Azure AD Conditional Access: User Agent

Erik Aronesty 0 Reputation points

We would like to use conditional access to filter our user's access based on the user agent used. I know this isn't fully secure, but it would be helpful to steer users in the right direction. Is this possible?

Microsoft Entra ID
Microsoft Entra ID
A Microsoft Entra identity service that provides identity management and access control capabilities. Replaces Azure Active Directory.
20,211 questions
0 comments No comments
{count} votes

1 answer

Sort by: Most helpful
  1. Harpreet Singh Matharoo 7,601 Reputation points Microsoft Employee

    Hello @Erik Aronesty

    Thank you for reaching out. I would like to confirm that currently Azure AD Conditional Access Policy does not support User Agent filtering or condition. Currently Azure AD Conditional Access Policy only supports filtering on the basis of conditions mentioned on following documentation: Conditional Access: Conditions.

    Within Device Platform condition Azure AD identifies the platform by using information provided by the device, such as user agent strings. Since user agent strings can be modified, this information is unverified. Keep in mind that user agent filtering is not foolproof and can be easily bypassed by users who know how to modify their user agent. Therefore, it is important to combine device platform with Microsoft Intune device compliance policies or as part of a block statement. The default is to apply to all device platforms.

    I hope this answer helps to resolve your issue. Please "Accept the answer" if the information helped you. This will help us and others in the community as well.

    0 comments No comments