November 26, 2018
This probably takes a bit of explanation. My use case is the following: I wish to expose an internal Wiki outside the corporate network. To accomplish this I use an Azure AD Application Proxy.
I also wish to restrict who has access to the application proxy and enforce multifactor authentication. This is easily accomplished by setting “User assignment required” in properties and adding a Conditional Access-policy.
However. A really weird drawback in Azure AD is lack of support for nested groups. …