If your organization deploys applications that contain sensitive data, you can restrict access to these applications to only MDM-managed devices.
To enforce this managed requirement on a selection of applications, you create application-specific policies for these applications. When you create the policy, in the Applies to section you select the applications to associate with this policy.
In the application-specific policy, create a rule for each device type in your deployment. Select the correct authentication method. However, because unmanaged devices cannot access the application, do not define a fallback authentication method.