Conditional Access Update

Question

Hello, We have a conditional access policy designed to address high-risk users by prompting a credential reset. This policy was initially provisioned before recent tenant changes and is configured based on user risk. However, we've learned that using the "reset credentials" option requires a Microsoft Entra ID P2 license.

Currently, the policy targets users with a High risk level. We are considering updating the policy to Block access instead of prompting a credential reset.

Before implementing this change, we want to confirm whether this adjustment will still apply exclusively to users classified as High risk, or if it could potentially impact users who are internally assessed as Medium or Low risk.

Could you please confirm how the policy will behave after this change?

Answer 1

Hello Nicolas,

Welcome to the Microsoft Community. 

Regarding your query about "conditional access policy", hope your kind understanding that this query is required support from Azure support team which is different from us.   

I would recommend you raise a support case with Azure, a Support Engineer will be able to look into this conditional access policy issue and assist you better.

You can raise support ticket from New support request - Microsoft Entra admin center or https://admin.microsoft.com/#/support/requests.

Hope this helps.

Best regards,

Serena - MSFT | Microsoft Community Support Specialist

Answer 2

To clarify, we see risky user detections appear as solely "at risk" without any further clarity on the risk severity.