Share via

Limit the access for users to use SSPR only from trusted locations?

ChristianL1980 11 Reputation points
2023-06-13T07:58:34.9733333+00:00

Hi

We have a requirement from management to only allow users to use SSPR when they are on trusted locations.

We have the trusted locations defined as we use for other Conditional Access Policy, but I cannot find a way to limit the use of SSPR so users can only reset/unlock when on trusted location?

I really hope this can be solved as we would like to make users able to help themselves.

Microsoft Security | Microsoft Entra | Microsoft Entra ID
0 comments

1 answer

Sort by: Most helpful
Most helpful Newest Oldest
  1. Sandeep G-MSFT 20,911 Reputation points Microsoft Employee Moderator
    2023-06-13T09:11:58.9133333+00:00

    @ChristianL1980

    Currently we do not have any option to limit the SSPR to happen only from trusted locations. But we have an option to restrict the SSPR and MFA registrations to happen from only trusted locations.

    You can follow the steps in below article to configure conditional access policy for users to register for Azure AD multifactor Authentication and self-service password reset only from trusted locations.

    https://learn.microsoft.com/en-us/azure/active-directory/conditional-access/howto-conditional-access-policy-registration

    If you are looking for an option to limit the SSPR to happen only from trusted locations, then you can submit feedback in our Azure feedback portal. This portal is monitored directly by our PM's.

    https://feedback.azure.com/d365community/forum/79b1327d-d925-ec11-b6e6-000d3a4f06a4

    Let me know if you have any further questions on this.

    Please "Accept the answer" if the information helped you. This will help us and others in the community as well.

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.