Conditional Access with Azure Registered App

Jamie Brandwood 6 Reputation points

Is there a way to restrict access to an Azure AD registered application based on IP address or location when the said application is using a client secret because of its use as a Windows Service for example. so no underlying user to pass credentials?

This would mean there is no username passed to Azure AD in order to evaluate against a conditional access policy?

Has anyone else seen this scenario or have a solution for it? is there even a solution?

Microsoft Entra ID
Microsoft Entra ID
A Microsoft Entra identity service that provides identity management and access control capabilities. Replaces Azure Active Directory.
20,221 questions
0 comments No comments
{count} vote

1 answer

Sort by: Most helpful
  1. AmanpreetSingh-MSFT 56,471 Reputation points

    @Jamie Brandwood Conditional access policy cannot be applied if you are requesting token under application context i.e., using client credentials.

    There is an active feedback regarding this feature here: Please vote here as this is monitored by MS product team and based on the popularity of the idea features are added to Azure.


    Please "Accept as answer" wherever the information provided helps you to help others in the community.

    2 people found this answer helpful.