How do you use a conditional access policy to block end users access to Admin Portals while allowing end users to download office from portal.office.com?
Hi wonderful people
With portal.office.com now classed as an Admin Portal: From support
How do you use a conditional access policy to block end users access to Admin Portals while allowing end users to download office from portal.office.com?
Scenario:
CAP configured to block all access to Admin portals:
User logs in to https://www.microsoft365.com/ and clicks install:
and is presented with this:
Sign in logs indicate that the Microsoft office portal is classed as an admin portal:
If the Office 365 app is added to the exclusion:
Conditional access does not fire:
but the user is then allowed through but presented with:
If I add the user to the group that is excluded from the block policy everything loads as expected.
Any guidance would be appreciated.
Brian