Why is Patch Connect Plus not impacted by MAA?
The Microsoft Intune Multi Admin Approval (MAA) feature adds an extra layer of security by requiring administrative approval for certain changes made to applications and scripts before they are applied.
This feature does not affect the functionality of Patch Connect Plus. The product continues to create and manage applications in Intune without any interruptions, and no additional configuration is required when MAA is enabled.
MAA is applicable only to actions performed using the delegated credential flow. These typically include:
- Changes made interactively through the Intune Admin Center
- Operations performed via Microsoft Graph using delegated permissions
In such cases, actions like modifying or removing assignments for a Win32 application may require approval if MAA policies are enforced.
In contrast, Patch Connect Plus operates using the application credential flow. This approach:
- Uses application-level permissions instead of user-based authentication
- Bypasses MAA approval requirements
- Ensures uninterrupted creation and modification of applications in Intune
Hence, Patch Connect Plus workflows are not subject to MAA policies.