Microsoft Cloud App Security Conditional Access App Control. Conditional access app control utilizes a reverse proxy deployment to redirect the user session to a cloud app security server upon authentication. In this case i configured a session policy that checks whether the device is either intune compliant or hybrid azure ad joined and will react to any file download:
As described, a cloud app security policy is now configured for blocking downloads from browser sessions on unmanaged devices. Select cloud apps or actions: Our unique integration with azure ad conditional access empowers the admin to proactively configure which sessions should be routed to our servers, ensuring that only the subset of traffic you.
Conditional access app control uses a reverse proxy architecture and integrates with your idp.
Another and much simpler way is to use a conditional access policy as an easy start: In this case i configured a session policy that checks whether the device is either intune compliant or hybrid azure ad joined and will react to any file download: Protect apps with microsoft cloud app security conditional access app control. Using mcas, you can take control over the session to office 365 apps.