I have created and updated access tokens using an application I created.
I can create them, but the update tokens are blocked by the access policy.
I want to set up an access policy that excludes applications, can't I use refresh tokens?
I would like to know if anyone can help me.
The following API is used to create and update tokens.
Access Policy Settings
■ Conditional Access policy
・Cloud apps or actions：
Include: All cloud apps
Sign in risk:
permission: Access Blocked