| title | conditionalAccessRulesSatisfied resource type |
|---|---|
| description | Indicates the conditional access rules satisfied during an authentication event. |
| ms.localizationpriority | medium |
| author | egreenberg14 |
| ms.subservice | entra-monitoring-health |
| doc_type | resourcePageType |
| ms.date | 07/22/2024 |
Namespace: microsoft.graph
[!INCLUDE beta-disclaimer]
Indicates the attributes related to applied conditional access policy or policies that are triggered by the corresponding sign-in activity.
| Property | Type | Description |
|---|---|---|
| conditionalAccessCondition | conditionalAccessConditions | Refers to the conditional access policy conditions that are satisfied. The possible values are: none, application, users, devicePlatform, location, clientType, signInRisk, userRisk, time, deviceState, client, ipAddressSeenByAzureAD, ipAddressSeenByResourceProvider, unknownFutureValue, servicePrincipals, servicePrincipalRisk, authenticationFlows, insiderRisk. Use the Prefer: include-unknown-enum-members request header to get the following values in this evolvable enum: servicePrincipals, servicePrincipalRisk, authenticationFlows, insiderRisk. conditionalAccessConditions is a multi-valued enumeration and the property can contain multiple values in a comma-separated list. |
| ruleSatisfied | conditionalAccessRule | Refers to the conditional access policy conditions that were satisfied. The possible values are: allApps, firstPartyApps, office365, appId, acr, appFilter, allUsers, guest, groupId, roleId, userId, allDevicePlatforms, devicePlatform, allLocations, insideCorpnet, allTrustedLocations, locationId, allDevices, deviceFilter, deviceState, unknownFutureValue, deviceFilterIncludeRuleNotMatched, allDeviceStates, anonymizedIPAddress, unfamiliarFeatures, nationStateIPAddress, realTimeThreatIntelligence, internalGuest, b2bCollaborationGuest, b2bCollaborationMember, b2bDirectConnectUser, otherExternalUser, serviceProvider, microsoftAdminPortals, deviceCodeFlow, accountTransfer, insiderRisk. Use the Prefer: include-unknown-enum-members request header to get the following values in this evolvable enum: deviceFilterIncludeRuleNotMatched, allDeviceStates, anonymizedIPAddress, unfamiliarFeatures, nationStateIPAddress, realTimeThreatIntelligence, internalGuest, b2bCollaborationGuest, b2bCollaborationMember, b2bDirectConnectUser, otherExternalUser, serviceProvider, microsoftAdminPortals, deviceCodeFlow, accountTransfer, insiderRisk. |
None.
The following JSON representation shows the resource type.
{
"@odata.type": "#microsoft.graph.conditionalAccessRuleSatisfied",
"conditionalAccessCondition": "String",
"ruleSatisfied": "String"
}