Review all Conditional Access Polcies per tenant

This page lists all the Conditional Access Policies on the selected tenant. This lists everything that's available in the Microsoft Endpoint Manager (MEM) portal, including the applications the CA applies to and used built-in controls.




The name of the policy.


The current state of the policy, for example enabled.

Last Modified

The date the policy was last modified.

Client App Types

Any client applications targeted.

Platform Inc

Any platforms/operating systems targeted.

Platform Exc

Any platforms/operating systems excluded.

Include Locations

Any locations targeted.

Exclude Locations

Any locations excluded.

Include Users

Any users targeted.

Exclude Users

Any users excluded.

Include Groups

Any groups targeted.

Exclude Groups

Any groups excluded.

Include Applications

Any Azure AD applications targeted.

Exclude Applications

Any Azure AD applications excluded.

Control Operator

The operator used to combine the filters.

Built-in Controls

Any built-in controls applied.


Under the three dots for Conditional Access policies you'll find these actions:

  • Create template based on rule - Creates a CIPP template based on this rule to deploy to any other tenant.

  • Enable Rule - Enables the rule

  • Disable Rule - Disables the rule

  • Set rule to report only - Sets the rule to report only

  • Delete Rule - Deletes the rule. This cannot be undone.

Feature Requests / Ideas

Please raise any feature requests on GitHub.

Last updated