Conditional Access Policy User Exception

This guide will show an administrator how to add a user exemption to an existing conditional access policy.

Role Requirements

Procedure Scope: Administrators

Required Group Membership: Admin.Security

Handbook Reference

Package: TBD

Domain: TBD

Modifies: TBD

Conditional Access Policy User Exception

1.  Navigate to the Conditional Access – Azure Active Directory portal, locate and select the conditional access policy that needs to have a user exception. 
   
2.  Select the hyperlink under the Users section. The applicable users in scope will be shown. Select the Exclude header to begin the exclusion process.
   
3. Under the Exclude subsection, locate, and select the Select excluded users and groups hyperlink, a pop-out will be displayed where you will be able to select the user(s) which should be excluded from the policy, selections can be made either by traversing the list manually or utilizing the search bar. Selected user(s) will be generated in the list to the right of the catalog. Click Select once the desired user(s) have been supplied.
   
4. After the Select action has been carried out, a pop-up will be generated under the Enable policy section. Here will want to verify that the Policy remains On, and that the I understand that my account will be impacted by this policy Proceed anyway option is selected from the prompt, failure to do so could result in an unsanctioned user account bypass which could increase risk if misconfigured. Click Save to finalize the application exception process.
   
5. The policy has been saved and should be applied within 5-10 minutes.

Need Assistance?