search

microsoft / AL

Home of the Dynamics 365 Business Central AL Language extension for Visual Studio Code. Used to track issues regarding the latest version of the AL compiler and developer tools available in the Visual Studio Code Marketplace or as part of the AL Developer Preview builds for Dynamics 365 Business Central.
MIT License
722 stars 242 forks source link

Connection from VSCode is denied because "unsupported" platform, when Conditional Access is set on EntraID #7679

Open ervet opened 4 months ago

ervet commented 4 months ago

Please include the following with each issue:

1. Describe the bug Connection to Business Central from VSCode can't be made when Entra ID Comliance policy are on. Reopen of bug #7344

2. To Reproduce VSCode uses device code auth flow to connect. Device Code is not a supported Auth Code flow with the CA Policy's for the condition "Compliant device"

Nowdays it is 2024 and many enterprise companies use CA Policy to reduce attack risks. Allow only connections from compliant devices is a very common one.

Sadly the AL Extension in VSCode does not support this. An therefore mitigate a security risk as all developer/users who connect from VSCode to Entra has to be exclude.

3. Expected behavior

VSCode AL Extensions should connect via user authentication workflow Entra ID

4. Actual behavior

VSCode AL Extension connects to Entra ID via Device Code Auth Flow

fabihndlmr commented 4 months ago

Hello, we have the exact same issue and we also think that the behavior mentioned in "3." would be the best option. We also created a ticket at Microsoft, but we were told that raising an issue here is the correct procedure.