Conditional Access with Microsoft Purview

Microsoft Purview supports Microsoft Conditional Access.

The following steps show how to configure Microsoft Purview to enforce a Conditional Access policy.


  • When multi-factor authentication is enabled, to sign in to the Microsoft Purview governance portal, you must perform multi-factor authentication.

Configure conditional access

  1. Sign in to the Azure portal, select Azure Active Directory, and then select Conditional Access. For more information, see Azure Active Directory Conditional Access technical reference.

Screenshot that shows Conditional Access blade

  1. In the Conditional Access-Policies menu, select New policy, provide a name, and then select Configure rules.
  2. Under Assignments, select Users and groups, check Select users and groups, and then select the user or group for Conditional Access. Select Select, and then select Done to accept your selection.

Screenshot that shows User and Group selection

  1. Select Cloud apps, select Select apps. You see all apps available for Conditional Access. Select Microsoft Purview, at the bottom select Select, and then select Done.

    Screenshot that shows Applications selection

  2. Select Access controls, select Grant, and then check the policy you want to apply. For this example, we select Require multi-factor authentication.

Screenshot that shows Grant access tab

  1. Set Enable policy to On and select Create.

Next steps