Creating a Conditional Access Policy

You can create a Conditional Access policy to require devices be marked as compliant in order to access your organization's resources.

For instructions on creating a Conditional Access policy, see the following documentation from Microsoft: Conditional Access: Require compliant or hybrid Azure AD joined device
Note:

You must exclude the "User registration app for Device Compliance" when creating the Conditional Access policy. Failing to exclude the "User registration app for Device Compliance" prevents users from being able to register with Azure AD.