Update caac-known-issues.md

DeCohen · web-flow · commit 6649b6394b43 · 2025-04-28T14:47:12.000+03:00
diff --git a/CloudAppSecurityDocs/caac-known-issues.md b/CloudAppSecurityDocs/caac-known-issues.md
@@ -54,8 +54,7 @@ Session policies don't protect external business-to-business (B2B) collaboration
 ## Session Controls with Non-Interactive Tokens
 Some applications utilize non-interactive access tokens to facilitate seamless redirection between apps within the same suite or realm. When one application is onboarded to Conditional Access App Control and the other is not, session controls may not be enforced as expected. For example, if the Teams client retrieves a non-interactive token for SharePoint Online (SPO), it can initiate an active session in SPO without prompting the user for reauthentication. As a result, the session control mechanism cannot intercept or enforce policies on these sessions. To ensure consistent enforcement, it's recommended to onboard all relevant applications, such as Teams, alongside SPO. 
 
-## IPv6 limitations for sessions served by reverse proxy and Edge in-browser protection
-
+## IPv6 limitations
 Access and session policies support IPv4 only. If a request is made over IPv6, IP-based policy rules are not applied. This limitation applies when using both reverse proxy and Edge in-browser protection.
 
 ## Limitations for sessions that the reverse proxy serves
