Conditional Access Cloud Apps: Why Your App Doesn’t Show Up and the Risks of Exclusions
In-depth exploration of why certain apps do not appear in the Conditional Access app picker in Microsoft Entra ID, the impact of public vs. confidential client architecture, and the critical tenant-wide security risks introduced by using exclusions in 'All Cloud Apps' Conditional Access policies. Covers best practices for targeting Microsoft service app groups, explains token audience-based policy enforcement, and clarifies service principal filtering logic.