 | In today’s identity-first security landscape, organizations must continuously evaluate and tighten their authentication methods. One such method under scrutiny is device code flow (DCF), a legacy authentication flow that, while useful in certain scenarios, can pose security risks if left unchecked. At the same time, disabling DCF tenant wide can be inconvenient for organizations who have deployed Teams Room on Android devices (MTRA) as DCF presents a convenient method of signing in to Teams on these devices, while also allowing for remote provisioning. Fortunately, Microsoft Entra provides a powerful way to manage and restrict this flow using Conditional Access policies while excluding MTRA devices from this restriction. In this blogpost, we walk through the steps on how to secure legacy login methods while allowing MTRA devices to continue to enjoy the capabilities of DCF. |
|
|
RSS Feed