conditionalAccessConditionSet resource type
Namespace: microsoft.graph
Represents the type of conditions that govern when the policy applies.
Properties
Property | Type | Description |
---|---|---|
applications | conditionalAccessApplications | Applications and user actions included in and excluded from the policy. Required. |
authenticationFlows | conditionalAccessAuthenticationFlows | Authentication flows included in the policy scope. |
clientApplications | conditionalAccessClientApplications | Client applications (service principals and workload identities) included in and excluded from the policy. Either users or clientApplications is required. |
clientAppTypes | conditionalAccessClientApp collection | Client application types included in the policy. Possible values are: all , browser , mobileAppsAndDesktopClients , exchangeActiveSync , easSupported , other . Required. The easUnsupported enumeration member will be deprecated in favor of exchangeActiveSync , which includes EAS supported and unsupported platforms. |
devices | conditionalAccessDevices | Devices in the policy. |
locations | conditionalAccessLocations | Locations included in and excluded from the policy. |
platforms | conditionalAccessPlatforms | Platforms included in and excluded from the policy. |
servicePrincipalRiskLevels | riskLevel collection | Service principal risk levels included in the policy. Possible values are: low , medium , high , none , unknownFutureValue . |
signInRiskLevels | riskLevel collection | Sign-in risk levels included in the policy. Possible values are: low , medium , high , hidden , none , unknownFutureValue . Required. |
userRiskLevels | riskLevel collection | User risk levels included in the policy. Possible values are: low , medium , high , hidden , none , unknownFutureValue . Required. |
users | conditionalAccessUsers | Users, groups, and roles included in and excluded from the policy. Either users or clientApplications is required. |
insiderRiskLevels | conditionalAccessInsiderRiskLevels | Insider risk levels included in the policy. The possible values are: minor , moderate , elevated , unknownFutureValue . |
Relationships
None.
JSON representation
The following JSON representation shows the resource type.
{
"@odata.type": "#microsoft.graph.conditionalAccessConditionSet",
"applications": {"@odata.type": "microsoft.graph.conditionalAccessApplications"},
"clientApplications": {"@odata.type": "microsoft.graph.conditionalAccessClientApplications"},
"clientAppTypes": ["String"],
"devices": {"@odata.type": "microsoft.graph.conditionalAccessDevices"},
"locations": {"@odata.type": "microsoft.graph.conditionalAccessLocations"},
"platforms": {"@odata.type": "microsoft.graph.conditionalAccessPlatforms"},
"servicePrincipalRiskLevels": ["String"],
"signInRiskLevels": ["String"],
"userRiskLevels": ["String"],
"users": {"@odata.type": "microsoft.graph.conditionalAccessUsers"},
"insiderRiskLevels": "String",
"authenticationFlows": {"@odata.type": "microsoft.graph.conditionalAccessAuthenticationFlows"}
}