davideisenva
asked on
Custom AD FS Rule for Office 365 MFA ActiveSync Exemption
We setup Office 365 with our RSA keys, and we are looking to exempt our mobile devices and outlook from MFA for now. From what I understand we have to form a custom issuance transform AD FS claim rule. I have tried creating one, without success:
Does anyone have any ideas on the correct way to do this?
c:[Type == "http://schemas.microsoft.com/ws/2012/01/insidecorporatenetwork", Value == "false"]
&& [Type == "http://schemas.microsoft.com/2012/01/requestcontext/claims/x-ms-endpoint-absolute-path", Value =~ "(/adfs/ls)|(/adfs/oauth2)"]
=> issue(Type = "http://schemas.microsoft.com/ws/2008/06/identity/claims/authenticationmethod", Value = "http://schemas.microsoft.com/claims/multipleauthn");
Does anyone have any ideas on the correct way to do this?
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.