have with me details of AWS VPC CIDR , but CIDR range is private Ip addresses. I think I need to provide public IP addresses in AAD configuration , so what IP address from AWS I should be looking for?