MFA just for 365 Email (with ADFS)


Our Security team wants to try out just protecting Email access (a.k.a, 365 web portal, and Outlook Desktop). What is the best way to go about this? Would these be Client application or Client user agent exceptions? Setting up autodiscover/activesync exceptions was straight forward, but i cant seem to find the right info for Outlook. Does anyone have advice, or a sample rule to share to get me started?



While browsing other threads on the forum I think I may have found the keywords I was looking for. Going to test out the X-MS-Client-Application names, found here: