Question on conditional access with "Register security information" user action

LoicM 1 Reputation point


We try to setup CA rule based on user action "Register security information"
We created it as a report rule for now and see a "strange" behavior.
Some reported user are reported while accessing My access page but we also see some report on "Microsoft Authenticator App".
Looking at the audit log we don't see any security info registration but StrongAuthenticationPhoneAppDetail update on the user profile.
Do you know what it is ?
We plan to setup the conditional access like this.
All users
User action:
"Register security information"
Grant control : require one
MFA ( previously registered on non corp device)
Hybrid join (corp pc)
Intune compliant ( corp phone)

Do you think the StrongAuthenticationPhoneAppDetail will be an issue in such case?

Microsoft Entra ID
Microsoft Entra ID
A Microsoft Entra identity service that provides identity management and access control capabilities. Replaces Azure Active Directory.
20,194 questions
0 comments No comments
{count} votes