Share via

Require approved client app and Require app protection policy

tarou chabi 731 Reputation points
2021-05-13T01:20:14.17+00:00

"https://learn.microsoft.com/en-us/azure/active-directory/conditional-access/concept-conditional-access-grant#require-approved-client-app"
----- If a broker app is not installed -------

I am using iphone. I don't have the broker app "Microsoft Authenticator" installed.
But, I don't gets redirected to the appropriate app store to install the required broker app. And I can access o365 service by "Require approved client app" or "Require app protection policy".

What information does the broker app "Microsoft Authenticator" pass to azure ad?

Microsoft Security | Intune | Application management
Microsoft Security | Intune | Other
0 comments

2 answers

Sort by: Most helpful
Most helpful Newest Oldest
  1. Lu Dai-MSFT 28,531 Reputation points
    2021-05-13T08:11:08.46+00:00

    @tarou chabi For the screen shot that you provided, it shows that the conditional access policy isn't deployed successfully. So, you can use the app without being affected by conditional access policy.

    Our first priority is to successfully deploy the conditional access policy. Please understand that conditional access is a feature in Azure AD. Given this situation, it is suggested to contact Azure AD support to get more accurate help. Here is the online support link:
    https://learn.microsoft.com/en-us/azure/active-directory/fundamentals/active-directory-troubleshooting-support-howto

    Hope this issue will be solved as soon as possible.

    If the response is helpful, please click "Accept Answer" and upvote it.

    Was this answer helpful?

  2. Lu Dai-MSFT 28,531 Reputation points
    2021-05-13T06:43:35.387+00:00

    @tarou chabi Thanks for posting in our Q&A.

    For this issue that didn't get redirected to install the "Microsoft Authenticator" app, we appreciate your help to collect some information:
    1.Please check if the conditional access policy hit the user in intune portal's Users > Sign-ins > select the user account that you use to access o365.
    96247-image.png
    Note: Please override private information

    2.Please sign out the account and sign in again to see if it can get redirected to install the "Microsoft Authenticator" app.

    If there is anything update, feel free to let us know.

    If the response is helpful, please click "Accept Answer" and upvote it.
    Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.

    Was this answer helpful?

Your answer

Answers can be marked as 'Accepted' by the question author and 'Recommended' by moderators, which helps users know the answer solved the author's problem.