Device-based Conditional Access to the iManage Work add-in
If your organization has Conditional Access policies in place, you can create a policy for enforcing compliant-device Conditional Access to the iManage Work add-in for Microsoft Outlook. To create the policy, sign in to the Microsoft Entra admin center at least as a Conditional Access Administrator. For more information, go to https://learn.microsoft.com/en-us/entra/identity/conditional-access/howto-conditional-access-policy-compliant-device.
With the policy in place, users must ensure that:
Their device is enrolled in Microsoft Intune.
They access iManage Work Desktop for Mac from the same domain for which the device is registered in Microsoft Intune.
When users try to open the iManage Work add-in from a device that isn’t enrolled, they have to sign-in. After they authenticate themselves, a page opens asking them to install the Microsoft Intune Company Portal App and enroll their device. Users can access the add-in if there device complies with the Conditional Access policies that their organization has set.
If the device is non-compliant, users can’t access the iManage Work add-in. The “Sign-in failed: The user did not consent the add-in permissions.” message is displayed above the body of the currently selected email.