Thursday, May 2, 2024

Mashford's Musings

My thoughts and experiences from working within the Microsoft Cloud.

Uncategorised 

Public preview for conditional access information in Azure AD Sign-ins report!

Anthony Mashford 0 Comments

Howdy folks,

We know many of you use conditional access in Azure ADits the most popular feature in Azure AD premium! And to manage conditional access at scale, we also know you need detailed visibility into how its actually working in your organization.

So, today Im excited to announce the public preview for conditional access information in the Azure AD Sign-ins report. This new information will help you troubleshoot conditional access policies and understand the usage of conditional access in your organization.

As we designed this new capability, there were four key scenarios we focused on enabling:

  • Quickly troubleshoot conditional access policiesYou can now view all the conditional access policies that impacted a users sign-in and the result of each policy. The correlation ID column in the Sign-ins report lets you to easily identify the sign-in reported by the user.

  • Understand usage of conditional access policiesUsing the conditional access column and the policy information, youll be able to understand how conditional access policies are working in your organization. Using the Azure AD reporting API, you can pull the usage data into your SIEM systems and business intelligence tools.

  • Understand legacy authentication usage in your organizationUsing the client app column in the Sign-ins report, you can see the users/apps using legacy authentication in the organization. This reporting will help you smoothly roll out a blocking legacy authentication policy. (To learn more about how to block legacy authentication, check out this recent blog post.)

  • Identify gaps in your conditional access policiesUsing the conditional access column in the Sign-ins report, you can easily identify sign-ins/apps/users that are not protected by conditional access.

Get started!

Ready to dive deeper?To get started, follow the steps below:

  1. In Azure AD, go to the Sign-ins report.

  1. Select the sign-in you want to troubleshoot.
    If you have the correlation ID from the user, simply search for the sign-in using the correlation ID.

  2. Navigate to the Conditional Access tab.
    You can now view all the policies that impacted the sign-in and the result for each policy.

Additionally, you can access all this rich information through Microsoft Graph API! Learn more about the Azure AD reporting API.

Tell us what you think

As always, we want to hear any feedback or suggestions you have. Please let us know what you think in the comments below!

Best Regards,

Alex Simons (Twitter:@Alex_A_Simons)

Director of Program Management

Microsoft Identity Division


Source: EM+S Blog Feed

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.