Conditional Access Support for Azure app \ resource Microsoft Enterprise Skills Initiative

Question

Hi,

Are Microsoft planning to enable Conditional Access Support for "Microsoft Enterprise Skills Initiative". When logging into https://esi.microsoft.com it requires a Work Account which then redirects to my companies Entra Tenant for authentication however as we have conditional access policy requiring a Hybrid Joined Device for all Cloud Apps where possible, our users are not able to access ESI from their personal device.

When trying to exclude "Microsoft Enterprise Skills Initiative" from the CA policy the app \ resource is not found which leads me to believe it is not compatible with CA.

Thanks

Answer 1

@MartinNicholls-3320

Thank you for your post!

I was able to find a related issue and when it comes to the Microsoft Enterprise Skills Initiative being supported by Conditional Access Policies, this would need to be addressed by the Microsoft Enterprise Skills Initiative Support Team. Because the Enterprise Skills Initiative is considered a first party application, they'll be responsible for onboarding the application to the Conditional Access service. For more info - Enterprise Skills Initiative Support.

In the meantime, because your users aren't able to login to ESI from their personal device(s), and you aren't able to find and exclude the Microsoft ESI application from your CA policy - I'd recommend looking into creating exclusions that target the specific users accessing the ESI application, for example excluding users based off their device state, location, etc..

---

Additional Links:

• Conditional Access: Target resources
• Conditional Access: Exclude users
• Conditional Access: Grant

I hope this helps!

If you have any other questions, please let me know. Thank you for your time and patience throughout this issue.