question

testuser7-8288 avatar image
0 Votes"
testuser7-8288 asked ricardosolisvillegas-4678 commented

azure ad conditional access

Hello,

I have one basic question around Conditional Access Policies.

As we know , Azure AD CA-Policies help us undergo the additional factors while any client-app is requesting token for any CLOUD RESOURCE

I have a client-app which is just preparing OAuth request with SCOPE=OpenID and redirecting user to AAD to collect the token.

If AAD-admin wants to make sure that such request must undergo MFA or TOU or any other CA-policy grant, which minimal set of CLOUD RESOURCE should be added in that CA-policy ??


Thanks


azure-active-directoryazure-ad-authenticationazure-ad-conditional-access
· 4
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.


Hi @amanpreetsingh-msft

I have opened one thread at https://docs.microsoft.com/en-us/answers/questions/825145/azure-ad-conditional-access-2.html to discuss about AAD Conditional Policy.
Would you please look into it and help me.


Thanks.

0 Votes 0 ·

hello team,

Any update on my above query ?
As usually MSFT folks are very prompt answering, looks like my concern is either too foolish OR too SPOT ON and not yet addressed by CA-policy.

I prefer the latter :)
Regardless, appreciate if somebody help me close this thread.
Can we use custom-security-attribute to fine tune such access through CA-policy.
Obviously I would avoid to wrap "All Cloud Resources" in the CA policy as it will be too restrictive.


Thanks.

0 Votes 0 ·

Hello @testuser7-8288

Thank you for your post.

I would like to confirm if I understood correctly your statement....

Are you referring to the following info ? https://docs.microsoft.com/en-us/azure/active-directory/conditional-access/require-tou

Looking forward to your feedback,

BR,

0 Votes 0 ·

Hi,

I found this info that might be helpful for your concern.

https://learningbydoing.cloud/blog/getting-started-with-custom-security-attributes-in-azuread/#:~:text=Custom%20Security%20Attributes%20are%20organization-specific%20key-value%20paired%20attributes,not%20even%20Global%20Admins%2C%20without%20specifically%20assigning%20permissions.

Cheers,

0 Votes 0 ·
ricardosolisvillegas-4678 avatar image
0 Votes"
ricardosolisvillegas-4678 answered

Hello @testuser7-8288

I just wanted to follow up on this concern and if further assistance is required please let us know!

Regards,

5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

testuser7-8288 avatar image
0 Votes"
testuser7-8288 answered ricardosolisvillegas-4678 commented

We can close it.. I have requested private preview for CA-policy with Custom-security-attribute.
Hopefully that is the answer to my query.

· 1
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

Understood.

Many thanks for your feedback!

0 Votes 0 ·