Category: device code flow

I cannot find the answer to this online. Microsoft allow Entra ID admins to block two authentication protocols that are misused by phishers, one more prevalent in the wild than the other – but do I need two rules to block the two authentication flows, or just one? The screenshot above shows a Conditional Access…