Conditional Access - Require Trusted Device OR Trusted Location AND MFA

Alexander 266 Reputation points

Hello i'm struggling about to create a Conditional Access Rule what should be

Require Trusted Device OR Trusted Location AND MFA

Maybe I just don't see how it works, can somebody help me?

Microsoft Entra ID
Microsoft Entra ID
A Microsoft Entra identity service that provides identity management and access control capabilities. Replaces Azure Active Directory.
20,694 questions
0 comments No comments
{count} votes

Accepted answer
  1. VipulSparsh-MSFT 16,251 Reputation points Microsoft Employee

    @Alexander You can test the following policy to verify if it meets your requirement.
    It would be easier if you have 2 different policy for this.

    1) Require Trusted Locations - Condition

    Followed by MFA under grant


    2) Require Trusted Devices (If you mean compliant and Hybrid AD Joined)


    Under Grant


    Please do test them and let us know if it helped.

0 additional answers

Sort by: Most helpful