microsoft.conditionalAccess.policy.conditions
Description
Represents the type of conditions that govern when the policy applies.
Fields
| ID | TYPE | DESCRIPTION |
|---|---|---|
| id | string | Internal ID based on policy ID |
| applications | microsoft.conditionalAccess.policy.conditions.applications | Applications and user actions included in and excluded from the policy. |
| authenticationFlows | microsoft.conditionalAccess.policy.conditions.authenticationFlows | Authentication flows included in the policy scope. |
| clientApplications | microsoft.conditionalAccess.policy.conditions.clientApplications | Client applications (service principals and workload identities) included in and excluded from the policy. Either users or clientApplications is required. |
| clientAppTypes | []string | Client application types included in the policy. |
| locations | microsoft.conditionalAccess.policy.conditions.locations | Locations included in and excluded from the policy. |
| platforms | microsoft.conditionalAccess.policy.conditions.platforms | Platforms included in and excluded from the policy. |
| servicePrincipalRiskLevels | []string | Service principal risk levels included in the policy. Possible values are: low, medium, high, none, unknownFutureValue. |
| signInRiskLevels | []string | Sign-in risk levels included in the policy. Possible values are: low, medium, high, hidden, none, unknownFutureValue. |
| userRiskLevels | []string | User risk levels included in the policy. Possible values are: low, medium, high, hidden, none, unknownFutureValue. |
| users | microsoft.conditionalAccess.policy.conditions.users | Users, groups, and roles included in and excluded from the policy. Either users or clientApplications is required. |
| insiderRiskLevels | string | Insider risk levels included in the policy. The possible values are: minor, moderate, elevated, unknownFutureValue. |