Forum Discussion
Create Conditional Access Policy
Hi Team. I have a doubt, I have assign MFA for Outlook and Teams clients?
In Conditional Access policy, Conditions - Device platforms - Select Windows.
In Client Apps select Mobile apps and desktop clients.
This option, apply for Outlook and Teams clients?
Or exist other option for configure MFA in this clients?
Regards,
Thanks,
- Hi. It sounds about right. Is the CA policy not working for you?
- It only works in Teams client. In Outlook client not working.
Hi CarlosMorales ,
This is what I would do. Make sure you use Modern authentication.
This is not ideal situation with Exchange Online App, but adding Device platfrom - Windows, Client apps - Mobile apps and Desktop clients plus enabling Modern authentication is the closest you can get.
I just tested in my environment and it will require MFA for Outlook client on Windows (if modern enabled), it does not ask you for MFA on other devices. It will not require MFA in browsers.
Good luck
Please see below, testing environment with the policy from above.
- Hello Carlos,
As far as I know, Office 365 Exchange Online is NOT Outlook Client.
It is related to access to Outlook via a web browser (Chrome, Edge, etc.).
https://techcommunity.microsoft.com/t5/outlook-blog/conditional-access-in-outlook-on-the-web-for-exchange-online/ba-p/267069Hi mikhailf ,
Thanks for the contribution. That is the main reason I excluded Browser. I just update behavior from the test environment.
- So please, check the rahuljindal-MVP comment.
It makes sense to check the What If feature and Azure AD Sign-in logs.
In addition to that, have you tried to log in to Outlook web using web browser? I wonder if you get an MFA there.
- Hi Mikhalif.
This is correct, with Exchange Online policy does not work. I remove Exchange Online and select Office 365 but the policy does not working with Outlook client only working with Teams Client.
