![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(44.800000000000004, 3%, 14%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EM%3C/text%3E%3C/svg%3E)
25,241 questions
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(281.6, 17%, 37%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EGM%3C/text%3E%3C/svg%3E)
@mrjohn44141 Thank you for reaching out to us, As I understand you are looking for differences between these two CA templates Require multifactor authentication for admins accessing Microsoft admin portals (CA016) vs Require MFA for Azure management (CA006).
A new application group called Microsoft Admin Portals (Preview) in conditional access policy management wizard which protects five Microsoft admin portals:
- Microsoft 365 Admin Center
- Exchange admin center
- Azure portal
- Microsoft Entra admin center
- Security and Microsoft Purview compliance portal
The Microsoft Admin Portals app group applies to interactive sign-ins to the listed admin portals only. Sign-ins to the underlying resources or services like Microsoft Graph or Azure Resource Manager APIs are not covered by this template. Those resources are protected by the Require multi-factor authentication for Azure management template
Reference:
Let me know if you have any further questions, feel free to post back.
Please remember to "Accept Answer" if answer helped, so that others in the community facing similar issues can easily find the solution.