Forum Discussion
Create Conditional Access Policy
Hi Team. I have a doubt, I have assign MFA for Outlook and Teams clients? In Conditional Access policy, Conditions - Device platforms - Select Windows. In Client Apps select Mobile apps and desk...
It only works in Teams client. In Outlook client not working.
Hi CarlosMorales ,
This is what I would do. Make sure you use Modern authentication.
This is not ideal situation with Exchange Online App, but adding Device platfrom - Windows, Client apps - Mobile apps and Desktop clients plus enabling Modern authentication is the closest you can get.
I just tested in my environment and it will require MFA for Outlook client on Windows (if modern enabled), it does not ask you for MFA on other devices. It will not require MFA in browsers.
Good luck
Please see below, testing environment with the policy from above.
- Hi Adin. I really appreciate your answer.
I have configured the policy as you explain, the results:
Outlook web doest not request MFA.
Teams Client if you request MFA.
Outlook client does not request MFA, not working.
Thanks,Hi CarlosMorales ,
thanks for the reply.
Keep in mind that in this particular setup, you have to disable Legacy authentication and enable Modern authentication.
You can accomplish this by additional additional Conditional Access. see below.
Also you can do this by disabling Basic authentication from Admin center.
- Hi.
For block legacy authentication select all options:
Outlook client, Exchange ActiveSync, Autodiscover, IMAP4, POP3, Authenticated SMTP and Exchange Online PowerShell?
Thanks
