This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(166.4, 14.000000000000002%, 26%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EHU%3C/text%3E%3C/svg%3E)
We have conditional access policy in our organisation the block external user from accessing all apps except azure devops and azure management.
The conditional access works fine only that the resulting sign in logs are a bit confusing to the security analysts.
If I could kind get an explanation of why the blow happens.
In the below screenshot the user tries to access the azure portal (as shown in the application title) but is blocked by the conditional access.
I
In this imaged the user is still trying to access the azure portal but the conditional access does not apply
My question is what is the difference between the two azure portals or azure portal
I can't tell what the issue is from those images, but I would point out that you can't separate Dev Ops from the Azure portal with a CA policy:
The wording in that article is about as clear as mud. I am trying to do the same thing as the OP. Is there any workaround, or does guest access to DevOps just prevent you from putting any limitations on guest users?