Azure AD Conditional Access Policies Get Support for App Filters
Microsoft has added support for application filters to Azure AD conditional access (CA) policies. This release enables organizations to use an app filter based on custom security attributes to restrict access to specific applications.
Currently, it’s possible for IT admins to apply conditional access policies to individual or all apps. However, this process may prove challenging for companies that have a large number of apps with multiple conditional access policies.
The new Application filters feature enables IT Pros to tag service principals with custom security attributes (such as highly important). These custom attributes are then added to a conditional policy to allow or block applications.
“With filters for apps, admins can tag applications with custom security attributes and apply Conditional Access policies based on those tags, rather than individually selecting apps. With this approach, there is no limit on the number of apps covered, and new apps you add with the attributes are automatically included in the policies,” the company explained.
Conditional Access filters for apps available in public preview
Overall, the latest update eliminates the need to edit a conditional access policy to add new or additional apps. It’s a helpful feature for big organizations that need to manage hundreds or thousands of applications.
The new Application filters feature is currently available in public preview for enterprise customers. For now, app filters in conditional access policies can only use string custom security attributes. IT admins can combine app filters with any other controls available in a policy. You can check out this support document for more details about how to define an app filter for a conditional access policy.
More in Azure Active Directory
Microsoft Releases Azure AD System-Preferred Authentication Policy in Preview
Mar 7, 2023 | Rabia Noureen
Microsoft Releases New Azure AD Property Lock Feature to Prevent Changes to App Credentials
Mar 6, 2023 | Rabia Noureen
Microsoft Now Lets IT Admins Enable Suspicious Activities Reporting in Azure AD
Feb 27, 2023 | Rabia Noureen
Securing Azure Virtual Desktop with Azure Active Directory Conditional Access
Feb 22, 2023 | Shabaz Darr
Zero Trust: How Azure Active Directory and Identity Management Enable Cloud Security
Feb 15, 2023 | Sander Berkouwer
Microsoft to Add IPv6 Support to Azure Active Directory in March
Jan 12, 2023 | Rabia Noureen
Most popular on petri