Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Microsoft Dev Box, Conditional Access, and its required cloud apps #124409

Open
justinmontgomeryCF opened this issue Sep 12, 2024 · 6 comments
Open

Microsoft Dev Box, Conditional Access, and its required cloud apps #124409

justinmontgomeryCF opened this issue Sep 12, 2024 · 6 comments
Assignees
@RoseHJM
Labels
assigned-to-author dev-box/svc doc-enhancement Pri3 triaged

Comments

@justinmontgomeryCF
Copy link

justinmontgomeryCF commented Sep 12, 2024
edited
Loading

  • The relevant Azure service or technology: Microsoft Dev Box & Conditional Access
  • A link to the published documentation article that you have feedback about: https://github.com/MicrosoftDocs/azure-docs/blob/main/articles/dev-box/how-to-configure-intune-conditional-access-policies.md
  • Clear, specific feedback that the author can act on: The linked article lists 5 cloud apps that need to be excluded to allow access to the Dev Box through a Block control Conditional Access policy against All Cloud Apps. We have excluded all 5 of the cloud apps listed but our devs are still being blocked when trying to log in. When looking at the logs it claims that it is blocked because "Microsoft Developer Portal" matches to "All apps included." The behavior our devs see is that the initial login is successful, they pass authentication and MFA and they will briefly see the Dev Box portal welcome, and then it reverts to the "You can't get there from here." We have attempted adding the Graph API and the Windows Azure Service Management API to no effect. So it would appear that some kind of additional service is being called and more apps are need to be in the exclusion to allow the access through a Block policy, please add these to the knowledge.

services: dev-box
ms.service: dev-box
author: @RoseHJM
ms.author: @RoseMalcolm
ms.date: 09/04/2024
ms.topic: how-to
@ManoharLakkoju-MSFT
Copy link
Contributor

@TPavanBalaji
Thanks for your feedback! We will investigate and update as appropriate.

@TPavanBalaji TPavanBalaji assigned RoseHJM and unassigned TPavanBalaji Sep 16, 2024
@TPavanBalaji
Copy link
Contributor

@justinmontgomeryCF
Thank you for bringing this to our attention.
I've delegated this to content author, who will review it and offer their insightful opinions.

@RoseHJM
Copy link
Contributor

RoseHJM commented Sep 16, 2024

Hello @justinmontgomeryCF, thank you for your thoughtful and detailed feedback. It is very much appreciated. We are aware of the issues with this article and have been working with the Dev Box product team to produce improved documentation. A new article will be published in the next few days.

@justinmontgomeryCF
Copy link
Author

I see there was an update to the article for Fidalgo Dataplane being a necessary app.
Added that to the exclusion, waited an hour or so, but it still gives the same error as before.

@devmanrrmywg
Copy link

Facing this same issue, still not resolved even with updated documentation. Trying to exempt from All Cloud Apps device compliance policy.

@RoseHJM
Copy link
Contributor

RoseHJM commented Oct 8, 2024
edited
Loading

@justinmontgomeryCF & @devmanrrmywg, thank you for your patience with this issue. I've referred your comments to the product team.

For immediate support on blocking issues contact Help + support - Microsoft Azure.

You can also report the issue at https://developercommunity.microsoft.com/devbox/report.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@RoseHJM RoseHJM

Labels
assigned-to-author dev-box/svc doc-enhancement Pri3 triaged
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
5 participants
@RoseHJM @ManoharLakkoju-MSFT @justinmontgomeryCF @TPavanBalaji @devmanrrmywg