Azure Sign-In Status with Conditional Access Policy

Joomla 81 Reputation points

Hi Community Members,

I have a question on the Azure Sign-In Status with Conditional Access Policy. My query is why I see Azure Sign-In status success where my conditional access policy status is "failure" and user access is blocked.
Ideally I should see Azure Sign-In Status also "Failure" if my conditional access policy has reject the access. What could be the reason of differential in Azure Sign-In status and Conditional Access Status for same user.

Thanks in advance.

Microsoft Entra ID
Microsoft Entra ID
A Microsoft Entra identity service that provides identity management and access control capabilities. Replaces Azure Active Directory.
20,219 questions
0 comments No comments
{count} votes

Accepted answer
  1. Vasil Michev 98,766 Reputation points MVP

    Because those are two different events. CA policies only act after the user has been successfully authenticated, thus the Sign-in event status. And while CA can be used to block logins, it only happens at a later point, after the login is effectively completed. Which is also one of the reasons why CA policies are not the preferred solution to block legacy auth.

0 additional answers

Sort by: Most helpful