![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(307.2, 57.00000000000001%, 39%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EB%3C/text%3E%3C/svg%3E)
25,150 questions
Appreciate the help @Luke Murray
Can't say that I am an expert so going slow with this. I tried to setup a policy that would exclude the My Signins app but it is not in any search I complete. I am hesitant on allowing all cloud apps as I know this account is tied to various things and I want security to remain for those.
Our main conditional access policy requires MFA for all users, excluding one group with two accounts in it. That is working based on the screenshot above. I am little confused on how I would setup the additional policy strictly for the My signins app and those two user accounts. I would apply it to no users and only exclude the exclusion group...but that won't work with our original policy. Is there no way to exclude a group from MFA and a single app? Is it all apps or no apps tied to all users or no users? I have the ability to exclude a group from the policy but the ability to exclude certain apps for certain people.
I read that Microsoft is getting rid of "App Passwords" to bypass MFA completely on 3/31, and it sounds like April Fools' Day is going to be terrible for those who are unaware. Hopefully I can figure this out to fix the SSO and data migration issues.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(185.6, 68%, 27%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EAA%3C/text%3E%3C/svg%3E)