Forum Discussion
Create Conditional Access Policy
Hi CarlosMorales ,
This is what I would do. Make sure you use Modern authentication.
This is not ideal situation with Exchange Online App, but adding Device platfrom - Windows, Client apps - Mobile apps and Desktop clients plus enabling Modern authentication is the closest you can get.
I just tested in my environment and it will require MFA for Outlook client on Windows (if modern enabled), it does not ask you for MFA on other devices. It will not require MFA in browsers.
Good luck
Please see below, testing environment with the policy from above.
- Hi Adin. I really appreciate your answer.
I have configured the policy as you explain, the results:
Outlook web doest not request MFA.
Teams Client if you request MFA.
Outlook client does not request MFA, not working.
Thanks,Hi CarlosMorales ,
thanks for the reply.
Keep in mind that in this particular setup, you have to disable Legacy authentication and enable Modern authentication.
You can accomplish this by additional additional Conditional Access. see below.
Also you can do this by disabling Basic authentication from Admin center.
- Have you tried running your scenario against the whatif tool? Also, you can look at sign-in logs to verify if you have configured the right CA parameters or not.
