Multi Admin Approval (MAA) Remote Wipe

29/08/2025

We all have been there, a moment or action that a second pair of eyes or approval could prevent a mistake….

Luckily Microsoft Intune got you covered, with Multi Admin Approval (MAA). While this feature is not new, there are some new features, like MAA support for Remote Wipe. Read the blog below to find out more you to implement this feature.

Create a Access Policy

Multi Admin Approval (MAA) is an option that's longer available in Microsoft Intune, but recently remote Wipe was added to this feature….

How does it work and how can we activate this?

First we have to create a Access Policy for the remote wipe action.

From the Intune Portal head over to:

1. Tenant Administration

2. Multi Admin Approval

Multi Admin Approval (MAA)
Multi Admin Approval (MAA)

To create a policy choose for Access Policies.

Access Policy
Access Policy

Add a group of approvers and provide a business justification for creating the policy.

Business Justification
Business Justification

Approve the policy

Now the second pair of eyes is required 😊.  An admin which is part of the group we just created has to approve the newly created policy. With this account head over to the Multi Admin Approval (MAA) node in Intune, this admin will see a request waiting for approval.

MAA Request
MAA Request

Open the request, add the approving notes and approve the request so the policy can be created.

MAA Policy Create Approval
MAA Policy Create Approval

Check the policy

Now the requesting admin can validate if the policy is created from the MAA node in Intune.

Validate MAA Policy
Validate MAA Policy

Testing the policy

Now that the policy is created we can test this function. Head over to the devices pane in Intune and select the device where you want to perform a remote wipe.

With the policy in place a business justification is needed to perform the wipe action.

Remote Wipe Business Justification
Remote Wipe Business Justification

A message is displayed in de notification area.

Notification Pop-up
Notification Pop-up

Another admin must approve or reject the action. A request is shown in de MAA node. Based upon the action, approve or reject, the action will take place.

Remote Wipe Request
Remote Wipe Request

Recap

With Multi Admin Approval (MAA) we can create an extra step in some security actions in Microsoft Intune. MAA was already available in Intune and with these new action for remote wipe, MAA can help in preventing a unwanted mistake like reinstalling a device.

Documentation

Intune What's new release 2508

Multi Admin Approval