25,081 questions
Hello @testuser7
I just wanted to follow up on this concern and if further assistance is required please let us know!
Regards,
azure ad conditional access
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(70.4, 31%, 16%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ET%3C/text%3E%3C/svg%3E)
testuser7
286
Reputation points
Hello,
I have one basic question around Conditional Access Policies.
As we know , Azure AD CA-Policies help us undergo the additional factors while any client-app is requesting token for any CLOUD RESOURCE
I have a client-app which is just preparing OAuth request with SCOPE=OpenID and redirecting user to AAD to collect the token.
If AAD-admin wants to make sure that such request must undergo MFA or TOU or any other CA-policy grant, which minimal set of CLOUD RESOURCE should be added in that CA-policy ??
Thanks
Microsoft Security Microsoft Entra Microsoft Entra ID
{count} votes
-
testuser7 286 Reputation points
2022-04-26T12:34:55.327+00:00 I have opened one thread at https://learn.microsoft.com/en-us/answers/questions/825145/azure-ad-conditional-access-2.html to discuss about AAD Conditional Policy.
Would you please look into it and help me.Thanks.
-
testuser7 286 Reputation points
2022-04-27T15:51:59.993+00:00 hello team,
Any update on my above query ?
As usually MSFT folks are very prompt answering, looks like my concern is either too foolish OR too SPOT ON and not yet addressed by CA-policy.I prefer the latter :)
Regardless, appreciate if somebody help me close this thread.
Can we use custom-security-attribute to fine tune such access through CA-policy.
Obviously I would avoid to wrap "All Cloud Resources" in the CA policy as it will be too restrictive.Thanks.
-
risolis 8,741 Reputation points2022-04-28T04:54:45.45+00:00 Hello @testuser7
Thank you for your post.
I would like to confirm if I understood correctly your statement....
Are you referring to the following info ? https://learn.microsoft.com/en-us/azure/active-directory/conditional-access/require-tou
Looking forward to your feedback,
BR,
-
risolis 8,741 Reputation points
2022-04-28T06:38:31.193+00:00 Hi,
I found this info that might be helpful for your concern.
Cheers,
Sign in to comment
2 answers
Sort by: Most helpful
-
-
testuser7 286 Reputation points
2022-05-02T15:10:01.55+00:00 We can close it.. I have requested private preview for CA-policy with Custom-security-attribute.
Hopefully that is the answer to my query.-
risolis 8,741 Reputation points
2022-05-03T04:43:08.603+00:00 Understood.
Many thanks for your feedback!
Sign in to comment -