New-AzureADMSConditionalAccessPolicy
This article provides migration details from Add-AzureADDirectoryRoleMember command to Microsoft Graph PowerShell.
Summary
- Azure AD Command: New-AzureADMSConditionalAccessPolicy
- Azure AD Module: AzureAD
- Microsoft Graph Command: New-MgIdentityConditionalAccessPolicy (Community Examples)
- Graph Module: Microsoft.Graph.Identity.SignIns
- Graph Endpoint: POST /identity/conditionalAccess/policies
Permissions
| Permission type | Permissions (from least to most privileged) |
|---|---|
| Delegated (work or school account) | Policy.Read.All, Policy.ReadWrite.ConditionalAccess and Application.Read.All |
| Delegated (personal Microsoft account) | Not supported. |
| Application | Policy.Read.All, Policy.ReadWrite.ConditionalAccess and Application.Read.All |
Note
This method has a known permissions issue and may require consent to multiple permissions.
Property Mapping
| Azure AD Name | Microsoft Graph Name |
|---|---|
| Conditions | Conditions |
| DisplayName | DisplayName |
| GrantControls | GrantControls |
| Id | Id |
| SessionControls | SessionControls |
| State | State |