The Authentication Context feature can be used to add additional and granular security to access apps or data in apps such as SharePoint or Exchange.
Example: Access to SharePoint sites or data in SharePoint is only permitted with devices managed in Intune. This is enforced via a conditional access policy. For special SharePoint sites containing highly sensitive data, access is also only permitted from the company network.
Until now, this was not possible because a conditional access policy always referred to the app as such, i.e. to SharePoint in the example above. With the Authentication Context in a Conditional Access Policy, this scenario is now possible.
The feature is still in preview. The following limitations apply to the preview:
- Deleting authentication context definitions is not possible in the preview.
- The preview is limited to a total of 25 authentication context definitions.
An Authentication Context is created in the Conditional Access menu in the Azure Portal: