Forum Discussion
Create Conditional Access Policy
I have configured the policy as you explain, the results:
Outlook web doest not request MFA.
Teams Client if you request MFA.
Outlook client does not request MFA, not working.
Thanks,
Hi CarlosMorales ,
thanks for the reply.
Keep in mind that in this particular setup, you have to disable Legacy authentication and enable Modern authentication.
You can accomplish this by additional additional Conditional Access. see below.
Also you can do this by disabling Basic authentication from Admin center.
- Hi.
For block legacy authentication select all options:
Outlook client, Exchange ActiveSync, Autodiscover, IMAP4, POP3, Authenticated SMTP and Exchange Online PowerShell?
ThanksHi CarlosMorales ,
you can uncheck everything but I would suggest also creating a CA policy and block legacy.
If you decide to uncheck from Admin portal - see below my environment.
If you decide to do CA policy, you can Assign to test user, Cloud apps to All Cloud Apps, and Conditions under Client apps set to Yes, and check both under Legacy authentication clients. Under Grant set to Block.
Good luck. Make sure your Outlook client is the latest version to support Modern authentication. You can read about it here - Modern Authentication configuration requirements for transition - Exchange | Microsoft Docs
Hi Adin_Calkic
Perform both settings: block legacy authentication and create CA policy.
Cannot working MFA in Outlook Client, the client version is 2203 Build 15028.20204
