Help creating a claim rule to allow managed devices only RRS feed

  • Question

  • Hi,

    I am new to ADFS 4.0 and have not been able to crack this simple request in my head but need to confirm if we have all the right components in place. 

    We currently have a rule in place that allows users to access an endpoint over the internet requiring MFA and on an IOS device only. This works as expected. But we would like to lock this down further so that only managed IOS devices can access a particuliar managed site and not personal IOS devices. I've been playing with the Rules Editor but everytime i try to make a change it wants the user to configure the the autheticator app again.

    We would like to avoid that so that any change we put in place users continue to connect the normal way they are connecting now but underlyingly users can only acces on a managed IOS device and not a personal IOS that does not have the Comp Portal or MFA on it.

    Monday, November 18, 2019 4:26 PM