Microsoft announced a public preview of the device-based conditional access policy feature for Azure AD back in August – starting today, it is available to all.
Device-based conditional access policy gives IT admins the ability to restrict access to managed devices in the enterprise environment – basically, they can control who has access to what more easily.
This feature will work with all applications that use Azure AD for authentication – this includes Office 365, and several other Microsoft products and services, here’s some of them:
- Microsoft Office 365 Exchange Online
- Microsoft Office 365 SharePoint Online
- Dynamics CRM
- Power BI
- All of the 2,700+ SaaS applications from the Azure AD application gallery
- On-premises apps registered with Azure AD Application Proxy
- LOB apps registered with Azure AD
The 2,700+ SaaS applications in the Azure AD application gallery include services such as ServiceNow, SalesForce.com, and Concur. All of them now support conditional access policy via Azure AD.
Microsoft will be updating this page with an up-to-date list of supported applications for conditional access. Support for other applications is in the works as well.
The new feature is supported on iOS, Android, Windows 10 Version 1607 (Anniversary Update), Windows 7 and Windows 8.1 – that should cover a whole lot of devices used across the enterprise environment at most companies.