Conditional Access and Edge Sync

RonaldvdMeer · ‎Aug 31 2023

We have an CA policy for users with admin roles set for all cloud apps with a few exceptions such as Office 365.
This CA policy has a signin frequency set that require those users with a admin role to sign in again when the period has expired. We also want exclude Microsoft Edge because the profile sign in also triggers the CA, but cannot select Microsoft Edge in the exclusions.

How can we solve this?

eliekarkafy · ‎Aug 31 2023

@RonaldvdMeer The sign in window in Edge it's not from edge, it's a sign in page to connect to ENTRA ID using your work account and Edge cannot be excluded as an app in CA

RonaldvdMeer · ‎Aug 31 2023

So why do the signin logs say Microsoft Edge?

eliekarkafy · ‎Aug 31 2023

@RonaldvdMeer Correct in the signing logs it will show edge since it's the application but in backend there the service that matter to CA so if you navigate to settings and you click on manage account you will be redirected to https://myworkaccount.microsoft.com/ and thats why your getting a pop to validate MFA.

RonaldvdMeer · ‎Aug 31 2023

But how can we prevent a MFA prompt for Edge Sign events

eliekarkafy · ‎Sep 01 2023

I am not sure if you check this discussion, maybe it might help you in your use case but preventing MFA from Edge as an app is not possible through CA.

https://techcommunity.microsoft.com/t5/enterprise/azure-ad-conditional-access-for-edge-profile-sign-...

RonaldvdMeer · ‎Sep 01 2023

Yes i did but i am also hesitant as the last response in that discussion is telling

Conditional Access and Edge Sync

Conditional Access and Edge Sync

Re: Conditional Access and Edge Sync

Re: Conditional Access and Edge Sync

Re: Conditional Access and Edge Sync

Re: Conditional Access and Edge Sync

Re: Conditional Access and Edge Sync

Re: Conditional Access and Edge Sync

Products (50)

Special Topics (27)

Video Hub (462)

Most Active Hubs

Most Active Hubs

Video Hub

Conditional Access and Edge Sync