This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(112.00000000000001, 2%, 20%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EMS%3C/text%3E%3C/svg%3E)
I am currently using Microsoft Intune to manage access to a third-party web application that I have registered as a web link app type. I’ve successfully added the application in Intune, and it appears in the Company Portal. However, I am facing an issue where users can share the link to the web application with others who do not have the Company Portal app installed. As a result, these users can access the application from non-compliant devices, which I want to prevent.
Requirements:
Steps Taken:
Questions:
Any guidance or best practices on how to effectively enforce these restrictions would be greatly appreciated!
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(188.79999999999998, 35%, 28%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EZM%3C/text%3E%3C/svg%3E)
Hi, @Mohan s
If the answer is helpful, please click "Accept Answer" and kindly upvote it to help others with the same problem as soon as possible.
@Mohan s, Thanks for posting in Q&A.
From your description, I know you want to restrict access to a web application using Intune and have created Conditional Access Policies and Compliance Policies.
Based as I know, Conditional access policy prevents access to a resource by blocking the target resource, through your description, devices that do not comply with the conditional access policy can still access the application, it may be because you configured the Target Resource incorrectly, so please check if your target resource is correct.
Here is a link about all resource we can configure.
Also, please look through the sign in log to see if the conditional access policy is working properly.
Please check above information, if there is any update, feel free to let me know.
If the answer is helpful, please click "Accept Answer" and kindly upvote it. If you have extra questions about this answer, please click "Comment".
Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.
What should I provide as the target resource if I am using a third-party web application and not a Microsoft cloud app or client app?
@Mohan s, Thanks for your reply.
In order to figure out what kind of Target Resource you want to select, you can refer to the link below to look up your uploaded custom third-party web application in the Microsoft Entra portal and add it to the Target Resource.
https://learn.microsoft.com/en-us/entra/identity/enterprise-apps/view-applications-portal
If we can't find the custom web application in Microsoft Entra portal, we can set the Target Resource to All resources (formerly 'All cloud apps') to apply the conditional access policy.
@Mohan s, Hope you have a good day!
I am currently standing by for further update from you and would like to know how things are going. If you have any questions or concerns on the recent information I've provided you, please don't hesitate to let me know.
@Mohan s, Hope everything going well.
Please tell me if I have fixed your issue successfully. Could you let me know the latest status from your side?