Hi @Sergio Londono •
Thank you for sharing your issue on Microsoft Q&A.
I understand that when you create a Conditional Access policy with multiple conditions, the conditions are treated as "AND" conditions. This means that all of the conditions must be met in order for the policy to be enforced.
If you configure a policy with multiple conditions (e.g., location is USA AND device platform is Browser), the policy will only block access if both conditions are satisfied. Thus, for access to be blocked, the connection must originate from the USA and be using a browser.
Option 1 (AND Logic): The Conditional Access policy will block access if:
The connection is from USA AND
The device platform is a Browser.
Option 2 (OR Logic): The Conditional Access policy will NOT block access if only one condition is met. For example, if the connection is from China or just using a browser, it will not trigger a block under the AND logic.
To enforce an action in a single Conditional Access policy, you must match all specified conditions (Option 1). If any condition is not met, the policy will not apply, and access may not be blocked.
Hope this helps. Do let us know if you any further queries.
If this answers your query, do click Accept Answer
and Yes
for was this answer helpful. And, if you have any further query do let us know.
Best Regards.
Harshitha Eligeti