Conditional Access Policy - New Outlook

Question

Conditional Access Policy - New Outlook

Persell Machuca 0

Hi everyone, I have a question regarding a Conditional Access Policy and the New Outlook.

We currently have a 12 hour session policy in place for certain apps, and we made sure to exclude Office 365 from this policy, however, it does not seem to work with user's accessing the New Outlook. They are having to re-auth every 12 hours.

CDN media

It looks like the application for New Outlook is called Office UWP PWA

CDN media

Is there any way to exclude New Outlook from the 12 hour session policy?

Jose Benjamin Solis Nolasco 1,046 Reputation points

2025-03-18T02:04:17.3033333+00:00

Did you try to create a seperate policy exclusion for Office UWP PWA?
Persell Machuca 0 Reputation points

2025-03-18T15:58:09.09+00:00

Hi Jose,

No, and Office UWP PWA is not an option to target via Conditional Access Policy.

I looked into creating an Enterprise Application/App Registration for the Office UWP PWA, but I am not sure if you can do this with built-in Microsoft apps.

1 answer

Your answer

Jose Benjamin Solis Nolasco 1,046 Reputation points

2025-03-18T02:04:17.3033333+00:00

Did you try to create a seperate policy exclusion for Office UWP PWA?
Persell Machuca 0 Reputation points

2025-03-18T15:58:09.09+00:00

Hi Jose,

No, and Office UWP PWA is not an option to target via Conditional Access Policy.

I looked into creating an Enterprise Application/App Registration for the Office UWP PWA, but I am not sure if you can do this with built-in Microsoft apps.

Answer 1

Surya Prakash Kotte 335 Microsoft External Staff

Hi @Persell Machuca,

Based on your query, I understand you would like to exclude the new Outlook application from the policy.

However, in your scenario, it is not possible because you have already included some applications in the policy. Therefore, we cannot be certain if any application is calling the "Microsoft Graph" resource automatically for Outlook. The policy will still be applied, and the user may need to reauthenticate every 12 hours.

This is expected behavior, and we don't have an alternative solution as the application completely depends on the resources.

https://learn.microsoft.com/en-us/entra/identity/conditional-access/service-dependencies

I hope this information is helpful. Please feel free to reach out if you have any further questions.

If the answer is helpful, please click "Accept Answer" and kindly "upvote it". If you have extra questions about this answer, please click "Comment"

Surya Prakash Kotte 335 Reputation points Microsoft External Staff

2025-03-20T06:44:19.73+00:00

Hello @Persell Machuca,

Just checking in to see if the below answer helped. If this answers your query, please don’t forget to click "Accept the answer" and "Up-Vote" for the same, which might be beneficial to other community members reading this thread. if you have any further query do let us know.
Surya Prakash Kotte 335 Reputation points Microsoft External Staff

2025-03-21T07:00:36.3666667+00:00

Hello @Persell Machuca

Just checking in to see if the below answer helped. If this answers your query, please don’t forget to click "Accept the answer" and "Up-Vote" for the same, which might be beneficial to other community members reading this thread. if you have any further query do let us know.

Share via

Conditional Access Policy - New Outlook

1 answer

Your answer