Conditional rules configured in Ivanti Access can be used to define which apps and devices can authenticate with the cloud service provider (SP). You can configure a conditional rule to allow an unmanaged app to access the SP. By default, conditional rules are not applied to managed apps using Ivanti Tunnel and to AppConnect apps using Ivanti Tunnel or AppTunnel. The default conditional rule can be set to allow, block, or warn apps and devices if conditional rules do not match. If the default conditional rule is set to Allow when all other conditional rules do not match, authentication traffic will be allowed through Ivanti Access. In this setup, the app will be able to authenticate with the IdP.
Ivanti Access provides a set of predefined and customizable rules. For more information about conditional rules, see Conditional Access.