How to Apply Conditional Access with Intune?
- Within the Microsoft Azure Portal, navigate to Intune > Conditional access
- Click Policies and click the “+ New policy” button.
- Give the new policy a name. For this blog I will give it the name : CA-ExchangeOnline-ModernApps
- Under Assignment click Users and groups and select an Azure AD security group if you want to apply this policy to a selected group of users (optional). All users is also an option. Click Done
- Click on Cloud apps, click Select apps en search for Office 365 Exchange Online. Click on Select and Done
- Select Conditions, and then choose for Client apps. On the right hand side click Select client apps and select both Browser and Mobile apps and desktop clients. Click Done twice.
- Under Access controls select Grant. On the right hand side of the screen click Grant access and select Require device to be marked as compliant. Click on Select in the bottom of the screen.
- Make sure that Enable policy is set to On and click on Create