You can configure Azure AD Conditional Access rules to bypass multifactor authentication (MFA) requirements for all devices with Jamf Connect's Zero Trust Network Access enabled.
This configuration effectively replaces app or SMS-based factors with "Zero Trust Network Access as a Factor"; meaning that a device with Zero Trust Network Access enabled is considered to be an authentication factor when logging in.
Other devices that do not use Zero Trust Network Access will continue to use your existing MFA policies.
Note:
This feature is not a replacement for end-user authentication. Users must still authenticate with their credentials as defined in Azure AD.
This configuration also does not impact the users or groups authorized to use any given application.
Steps include:
Configuring Jamf Security Cloud
Configuring Azure AD
Testing the Configuration