Unable to register MFA in Authenticator due to Intune MAM policy
I’m testing out conditional access in a test environment and running into an issue when using Intune MAM policies.
I have require MFA and MAM for ‘All Cloud Apps’, the MAM policy targets all Microsoft applications on unmanaged devices.
When attempting to setup Authenticator, I am blocked from adding MFA methods due to no MAM policy being available for Authenticator.
We use TAP to satisfy the MFA, but I’m not sure how to work around the MAM requirement. There isn’t a way (from what I can see), to exclude Authenticator from the CA policy.
I want users to only require MFA for Authenticator, but require MAM for everything else on Android/iOS.
How would you tackle this?