Understanding Microsoft conditional access policies and Mail Manager Enterprise
Who is this article for?
Admins checking if Microsoft conditional access policies impact Mail Manager Enterprise.
administrator access is required.
Microsoft conditional access policies are not currently supported with Mail Manager Enterprise and may interrupt or block sign-in and functionality on both the web app and desktop application.
Understanding conditional access policies
A conditional access policy is a rule in Microsoft Entra ID (formerly Azure Active Directory) that controls app access based on conditions. It works on an if-then basis: if conditions such as device compliance, location or sign-in risk are met, then a control such as blocking access or requiring multi-factor authentication is enforced before sign-in completes.
Recognising how conditional access affects Mail Manager Enterprise
Conditional access policies can disrupt Mail Manager Enterprise in several ways:
- Sign-in blocked by policies requiring a compliant or Entra-joined device
- Authentication loops from multi-factor authentication policies causing repeated prompts
- Connection blocks where legacy authentication protocols are restricted
- Intermittent access for remote users under location or session restrictions
Excluding Mail Manager Enterprise from a policy
Conditional access is managed in your organisation's Microsoft Entra admin centre, so your Microsoft 365 administrator will need to make changes.
To exclude Mail Manager Enterprise from a conditional access policy:
- Identify the app via your Entra ID sign-in logs, or ask Ideagen Support for the details.
- Edit the policy, adding Mail Manager Enterprise, or the affected users, to the exclusions.
- Test in report-only mode before enforcing the change.
Note: As this is not officially supported, exclusion behaviour can vary by tenant. If issues persist, contact Ideagen Support.