Dropbox with Azure AD
With SAMLv2 integration, XFA Enforcement can check the device security against the device security policy of your organization as part of the authentication process into Dropbox.
The user is first redirected through XFA to the external identity provider (in this case Azure AD) to verify the identity of the user, after which device security is checked before the authentication is completed. This assures that only devices that comply with the security policy are allowed access.