Exclude Office365 Exchange Microservices

Stephan van den Heuvel 1 Reputation point

Hi all,

We've set conditional access policies to control MFA to specific apps and resources. In 2 of those CA policies I configured a different sign-in frequency. One for external virtual desktop access (like 24 hours) and one for mobile Outlook App access (like 7 days).

By excluding Office365 Exchange Online in one CA policy and including it in the other this works fine for the Outlook app on iOS. You see it is accessing the resource named 'Office365 Exchange Online' in the sign-in logs and activating the 7 days sign-in frequency.

Android users however are complaining they get the 24 hours sign-in frequency. I've noticed a different resource named 'Office365 Exchange Microservices'. This is not a cloud app you can select in the pull down menu to exclude or include.

How can I mark or filter this resource in our CA policies?



Microsoft Exchange Online
A family of Microsoft email and calendar products.
2,215 questions
Microsoft Entra ID
Microsoft Entra ID
A Microsoft Entra identity service that provides identity management and access control capabilities. Replaces Azure Active Directory.
17,608 questions
{count} votes

1 answer

Sort by: Most helpful
  1. Andy David - MVP 134.2K Reputation points MVP

    From what I have seen, if you cant target it with a policy then its built in the larger application and you wont be able to get around that other than targeting specfic users perhaps versus devices.

    1 person found this answer helpful.
    0 comments No comments