Skip to main content

microsoft.conditionalAccess.policy.conditions

Description

Represents the type of conditions that govern when the policy applies

Fields

IDTYPEDESCRIPTION
idstringInternal ID based on policy ID
applicationsmicrosoft.conditionalAccess.policy.conditions.applicationsApplications and user actions included in and excluded from the policy
authenticationFlowsmicrosoft.conditionalAccess.policy.conditions.authenticationFlowsAuthentication flows included in the policy scope
clientApplicationsmicrosoft.conditionalAccess.policy.conditions.clientApplicationsClient applications (service principals and workload identities) included in and excluded from the policy. Either users or clientApplications is required.
clientAppTypes[]stringClient application types included in the policy
locationsmicrosoft.conditionalAccess.policy.conditions.locationsLocations included in and excluded from the policy
platformsmicrosoft.conditionalAccess.policy.conditions.platformsPlatforms included in and excluded from the policy
servicePrincipalRiskLevels[]stringService principal risk levels included in the policy. Possible values are: low, medium, high, none, unknownFutureValue.
signInRiskLevels[]stringSign-in risk levels included in the policy. Possible values are: low, medium, high, hidden, none, unknownFutureValue.
userRiskLevels[]stringUser risk levels included in the policy. Possible values are: low, medium, high, hidden, none, unknownFutureValue.
usersmicrosoft.conditionalAccess.policy.conditions.usersUsers, groups, and roles included in and excluded from the policy. Either users or clientApplications is required.
insiderRiskLevelsstringInsider risk levels included in the policy. The possible values are: minor, moderate, elevated, unknownFutureValue.