Microsoft Global Secure Access – Private Access – Part 6 – Additional Conditional Access Policies

Posted on Updated on by Christoffer Klarskov JakobsenCategories:Entra ID, Global Secure Access, Private Access

This article is part of a series: Microsoft Global Secure Access – Private Access – Christoffer Klarskov Jakobsen – Microsoft Architect

Intro

Target applications are subject to the Conditional Access policies that the user attempting to access the application is already subject to.

However, there may be situations where you want to add additional protection to selected critical applications.

This is not a complete guide, just an inspiration and expect the reader to have basic knowledge about Conditional Access policies in Entra ID.

Target resources in CA policy

In the picture below, you can see that I have selected all users and then under target resources, I have selected my enterprise application that was created in the Global Secure Access configuration.

Under the Grant section I could choose to require MFA authentication strength:

Or maybe I wanted to ensure the user is authenticated with MFA and the device is compliant (require the device to be enrolled to Intune):

Christoffer Klarskov Jakobsen

Comments

Leave a Reply

Your email address will not be published. Required fields are marked *