Azure Active Directory Adds Conditional Access Support for Premises-Based Apps

Microsoft indicated today that its Azure Active Directory "Conditional Access" scheme for controlling user access to corporate apps now works with some premises-based apps.

The Conditional Access feature had its debut as a preview release in January. However, Microsoft described it back then as only being able to address "federated SaaS apps," such as Concur, or Google Apps for Work applications. Now it's possible to use the Conditional Access feature to control "supported on-premises apps." Currently, those supported premises-based apps include "SharePoint, Outlook Web Access and IIS based apps," according to Microsoft's announcement.

Conditional Access rules also can be set for custom line-of-business apps if those apps have been registered with Azure AD, according to the announcement.

The Conditional Access feature lets organizations set up multifactor authentication challenges for users trying to access specific applications. By "multifactor authentication," Microsoft means that end users will have to provide a secondary form of authentication besides entering a password to gain access. Typically, the user receives this secondary challenge via a phone call or a text message that gets automatically sent to a device.

Microsoft's Conditional Access feature is still at the preview stage right now, so it's not ready for use in production environments. In addition, when the feature does become enterprise ready, it will require having a subscription to the Azure AD Premium service.

Microsoft bundles its Azure AD Premium service into its Enterprise Mobility Suite licensing or it's available via a Microsoft Enterprise Agreement contract (which requires 250 or more users or devices to qualify). The Premium offering is also sold through Office 365 subscriptions.

Another stipulation for using the Conditional Access feature with premises-based apps is that it requires those apps to use the Azure AD Application Proxy service. Azure AD Application Proxy is reverse-proxy middleware that's used to authenticate access to Web apps or services. Using it also requires having Azure AD Premium licensing.

While the Conditional Access feature is still at the preview stage right now, meaning that it's just for available for testing purposes, Microsoft released its Azure AD Application Proxy service as a "general availability" finalized product back in December.

About the Author

Kurt Mackie is senior news producer for the 1105 Enterprise Computing Group.


  • Windows 10 Mobile To Fall Out of Support in December

    Microsoft will end support for the Windows 10 Mobile operating system on Dec. 10, 2019, according to an announcement.

  • Get More Out of Your Outlook Inbox with TakeNote

    Brien comes across a handy, but imperfect, feature in Outlook that lets you annotate specific e-mails. Its provenance is something of a mystery, though.

  • Microsoft Resumes Rerelease of Windows 10 Version 1809

    Microsoft on Wednesday once more resumed its general rollout of the Windows 10 version 1809 upgrade, also known as the "October 2018 Update."

  • Microsoft Ups Its Windows 10 App Compatibility Assurances

    Microsoft gave assurances this week that organizations adopting Windows 10 likely won't face application compatibility issues.

comments powered by Disqus
Most   Popular

Office 365 Watch

Sign up for our newsletter.

Terms and Privacy Policy consent

I agree to this site's Privacy Policy.