Can i restrict a service principal/application to access mailboxes only from a particular IP address in Azure AD?

hitender singh 126 Reputation points


We have a application that read email items of certain mailboxes. we have already scoped the access to particular mailboxes via new-applicationaccesspolicy but mgt would like to ensure that this application can access the mailboxes only via particular IP. I couldn't see in Conditional access policy that it is supported. is there any other way?

Microsoft Entra ID
Microsoft Entra ID
A Microsoft Entra identity service that provides identity management and access control capabilities. Replaces Azure Active Directory.
19,326 questions
0 comments No comments
{count} votes

Accepted answer
  1. Vasil Michev 94,366 Reputation points MVP

    No, there's no support for CA policies currently, although we should be getting it soon(ish). You can try configuring a Client access rule as detailed here:
    Although I'm almost certain it doesnt apply to app permissions...

0 additional answers

Sort by: Most helpful