As part of our attempts to limit access from unmanaged devices we have a rule in place in Conditional Access which blocks unmanaged Android and iOS devices, along with other rules to allow Intune managed devices things have been working well but we've run into issues with Hello for Business. I'm more towards Mobile management for phones so I've been asked if we can do anything to allow the authenticator app in Conditional Access however it doesn't seem to be available as an option to create a rule against.
Another member of staff is working on setting up Hello for Business but the Authenticator app keeps getting blocked and we don't see an obvious way around it. We would like to roll Hello out to all users so they can use PIN for sign-in and have the number pop up on Authenticator for MFA.
Any suggestions on how we might get around it?