Block apps that don't use modern authentication (ADAL)
Azure Active Directory (Azure AD) Authentication Library (ADAL) and Azure AD Graph API will be deprecated. For more information, see Update your applications to use Microsoft Authentication Library (MSAL) and Microsoft Graph API.
App-based Conditional Access with app protection policies rely on applications using modern authentication, which is an implementation of OAuth2. Most current Office mobile and desktop applications use modern authentication. However, there are third-party apps and older Office apps that use other authentication methods, like basic authentication and forms-based authentication.
Block access to apps
To block access to apps that don't use modern authentication, use Intune app protection policies to implement conditional access. For more information, see App-based Conditional Access with Intune.
For more information about Azure AD Conditional Access, see the following topics:
- What is Conditional Access in Azure Active Directory?
- How app-based Conditional Access works
- Set up SharePoint Online and Exchange Online for Azure Active Directory Conditional Access