Apr 7, 2026 · Secure your organization by blocking device code flow and authentication transfer. Learn how to configure Conditional Access policies effectively.

Jun 26, 2025 · That’s why Microsoft now recommends most organizations block or tightly restrict device code flow wherever possible. The good news? You can do exactly that (and more) with Conditional …

Apr 15, 2025 · In February 2025, Microsoft announced the rollout of a managed Conditional Access policy aimed at blocking device code flow authentication, especially for organizations not actively …

May 13, 2024 · This article describes the process of blocking device code authentication requests against Entra ID with a preview feature for conditional access policies.

Conditional Access device code flow block policy explained. Learn how blocking device code authentication protects Microsoft Entra ID from token abuse risks.

Feb 27, 2024 · Block device code flow through an conditional access policy. With the newly released conditional access condition “Authentication Flows” you now can restrict certain authentication flows, …

Mar 6, 2024 · Among them, the authentication flows considered as high-risk (device code flow and authentication transfer) are included in the Conditional Access policy to control or block them.

Feb 17, 2025 · In this article, we’ll be disabling device code flow entirely, but, there are some legitimate uses for device code flow. This is most prominent when logging in from a device that is incapable of …

Device Code Flow in Entra ID (formerly Azure AD) is an OAuth 2.0 authentication method that allows users to sign in on input-constrained devices. However, attackers can abuse this flow in phishing or …

Mar 24, 2026 · Only allow device code flow in well documented and secured use cases, like legacy tooling that can't be updated. For organizations that don't use device code flow, block it with the …