Control access to SaaS apps
You can use Sophos ZTNA to provide access control to SaaS apps such as Salesforce and Dropbox in the following ways:
You can allow or block access to a SaaS app based on a Conditional Access Policy defined in your Azure Active Directory (AD).
You can allow or block access to a SaaS app directly from your SaaS apps.
Both methods include redirecting traffic meant for the SaaS application via the ZTNA Gateway.
For information about conditional access in Azure AD, see the following links: