Hi Guys
We currently have a policy in place that forces all high risk users to submit a recurring MFA request (sign-in frequency 1h).
Now, there are some users who are not classified as high risk users in identity protection, but they are still affected by the policy.
How exactly does the conditional access policy evaluate this risk status? And how can such affected users, who are apparently considered high risk users, be resolved?
Best regards and thank you for the answer!
Hi @Faha-7530,
Thanks for reaching out and apologies for delay in response.
I understand that you are facing issue where all the users are affected by conditional access policy to enforce MFA request whereas policy has been setup for high-risk users only.
There might be reason those users are not configured as high-risk users in Identity protection but due to many factors described here put them in high-risk users and as conditional access policy has been configured for high-risk users enforcing MFA on those users.
Any identified suspicious actions in user accounts are come under risks and there are many factors to evaluate the risk as mentioned in documentation.
You can either apply policy to self-remediate those users who are affected by policy using Azure AD Multi-Factor Authentication (MFA) and self-service password reset (SSPR).
or exclude those users from the conditional access policy if those users have been evaluated no risk users.
Hope this will help.
Thanks,
Shweta
Please remember to "Accept Answer" if answer helped you.
2 people are following this question.
