Prevent/Fix (Detected) Important CAE Policies Causing calling and pairing related Failures

Originally posted by Microsoft Sep 30, 2025 Uncategorized 0 Comments

Teams Rooms on Android and Teams Phone devices face calling and pairing failures due to Continuous Access Evaluation (CAE) policies affecting token validity. To ensure device stability and reliable calling, disable CAE on all Conditional Access policies for these devices, as this does not significantly reduce security.

Problem detected:

We are seeing an increase in pairing and calling-related failures on Teams Rooms on Android, as well as calling-related issues on Teams Phone devices due to Continuous Access Evaluation (CAE) policies (https://learn.microsoft.com/en-us/entra/identity/conditional-access/concept-continuous-access-evaluation). Since we recently moved to a new method of acquiring tokens for calling scenarios, these CAE policies are now being enforced on the resource tokens automatically, resulting in invalid tokens some times and degraded functionality across Teams devices.

What you need to do to prepare:

What should I do to ensure Teams Device stability?

To avoid disruption in calling and have reliable console, Front of room communication (for teams rooms) and ensure device operability, we strongly recommend disabling continuous access evaluation on all Conditional Access policies that may apply to your Teams Android Devices.

View image in new tab

Because Teams Rooms and Phones are fixed, physical endpoints connected via secure enterprise networks, disabling CAE on these Teams devices should not meaningfully weaken overall security.

This current limitation is also documented in our Supported Conditional Access documentation: https://learn.microsoft.com/microsoftteams/rooms/supported-ca-and-compliance-policies 

Message ID: MC1162280