Restrict SSPR with Conditional Access Policy

Bill Spicer 21 Reputation points
2024-03-26T19:58:22.9533333+00:00

I'd like to know if you can or request the ability to restrict access to the SSPR site by using Conditional Access Policies. I know you can setup a CA for registrations but it would be nice if you could restrict SSPR reset requests for your tenant to certain locations.

Is there a way to do this?

Microsoft Entra ID
Microsoft Entra ID
A Microsoft Entra identity service that provides identity management and access control capabilities. Replaces Azure Active Directory.
19,444 questions
0 comments No comments
{count} votes

Accepted answer
  1. Marcin Policht 10,040 Reputation points MVP
    2024-03-26T20:20:17.55+00:00

    Yes - follow https://www.alitajran.com/secure-mfa-and-sspr-registration/


    If the above response helps answer your question, remember to "Accept Answer" so that others in the community facing similar issues can easily find the solution. Your contribution is highly appreciated.

    hth

    Marcin


1 additional answer

Sort by: Most helpful
  1. Andy David - MVP 141.3K Reputation points MVP
    2024-03-26T21:44:52.94+00:00

    The way to solve this is for Entra to surface SSPR as an app that can be targeted with a CA policy that you can scope or block to or from a location, require device compliance etc... This is something many would welcome and have asked for many times.