A user encounters problems when trying to add her Microsoft 365 mailbox (MS 365 Business Standard) in Outlook (O365). In the azure logs I see the following error:
Access has been blocked by Conditional Access policies. The access policy does not allow token issuance.
However, there are no conditional access policies configured. When I disable the security defaults in Azure AD, the problem is solved and mailbox can be added without any problems. This is unexpected/unwanted behavior: we want to enable security defaults/MFA without having problems with adding the mailbox in Outlook.