Conditional Access in Entra ID enables policy-based decisions regarding access to resources. Each Condition Access policy consists of one or more conditions and one or more controls.
Policy Conditions
The conditions of a policy include
Policy Controls
The controls of a policy include access controls and session controls. The access controls can grant or block access to resources. The session controls can modify session behavior such as limiting session duration.
Applied policies
The following policies are applied to the utexas tenant in Azure Active Directory.
Exceptions
Microsoft Surface Hub devices are not compatible with Conditional Access Policies and are unable to authenticate unless they are manually excluded from every policy per https://docs.microsoft.com/en-us/surface-hub/create-and-test-a-device-account-surface-hub.
Exclusion Group: 99a683be-a6a4-45d0-9bff-555a0f6d319c / Surface.Hub.Conditional.Access.Bypass.Group@austin.utexas.edu.