andrewamason/Intune
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
49ba2521cffc57ae34ce381f5c5ae2e3153690df
Intune/Microsoft365/CCX/CCX-Azure-202505191541.md
Andrew Amason 0092fa4a0f Updated Reporting & 24H2 Updates Remediation
2025-07-22 09:55:32 -04:00

6410 lines
472 KiB
Markdown
Raw Blame History

# M365 Documentation
Date: 15:44 19.05.2025
Components: AzureAD
Tenant: CareCentrix, Inc.
## Contents
- [Authentication Method Policies](#authentication-method-policies)
- [Temporary Access Pass](#temporary-access-pass)
- [Email](#email)
- [Text Message](#text-message)
- [Organizational branding](#organizational-branding)
- [Conditional Access Policies](#conditional-access-policies)
- [Conditional Access Policies](#conditional-access-policies)
- [CA - CCX - M365 - Block Unapproved Mobile Users](#ca---ccx---m365---block-unapproved-mobile-users)
- [Metadata](#metadata)
- [Conditions](#conditions)
- [Grant Controls](#grant-controls)
- [Session Controls](#session-controls)
- [CA - CCX - Global - Restrict Mobile Access to US](#ca---ccx---global---restrict-mobile-access-to-us)
- [Metadata](#metadata)
- [Conditions](#conditions)
- [Grant Controls](#grant-controls)
- [Session Controls](#session-controls)
- [CA - CCX - M365 - Grant Compliance Access- MacOS](#ca---ccx---m365---grant-compliance-access--macos)
- [Metadata](#metadata)
- [Conditions](#conditions)
- [Grant Controls](#grant-controls)
- [Session Controls](#session-controls)
- [CA - CCX - Global - Block Linux External Access](#ca---ccx---global---block-linux-external-access)
- [Metadata](#metadata)
- [Conditions](#conditions)
- [Grant Controls](#grant-controls)
- [Session Controls](#session-controls)
- [CA - CCX - M365 - Grant Hybrid Join Access - Windows](#ca---ccx---m365---grant-hybrid-join-access---windows)
- [Metadata](#metadata)
- [Conditions](#conditions)
- [Grant Controls](#grant-controls)
- [Session Controls](#session-controls)
- [CA - CCX - PAGlobalProtect - Require MFA](#ca---ccx---paglobalprotect---require-mfa)
- [Metadata](#metadata)
- [Conditions](#conditions)
- [Grant Controls](#grant-controls)
- [Session Controls](#session-controls)
- [CA - CCX - Intune Enrollment - Enforce MFA](#ca---ccx---intune-enrollment---enforce-mfa)
- [Metadata](#metadata)
- [Conditions](#conditions)
- [Grant Controls](#grant-controls)
- [Session Controls](#session-controls)
- [CA - CCX - M365 - Grant Compliance Access - AutoPilot](#ca---ccx---m365---grant-compliance-access---autopilot)
- [Metadata](#metadata)
- [Conditions](#conditions)
- [Grant Controls](#grant-controls)
- [Session Controls](#session-controls)
- [ZZZ - CA - CCX - M365 - Grant O365 Calendar Access - iOS](#zzz---ca---ccx---m365---grant-o365-calendar-access---ios)
- [Metadata](#metadata)
- [Conditions](#conditions)
- [Grant Controls](#grant-controls)
- [Session Controls](#session-controls)
- [CA - CCX - MEM - Grant Compliance Access - Mobile](#ca---ccx---mem---grant-compliance-access---mobile)
- [Metadata](#metadata)
- [Conditions](#conditions)
- [Grant Controls](#grant-controls)
- [Session Controls](#session-controls)
- [CA - CCX - MEM - Autopilot Troubleshooting](#ca---ccx---mem---autopilot-troubleshooting)
- [Metadata](#metadata)
- [Conditions](#conditions)
- [Grant Controls](#grant-controls)
- [Session Controls](#session-controls)
- [CA - CCX - CyberArk - Require MFA](#ca---ccx---cyberark---require-mfa)
- [Metadata](#metadata)
- [Conditions](#conditions)
- [Grant Controls](#grant-controls)
- [Session Controls](#session-controls)
- [CA - CCX - Salesforce - Require MFA](#ca---ccx---salesforce---require-mfa)
- [Metadata](#metadata)
- [Conditions](#conditions)
- [Grant Controls](#grant-controls)
- [Session Controls](#session-controls)
- [CA - CCX - M365 - Grant ABM Access](#ca---ccx---m365---grant-abm-access)
- [Metadata](#metadata)
- [Conditions](#conditions)
- [Grant Controls](#grant-controls)
- [Session Controls](#session-controls)
- [CA - CCX - Global - Block access for unknown or unsupported device platform](#ca---ccx---global---block-access-for-unknown-or-unsupported-device-platform)
- [Metadata](#metadata)
- [Conditions](#conditions)
- [Grant Controls](#grant-controls)
- [Session Controls](#session-controls)
- [CA - CCX - Global - Block legacy authentication](#ca---ccx---global---block-legacy-authentication)
- [Metadata](#metadata)
- [Conditions](#conditions)
- [Grant Controls](#grant-controls)
- [Session Controls](#session-controls)
- [CCX - CA - Block Hourly Users from Connection outside of logonhours](#ccx---ca---block-hourly-users-from-connection-outside-of-logonhours)
- [Metadata](#metadata)
- [Conditions](#conditions)
- [Grant Controls](#grant-controls)
- [Session Controls](#session-controls)
- [CA - CCX - M365 - Grant Compliance Access - Windows](#ca---ccx---m365---grant-compliance-access---windows)
- [Metadata](#metadata)
- [Conditions](#conditions)
- [Grant Controls](#grant-controls)
- [Session Controls](#session-controls)
- [Microsoft-managed: Multifactor authentication for admins accessing Microsoft Admin Portals](#microsoft-managed-multifactor-authentication-for-admins-accessing-microsoft-admin-portals)
- [Metadata](#metadata)
- [Conditions](#conditions)
- [Grant Controls](#grant-controls)
- [Session Controls](#session-controls)
- [CA - CCX - Horizon VDI - Require MFA](#ca---ccx---horizon-vdi---require-mfa)
- [Metadata](#metadata)
- [Conditions](#conditions)
- [Grant Controls](#grant-controls)
- [Session Controls](#session-controls)
- [CA - CCX - MEM - Grant Compliance Access - App Protection - Mobile ](#ca---ccx---mem---grant-compliance-access---app-protection---mobile-)
- [Metadata](#metadata)
- [Conditions](#conditions)
- [Grant Controls](#grant-controls)
- [Session Controls](#session-controls)
- [CA - CCX - Global - Restrict Desktop Access to US](#ca---ccx---global---restrict-desktop-access-to-us)
- [Metadata](#metadata)
- [Conditions](#conditions)
- [Grant Controls](#grant-controls)
- [Session Controls](#session-controls)
- [CA - CCX - Provider Portal - MFA POC - Require MFA](#ca---ccx---provider-portal---mfa-poc---require-mfa)
- [Metadata](#metadata)
- [Conditions](#conditions)
- [Grant Controls](#grant-controls)
- [Session Controls](#session-controls)
- [CA - CCX - Nice - Require MFA](#ca---ccx---nice---require-mfa)
- [Metadata](#metadata)
- [Conditions](#conditions)
- [Grant Controls](#grant-controls)
- [Session Controls](#session-controls)
- [CA - CCX - AWS - Require MFA](#ca---ccx---aws---require-mfa)
- [Metadata](#metadata)
- [Conditions](#conditions)
- [Grant Controls](#grant-controls)
- [Session Controls](#session-controls)
- [CA - CCX - AWS - Require CCX Network/Devices](#ca---ccx---aws---require-ccx-network/devices)
- [Metadata](#metadata)
- [Conditions](#conditions)
- [Grant Controls](#grant-controls)
- [Session Controls](#session-controls)
- [CA - CCX - NICE - Require CCX Network/Devices](#ca---ccx---nice---require-ccx-network/devices)
- [Metadata](#metadata)
- [Conditions](#conditions)
- [Grant Controls](#grant-controls)
- [Session Controls](#session-controls)
- [CA - CCX - Provider Portal POC - Require MFA](#ca---ccx---provider-portal-poc---require-mfa)
- [Metadata](#metadata)
- [Conditions](#conditions)
- [Grant Controls](#grant-controls)
- [Session Controls](#session-controls)
- [CA - CCX - Bitwarden - Require MFA and CCX Device](#ca---ccx---bitwarden---require-mfa-and-ccx-device)
- [Metadata](#metadata)
- [Conditions](#conditions)
- [Grant Controls](#grant-controls)
- [Session Controls](#session-controls)
- [CA - CCX - Proofpoint on Demand - Require MFA](#ca---ccx---proofpoint-on-demand---require-mfa)
- [Metadata](#metadata)
- [Conditions](#conditions)
- [Grant Controls](#grant-controls)
- [Session Controls](#session-controls)
- [CA - CCX - Proofpoint Admin Portal - Require MFA](#ca---ccx---proofpoint-admin-portal---require-mfa)
- [Metadata](#metadata)
- [Conditions](#conditions)
- [Grant Controls](#grant-controls)
- [Session Controls](#session-controls)
- [CA - CCX - NICE - Require CCX Network/Devices - WFM Reporting](#ca---ccx---nice---require-ccx-network/devices---wfm-reporting)
- [Metadata](#metadata)
- [Conditions](#conditions)
- [Grant Controls](#grant-controls)
- [Session Controls](#session-controls)
- [Block TOR & Anonymous Proxies](#block-tor--anonymous-proxies)
- [Metadata](#metadata)
- [Conditions](#conditions)
- [Grant Controls](#grant-controls)
- [Session Controls](#session-controls)
- [CA - CCX - Bitwarden - Require MFA and CCX IP](#ca---ccx---bitwarden---require-mfa-and-ccx-ip)
- [Metadata](#metadata)
- [Conditions](#conditions)
- [Grant Controls](#grant-controls)
- [Session Controls](#session-controls)
- [Supplimental: Multifactor authentication for admins accessing Microsoft Admin Portals COPY](#supplimental-multifactor-authentication-for-admins-accessing-microsoft-admin-portals-copy)
- [Metadata](#metadata)
- [Conditions](#conditions)
- [Grant Controls](#grant-controls)
- [Session Controls](#session-controls)
- [CA - CCX - MEM - Remote Help](#ca---ccx---mem---remote-help)
- [Metadata](#metadata)
- [Conditions](#conditions)
- [Grant Controls](#grant-controls)
- [Session Controls](#session-controls)
- [Microsoft-managed: Multifactor authentication and reauthentication for risky sign-ins](#microsoft-managed-multifactor-authentication-and-reauthentication-for-risky-sign-ins)
- [Metadata](#metadata)
- [Conditions](#conditions)
- [Grant Controls](#grant-controls)
- [Session Controls](#session-controls)
- [Block VPN IP Ranges](#block-vpn-ip-ranges)
- [Metadata](#metadata)
- [Conditions](#conditions)
- [Grant Controls](#grant-controls)
- [Session Controls](#session-controls)
- [CA - CCX - Global - Block Windows Phone Access](#ca---ccx---global---block-windows-phone-access)
- [Metadata](#metadata)
- [Conditions](#conditions)
- [Grant Controls](#grant-controls)
- [Session Controls](#session-controls)
- [Microsoft-managed: Block device code flow](#microsoft-managed-block-device-code-flow)
- [Metadata](#metadata)
- [Conditions](#conditions)
- [Grant Controls](#grant-controls)
- [Session Controls](#session-controls)
- [PIM Directory Roles](#pim-directory-roles)
- [Authentication Administrator](#authentication-administrator)
- [Intune Administrator](#intune-administrator)
- [Compliance Administrator](#compliance-administrator)
- [Security Administrator](#security-administrator)
- [Global Reader](#global-reader)
- [Cloud Device Administrator](#cloud-device-administrator)
- [Exchange Administrator](#exchange-administrator)
- [Password Administrator](#password-administrator)
- [Directory Roles](#directory-roles)
- [Authentication Administrator](#authentication-administrator)
- [Intune Administrator](#intune-administrator)
- [License Administrator](#license-administrator)
- [Teams Communications Administrator](#teams-communications-administrator)
- [Reports Reader](#reports-reader)
- [Compliance Administrator](#compliance-administrator)
- [Directory Readers](#directory-readers)
- [Global Reader](#global-reader)
- [Global Administrator](#global-administrator)
- [Directory Synchronization Accounts](#directory-synchronization-accounts)
- [Attribute Assignment Administrator](#attribute-assignment-administrator)
- [Billing Administrator](#billing-administrator)
- [User Administrator](#user-administrator)
- [User Experience Success Manager](#user-experience-success-manager)
- [Desktop Analytics Administrator](#desktop-analytics-administrator)
- [Teams Communications Support Engineer](#teams-communications-support-engineer)
- [Teams Administrator](#teams-administrator)
- [Service Support Administrator](#service-support-administrator)
- [Domains](#domains)
- [Identity Providers](#identity-providers)
- [Organization](#organization)
- [AAD Policies](#aad-policies)
- [Mobility Management Policy](#mobility-management-policy)
- [Permission Grant Policy](#permission-grant-policy)
- [Token Issuance Policy](#token-issuance-policy)
- [Security Defaults Policy](#security-defaults-policy)
- [Continuous Access Evaluation Policy](#continuous-access-evaluation-policy)
- [Authorization Policy](#authorization-policy)
- [Feature rollout policy](#feature-rollout-policy)
- [Subscriptions](#subscriptions)
## Authentication Method Policies
Authentication methods policies define authentication methods and the users that are allowed to use them to sign in and perform multi-factor authentication (MFA) in Azure Active Directory (Azure AD). Authentication methods policies that can be managed in Microsoft Graph include FIDO2 Security Keys and Passwordless Phone Sign-in with Microsoft Authenticator app.
### Temporary Access Pass
### Email
### Text Message
## Organizational branding
Organizations can customize their Azure AD sign-in pages which appear when users sign in to their organization's tenant-specific apps, or when Azure AD identifies the user's tenant from their username. A developer can also read the company's branding information and customize their app experience to tailor it specifically for the signed-in user using their company's branding.
## Conditional Access Policies
This section contains a list of all conditional Access policies configured in Azure AD.
|Property|Value|
|:--|:--|
|C\_ApplicationsExclude||
|C\_ApplicationsInclude|Office365|
|C\_ApplicationsIncludeUserActions||
|C\_ClientAppTypes|exchangeActiveSync,browser,mobileAppsAndDesktopClients,other|
|C\_Devices||
|C\_DeviceStates||
|C\_LocationsExclude||
|C\_LocationsInclude||
|C\_PlatformsExclude||
|C\_PlatformsInclude|android,iOS|
|C\_SignInRiskLevel||
|C\_UsersExclude||
|C\_UsersExcludeGroups|R\_Intune\_Mobile\_Access|
|C\_UsersExcludeRoles||
|C\_UsersInclude|All|
|C\_UsersIncludeGroups||
|C\_UsersIncludeRoles||
|G\_BuiltInControls|block|
|G\_CustomControls||
|G\_Operator|OR|
|G\_TermsOfUse||
|M\_Created|2022-02-17T21:12:20.8304534Z|
|M\_DisplayName|CA - CCX - M365 - Block Unapproved Mobile Users|
|M\_Id|3e3b4744-0993-4f0b-9b85-cc7900e4d924|
|M\_Modified|2024-01-25T21:34:17.1586076Z|
|M\_State|enabled|
|S\_ApplicationEnforcedRestriction||
|S\_CloudAppSecurity||
|S\_CloudAppSecurityType||
|S\_PersistentBrowser||
|S\_PersistentBrowserMode||
|S\_SignInFrequency||
|S\_SignInFrequencyTimeframe| |
|Property|Value|
|:--|:--|
|C\_ApplicationsExclude||
|C\_ApplicationsInclude|Office365|
|C\_ApplicationsIncludeUserActions||
|C\_ClientAppTypes|all|
|C\_Devices||
|C\_DeviceStates||
|C\_LocationsExclude|133e40bf-ecd0-4bcd-8d4c-434fec8df72d|
|C\_LocationsInclude|All|
|C\_PlatformsExclude||
|C\_PlatformsInclude|android,iOS|
|C\_SignInRiskLevel||
|C\_UsersExclude||
|C\_UsersExcludeGroups|R\_AAD\_Offshore\_Access\_Mobile|
|C\_UsersExcludeRoles||
|C\_UsersInclude|All|
|C\_UsersIncludeGroups||
|C\_UsersIncludeRoles||
|G\_BuiltInControls|block|
|G\_CustomControls||
|G\_Operator|OR|
|G\_TermsOfUse||
|M\_Created|2022-03-22T20:23:37.3397458Z|
|M\_DisplayName|CA - CCX - Global - Restrict Mobile Access to US|
|M\_Id|d110337f-09ee-4ec7-97d1-173a3ba97d6e|
|M\_Modified|2023-08-29T16:05:56.0085224Z|
|M\_State|enabled|
|S\_ApplicationEnforcedRestriction||
|S\_CloudAppSecurity||
|S\_CloudAppSecurityType||
|S\_PersistentBrowser||
|S\_PersistentBrowserMode||
|S\_SignInFrequency||
|S\_SignInFrequencyTimeframe| |
|Property|Value|
|:--|:--|
|C\_ApplicationsExclude|VMware Horizon - Unified Access Gateway(17a58be3-afbe-45c4-a4ab-4e7640c285fc)|
|C\_ApplicationsInclude|All|
|C\_ApplicationsIncludeUserActions||
|C\_ClientAppTypes|all|
|C\_Devices||
|C\_DeviceStates||
|C\_LocationsExclude|AllTrusted|
|C\_LocationsInclude|All|
|C\_PlatformsExclude||
|C\_PlatformsInclude|macOS|
|C\_SignInRiskLevel||
|C\_UsersExclude||
|C\_UsersExcludeGroups||
|C\_UsersExcludeRoles||
|C\_UsersInclude|All|
|C\_UsersIncludeGroups||
|C\_UsersIncludeRoles||
|G\_BuiltInControls|compliantDevice|
|G\_CustomControls||
|G\_Operator|OR|
|G\_TermsOfUse||
|M\_Created|2022-03-31T13:54:15.2358463Z|
|M\_DisplayName|CA - CCX - M365 - Grant Compliance Access- MacOS|
|M\_Id|76f1d229-e04d-4490-8dc9-a6ba605b0f82|
|M\_Modified|2025-05-13T12:27:21.1072702Z|
|M\_State|enabled|
|S\_ApplicationEnforcedRestriction||
|S\_CloudAppSecurity||
|S\_CloudAppSecurityType||
|S\_PersistentBrowser||
|S\_PersistentBrowserMode||
|S\_SignInFrequency|True|
|S\_SignInFrequencyTimeframe|7 days|
|Property|Value|
|:--|:--|
|C\_ApplicationsExclude|VMware Horizon - Unified Access Gateway(17a58be3-afbe-45c4-a4ab-4e7640c285fc)|
|C\_ApplicationsInclude|All|
|C\_ApplicationsIncludeUserActions||
|C\_ClientAppTypes|all|
|C\_Devices||
|C\_DeviceStates||
|C\_LocationsExclude|0e8b6659-0af2-4ead-bf4d-fc7a69efe298|
|C\_LocationsInclude|All|
|C\_PlatformsExclude||
|C\_PlatformsInclude|linux|
|C\_SignInRiskLevel||
|C\_UsersExclude||
|C\_UsersExcludeGroups||
|C\_UsersExcludeRoles||
|C\_UsersInclude|All|
|C\_UsersIncludeGroups||
|C\_UsersIncludeRoles||
|G\_BuiltInControls|block|
|G\_CustomControls||
|G\_Operator|OR|
|G\_TermsOfUse||
|M\_Created|2022-08-09T15:32:33.3564342Z|
|M\_DisplayName|CA - CCX - Global - Block Linux External Access|
|M\_Id|a0463337-0645-4708-b0e5-98e5966e1f55|
|M\_Modified|2025-01-03T13:36:42.5390569Z|
|M\_State|enabled|
|S\_ApplicationEnforcedRestriction||
|S\_CloudAppSecurity||
|S\_CloudAppSecurityType||
|S\_PersistentBrowser||
|S\_PersistentBrowserMode||
|S\_SignInFrequency||
|S\_SignInFrequencyTimeframe| |
|Property|Value|
|:--|:--|
|C\_ApplicationsExclude||
|C\_ApplicationsInclude|Adobe Identity Management (OIDC)(6aba272b-e383-44cd-8eda-34c66dfd9546)<br />Adobe Workfront(a846bde4-f407-45ea-ad51-c0fc77a0bb16)<br />MicrosoftAdminPortals<br />Windows Azure Service Management API(797f4846-ba00-4fd7-ba43-dac1f8f63013)<br />Office365|
|C\_ApplicationsIncludeUserActions||
|C\_ClientAppTypes|all|
|C\_Devices|@{includeDeviceStates=System.Object[]; excludeDeviceStates=System.Object[]; includeDevices=System.Object[]; excludeDevices=System.Object[]; deviceFilter=}|
|C\_DeviceStates||
|C\_LocationsExclude|0e8b6659-0af2-4ead-bf4d-fc7a69efe298|
|C\_LocationsInclude|All|
|C\_PlatformsExclude||
|C\_PlatformsInclude|windows|
|C\_SignInRiskLevel||
|C\_UsersExclude|iCIMS Candidate Tracking Service Account(iCIMSCandidate.TrackingServiceAccount@carecentrix.com)|
|C\_UsersExcludeGroups|AAD\_MEM\_Autopilot\_Troubleshooting|
|C\_UsersExcludeRoles||
|C\_UsersInclude|All|
|C\_UsersIncludeGroups||
|C\_UsersIncludeRoles||
|G\_BuiltInControls|domainJoinedDevice|
|G\_CustomControls||
|G\_Operator|OR|
|G\_TermsOfUse||
|M\_Created|2022-08-15T12:15:36.5634255Z|
|M\_DisplayName|CA - CCX - M365 - Grant Hybrid Join Access - Windows|
|M\_Id|59e77730-c800-4952-8708-f34b80a3267d|
|M\_Modified|2025-05-12T18:32:36.5341764Z|
|M\_State|enabled|
|S\_ApplicationEnforcedRestriction||
|S\_CloudAppSecurity||
|S\_CloudAppSecurityType||
|S\_PersistentBrowser||
|S\_PersistentBrowserMode||
|S\_SignInFrequency|True|
|S\_SignInFrequencyTimeframe|10 days|
|Property|Value|
|:--|:--|
|C\_ApplicationsExclude||
|C\_ApplicationsInclude|Palo Alto Networks - GlobalProtect(96c5df68-2489-4cd6-9f01-a25a1ebd5071)|
|C\_ApplicationsIncludeUserActions||
|C\_ClientAppTypes|all|
|C\_Devices||
|C\_DeviceStates||
|C\_LocationsExclude||
|C\_LocationsInclude||
|C\_PlatformsExclude||
|C\_PlatformsInclude||
|C\_SignInRiskLevel||
|C\_UsersExclude||
|C\_UsersExcludeGroups||
|C\_UsersExcludeRoles||
|C\_UsersInclude|All|
|C\_UsersIncludeGroups||
|C\_UsersIncludeRoles||
|G\_BuiltInControls|mfa|
|G\_CustomControls||
|G\_Operator|OR|
|G\_TermsOfUse||
|M\_Created|2022-09-02T13:29:38.5885644Z|
|M\_DisplayName|CA - CCX - PAGlobalProtect - Require MFA|
|M\_Id|64f6402e-fc9d-4fcb-bffc-8a7fe2b433c9|
|M\_Modified|2023-03-21T20:08:34.4480472Z|
|M\_State|enabled|
|S\_ApplicationEnforcedRestriction||
|S\_CloudAppSecurity||
|S\_CloudAppSecurityType||
|S\_PersistentBrowser||
|S\_PersistentBrowserMode||
|S\_SignInFrequency|True|
|S\_SignInFrequencyTimeframe|4 hours|
|Property|Value|
|:--|:--|
|C\_ApplicationsExclude||
|C\_ApplicationsInclude|Microsoft Intune Enrollment(d4ebce55-015a-49b5-a083-c84d1797ae8c)|
|C\_ApplicationsIncludeUserActions||
|C\_ClientAppTypes|all|
|C\_Devices|@{includeDeviceStates=System.Object[]; excludeDeviceStates=System.Object[]; includeDevices=System.Object[]; excludeDevices=System.Object[]; deviceFilter=}|
|C\_DeviceStates||
|C\_LocationsExclude|0e8b6659-0af2-4ead-bf4d-fc7a69efe298|
|C\_LocationsInclude|All|
|C\_PlatformsExclude|android,iOS,macOS|
|C\_PlatformsInclude|windows|
|C\_SignInRiskLevel||
|C\_UsersExclude||
|C\_UsersExcludeGroups||
|C\_UsersExcludeRoles||
|C\_UsersInclude|All|
|C\_UsersIncludeGroups||
|C\_UsersIncludeRoles||
|G\_BuiltInControls|mfa,compliantDevice|
|G\_CustomControls||
|G\_Operator|OR|
|G\_TermsOfUse||
|M\_Created|2022-09-21T19:10:46.3478047Z|
|M\_DisplayName|CA - CCX - Intune Enrollment - Enforce MFA|
|M\_Id|7d52c0ab-d842-47c5-b4ca-a1597e64eb9f|
|M\_Modified|2024-05-22T18:52:16.9516782Z|
|M\_State|enabled|
|S\_ApplicationEnforcedRestriction||
|S\_CloudAppSecurity||
|S\_CloudAppSecurityType||
|S\_PersistentBrowser||
|S\_PersistentBrowserMode||
|S\_SignInFrequency|True|
|S\_SignInFrequencyTimeframe|5 days|
|Property|Value|
|:--|:--|
|C\_ApplicationsExclude||
|C\_ApplicationsInclude|Office365|
|C\_ApplicationsIncludeUserActions||
|C\_ClientAppTypes|all|
|C\_Devices|@{includeDeviceStates=System.Object[]; excludeDeviceStates=System.Object[]; includeDevices=System.Object[]; excludeDevices=System.Object[]; deviceFilter=}|
|C\_DeviceStates||
|C\_LocationsExclude|0e8b6659-0af2-4ead-bf4d-fc7a69efe298|
|C\_LocationsInclude|All|
|C\_PlatformsExclude||
|C\_PlatformsInclude|windows|
|C\_SignInRiskLevel||
|C\_UsersExclude||
|C\_UsersExcludeGroups||
|C\_UsersExcludeRoles||
|C\_UsersInclude|All|
|C\_UsersIncludeGroups||
|C\_UsersIncludeRoles||
|G\_BuiltInControls|compliantDevice|
|G\_CustomControls||
|G\_Operator|OR|
|G\_TermsOfUse||
|M\_Created|2022-09-22T16:04:32.3335064Z|
|M\_DisplayName|CA - CCX - M365 - Grant Compliance Access - AutoPilot|
|M\_Id|c7dc70c0-e9f8-4e15-9781-a77af3800385|
|M\_Modified|2023-01-20T19:55:54.1432067Z|
|M\_State|enabled|
|S\_ApplicationEnforcedRestriction||
|S\_CloudAppSecurity||
|S\_CloudAppSecurityType||
|S\_PersistentBrowser||
|S\_PersistentBrowserMode||
|S\_SignInFrequency|True|
|S\_SignInFrequencyTimeframe|10 days|
|Property|Value|
|:--|:--|
|C\_ApplicationsExclude||
|C\_ApplicationsInclude|Office365|
|C\_ApplicationsIncludeUserActions||
|C\_ClientAppTypes|exchangeActiveSync|
|C\_Devices||
|C\_DeviceStates||
|C\_LocationsExclude||
|C\_LocationsInclude||
|C\_PlatformsExclude|android,windows,windowsPhone,macOS,linux|
|C\_PlatformsInclude|iOS|
|C\_SignInRiskLevel||
|C\_UsersExclude||
|C\_UsersExcludeGroups||
|C\_UsersExcludeRoles||
|C\_UsersInclude||
|C\_UsersIncludeGroups|AAD\_MEM\_iOS\_Calendar\_Sync|
|C\_UsersIncludeRoles||
|G\_BuiltInControls|mfa,compliantDevice|
|G\_CustomControls||
|G\_Operator|AND|
|G\_TermsOfUse||
|M\_Created|2022-10-12T20:28:29.7053954Z|
|M\_DisplayName|ZZZ - CA - CCX - M365 - Grant O365 Calendar Access - iOS|
|M\_Id|00307607-8bb1-4eb9-96c6-95ecab7ad932|
|M\_Modified|2024-06-14T13:52:07.4310621Z|
|M\_State|disabled|
|S\_ApplicationEnforcedRestriction||
|S\_CloudAppSecurity||
|S\_CloudAppSecurityType||
|S\_PersistentBrowser||
|S\_PersistentBrowserMode||
|S\_SignInFrequency||
|S\_SignInFrequencyTimeframe| |
|Property|Value|
|:--|:--|
|C\_ApplicationsExclude||
|C\_ApplicationsInclude|Workday (Prod)(4b61b374-6382-428c-8ef4-ec028803b626)<br />Adobe Workfront(a846bde4-f407-45ea-ad51-c0fc77a0bb16)<br />Adobe Identity Management (OIDC)(6aba272b-e383-44cd-8eda-34c66dfd9546)<br />Graph API(ba7a4277-b289-4a26-991b-f5dfc94aada3)<br />MicrosoftAdminPortals<br />Workday (CCX2)(bea684e8-d221-4334-be55-df87934e91a8)<br />Workday (CCX1)(60377700-b284-4127-8cd7-c1a8eaba2012)|
|C\_ApplicationsIncludeUserActions||
|C\_ClientAppTypes|browser,mobileAppsAndDesktopClients|
|C\_Devices||
|C\_DeviceStates||
|C\_LocationsExclude||
|C\_LocationsInclude||
|C\_PlatformsExclude||
|C\_PlatformsInclude|android,iOS|
|C\_SignInRiskLevel||
|C\_UsersExclude|Amason, Andrew(Andrew.Amason@carecentrix.com)|
|C\_UsersExcludeGroups||
|C\_UsersExcludeRoles||
|C\_UsersInclude||
|C\_UsersIncludeGroups|R\_Intune\_Mobile\_Access|
|C\_UsersIncludeRoles||
|G\_BuiltInControls|compliantDevice|
|G\_CustomControls||
|G\_Operator|OR|
|G\_TermsOfUse||
|M\_Created|2022-10-26T12:30:44.5653473Z|
|M\_DisplayName|CA - CCX - MEM - Grant Compliance Access - Mobile|
|M\_Id|dbc6f77d-9990-4625-b347-214a0327ff6f|
|M\_Modified|2025-05-19T13:45:58.961663Z|
|M\_State|enabled|
|S\_ApplicationEnforcedRestriction||
|S\_CloudAppSecurity||
|S\_CloudAppSecurityType||
|S\_PersistentBrowser||
|S\_PersistentBrowserMode||
|S\_SignInFrequency||
|S\_SignInFrequencyTimeframe| |
|Property|Value|
|:--|:--|
|C\_ApplicationsExclude||
|C\_ApplicationsInclude|Graph API(ba7a4277-b289-4a26-991b-f5dfc94aada3)<br />Microsoft Intune(0000000a-0000-0000-c000-000000000000)<br />Microsoft Intune Enrollment(d4ebce55-015a-49b5-a083-c84d1797ae8c)|
|C\_ApplicationsIncludeUserActions||
|C\_ClientAppTypes|all|
|C\_Devices||
|C\_DeviceStates||
|C\_LocationsExclude||
|C\_LocationsInclude||
|C\_PlatformsExclude||
|C\_PlatformsInclude||
|C\_SignInRiskLevel||
|C\_UsersExclude||
|C\_UsersExcludeGroups||
|C\_UsersExcludeRoles||
|C\_UsersInclude||
|C\_UsersIncludeGroups|AAD\_MEM\_Autopilot\_Troubleshooting|
|C\_UsersIncludeRoles||
|G\_BuiltInControls|mfa|
|G\_CustomControls||
|G\_Operator|OR|
|G\_TermsOfUse||
|M\_Created|2022-10-27T21:33:11.7093232Z|
|M\_DisplayName|CA - CCX - MEM - Autopilot Troubleshooting|
|M\_Id|285eaffe-3a88-4ad6-810b-3adcf01703c2|
|M\_Modified|2025-02-21T13:37:55.172635Z|
|M\_State|enabled|
|S\_ApplicationEnforcedRestriction||
|S\_CloudAppSecurity||
|S\_CloudAppSecurityType||
|S\_PersistentBrowser||
|S\_PersistentBrowserMode||
|S\_SignInFrequency|True|
|S\_SignInFrequencyTimeframe|1 hours|
|Property|Value|
|:--|:--|
|C\_ApplicationsExclude||
|C\_ApplicationsInclude|CCX-CyberArk SAML Authentication PVWA 2025(bc15cc8a-6189-4de4-9580-fb7a1b59a186)<br />CCX-CyberArk SAML Authentication(d9e999f7-f8d9-484b-9717-2fe1c0949ad5)|
|C\_ApplicationsIncludeUserActions||
|C\_ClientAppTypes|all|
|C\_Devices||
|C\_DeviceStates||
|C\_LocationsExclude||
|C\_LocationsInclude||
|C\_PlatformsExclude||
|C\_PlatformsInclude||
|C\_SignInRiskLevel||
|C\_UsersExclude||
|C\_UsersExcludeGroups||
|C\_UsersExcludeRoles||
|C\_UsersInclude|All|
|C\_UsersIncludeGroups||
|C\_UsersIncludeRoles||
|G\_BuiltInControls|mfa|
|G\_CustomControls||
|G\_Operator|OR|
|G\_TermsOfUse||
|M\_Created|2022-11-18T19:27:03.7597384Z|
|M\_DisplayName|CA - CCX - CyberArk - Require MFA|
|M\_Id|4bdb9a13-7aaa-4bf4-95b3-fdd5adde1215|
|M\_Modified|2025-05-09T20:27:54.8528808Z|
|M\_State|enabled|
|S\_ApplicationEnforcedRestriction||
|S\_CloudAppSecurity||
|S\_CloudAppSecurityType||
|S\_PersistentBrowser||
|S\_PersistentBrowserMode||
|S\_SignInFrequency|True|
|S\_SignInFrequencyTimeframe|1 hours|
|Property|Value|
|:--|:--|
|C\_ApplicationsExclude||
|C\_ApplicationsInclude|Salesforce - HomeBridge Org1 (Prod)(a3c7328f-ae5e-484f-b430-4c3c0136d991)<br />Salesforce Hombridge1 (pjdev Sandbox)(45e5f412-c3ba-4203-8eed-4d9a087604e9)<br />Salesforce Hombridge1 (Backup1 Sandbox)(4f9900f4-fd9f-45dd-a0a6-91ee304d987a)<br />Salesforce Sales (MFA Sandbox)(3ace8261-b1cf-4c6a-b61f-325981299fca)<br />(35c4adb6-2eb7-4e65-a989-50dddb870850)<br />Salesforce Hombridge1 (MFA Sandbox)(0489475e-c795-4943-9253-b688eb4cea33)|
|C\_ApplicationsIncludeUserActions||
|C\_ClientAppTypes|all|
|C\_Devices||
|C\_DeviceStates||
|C\_LocationsExclude||
|C\_LocationsInclude||
|C\_PlatformsExclude||
|C\_PlatformsInclude||
|C\_SignInRiskLevel||
|C\_UsersExclude||
|C\_UsersExcludeGroups||
|C\_UsersExcludeRoles||
|C\_UsersInclude|All|
|C\_UsersIncludeGroups||
|C\_UsersIncludeRoles||
|G\_BuiltInControls|mfa|
|G\_CustomControls||
|G\_Operator|OR|
|G\_TermsOfUse||
|M\_Created|2023-02-09T15:30:50.8612667Z|
|M\_DisplayName|CA - CCX - Salesforce - Require MFA|
|M\_Id|8ac99af1-b5de-4434-ad1e-fb5439937a91|
|M\_Modified|2023-04-21T01:14:42.0273544Z|
|M\_State|enabled|
|S\_ApplicationEnforcedRestriction||
|S\_CloudAppSecurity||
|S\_CloudAppSecurityType||
|S\_PersistentBrowser||
|S\_PersistentBrowserMode||
|S\_SignInFrequency||
|S\_SignInFrequencyTimeframe| |
|Property|Value|
|:--|:--|
|C\_ApplicationsExclude||
|C\_ApplicationsInclude|Apple Business Manager(fc67d51f-bf39-4530-8155-3714f897281b)<br />Apple Internet Accounts(f8d98a96-0999-43f5-8af3-69971c7bb423)|
|C\_ApplicationsIncludeUserActions||
|C\_ClientAppTypes|all|
|C\_Devices||
|C\_DeviceStates||
|C\_LocationsExclude||
|C\_LocationsInclude||
|C\_PlatformsExclude||
|C\_PlatformsInclude|android,iOS|
|C\_SignInRiskLevel||
|C\_UsersExclude||
|C\_UsersExcludeGroups||
|C\_UsersExcludeRoles||
|C\_UsersInclude||
|C\_UsersIncludeGroups|R\_Intune\_Mobile\_Access|
|C\_UsersIncludeRoles||
|G\_BuiltInControls|mfa|
|G\_CustomControls||
|G\_Operator|OR|
|G\_TermsOfUse||
|M\_Created|2023-05-18T13:30:48.7571343Z|
|M\_DisplayName|CA - CCX - M365 - Grant ABM Access|
|M\_Id|8ed226b3-fbb5-4a9f-9e39-c8d4e32aa7a9|
|M\_Modified||
|M\_State|enabled|
|S\_ApplicationEnforcedRestriction||
|S\_CloudAppSecurity||
|S\_CloudAppSecurityType||
|S\_PersistentBrowser||
|S\_PersistentBrowserMode||
|S\_SignInFrequency||
|S\_SignInFrequencyTimeframe| |
|Property|Value|
|:--|:--|
|C\_ApplicationsExclude||
|C\_ApplicationsInclude|All|
|C\_ApplicationsIncludeUserActions||
|C\_ClientAppTypes|all|
|C\_Devices||
|C\_DeviceStates||
|C\_LocationsExclude||
|C\_LocationsInclude||
|C\_PlatformsExclude|android,iOS,windows,windowsPhone,macOS,linux|
|C\_PlatformsInclude|all|
|C\_SignInRiskLevel||
|C\_UsersExclude|Boatright, Kevin(Kevin.Boatright@carecentrix.com)|
|C\_UsersExcludeGroups||
|C\_UsersExcludeRoles||
|C\_UsersInclude|All|
|C\_UsersIncludeGroups||
|C\_UsersIncludeRoles||
|G\_BuiltInControls|block|
|G\_CustomControls||
|G\_Operator|OR|
|G\_TermsOfUse||
|M\_Created|2023-06-27T19:19:49.4479974Z|
|M\_DisplayName|CA - CCX - Global - Block access for unknown or unsupported device platform|
|M\_Id|078daecb-3500-4641-9a2d-0f4486ffac05|
|M\_Modified|2024-05-22T17:24:39.0407319Z|
|M\_State|enabled|
|S\_ApplicationEnforcedRestriction||
|S\_CloudAppSecurity||
|S\_CloudAppSecurityType||
|S\_PersistentBrowser||
|S\_PersistentBrowserMode||
|S\_SignInFrequency||
|S\_SignInFrequencyTimeframe| |
|Property|Value|
|:--|:--|
|C\_ApplicationsExclude||
|C\_ApplicationsInclude|All|
|C\_ApplicationsIncludeUserActions||
|C\_ClientAppTypes|exchangeActiveSync,other|
|C\_Devices||
|C\_DeviceStates||
|C\_LocationsExclude||
|C\_LocationsInclude||
|C\_PlatformsExclude||
|C\_PlatformsInclude||
|C\_SignInRiskLevel||
|C\_UsersExclude|Amason, Andrew(Andrew.Amason@carecentrix.com)|
|C\_UsersExcludeGroups||
|C\_UsersExcludeRoles||
|C\_UsersInclude|All|
|C\_UsersIncludeGroups||
|C\_UsersIncludeRoles||
|G\_BuiltInControls|block|
|G\_CustomControls||
|G\_Operator|OR|
|G\_TermsOfUse||
|M\_Created|2023-07-05T18:46:02.5563718Z|
|M\_DisplayName|CA - CCX - Global - Block legacy authentication|
|M\_Id|68063282-76fe-475d-9177-cf17f411f4f4|
|M\_Modified|2024-06-23T00:02:11.9459079Z|
|M\_State|enabled|
|S\_ApplicationEnforcedRestriction||
|S\_CloudAppSecurity||
|S\_CloudAppSecurityType||
|S\_PersistentBrowser||
|S\_PersistentBrowserMode||
|S\_SignInFrequency||
|S\_SignInFrequencyTimeframe| |
|Property|Value|
|:--|:--|
|C\_ApplicationsExclude||
|C\_ApplicationsInclude|Palo Alto Networks - GlobalProtect(96c5df68-2489-4cd6-9f01-a25a1ebd5071)<br />Office365|
|C\_ApplicationsIncludeUserActions||
|C\_ClientAppTypes|all|
|C\_Devices||
|C\_DeviceStates||
|C\_LocationsExclude||
|C\_LocationsInclude||
|C\_PlatformsExclude||
|C\_PlatformsInclude|all|
|C\_SignInRiskLevel||
|C\_UsersExclude||
|C\_UsersExcludeGroups|R\_Allow\_Bypass\_TimeRestriction|
|C\_UsersExcludeRoles||
|C\_UsersInclude||
|C\_UsersIncludeGroups|R\_Block\_All\_Access<br />R\_Block\_All\_Access\_RCM|
|C\_UsersIncludeRoles||
|G\_BuiltInControls|block|
|G\_CustomControls||
|G\_Operator|OR|
|G\_TermsOfUse||
|M\_Created|2023-08-03T18:02:44.4020998Z|
|M\_DisplayName|CCX - CA - Block Hourly Users from Connection outside of logonhours|
|M\_Id|34e6cec4-2896-45f3-9a70-240b29b9a7a9|
|M\_Modified|2024-11-16T14:02:50.4320079Z|
|M\_State|enabledForReportingButNotEnforced|
|S\_ApplicationEnforcedRestriction||
|S\_CloudAppSecurity||
|S\_CloudAppSecurityType||
|S\_PersistentBrowser||
|S\_PersistentBrowserMode||
|S\_SignInFrequency||
|S\_SignInFrequencyTimeframe| |
|Property|Value|
|:--|:--|
|C\_ApplicationsExclude||
|C\_ApplicationsInclude|All|
|C\_ApplicationsIncludeUserActions||
|C\_ClientAppTypes|all|
|C\_Devices||
|C\_DeviceStates||
|C\_LocationsExclude|0e8b6659-0af2-4ead-bf4d-fc7a69efe298|
|C\_LocationsInclude|All|
|C\_PlatformsExclude||
|C\_PlatformsInclude|windows|
|C\_SignInRiskLevel||
|C\_UsersExclude||
|C\_UsersExcludeGroups||
|C\_UsersExcludeRoles||
|C\_UsersInclude|Nguyen, Christopher(Christopher.Nguyen@carecentrix.com)<br />Amason, Andrew(Andrew.Amason@carecentrix.com)|
|C\_UsersIncludeGroups||
|C\_UsersIncludeRoles||
|G\_BuiltInControls|compliantDevice|
|G\_CustomControls||
|G\_Operator|OR|
|G\_TermsOfUse||
|M\_Created|2023-11-09T19:51:02.4973061Z|
|M\_DisplayName|CA - CCX - M365 - Grant Compliance Access - Windows|
|M\_Id|fbf4a646-01d9-40a1-ac13-83571d5f72ff|
|M\_Modified|2024-01-04T19:14:16.7230578Z|
|M\_State|enabledForReportingButNotEnforced|
|S\_ApplicationEnforcedRestriction||
|S\_CloudAppSecurity||
|S\_CloudAppSecurityType||
|S\_PersistentBrowser||
|S\_PersistentBrowserMode||
|S\_SignInFrequency||
|S\_SignInFrequencyTimeframe| |
|Property|Value|
|:--|:--|
|C\_ApplicationsExclude||
|C\_ApplicationsInclude|MicrosoftAdminPortals|
|C\_ApplicationsIncludeUserActions||
|C\_ClientAppTypes|all|
|C\_Devices||
|C\_DeviceStates||
|C\_LocationsExclude||
|C\_LocationsInclude||
|C\_PlatformsExclude||
|C\_PlatformsInclude||
|C\_SignInRiskLevel||
|C\_UsersExclude||
|C\_UsersExcludeGroups||
|C\_UsersExcludeRoles||
|C\_UsersInclude||
|C\_UsersIncludeGroups||
|C\_UsersIncludeRoles|Global Administrator<br />Security Administrator<br />SharePoint Administrator<br />Exchange Administrator<br />Conditional Access Administrator<br />Helpdesk Administrator<br />Billing Administrator<br />User Administrator<br />Authentication Administrator<br />Application Administrator<br />Cloud Application Administrator<br />Password Administrator<br />Privileged Authentication Administrator<br />Privileged Role Administrator|
|G\_BuiltInControls|mfa|
|G\_CustomControls||
|G\_Operator|OR|
|G\_TermsOfUse||
|M\_Created|2023-11-13T22:46:21.4971797Z|
|M\_DisplayName|Microsoft-managed: Multifactor authentication for admins accessing Microsoft Admin Portals|
|M\_Id|86b5910c-dcba-432d-8e92-761c89592fc2|
|M\_Modified|2024-06-10T20:43:09.6885003Z|
|M\_State|enabled|
|S\_ApplicationEnforcedRestriction||
|S\_CloudAppSecurity||
|S\_CloudAppSecurityType||
|S\_PersistentBrowser||
|S\_PersistentBrowserMode||
|S\_SignInFrequency||
|S\_SignInFrequencyTimeframe| |
|Property|Value|
|:--|:--|
|C\_ApplicationsExclude||
|C\_ApplicationsInclude|VMware Horizon - Unified Access Gateway(17a58be3-afbe-45c4-a4ab-4e7640c285fc)|
|C\_ApplicationsIncludeUserActions||
|C\_ClientAppTypes|all|
|C\_Devices||
|C\_DeviceStates||
|C\_LocationsExclude||
|C\_LocationsInclude||
|C\_PlatformsExclude||
|C\_PlatformsInclude||
|C\_SignInRiskLevel||
|C\_UsersExclude||
|C\_UsersExcludeGroups||
|C\_UsersExcludeRoles||
|C\_UsersInclude|All|
|C\_UsersIncludeGroups||
|C\_UsersIncludeRoles||
|G\_BuiltInControls|mfa|
|G\_CustomControls||
|G\_Operator|OR|
|G\_TermsOfUse||
|M\_Created|2024-02-09T15:51:46.3678241Z|
|M\_DisplayName|CA - CCX - Horizon VDI - Require MFA|
|M\_Id|c46f1758-eeb3-4fc9-8127-4f65214e051b|
|M\_Modified||
|M\_State|enabled|
|S\_ApplicationEnforcedRestriction||
|S\_CloudAppSecurity||
|S\_CloudAppSecurityType||
|S\_PersistentBrowser||
|S\_PersistentBrowserMode||
|S\_SignInFrequency||
|S\_SignInFrequencyTimeframe| |
|Property|Value|
|:--|:--|
|C\_ApplicationsExclude|Adobe Workfront(a846bde4-f407-45ea-ad51-c0fc77a0bb16)<br />Adobe Identity Management (OIDC)(6aba272b-e383-44cd-8eda-34c66dfd9546)<br />Graph API(ba7a4277-b289-4a26-991b-f5dfc94aada3)<br />MicrosoftAdminPortals<br />Workday (CCX2)(bea684e8-d221-4334-be55-df87934e91a8)<br />Workday (CCX1)(60377700-b284-4127-8cd7-c1a8eaba2012)<br />iCares Acheivers Prod(89a8edbd-eda9-408a-86e2-b1791c34acaf)<br />iCares Achievers Non-Prod(1278cadf-4d1f-4da4-af94-b04bfebae3a2)<br />VMware Horizon - Unified Access Gateway(17a58be3-afbe-45c4-a4ab-4e7640c285fc)|
|C\_ApplicationsInclude|All|
|C\_ApplicationsIncludeUserActions||
|C\_ClientAppTypes|browser,mobileAppsAndDesktopClients|
|C\_Devices||
|C\_DeviceStates||
|C\_LocationsExclude||
|C\_LocationsInclude||
|C\_PlatformsExclude||
|C\_PlatformsInclude|android,iOS|
|C\_SignInRiskLevel||
|C\_UsersExclude||
|C\_UsersExcludeGroups||
|C\_UsersExcludeRoles||
|C\_UsersInclude||
|C\_UsersIncludeGroups|R\_Intune\_Mobile\_Access|
|C\_UsersIncludeRoles||
|G\_BuiltInControls|compliantDevice,compliantApplication|
|G\_CustomControls||
|G\_Operator|AND|
|G\_TermsOfUse||
|M\_Created|2024-05-01T17:36:58.904788Z|
|M\_DisplayName|CA - CCX - MEM - Grant Compliance Access - App Protection - Mobile |
|M\_Id|e50a2e91-a37f-43e0-a623-b19606cd19b8|
|M\_Modified|2025-05-12T18:31:37.3953553Z|
|M\_State|enabled|
|S\_ApplicationEnforcedRestriction||
|S\_CloudAppSecurity||
|S\_CloudAppSecurityType||
|S\_PersistentBrowser||
|S\_PersistentBrowserMode||
|S\_SignInFrequency||
|S\_SignInFrequencyTimeframe| |
|Property|Value|
|:--|:--|
|C\_ApplicationsExclude|VMware Horizon - Unified Access Gateway(17a58be3-afbe-45c4-a4ab-4e7640c285fc)|
|C\_ApplicationsInclude|All|
|C\_ApplicationsIncludeUserActions||
|C\_ClientAppTypes|all|
|C\_Devices||
|C\_DeviceStates||
|C\_LocationsExclude|133e40bf-ecd0-4bcd-8d4c-434fec8df72d|
|C\_LocationsInclude|All|
|C\_PlatformsExclude||
|C\_PlatformsInclude|windows,macOS,linux|
|C\_SignInRiskLevel||
|C\_UsersExclude||
|C\_UsersExcludeGroups|R\_AAD\_Offshore\_Access\_Desktop|
|C\_UsersExcludeRoles||
|C\_UsersInclude|All|
|C\_UsersIncludeGroups||
|C\_UsersIncludeRoles||
|G\_BuiltInControls|block|
|G\_CustomControls||
|G\_Operator|OR|
|G\_TermsOfUse||
|M\_Created|2024-05-14T16:21:34.1740646Z|
|M\_DisplayName|CA - CCX - Global - Restrict Desktop Access to US|
|M\_Id|4b2d07c0-3cf2-4810-847c-d2b3e533478e|
|M\_Modified|2024-08-25T00:59:16.8055874Z|
|M\_State|enabled|
|S\_ApplicationEnforcedRestriction||
|S\_CloudAppSecurity||
|S\_CloudAppSecurityType||
|S\_PersistentBrowser||
|S\_PersistentBrowserMode||
|S\_SignInFrequency||
|S\_SignInFrequencyTimeframe| |
|Property|Value|
|:--|:--|
|C\_ApplicationsExclude||
|C\_ApplicationsInclude|(2fa253eb-05fe-4877-9bdb-3c085f9288ac)|
|C\_ApplicationsIncludeUserActions||
|C\_ClientAppTypes|all|
|C\_Devices||
|C\_DeviceStates||
|C\_LocationsExclude||
|C\_LocationsInclude||
|C\_PlatformsExclude||
|C\_PlatformsInclude||
|C\_SignInRiskLevel||
|C\_UsersExclude||
|C\_UsersExcludeGroups||
|C\_UsersExcludeRoles||
|C\_UsersInclude|All|
|C\_UsersIncludeGroups||
|C\_UsersIncludeRoles||
|G\_BuiltInControls|mfa|
|G\_CustomControls||
|G\_Operator|OR|
|G\_TermsOfUse||
|M\_Created|2024-06-17T18:52:54.4123008Z|
|M\_DisplayName|CA - CCX - Provider Portal - MFA POC - Require MFA|
|M\_Id|a20b3ea9-8f59-4d57-bfd5-1589c345da65|
|M\_Modified|2024-06-21T21:09:19.9669461Z|
|M\_State|enabled|
|S\_ApplicationEnforcedRestriction||
|S\_CloudAppSecurity||
|S\_CloudAppSecurityType||
|S\_PersistentBrowser||
|S\_PersistentBrowserMode||
|S\_SignInFrequency||
|S\_SignInFrequencyTimeframe| |
|Property|Value|
|:--|:--|
|C\_ApplicationsExclude||
|C\_ApplicationsInclude|NICE CXone - Troubleshooting(b4cc398a-99da-4eb5-a688-525a4b35a65d)<br />NICE EEM(402a8daa-dc65-4c18-9842-beef25f7e084)<br />NICE NDE(dc8bfd1a-51fb-42d5-9398-b4fe7791590b)<br />Nice WFM(d0be22d3-0d40-431b-87a6-f26654b44694)<br />NICE CXone(15cde0a7-7611-4432-8a8c-dd7d6eded99a)|
|C\_ApplicationsIncludeUserActions||
|C\_ClientAppTypes|all|
|C\_Devices||
|C\_DeviceStates||
|C\_LocationsExclude||
|C\_LocationsInclude||
|C\_PlatformsExclude||
|C\_PlatformsInclude||
|C\_SignInRiskLevel||
|C\_UsersExclude||
|C\_UsersExcludeGroups||
|C\_UsersExcludeRoles||
|C\_UsersInclude|All|
|C\_UsersIncludeGroups||
|C\_UsersIncludeRoles||
|G\_BuiltInControls|mfa|
|G\_CustomControls||
|G\_Operator|OR|
|G\_TermsOfUse||
|M\_Created|2024-08-01T16:41:41.0357993Z|
|M\_DisplayName|CA - CCX - Nice - Require MFA|
|M\_Id|f1849c07-5c67-458e-84ec-59514427ded1|
|M\_Modified|2024-11-25T15:31:22.6475098Z|
|M\_State|enabled|
|S\_ApplicationEnforcedRestriction||
|S\_CloudAppSecurity||
|S\_CloudAppSecurityType||
|S\_PersistentBrowser||
|S\_PersistentBrowserMode||
|S\_SignInFrequency||
|S\_SignInFrequencyTimeframe| |
|Property|Value|
|:--|:--|
|C\_ApplicationsExclude||
|C\_ApplicationsInclude|AWS IAM Identity Center (CCX)(280da9ad-192a-4b64-a323-d9a7bf129d38)|
|C\_ApplicationsIncludeUserActions||
|C\_ClientAppTypes|all|
|C\_Devices||
|C\_DeviceStates||
|C\_LocationsExclude||
|C\_LocationsInclude||
|C\_PlatformsExclude||
|C\_PlatformsInclude||
|C\_SignInRiskLevel||
|C\_UsersExclude||
|C\_UsersExcludeGroups||
|C\_UsersExcludeRoles||
|C\_UsersInclude|All|
|C\_UsersIncludeGroups||
|C\_UsersIncludeRoles||
|G\_BuiltInControls|mfa|
|G\_CustomControls||
|G\_Operator|OR|
|G\_TermsOfUse||
|M\_Created|2024-08-02T00:47:57.4759172Z|
|M\_DisplayName|CA - CCX - AWS - Require MFA|
|M\_Id|55a52b38-c772-4abf-aeca-79080fe165b3|
|M\_Modified|2024-08-02T00:59:29.7448389Z|
|M\_State|enabled|
|S\_ApplicationEnforcedRestriction||
|S\_CloudAppSecurity||
|S\_CloudAppSecurityType||
|S\_PersistentBrowser||
|S\_PersistentBrowserMode||
|S\_SignInFrequency|True|
|S\_SignInFrequencyTimeframe|2 hours|
|Property|Value|
|:--|:--|
|C\_ApplicationsExclude||
|C\_ApplicationsInclude|AWS IAM Identity Center (CCX)(280da9ad-192a-4b64-a323-d9a7bf129d38)|
|C\_ApplicationsIncludeUserActions||
|C\_ClientAppTypes|all|
|C\_Devices||
|C\_DeviceStates||
|C\_LocationsExclude|0e8b6659-0af2-4ead-bf4d-fc7a69efe298|
|C\_LocationsInclude|All|
|C\_PlatformsExclude||
|C\_PlatformsInclude||
|C\_SignInRiskLevel||
|C\_UsersExclude||
|C\_UsersExcludeGroups||
|C\_UsersExcludeRoles||
|C\_UsersInclude|All|
|C\_UsersIncludeGroups||
|C\_UsersIncludeRoles||
|G\_BuiltInControls|compliantDevice,domainJoinedDevice|
|G\_CustomControls||
|G\_Operator|OR|
|G\_TermsOfUse||
|M\_Created|2024-08-02T01:02:34.44919Z|
|M\_DisplayName|CA - CCX - AWS - Require CCX Network/Devices|
|M\_Id|32e0efd9-8e39-4347-8ebb-e182954a08c6|
|M\_Modified|2024-08-02T01:04:01.2516409Z|
|M\_State|enabled|
|S\_ApplicationEnforcedRestriction||
|S\_CloudAppSecurity||
|S\_CloudAppSecurityType||
|S\_PersistentBrowser||
|S\_PersistentBrowserMode||
|S\_SignInFrequency||
|S\_SignInFrequencyTimeframe| |
|Property|Value|
|:--|:--|
|C\_ApplicationsExclude||
|C\_ApplicationsInclude|NICE CXone - Troubleshooting(b4cc398a-99da-4eb5-a688-525a4b35a65d)<br />NICE NDE(dc8bfd1a-51fb-42d5-9398-b4fe7791590b)<br />NICE CXone(15cde0a7-7611-4432-8a8c-dd7d6eded99a)|
|C\_ApplicationsIncludeUserActions||
|C\_ClientAppTypes|all|
|C\_Devices||
|C\_DeviceStates||
|C\_LocationsExclude|0e8b6659-0af2-4ead-bf4d-fc7a69efe298|
|C\_LocationsInclude|All|
|C\_PlatformsExclude||
|C\_PlatformsInclude||
|C\_SignInRiskLevel||
|C\_UsersExclude||
|C\_UsersExcludeGroups||
|C\_UsersExcludeRoles||
|C\_UsersInclude|All|
|C\_UsersIncludeGroups||
|C\_UsersIncludeRoles||
|G\_BuiltInControls|compliantDevice,domainJoinedDevice|
|G\_CustomControls||
|G\_Operator|OR|
|G\_TermsOfUse||
|M\_Created|2024-08-07T15:15:35.7189561Z|
|M\_DisplayName|CA - CCX - NICE - Require CCX Network/Devices|
|M\_Id|627ebbbf-90c6-4ddf-a8c3-84aac1a1de22|
|M\_Modified|2024-11-25T15:31:59.5147857Z|
|M\_State|enabled|
|S\_ApplicationEnforcedRestriction||
|S\_CloudAppSecurity||
|S\_CloudAppSecurityType||
|S\_PersistentBrowser||
|S\_PersistentBrowserMode||
|S\_SignInFrequency||
|S\_SignInFrequencyTimeframe| |
|Property|Value|
|:--|:--|
|C\_ApplicationsExclude||
|C\_ApplicationsInclude|Provider Portal - MFA POC(020b856f-ddcb-4e88-8973-e413d00f96d3)|
|C\_ApplicationsIncludeUserActions||
|C\_ClientAppTypes|all|
|C\_Devices||
|C\_DeviceStates||
|C\_LocationsExclude||
|C\_LocationsInclude||
|C\_PlatformsExclude||
|C\_PlatformsInclude||
|C\_SignInRiskLevel||
|C\_UsersExclude||
|C\_UsersExcludeGroups||
|C\_UsersExcludeRoles||
|C\_UsersInclude|All|
|C\_UsersIncludeGroups||
|C\_UsersIncludeRoles||
|G\_BuiltInControls|mfa|
|G\_CustomControls||
|G\_Operator|OR|
|G\_TermsOfUse||
|M\_Created|2024-08-15T16:30:18.9291167Z|
|M\_DisplayName|CA - CCX - Provider Portal POC - Require MFA|
|M\_Id|7a87172e-5624-4e93-be26-05bb4aa6601f|
|M\_Modified||
|M\_State|enabled|
|S\_ApplicationEnforcedRestriction||
|S\_CloudAppSecurity||
|S\_CloudAppSecurityType||
|S\_PersistentBrowser||
|S\_PersistentBrowserMode||
|S\_SignInFrequency||
|S\_SignInFrequencyTimeframe| |
|Property|Value|
|:--|:--|
|C\_ApplicationsExclude||
|C\_ApplicationsInclude|Bitwarden SSO(1d934c2c-7c12-4e4a-8616-3dc5eb09c555)|
|C\_ApplicationsIncludeUserActions||
|C\_ClientAppTypes|all|
|C\_Devices||
|C\_DeviceStates||
|C\_LocationsExclude|0e8b6659-0af2-4ead-bf4d-fc7a69efe298|
|C\_LocationsInclude|All|
|C\_PlatformsExclude||
|C\_PlatformsInclude||
|C\_SignInRiskLevel||
|C\_UsersExclude||
|C\_UsersExcludeGroups||
|C\_UsersExcludeRoles||
|C\_UsersInclude||
|C\_UsersIncludeGroups|R\_Bitwarden\_Login\_SSO|
|C\_UsersIncludeRoles||
|G\_BuiltInControls|mfa,compliantDevice|
|G\_CustomControls||
|G\_Operator|AND|
|G\_TermsOfUse||
|M\_Created|2024-09-05T14:44:16.5552184Z|
|M\_DisplayName|CA - CCX - Bitwarden - Require MFA and CCX Device|
|M\_Id|60fa8cf3-5317-4694-ace3-2f6e9d8b0764|
|M\_Modified|2024-11-12T19:19:04.479096Z|
|M\_State|enabled|
|S\_ApplicationEnforcedRestriction||
|S\_CloudAppSecurity||
|S\_CloudAppSecurityType||
|S\_PersistentBrowser||
|S\_PersistentBrowserMode||
|S\_SignInFrequency|True|
|S\_SignInFrequencyTimeframe|1 hours|
|Property|Value|
|:--|:--|
|C\_ApplicationsExclude||
|C\_ApplicationsInclude|Proofpoint on Demand(dbbf6b93-d68e-4f8d-9dab-a028b0e49a57)|
|C\_ApplicationsIncludeUserActions||
|C\_ClientAppTypes|all|
|C\_Devices||
|C\_DeviceStates||
|C\_LocationsExclude||
|C\_LocationsInclude||
|C\_PlatformsExclude||
|C\_PlatformsInclude||
|C\_SignInRiskLevel||
|C\_UsersExclude||
|C\_UsersExcludeGroups||
|C\_UsersExcludeRoles||
|C\_UsersInclude|All|
|C\_UsersIncludeGroups||
|C\_UsersIncludeRoles||
|G\_BuiltInControls|mfa|
|G\_CustomControls||
|G\_Operator|OR|
|G\_TermsOfUse||
|M\_Created|2024-09-24T15:44:39.2994353Z|
|M\_DisplayName|CA - CCX - Proofpoint on Demand - Require MFA|
|M\_Id|86a2cac6-466d-4cfe-aa61-a3a4f73456d9|
|M\_Modified||
|M\_State|enabled|
|S\_ApplicationEnforcedRestriction||
|S\_CloudAppSecurity||
|S\_CloudAppSecurityType||
|S\_PersistentBrowser||
|S\_PersistentBrowserMode||
|S\_SignInFrequency||
|S\_SignInFrequencyTimeframe| |
|Property|Value|
|:--|:--|
|C\_ApplicationsExclude||
|C\_ApplicationsInclude|Proofpoint Admin Portal (POD)(5144935d-66fb-4662-ae74-0e62d4c44d7d)|
|C\_ApplicationsIncludeUserActions||
|C\_ClientAppTypes|all|
|C\_Devices||
|C\_DeviceStates||
|C\_LocationsExclude||
|C\_LocationsInclude||
|C\_PlatformsExclude||
|C\_PlatformsInclude||
|C\_SignInRiskLevel||
|C\_UsersExclude||
|C\_UsersExcludeGroups||
|C\_UsersExcludeRoles||
|C\_UsersInclude|All|
|C\_UsersIncludeGroups||
|C\_UsersIncludeRoles||
|G\_BuiltInControls|mfa|
|G\_CustomControls||
|G\_Operator|OR|
|G\_TermsOfUse||
|M\_Created|2024-09-24T15:58:30.6132496Z|
|M\_DisplayName|CA - CCX - Proofpoint Admin Portal - Require MFA|
|M\_Id|3322aa63-33d1-446a-9e16-31139a3fe54e|
|M\_Modified|2024-09-25T14:53:55.5931791Z|
|M\_State|enabled|
|S\_ApplicationEnforcedRestriction||
|S\_CloudAppSecurity||
|S\_CloudAppSecurityType||
|S\_PersistentBrowser||
|S\_PersistentBrowserMode||
|S\_SignInFrequency||
|S\_SignInFrequencyTimeframe| |
|Property|Value|
|:--|:--|
|C\_ApplicationsExclude||
|C\_ApplicationsInclude|NICE EEM(402a8daa-dc65-4c18-9842-beef25f7e084)<br />Nice WFM(d0be22d3-0d40-431b-87a6-f26654b44694)|
|C\_ApplicationsIncludeUserActions||
|C\_ClientAppTypes|all|
|C\_Devices||
|C\_DeviceStates||
|C\_LocationsExclude|0e8b6659-0af2-4ead-bf4d-fc7a69efe298|
|C\_LocationsInclude|All|
|C\_PlatformsExclude|android,iOS,macOS,linux|
|C\_PlatformsInclude|all|
|C\_SignInRiskLevel||
|C\_UsersExclude||
|C\_UsersExcludeGroups||
|C\_UsersExcludeRoles||
|C\_UsersInclude|All|
|C\_UsersIncludeGroups||
|C\_UsersIncludeRoles||
|G\_BuiltInControls|compliantDevice,domainJoinedDevice|
|G\_CustomControls||
|G\_Operator|OR|
|G\_TermsOfUse||
|M\_Created|2024-10-31T20:39:16.4989029Z|
|M\_DisplayName|CA - CCX - NICE - Require CCX Network/Devices - WFM Reporting|
|M\_Id|74f14456-2a20-4691-a1d0-32066032f3f8|
|M\_Modified|2024-11-01T20:05:33.5959864Z|
|M\_State|enabledForReportingButNotEnforced|
|S\_ApplicationEnforcedRestriction||
|S\_CloudAppSecurity||
|S\_CloudAppSecurityType||
|S\_PersistentBrowser||
|S\_PersistentBrowserMode||
|S\_SignInFrequency||
|S\_SignInFrequencyTimeframe| |
|Property|Value|
|:--|:--|
|C\_ApplicationsExclude||
|C\_ApplicationsInclude|All|
|C\_ApplicationsIncludeUserActions||
|C\_ClientAppTypes|all|
|C\_Devices||
|C\_DeviceStates||
|C\_LocationsExclude||
|C\_LocationsInclude||
|C\_PlatformsExclude||
|C\_PlatformsInclude||
|C\_SignInRiskLevel||
|C\_UsersExclude||
|C\_UsersExcludeGroups||
|C\_UsersExcludeRoles||
|C\_UsersInclude|None|
|C\_UsersIncludeGroups||
|C\_UsersIncludeRoles||
|G\_BuiltInControls||
|G\_CustomControls||
|G\_Operator||
|G\_TermsOfUse||
|M\_Created|2024-11-08T18:43:48.2142577Z|
|M\_DisplayName|Block TOR & Anonymous Proxies|
|M\_Id|19f10781-9820-4cb0-856e-13a634578895|
|M\_Modified|2024-12-02T14:27:27.2306555Z|
|M\_State|disabled|
|S\_ApplicationEnforcedRestriction||
|S\_CloudAppSecurity|True|
|S\_CloudAppSecurityType||
|S\_PersistentBrowser||
|S\_PersistentBrowserMode||
|S\_SignInFrequency||
|S\_SignInFrequencyTimeframe| |
|Property|Value|
|:--|:--|
|C\_ApplicationsExclude||
|C\_ApplicationsInclude|Bitwarden SSO(1d934c2c-7c12-4e4a-8616-3dc5eb09c555)|
|C\_ApplicationsIncludeUserActions||
|C\_ClientAppTypes|all|
|C\_Devices||
|C\_DeviceStates||
|C\_LocationsExclude||
|C\_LocationsInclude|0e8b6659-0af2-4ead-bf4d-fc7a69efe298|
|C\_PlatformsExclude||
|C\_PlatformsInclude||
|C\_SignInRiskLevel||
|C\_UsersExclude||
|C\_UsersExcludeGroups||
|C\_UsersExcludeRoles||
|C\_UsersInclude||
|C\_UsersIncludeGroups|R\_Bitwarden\_Login\_SSO|
|C\_UsersIncludeRoles||
|G\_BuiltInControls|mfa|
|G\_CustomControls||
|G\_Operator|OR|
|G\_TermsOfUse||
|M\_Created|2024-11-12T19:17:11.9020732Z|
|M\_DisplayName|CA - CCX - Bitwarden - Require MFA and CCX IP|
|M\_Id|ef4467fa-d9a9-4f3f-b245-cedb5f33fa7a|
|M\_Modified|2024-11-13T15:20:45.047139Z|
|M\_State|enabled|
|S\_ApplicationEnforcedRestriction||
|S\_CloudAppSecurity||
|S\_CloudAppSecurityType||
|S\_PersistentBrowser||
|S\_PersistentBrowserMode||
|S\_SignInFrequency|True|
|S\_SignInFrequencyTimeframe|1 hours|
|Property|Value|
|:--|:--|
|C\_ApplicationsExclude||
|C\_ApplicationsInclude|MicrosoftAdminPortals|
|C\_ApplicationsIncludeUserActions||
|C\_ClientAppTypes|all|
|C\_Devices||
|C\_DeviceStates||
|C\_LocationsExclude||
|C\_LocationsInclude||
|C\_PlatformsExclude||
|C\_PlatformsInclude||
|C\_SignInRiskLevel||
|C\_UsersExclude|Amason, Andrew(Andrew.Amason@carecentrix.com)|
|C\_UsersExcludeGroups||
|C\_UsersExcludeRoles||
|C\_UsersInclude||
|C\_UsersIncludeGroups||
|C\_UsersIncludeRoles|Exchange Administrator<br />Global Reader<br />Intune Administrator|
|G\_BuiltInControls|mfa|
|G\_CustomControls||
|G\_Operator|OR|
|G\_TermsOfUse||
|M\_Created|2024-11-14T20:27:14.6239241Z|
|M\_DisplayName|Supplimental: Multifactor authentication for admins accessing Microsoft Admin Portals COPY|
|M\_Id|45fab5d2-a2af-4ec3-ae65-4f58686b14d1|
|M\_Modified|2025-02-24T15:01:01.3827304Z|
|M\_State|enabled|
|S\_ApplicationEnforcedRestriction||
|S\_CloudAppSecurity||
|S\_CloudAppSecurityType||
|S\_PersistentBrowser||
|S\_PersistentBrowserMode||
|S\_SignInFrequency|True|
|S\_SignInFrequencyTimeframe|2 hours|
|Property|Value|
|:--|:--|
|C\_ApplicationsExclude||
|C\_ApplicationsInclude|RemoteAssistanceService(1dee7b72-b80d-4e56-933d-8b6b04f9a3e2)|
|C\_ApplicationsIncludeUserActions||
|C\_ClientAppTypes|all|
|C\_Devices||
|C\_DeviceStates||
|C\_LocationsExclude||
|C\_LocationsInclude||
|C\_PlatformsExclude||
|C\_PlatformsInclude||
|C\_SignInRiskLevel||
|C\_UsersExclude||
|C\_UsersExcludeGroups||
|C\_UsersExcludeRoles||
|C\_UsersInclude||
|C\_UsersIncludeGroups|AAD\_Microsoft365\_Licensing\_RemoteHelp|
|C\_UsersIncludeRoles||
|G\_BuiltInControls|mfa|
|G\_CustomControls||
|G\_Operator|OR|
|G\_TermsOfUse||
|M\_Created|2025-01-24T21:49:55.029118Z|
|M\_DisplayName|CA - CCX - MEM - Remote Help|
|M\_Id|5491b1de-b07d-4ad0-b35b-cd8d2041f2d2|
|M\_Modified|2025-01-30T18:11:52.0065847Z|
|M\_State|enabled|
|S\_ApplicationEnforcedRestriction||
|S\_CloudAppSecurity||
|S\_CloudAppSecurityType||
|S\_PersistentBrowser||
|S\_PersistentBrowserMode||
|S\_SignInFrequency||
|S\_SignInFrequencyTimeframe| |
|Property|Value|
|:--|:--|
|C\_ApplicationsExclude||
|C\_ApplicationsInclude|All|
|C\_ApplicationsIncludeUserActions||
|C\_ClientAppTypes|all|
|C\_Devices||
|C\_DeviceStates||
|C\_LocationsExclude||
|C\_LocationsInclude||
|C\_PlatformsExclude||
|C\_PlatformsInclude||
|C\_SignInRiskLevel|high|
|C\_UsersExclude||
|C\_UsersExcludeGroups||
|C\_UsersExcludeRoles||
|C\_UsersInclude||
|C\_UsersIncludeGroups|Conditional Access: Risky sign-in multifactor authentication (a4ea6c0f-b8fb-4d29-91f1-9f8cf0601e98)|
|C\_UsersIncludeRoles||
|G\_BuiltInControls|mfa|
|G\_CustomControls||
|G\_Operator|OR|
|G\_TermsOfUse||
|M\_Created|2025-02-13T01:38:04.1923904Z|
|M\_DisplayName|Microsoft-managed: Multifactor authentication and reauthentication for risky sign-ins|
|M\_Id|f501b837-3b2b-4e04-8cda-7680becf3e37|
|M\_Modified|2025-05-14T20:02:03.06783Z|
|M\_State|enabled|
|S\_ApplicationEnforcedRestriction||
|S\_CloudAppSecurity||
|S\_CloudAppSecurityType||
|S\_PersistentBrowser||
|S\_PersistentBrowserMode||
|S\_SignInFrequency|True|
|S\_SignInFrequencyTimeframe| |
|Property|Value|
|:--|:--|
|C\_ApplicationsExclude||
|C\_ApplicationsInclude|All|
|C\_ApplicationsIncludeUserActions||
|C\_ClientAppTypes|all|
|C\_Devices||
|C\_DeviceStates||
|C\_LocationsExclude||
|C\_LocationsInclude|00985883-fe80-46d2-aa8c-5e3aa8ebc24f|
|C\_PlatformsExclude||
|C\_PlatformsInclude||
|C\_SignInRiskLevel||
|C\_UsersExclude||
|C\_UsersExcludeGroups||
|C\_UsersExcludeRoles||
|C\_UsersInclude|()|
|C\_UsersIncludeGroups||
|C\_UsersIncludeRoles||
|G\_BuiltInControls|block|
|G\_CustomControls||
|G\_Operator|OR|
|G\_TermsOfUse||
|M\_Created|2025-04-02T13:03:37.3048002Z|
|M\_DisplayName|Block VPN IP Ranges|
|M\_Id|fdbaf0e6-f585-4984-8a5b-e3204926c6f8|
|M\_Modified|2025-04-02T15:22:37.4138687Z|
|M\_State|enabled|
|S\_ApplicationEnforcedRestriction||
|S\_CloudAppSecurity||
|S\_CloudAppSecurityType||
|S\_PersistentBrowser||
|S\_PersistentBrowserMode||
|S\_SignInFrequency||
|S\_SignInFrequencyTimeframe| |
|Property|Value|
|:--|:--|
|C\_ApplicationsExclude||
|C\_ApplicationsInclude|All|
|C\_ApplicationsIncludeUserActions||
|C\_ClientAppTypes|all|
|C\_Devices||
|C\_DeviceStates||
|C\_LocationsExclude||
|C\_LocationsInclude||
|C\_PlatformsExclude||
|C\_PlatformsInclude|windowsPhone|
|C\_SignInRiskLevel||
|C\_UsersExclude|Amason, Andrew(Andrew.Amason@carecentrix.com)|
|C\_UsersExcludeGroups||
|C\_UsersExcludeRoles||
|C\_UsersInclude|All|
|C\_UsersIncludeGroups||
|C\_UsersIncludeRoles||
|G\_BuiltInControls|block|
|G\_CustomControls||
|G\_Operator|OR|
|G\_TermsOfUse||
|M\_Created|2025-04-03T20:40:52.652171Z|
|M\_DisplayName|CA - CCX - Global - Block Windows Phone Access|
|M\_Id|a045b8c1-caa2-4444-8b26-d0eba0377900|
|M\_Modified|2025-04-15T17:43:16.5472313Z|
|M\_State|enabled|
|S\_ApplicationEnforcedRestriction||
|S\_CloudAppSecurity||
|S\_CloudAppSecurityType||
|S\_PersistentBrowser||
|S\_PersistentBrowserMode||
|S\_SignInFrequency||
|S\_SignInFrequencyTimeframe| |
|Property|Value|
|:--|:--|
|C\_ApplicationsExclude||
|C\_ApplicationsInclude|All|
|C\_ApplicationsIncludeUserActions||
|C\_ClientAppTypes|all|
|C\_Devices||
|C\_DeviceStates||
|C\_LocationsExclude||
|C\_LocationsInclude||
|C\_PlatformsExclude||
|C\_PlatformsInclude||
|C\_SignInRiskLevel||
|C\_UsersExclude||
|C\_UsersExcludeGroups||
|C\_UsersExcludeRoles||
|C\_UsersInclude|All|
|C\_UsersIncludeGroups||
|C\_UsersIncludeRoles||
|G\_BuiltInControls|block|
|G\_CustomControls||
|G\_Operator|OR|
|G\_TermsOfUse||
|M\_Created|2025-04-22T00:41:54.9443682Z|
|M\_DisplayName|Microsoft-managed: Block device code flow|
|M\_Id|b3b9b82b-165e-4b31-a1aa-adb952835e62|
|M\_Modified|2025-04-29T15:25:01.4610866Z|
|M\_State|enabled|
|S\_ApplicationEnforcedRestriction||
|S\_CloudAppSecurity||
|S\_CloudAppSecurityType||
|S\_PersistentBrowser||
|S\_PersistentBrowserMode||
|S\_SignInFrequency||
|S\_SignInFrequencyTimeframe| |
## Conditional Access Policies
This section contains a list of all conditional Access policies configured in Azure AD.
### CA - CCX - M365 - Block Unapproved Mobile Users
#### Metadata
|Name|Value|
|:--|:--|
|Created|2022-02-17T21:12:20.8304534Z|
|DisplayName|CA - CCX - M365 - Block Unapproved Mobile Users|
|Id|3e3b4744-0993-4f0b-9b85-cc7900e4d924|
|Modified|2024-01-25T21:34:17.1586076Z|
|State|enabled|
#### Conditions
|Name|Value|
|:--|:--|
|ApplicationsExclude||
|ApplicationsInclude|Office365|
|ApplicationsIncludeUserActions||
|ClientAppTypes|exchangeActiveSync,browser,mobileAppsAndDesktopClients,other|
|Devices||
|DeviceStates||
|LocationsExclude||
|LocationsInclude||
|PlatformsExclude||
|PlatformsInclude|android,iOS|
|SignInRiskLevel||
|UsersExclude||
|UsersExcludeGroups|R\_Intune\_Mobile\_Access|
|UsersExcludeRoles||
|UsersInclude|All|
|UsersIncludeGroups||
|UsersIncludeRoles||
#### Grant Controls
|Name|Value|
|:--|:--|
|BuiltInControls|block|
|CustomControls||
|Operator|OR|
|TermsOfUse||
#### Session Controls
|Name|Value|
|:--|:--|
|ApplicationEnforcedRestriction||
|CloudAppSecurity||
|CloudAppSecurityType||
|PersistentBrowser||
|PersistentBrowserMode||
|SignInFrequency||
|SignInFrequencyTimeframe| |
### CA - CCX - Global - Restrict Mobile Access to US
#### Metadata
|Name|Value|
|:--|:--|
|Created|2022-03-22T20:23:37.3397458Z|
|DisplayName|CA - CCX - Global - Restrict Mobile Access to US|
|Id|d110337f-09ee-4ec7-97d1-173a3ba97d6e|
|Modified|2023-08-29T16:05:56.0085224Z|
|State|enabled|
#### Conditions
|Name|Value|
|:--|:--|
|ApplicationsExclude||
|ApplicationsInclude|Office365|
|ApplicationsIncludeUserActions||
|ClientAppTypes|all|
|Devices||
|DeviceStates||
|LocationsExclude|133e40bf-ecd0-4bcd-8d4c-434fec8df72d|
|LocationsInclude|All|
|PlatformsExclude||
|PlatformsInclude|android,iOS|
|SignInRiskLevel||
|UsersExclude||
|UsersExcludeGroups|R\_Intune\_Mobile\_AccessR\_AAD\_Offshore\_Access\_Mobile|
|UsersExcludeRoles||
|UsersInclude|All|
|UsersIncludeGroups||
|UsersIncludeRoles||
#### Grant Controls
|Name|Value|
|:--|:--|
|BuiltInControls|block|
|CustomControls||
|Operator|OR|
|TermsOfUse||
#### Session Controls
|Name|Value|
|:--|:--|
|ApplicationEnforcedRestriction||
|CloudAppSecurity||
|CloudAppSecurityType||
|PersistentBrowser||
|PersistentBrowserMode||
|SignInFrequency||
|SignInFrequencyTimeframe| |
### CA - CCX - M365 - Grant Compliance Access- MacOS
#### Metadata
|Name|Value|
|:--|:--|
|Created|2022-03-31T13:54:15.2358463Z|
|DisplayName|CA - CCX - M365 - Grant Compliance Access- MacOS|
|Id|76f1d229-e04d-4490-8dc9-a6ba605b0f82|
|Modified|2025-05-13T12:27:21.1072702Z|
|State|enabled|
#### Conditions
|Name|Value|
|:--|:--|
|ApplicationsExclude|VMware Horizon - Unified Access Gateway(17a58be3-afbe-45c4-a4ab-4e7640c285fc)|
|ApplicationsInclude|All|
|ApplicationsIncludeUserActions||
|ClientAppTypes|all|
|Devices||
|DeviceStates||
|LocationsExclude|AllTrusted|
|LocationsInclude|All|
|PlatformsExclude||
|PlatformsInclude|macOS|
|SignInRiskLevel||
|UsersExclude||
|UsersExcludeGroups|R\_Intune\_Mobile\_AccessR\_AAD\_Offshore\_Access\_Mobile|
|UsersExcludeRoles||
|UsersInclude|All|
|UsersIncludeGroups||
|UsersIncludeRoles||
#### Grant Controls
|Name|Value|
|:--|:--|
|BuiltInControls|compliantDevice|
|CustomControls||
|Operator|OR|
|TermsOfUse||
#### Session Controls
|Name|Value|
|:--|:--|
|ApplicationEnforcedRestriction||
|CloudAppSecurity||
|CloudAppSecurityType||
|PersistentBrowser||
|PersistentBrowserMode||
|SignInFrequency|True|
|SignInFrequencyTimeframe|7 days|
### CA - CCX - Global - Block Linux External Access
#### Metadata
|Name|Value|
|:--|:--|
|Created|2022-08-09T15:32:33.3564342Z|
|DisplayName|CA - CCX - Global - Block Linux External Access|
|Id|a0463337-0645-4708-b0e5-98e5966e1f55|
|Modified|2025-01-03T13:36:42.5390569Z|
|State|enabled|
#### Conditions
|Name|Value|
|:--|:--|
|ApplicationsExclude|VMware Horizon - Unified Access Gateway(17a58be3-afbe-45c4-a4ab-4e7640c285fc)|
|ApplicationsInclude|All|
|ApplicationsIncludeUserActions||
|ClientAppTypes|all|
|Devices||
|DeviceStates||
|LocationsExclude|0e8b6659-0af2-4ead-bf4d-fc7a69efe298|
|LocationsInclude|All|
|PlatformsExclude||
|PlatformsInclude|linux|
|SignInRiskLevel||
|UsersExclude||
|UsersExcludeGroups|R\_Intune\_Mobile\_AccessR\_AAD\_Offshore\_Access\_Mobile|
|UsersExcludeRoles||
|UsersInclude|All|
|UsersIncludeGroups||
|UsersIncludeRoles||
#### Grant Controls
|Name|Value|
|:--|:--|
|BuiltInControls|block|
|CustomControls||
|Operator|OR|
|TermsOfUse||
#### Session Controls
|Name|Value|
|:--|:--|
|ApplicationEnforcedRestriction||
|CloudAppSecurity||
|CloudAppSecurityType||
|PersistentBrowser||
|PersistentBrowserMode||
|SignInFrequency||
|SignInFrequencyTimeframe| |
### CA - CCX - M365 - Grant Hybrid Join Access - Windows
#### Metadata
|Name|Value|
|:--|:--|
|Created|2022-08-15T12:15:36.5634255Z|
|DisplayName|CA - CCX - M365 - Grant Hybrid Join Access - Windows|
|Id|59e77730-c800-4952-8708-f34b80a3267d|
|Modified|2025-05-12T18:32:36.5341764Z|
|State|enabled|
#### Conditions
|Name|Value|
|:--|:--|
|ApplicationsExclude||
|ApplicationsInclude|Adobe Identity Management (OIDC)(6aba272b-e383-44cd-8eda-34c66dfd9546)<br />Adobe Workfront(a846bde4-f407-45ea-ad51-c0fc77a0bb16)<br />MicrosoftAdminPortals<br />Windows Azure Service Management API(797f4846-ba00-4fd7-ba43-dac1f8f63013)<br />Office365|
|ApplicationsIncludeUserActions||
|ClientAppTypes|all|
|Devices|@{includeDeviceStates=System.Object[]; excludeDeviceStates=System.Object[]; includeDevices=System.Object[]; excludeDevices=System.Object[]; deviceFilter=}|
|DeviceStates||
|LocationsExclude|0e8b6659-0af2-4ead-bf4d-fc7a69efe298|
|LocationsInclude|All|
|PlatformsExclude||
|PlatformsInclude|windows|
|SignInRiskLevel||
|UsersExclude|iCIMS Candidate Tracking Service Account(iCIMSCandidate.TrackingServiceAccount@carecentrix.com)|
|UsersExcludeGroups|R\_Intune\_Mobile\_AccessR\_AAD\_Offshore\_Access\_MobileAAD\_MEM\_Autopilot\_Troubleshooting|
|UsersExcludeRoles||
|UsersInclude|All|
|UsersIncludeGroups||
|UsersIncludeRoles||
#### Grant Controls
|Name|Value|
|:--|:--|
|BuiltInControls|domainJoinedDevice|
|CustomControls||
|Operator|OR|
|TermsOfUse||
#### Session Controls
|Name|Value|
|:--|:--|
|ApplicationEnforcedRestriction||
|CloudAppSecurity||
|CloudAppSecurityType||
|PersistentBrowser||
|PersistentBrowserMode||
|SignInFrequency|True|
|SignInFrequencyTimeframe|10 days|
### CA - CCX - PAGlobalProtect - Require MFA
#### Metadata
|Name|Value|
|:--|:--|
|Created|2022-09-02T13:29:38.5885644Z|
|DisplayName|CA - CCX - PAGlobalProtect - Require MFA|
|Id|64f6402e-fc9d-4fcb-bffc-8a7fe2b433c9|
|Modified|2023-03-21T20:08:34.4480472Z|
|State|enabled|
#### Conditions
|Name|Value|
|:--|:--|
|ApplicationsExclude||
|ApplicationsInclude|Palo Alto Networks - GlobalProtect(96c5df68-2489-4cd6-9f01-a25a1ebd5071)|
|ApplicationsIncludeUserActions||
|ClientAppTypes|all|
|Devices||
|DeviceStates||
|LocationsExclude||
|LocationsInclude||
|PlatformsExclude||
|PlatformsInclude||
|SignInRiskLevel||
|UsersExclude||
|UsersExcludeGroups|R\_Intune\_Mobile\_AccessR\_AAD\_Offshore\_Access\_MobileAAD\_MEM\_Autopilot\_Troubleshooting|
|UsersExcludeRoles||
|UsersInclude|All|
|UsersIncludeGroups||
|UsersIncludeRoles||
#### Grant Controls
|Name|Value|
|:--|:--|
|BuiltInControls|mfa|
|CustomControls||
|Operator|OR|
|TermsOfUse||
#### Session Controls
|Name|Value|
|:--|:--|
|ApplicationEnforcedRestriction||
|CloudAppSecurity||
|CloudAppSecurityType||
|PersistentBrowser||
|PersistentBrowserMode||
|SignInFrequency|True|
|SignInFrequencyTimeframe|4 hours|
### CA - CCX - Intune Enrollment - Enforce MFA
#### Metadata
|Name|Value|
|:--|:--|
|Created|2022-09-21T19:10:46.3478047Z|
|DisplayName|CA - CCX - Intune Enrollment - Enforce MFA|
|Id|7d52c0ab-d842-47c5-b4ca-a1597e64eb9f|
|Modified|2024-05-22T18:52:16.9516782Z|
|State|enabled|
#### Conditions
|Name|Value|
|:--|:--|
|ApplicationsExclude||
|ApplicationsInclude|Microsoft Intune Enrollment(d4ebce55-015a-49b5-a083-c84d1797ae8c)|
|ApplicationsIncludeUserActions||
|ClientAppTypes|all|
|Devices|@{includeDeviceStates=System.Object[]; excludeDeviceStates=System.Object[]; includeDevices=System.Object[]; excludeDevices=System.Object[]; deviceFilter=}|
|DeviceStates||
|LocationsExclude|0e8b6659-0af2-4ead-bf4d-fc7a69efe298|
|LocationsInclude|All|
|PlatformsExclude|android,iOS,macOS|
|PlatformsInclude|windows|
|SignInRiskLevel||
|UsersExclude||
|UsersExcludeGroups|R\_Intune\_Mobile\_AccessR\_AAD\_Offshore\_Access\_MobileAAD\_MEM\_Autopilot\_Troubleshooting|
|UsersExcludeRoles||
|UsersInclude|All|
|UsersIncludeGroups||
|UsersIncludeRoles||
#### Grant Controls
|Name|Value|
|:--|:--|
|BuiltInControls|mfa,compliantDevice|
|CustomControls||
|Operator|OR|
|TermsOfUse||
#### Session Controls
|Name|Value|
|:--|:--|
|ApplicationEnforcedRestriction||
|CloudAppSecurity||
|CloudAppSecurityType||
|PersistentBrowser||
|PersistentBrowserMode||
|SignInFrequency|True|
|SignInFrequencyTimeframe|5 days|
### CA - CCX - M365 - Grant Compliance Access - AutoPilot
#### Metadata
|Name|Value|
|:--|:--|
|Created|2022-09-22T16:04:32.3335064Z|
|DisplayName|CA - CCX - M365 - Grant Compliance Access - AutoPilot|
|Id|c7dc70c0-e9f8-4e15-9781-a77af3800385|
|Modified|2023-01-20T19:55:54.1432067Z|
|State|enabled|
#### Conditions
|Name|Value|
|:--|:--|
|ApplicationsExclude||
|ApplicationsInclude|Office365|
|ApplicationsIncludeUserActions||
|ClientAppTypes|all|
|Devices|@{includeDeviceStates=System.Object[]; excludeDeviceStates=System.Object[]; includeDevices=System.Object[]; excludeDevices=System.Object[]; deviceFilter=}|
|DeviceStates||
|LocationsExclude|0e8b6659-0af2-4ead-bf4d-fc7a69efe298|
|LocationsInclude|All|
|PlatformsExclude||
|PlatformsInclude|windows|
|SignInRiskLevel||
|UsersExclude||
|UsersExcludeGroups|R\_Intune\_Mobile\_AccessR\_AAD\_Offshore\_Access\_MobileAAD\_MEM\_Autopilot\_Troubleshooting|
|UsersExcludeRoles||
|UsersInclude|All|
|UsersIncludeGroups||
|UsersIncludeRoles||
#### Grant Controls
|Name|Value|
|:--|:--|
|BuiltInControls|compliantDevice|
|CustomControls||
|Operator|OR|
|TermsOfUse||
#### Session Controls
|Name|Value|
|:--|:--|
|ApplicationEnforcedRestriction||
|CloudAppSecurity||
|CloudAppSecurityType||
|PersistentBrowser||
|PersistentBrowserMode||
|SignInFrequency|True|
|SignInFrequencyTimeframe|10 days|
### ZZZ - CA - CCX - M365 - Grant O365 Calendar Access - iOS
#### Metadata
|Name|Value|
|:--|:--|
|Created|2022-10-12T20:28:29.7053954Z|
|DisplayName|ZZZ - CA - CCX - M365 - Grant O365 Calendar Access - iOS|
|Id|00307607-8bb1-4eb9-96c6-95ecab7ad932|
|Modified|2024-06-14T13:52:07.4310621Z|
|State|disabled|
#### Conditions
|Name|Value|
|:--|:--|
|ApplicationsExclude||
|ApplicationsInclude|Office365|
|ApplicationsIncludeUserActions||
|ClientAppTypes|exchangeActiveSync|
|Devices||
|DeviceStates||
|LocationsExclude||
|LocationsInclude||
|PlatformsExclude|android,windows,windowsPhone,macOS,linux|
|PlatformsInclude|iOS|
|SignInRiskLevel||
|UsersExclude||
|UsersExcludeGroups|R\_Intune\_Mobile\_AccessR\_AAD\_Offshore\_Access\_MobileAAD\_MEM\_Autopilot\_Troubleshooting|
|UsersExcludeRoles||
|UsersInclude||
|UsersIncludeGroups|AAD\_MEM\_iOS\_Calendar\_Sync|
|UsersIncludeRoles||
#### Grant Controls
|Name|Value|
|:--|:--|
|BuiltInControls|mfa,compliantDevice|
|CustomControls||
|Operator|AND|
|TermsOfUse||
#### Session Controls
|Name|Value|
|:--|:--|
|ApplicationEnforcedRestriction||
|CloudAppSecurity||
|CloudAppSecurityType||
|PersistentBrowser||
|PersistentBrowserMode||
|SignInFrequency||
|SignInFrequencyTimeframe| |
### CA - CCX - MEM - Grant Compliance Access - Mobile
#### Metadata
|Name|Value|
|:--|:--|
|Created|2022-10-26T12:30:44.5653473Z|
|DisplayName|CA - CCX - MEM - Grant Compliance Access - Mobile|
|Id|dbc6f77d-9990-4625-b347-214a0327ff6f|
|Modified|2025-05-19T13:45:58.961663Z|
|State|enabled|
#### Conditions
|Name|Value|
|:--|:--|
|ApplicationsExclude||
|ApplicationsInclude|Workday (Prod)(4b61b374-6382-428c-8ef4-ec028803b626)<br />Adobe Workfront(a846bde4-f407-45ea-ad51-c0fc77a0bb16)<br />Adobe Identity Management (OIDC)(6aba272b-e383-44cd-8eda-34c66dfd9546)<br />Graph API(ba7a4277-b289-4a26-991b-f5dfc94aada3)<br />MicrosoftAdminPortals<br />Workday (CCX2)(bea684e8-d221-4334-be55-df87934e91a8)<br />Workday (CCX1)(60377700-b284-4127-8cd7-c1a8eaba2012)|
|ApplicationsIncludeUserActions||
|ClientAppTypes|browser,mobileAppsAndDesktopClients|
|Devices||
|DeviceStates||
|LocationsExclude||
|LocationsInclude||
|PlatformsExclude||
|PlatformsInclude|android,iOS|
|SignInRiskLevel||
|UsersExclude|Amason, Andrew(Andrew.Amason@carecentrix.com)|
|UsersExcludeGroups|R\_Intune\_Mobile\_AccessR\_AAD\_Offshore\_Access\_MobileAAD\_MEM\_Autopilot\_Troubleshooting|
|UsersExcludeRoles||
|UsersInclude||
|UsersIncludeGroups|R\_Intune\_Mobile\_Access|
|UsersIncludeRoles||
#### Grant Controls
|Name|Value|
|:--|:--|
|BuiltInControls|compliantDevice|
|CustomControls||
|Operator|OR|
|TermsOfUse||
#### Session Controls
|Name|Value|
|:--|:--|
|ApplicationEnforcedRestriction||
|CloudAppSecurity||
|CloudAppSecurityType||
|PersistentBrowser||
|PersistentBrowserMode||
|SignInFrequency||
|SignInFrequencyTimeframe| |
### CA - CCX - MEM - Autopilot Troubleshooting
#### Metadata
|Name|Value|
|:--|:--|
|Created|2022-10-27T21:33:11.7093232Z|
|DisplayName|CA - CCX - MEM - Autopilot Troubleshooting|
|Id|285eaffe-3a88-4ad6-810b-3adcf01703c2|
|Modified|2025-02-21T13:37:55.172635Z|
|State|enabled|
#### Conditions
|Name|Value|
|:--|:--|
|ApplicationsExclude||
|ApplicationsInclude|Graph API(ba7a4277-b289-4a26-991b-f5dfc94aada3)<br />Microsoft Intune(0000000a-0000-0000-c000-000000000000)<br />Microsoft Intune Enrollment(d4ebce55-015a-49b5-a083-c84d1797ae8c)|
|ApplicationsIncludeUserActions||
|ClientAppTypes|all|
|Devices||
|DeviceStates||
|LocationsExclude||
|LocationsInclude||
|PlatformsExclude||
|PlatformsInclude||
|SignInRiskLevel||
|UsersExclude||
|UsersExcludeGroups|R\_Intune\_Mobile\_AccessR\_AAD\_Offshore\_Access\_MobileAAD\_MEM\_Autopilot\_Troubleshooting|
|UsersExcludeRoles||
|UsersInclude||
|UsersIncludeGroups|AAD\_MEM\_Autopilot\_Troubleshooting|
|UsersIncludeRoles||
#### Grant Controls
|Name|Value|
|:--|:--|
|BuiltInControls|mfa|
|CustomControls||
|Operator|OR|
|TermsOfUse||
#### Session Controls
|Name|Value|
|:--|:--|
|ApplicationEnforcedRestriction||
|CloudAppSecurity||
|CloudAppSecurityType||
|PersistentBrowser||
|PersistentBrowserMode||
|SignInFrequency|True|
|SignInFrequencyTimeframe|1 hours|
### CA - CCX - CyberArk - Require MFA
#### Metadata
|Name|Value|
|:--|:--|
|Created|2022-11-18T19:27:03.7597384Z|
|DisplayName|CA - CCX - CyberArk - Require MFA|
|Id|4bdb9a13-7aaa-4bf4-95b3-fdd5adde1215|
|Modified|2025-05-09T20:27:54.8528808Z|
|State|enabled|
#### Conditions
|Name|Value|
|:--|:--|
|ApplicationsExclude||
|ApplicationsInclude|CCX-CyberArk SAML Authentication PVWA 2025(bc15cc8a-6189-4de4-9580-fb7a1b59a186)<br />CCX-CyberArk SAML Authentication(d9e999f7-f8d9-484b-9717-2fe1c0949ad5)|
|ApplicationsIncludeUserActions||
|ClientAppTypes|all|
|Devices||
|DeviceStates||
|LocationsExclude||
|LocationsInclude||
|PlatformsExclude||
|PlatformsInclude||
|SignInRiskLevel||
|UsersExclude||
|UsersExcludeGroups|R\_Intune\_Mobile\_AccessR\_AAD\_Offshore\_Access\_MobileAAD\_MEM\_Autopilot\_Troubleshooting|
|UsersExcludeRoles||
|UsersInclude|All|
|UsersIncludeGroups||
|UsersIncludeRoles||
#### Grant Controls
|Name|Value|
|:--|:--|
|BuiltInControls|mfa|
|CustomControls||
|Operator|OR|
|TermsOfUse||
#### Session Controls
|Name|Value|
|:--|:--|
|ApplicationEnforcedRestriction||
|CloudAppSecurity||
|CloudAppSecurityType||
|PersistentBrowser||
|PersistentBrowserMode||
|SignInFrequency|True|
|SignInFrequencyTimeframe|1 hours|
### CA - CCX - Salesforce - Require MFA
#### Metadata
|Name|Value|
|:--|:--|
|Created|2023-02-09T15:30:50.8612667Z|
|DisplayName|CA - CCX - Salesforce - Require MFA|
|Id|8ac99af1-b5de-4434-ad1e-fb5439937a91|
|Modified|2023-04-21T01:14:42.0273544Z|
|State|enabled|
#### Conditions
|Name|Value|
|:--|:--|
|ApplicationsExclude||
|ApplicationsInclude|Salesforce - HomeBridge Org1 (Prod)(a3c7328f-ae5e-484f-b430-4c3c0136d991)<br />Salesforce Hombridge1 (pjdev Sandbox)(45e5f412-c3ba-4203-8eed-4d9a087604e9)<br />Salesforce Hombridge1 (Backup1 Sandbox)(4f9900f4-fd9f-45dd-a0a6-91ee304d987a)<br />Salesforce Sales (MFA Sandbox)(3ace8261-b1cf-4c6a-b61f-325981299fca)<br />(35c4adb6-2eb7-4e65-a989-50dddb870850)<br />Salesforce Hombridge1 (MFA Sandbox)(0489475e-c795-4943-9253-b688eb4cea33)|
|ApplicationsIncludeUserActions||
|ClientAppTypes|all|
|Devices||
|DeviceStates||
|LocationsExclude||
|LocationsInclude||
|PlatformsExclude||
|PlatformsInclude||
|SignInRiskLevel||
|UsersExclude||
|UsersExcludeGroups|R\_Intune\_Mobile\_AccessR\_AAD\_Offshore\_Access\_MobileAAD\_MEM\_Autopilot\_Troubleshooting|
|UsersExcludeRoles||
|UsersInclude|All|
|UsersIncludeGroups||
|UsersIncludeRoles||
#### Grant Controls
|Name|Value|
|:--|:--|
|BuiltInControls|mfa|
|CustomControls||
|Operator|OR|
|TermsOfUse||
#### Session Controls
|Name|Value|
|:--|:--|
|ApplicationEnforcedRestriction||
|CloudAppSecurity||
|CloudAppSecurityType||
|PersistentBrowser||
|PersistentBrowserMode||
|SignInFrequency||
|SignInFrequencyTimeframe| |
### CA - CCX - M365 - Grant ABM Access
#### Metadata
|Name|Value|
|:--|:--|
|Created|2023-05-18T13:30:48.7571343Z|
|DisplayName|CA - CCX - M365 - Grant ABM Access|
|Id|8ed226b3-fbb5-4a9f-9e39-c8d4e32aa7a9|
|Modified||
|State|enabled|
#### Conditions
|Name|Value|
|:--|:--|
|ApplicationsExclude||
|ApplicationsInclude|Apple Business Manager(fc67d51f-bf39-4530-8155-3714f897281b)<br />Apple Internet Accounts(f8d98a96-0999-43f5-8af3-69971c7bb423)|
|ApplicationsIncludeUserActions||
|ClientAppTypes|all|
|Devices||
|DeviceStates||
|LocationsExclude||
|LocationsInclude||
|PlatformsExclude||
|PlatformsInclude|android,iOS|
|SignInRiskLevel||
|UsersExclude||
|UsersExcludeGroups|R\_Intune\_Mobile\_AccessR\_AAD\_Offshore\_Access\_MobileAAD\_MEM\_Autopilot\_Troubleshooting|
|UsersExcludeRoles||
|UsersInclude||
|UsersIncludeGroups|R\_Intune\_Mobile\_Access|
|UsersIncludeRoles||
#### Grant Controls
|Name|Value|
|:--|:--|
|BuiltInControls|mfa|
|CustomControls||
|Operator|OR|
|TermsOfUse||
#### Session Controls
|Name|Value|
|:--|:--|
|ApplicationEnforcedRestriction||
|CloudAppSecurity||
|CloudAppSecurityType||
|PersistentBrowser||
|PersistentBrowserMode||
|SignInFrequency||
|SignInFrequencyTimeframe| |
### CA - CCX - Global - Block access for unknown or unsupported device platform
#### Metadata
|Name|Value|
|:--|:--|
|Created|2023-06-27T19:19:49.4479974Z|
|DisplayName|CA - CCX - Global - Block access for unknown or unsupported device platform|
|Id|078daecb-3500-4641-9a2d-0f4486ffac05|
|Modified|2024-05-22T17:24:39.0407319Z|
|State|enabled|
#### Conditions
|Name|Value|
|:--|:--|
|ApplicationsExclude||
|ApplicationsInclude|All|
|ApplicationsIncludeUserActions||
|ClientAppTypes|all|
|Devices||
|DeviceStates||
|LocationsExclude||
|LocationsInclude||
|PlatformsExclude|android,iOS,windows,windowsPhone,macOS,linux|
|PlatformsInclude|all|
|SignInRiskLevel||
|UsersExclude|Boatright, Kevin(Kevin.Boatright@carecentrix.com)|
|UsersExcludeGroups|R\_Intune\_Mobile\_AccessR\_AAD\_Offshore\_Access\_MobileAAD\_MEM\_Autopilot\_Troubleshooting|
|UsersExcludeRoles||
|UsersInclude|All|
|UsersIncludeGroups||
|UsersIncludeRoles||
#### Grant Controls
|Name|Value|
|:--|:--|
|BuiltInControls|block|
|CustomControls||
|Operator|OR|
|TermsOfUse||
#### Session Controls
|Name|Value|
|:--|:--|
|ApplicationEnforcedRestriction||
|CloudAppSecurity||
|CloudAppSecurityType||
|PersistentBrowser||
|PersistentBrowserMode||
|SignInFrequency||
|SignInFrequencyTimeframe| |
### CA - CCX - Global - Block legacy authentication
#### Metadata
|Name|Value|
|:--|:--|
|Created|2023-07-05T18:46:02.5563718Z|
|DisplayName|CA - CCX - Global - Block legacy authentication|
|Id|68063282-76fe-475d-9177-cf17f411f4f4|
|Modified|2024-06-23T00:02:11.9459079Z|
|State|enabled|
#### Conditions
|Name|Value|
|:--|:--|
|ApplicationsExclude||
|ApplicationsInclude|All|
|ApplicationsIncludeUserActions||
|ClientAppTypes|exchangeActiveSync,other|
|Devices||
|DeviceStates||
|LocationsExclude||
|LocationsInclude||
|PlatformsExclude||
|PlatformsInclude||
|SignInRiskLevel||
|UsersExclude|Amason, Andrew(Andrew.Amason@carecentrix.com)|
|UsersExcludeGroups|R\_Intune\_Mobile\_AccessR\_AAD\_Offshore\_Access\_MobileAAD\_MEM\_Autopilot\_Troubleshooting|
|UsersExcludeRoles||
|UsersInclude|All|
|UsersIncludeGroups||
|UsersIncludeRoles||
#### Grant Controls
|Name|Value|
|:--|:--|
|BuiltInControls|block|
|CustomControls||
|Operator|OR|
|TermsOfUse||
#### Session Controls
|Name|Value|
|:--|:--|
|ApplicationEnforcedRestriction||
|CloudAppSecurity||
|CloudAppSecurityType||
|PersistentBrowser||
|PersistentBrowserMode||
|SignInFrequency||
|SignInFrequencyTimeframe| |
### CCX - CA - Block Hourly Users from Connection outside of logonhours
#### Metadata
|Name|Value|
|:--|:--|
|Created|2023-08-03T18:02:44.4020998Z|
|DisplayName|CCX - CA - Block Hourly Users from Connection outside of logonhours|
|Id|34e6cec4-2896-45f3-9a70-240b29b9a7a9|
|Modified|2024-11-16T14:02:50.4320079Z|
|State|enabledForReportingButNotEnforced|
#### Conditions
|Name|Value|
|:--|:--|
|ApplicationsExclude||
|ApplicationsInclude|Palo Alto Networks - GlobalProtect(96c5df68-2489-4cd6-9f01-a25a1ebd5071)<br />Office365|
|ApplicationsIncludeUserActions||
|ClientAppTypes|all|
|Devices||
|DeviceStates||
|LocationsExclude||
|LocationsInclude||
|PlatformsExclude||
|PlatformsInclude|all|
|SignInRiskLevel||
|UsersExclude||
|UsersExcludeGroups|R\_Intune\_Mobile\_AccessR\_AAD\_Offshore\_Access\_MobileAAD\_MEM\_Autopilot\_TroubleshootingR\_Allow\_Bypass\_TimeRestriction|
|UsersExcludeRoles||
|UsersInclude||
|UsersIncludeGroups|R\_Block\_All\_Access<br />R\_Block\_All\_Access\_RCM|
|UsersIncludeRoles||
#### Grant Controls
|Name|Value|
|:--|:--|
|BuiltInControls|block|
|CustomControls||
|Operator|OR|
|TermsOfUse||
#### Session Controls
|Name|Value|
|:--|:--|
|ApplicationEnforcedRestriction||
|CloudAppSecurity||
|CloudAppSecurityType||
|PersistentBrowser||
|PersistentBrowserMode||
|SignInFrequency||
|SignInFrequencyTimeframe| |
### CA - CCX - M365 - Grant Compliance Access - Windows
#### Metadata
|Name|Value|
|:--|:--|
|Created|2023-11-09T19:51:02.4973061Z|
|DisplayName|CA - CCX - M365 - Grant Compliance Access - Windows|
|Id|fbf4a646-01d9-40a1-ac13-83571d5f72ff|
|Modified|2024-01-04T19:14:16.7230578Z|
|State|enabledForReportingButNotEnforced|
#### Conditions
|Name|Value|
|:--|:--|
|ApplicationsExclude||
|ApplicationsInclude|All|
|ApplicationsIncludeUserActions||
|ClientAppTypes|all|
|Devices||
|DeviceStates||
|LocationsExclude|0e8b6659-0af2-4ead-bf4d-fc7a69efe298|
|LocationsInclude|All|
|PlatformsExclude||
|PlatformsInclude|windows|
|SignInRiskLevel||
|UsersExclude||
|UsersExcludeGroups|R\_Intune\_Mobile\_AccessR\_AAD\_Offshore\_Access\_MobileAAD\_MEM\_Autopilot\_TroubleshootingR\_Allow\_Bypass\_TimeRestriction|
|UsersExcludeRoles||
|UsersInclude|Nguyen, Christopher(Christopher.Nguyen@carecentrix.com)<br />Amason, Andrew(Andrew.Amason@carecentrix.com)|
|UsersIncludeGroups||
|UsersIncludeRoles||
#### Grant Controls
|Name|Value|
|:--|:--|
|BuiltInControls|compliantDevice|
|CustomControls||
|Operator|OR|
|TermsOfUse||
#### Session Controls
|Name|Value|
|:--|:--|
|ApplicationEnforcedRestriction||
|CloudAppSecurity||
|CloudAppSecurityType||
|PersistentBrowser||
|PersistentBrowserMode||
|SignInFrequency||
|SignInFrequencyTimeframe| |
### Microsoft-managed: Multifactor authentication for admins accessing Microsoft Admin Portals
#### Metadata
|Name|Value|
|:--|:--|
|Created|2023-11-13T22:46:21.4971797Z|
|DisplayName|Microsoft-managed: Multifactor authentication for admins accessing Microsoft Admin Portals|
|Id|86b5910c-dcba-432d-8e92-761c89592fc2|
|Modified|2024-06-10T20:43:09.6885003Z|
|State|enabled|
#### Conditions
|Name|Value|
|:--|:--|
|ApplicationsExclude||
|ApplicationsInclude|MicrosoftAdminPortals|
|ApplicationsIncludeUserActions||
|ClientAppTypes|all|
|Devices||
|DeviceStates||
|LocationsExclude||
|LocationsInclude||
|PlatformsExclude||
|PlatformsInclude||
|SignInRiskLevel||
|UsersExclude||
|UsersExcludeGroups|R\_Intune\_Mobile\_AccessR\_AAD\_Offshore\_Access\_MobileAAD\_MEM\_Autopilot\_TroubleshootingR\_Allow\_Bypass\_TimeRestriction|
|UsersExcludeRoles||
|UsersInclude||
|UsersIncludeGroups||
|UsersIncludeRoles|Global Administrator<br />Security Administrator<br />SharePoint Administrator<br />Exchange Administrator<br />Conditional Access Administrator<br />Helpdesk Administrator<br />Billing Administrator<br />User Administrator<br />Authentication Administrator<br />Application Administrator<br />Cloud Application Administrator<br />Password Administrator<br />Privileged Authentication Administrator<br />Privileged Role Administrator|
#### Grant Controls
|Name|Value|
|:--|:--|
|BuiltInControls|mfa|
|CustomControls||
|Operator|OR|
|TermsOfUse||
#### Session Controls
|Name|Value|
|:--|:--|
|ApplicationEnforcedRestriction||
|CloudAppSecurity||
|CloudAppSecurityType||
|PersistentBrowser||
|PersistentBrowserMode||
|SignInFrequency||
|SignInFrequencyTimeframe| |
### CA - CCX - Horizon VDI - Require MFA
#### Metadata
|Name|Value|
|:--|:--|
|Created|2024-02-09T15:51:46.3678241Z|
|DisplayName|CA - CCX - Horizon VDI - Require MFA|
|Id|c46f1758-eeb3-4fc9-8127-4f65214e051b|
|Modified||
|State|enabled|
#### Conditions
|Name|Value|
|:--|:--|
|ApplicationsExclude||
|ApplicationsInclude|VMware Horizon - Unified Access Gateway(17a58be3-afbe-45c4-a4ab-4e7640c285fc)|
|ApplicationsIncludeUserActions||
|ClientAppTypes|all|
|Devices||
|DeviceStates||
|LocationsExclude||
|LocationsInclude||
|PlatformsExclude||
|PlatformsInclude||
|SignInRiskLevel||
|UsersExclude||
|UsersExcludeGroups|R\_Intune\_Mobile\_AccessR\_AAD\_Offshore\_Access\_MobileAAD\_MEM\_Autopilot\_TroubleshootingR\_Allow\_Bypass\_TimeRestriction|
|UsersExcludeRoles||
|UsersInclude|All|
|UsersIncludeGroups||
|UsersIncludeRoles||
#### Grant Controls
|Name|Value|
|:--|:--|
|BuiltInControls|mfa|
|CustomControls||
|Operator|OR|
|TermsOfUse||
#### Session Controls
|Name|Value|
|:--|:--|
|ApplicationEnforcedRestriction||
|CloudAppSecurity||
|CloudAppSecurityType||
|PersistentBrowser||
|PersistentBrowserMode||
|SignInFrequency||
|SignInFrequencyTimeframe| |
### CA - CCX - MEM - Grant Compliance Access - App Protection - Mobile
#### Metadata
|Name|Value|
|:--|:--|
|Created|2024-05-01T17:36:58.904788Z|
|DisplayName|CA - CCX - MEM - Grant Compliance Access - App Protection - Mobile |
|Id|e50a2e91-a37f-43e0-a623-b19606cd19b8|
|Modified|2025-05-12T18:31:37.3953553Z|
|State|enabled|
#### Conditions
|Name|Value|
|:--|:--|
|ApplicationsExclude|Adobe Workfront(a846bde4-f407-45ea-ad51-c0fc77a0bb16)<br />Adobe Identity Management (OIDC)(6aba272b-e383-44cd-8eda-34c66dfd9546)<br />Graph API(ba7a4277-b289-4a26-991b-f5dfc94aada3)<br />MicrosoftAdminPortals<br />Workday (CCX2)(bea684e8-d221-4334-be55-df87934e91a8)<br />Workday (CCX1)(60377700-b284-4127-8cd7-c1a8eaba2012)<br />iCares Acheivers Prod(89a8edbd-eda9-408a-86e2-b1791c34acaf)<br />iCares Achievers Non-Prod(1278cadf-4d1f-4da4-af94-b04bfebae3a2)<br />VMware Horizon - Unified Access Gateway(17a58be3-afbe-45c4-a4ab-4e7640c285fc)|
|ApplicationsInclude|All|
|ApplicationsIncludeUserActions||
|ClientAppTypes|browser,mobileAppsAndDesktopClients|
|Devices||
|DeviceStates||
|LocationsExclude||
|LocationsInclude||
|PlatformsExclude||
|PlatformsInclude|android,iOS|
|SignInRiskLevel||
|UsersExclude||
|UsersExcludeGroups|R\_Intune\_Mobile\_AccessR\_AAD\_Offshore\_Access\_MobileAAD\_MEM\_Autopilot\_TroubleshootingR\_Allow\_Bypass\_TimeRestriction|
|UsersExcludeRoles||
|UsersInclude||
|UsersIncludeGroups|R\_Intune\_Mobile\_Access|
|UsersIncludeRoles||
#### Grant Controls
|Name|Value|
|:--|:--|
|BuiltInControls|compliantDevice,compliantApplication|
|CustomControls||
|Operator|AND|
|TermsOfUse||
#### Session Controls
|Name|Value|
|:--|:--|
|ApplicationEnforcedRestriction||
|CloudAppSecurity||
|CloudAppSecurityType||
|PersistentBrowser||
|PersistentBrowserMode||
|SignInFrequency||
|SignInFrequencyTimeframe| |
### CA - CCX - Global - Restrict Desktop Access to US
#### Metadata
|Name|Value|
|:--|:--|
|Created|2024-05-14T16:21:34.1740646Z|
|DisplayName|CA - CCX - Global - Restrict Desktop Access to US|
|Id|4b2d07c0-3cf2-4810-847c-d2b3e533478e|
|Modified|2024-08-25T00:59:16.8055874Z|
|State|enabled|
#### Conditions
|Name|Value|
|:--|:--|
|ApplicationsExclude|VMware Horizon - Unified Access Gateway(17a58be3-afbe-45c4-a4ab-4e7640c285fc)|
|ApplicationsInclude|All|
|ApplicationsIncludeUserActions||
|ClientAppTypes|all|
|Devices||
|DeviceStates||
|LocationsExclude|133e40bf-ecd0-4bcd-8d4c-434fec8df72d|
|LocationsInclude|All|
|PlatformsExclude||
|PlatformsInclude|windows,macOS,linux|
|SignInRiskLevel||
|UsersExclude||
|UsersExcludeGroups|R\_Intune\_Mobile\_AccessR\_AAD\_Offshore\_Access\_MobileAAD\_MEM\_Autopilot\_TroubleshootingR\_Allow\_Bypass\_TimeRestrictionR\_AAD\_Offshore\_Access\_Desktop|
|UsersExcludeRoles||
|UsersInclude|All|
|UsersIncludeGroups||
|UsersIncludeRoles||
#### Grant Controls
|Name|Value|
|:--|:--|
|BuiltInControls|block|
|CustomControls||
|Operator|OR|
|TermsOfUse||
#### Session Controls
|Name|Value|
|:--|:--|
|ApplicationEnforcedRestriction||
|CloudAppSecurity||
|CloudAppSecurityType||
|PersistentBrowser||
|PersistentBrowserMode||
|SignInFrequency||
|SignInFrequencyTimeframe| |
### CA - CCX - Provider Portal - MFA POC - Require MFA
#### Metadata
|Name|Value|
|:--|:--|
|Created|2024-06-17T18:52:54.4123008Z|
|DisplayName|CA - CCX - Provider Portal - MFA POC - Require MFA|
|Id|a20b3ea9-8f59-4d57-bfd5-1589c345da65|
|Modified|2024-06-21T21:09:19.9669461Z|
|State|enabled|
#### Conditions
|Name|Value|
|:--|:--|
|ApplicationsExclude||
|ApplicationsInclude|(2fa253eb-05fe-4877-9bdb-3c085f9288ac)|
|ApplicationsIncludeUserActions||
|ClientAppTypes|all|
|Devices||
|DeviceStates||
|LocationsExclude||
|LocationsInclude||
|PlatformsExclude||
|PlatformsInclude||
|SignInRiskLevel||
|UsersExclude||
|UsersExcludeGroups|R\_Intune\_Mobile\_AccessR\_AAD\_Offshore\_Access\_MobileAAD\_MEM\_Autopilot\_TroubleshootingR\_Allow\_Bypass\_TimeRestrictionR\_AAD\_Offshore\_Access\_Desktop|
|UsersExcludeRoles||
|UsersInclude|All|
|UsersIncludeGroups||
|UsersIncludeRoles||
#### Grant Controls
|Name|Value|
|:--|:--|
|BuiltInControls|mfa|
|CustomControls||
|Operator|OR|
|TermsOfUse||
#### Session Controls
|Name|Value|
|:--|:--|
|ApplicationEnforcedRestriction||
|CloudAppSecurity||
|CloudAppSecurityType||
|PersistentBrowser||
|PersistentBrowserMode||
|SignInFrequency||
|SignInFrequencyTimeframe| |
### CA - CCX - Nice - Require MFA
#### Metadata
|Name|Value|
|:--|:--|
|Created|2024-08-01T16:41:41.0357993Z|
|DisplayName|CA - CCX - Nice - Require MFA|
|Id|f1849c07-5c67-458e-84ec-59514427ded1|
|Modified|2024-11-25T15:31:22.6475098Z|
|State|enabled|
#### Conditions
|Name|Value|
|:--|:--|
|ApplicationsExclude||
|ApplicationsInclude|NICE CXone - Troubleshooting(b4cc398a-99da-4eb5-a688-525a4b35a65d)<br />NICE EEM(402a8daa-dc65-4c18-9842-beef25f7e084)<br />NICE NDE(dc8bfd1a-51fb-42d5-9398-b4fe7791590b)<br />Nice WFM(d0be22d3-0d40-431b-87a6-f26654b44694)<br />NICE CXone(15cde0a7-7611-4432-8a8c-dd7d6eded99a)|
|ApplicationsIncludeUserActions||
|ClientAppTypes|all|
|Devices||
|DeviceStates||
|LocationsExclude||
|LocationsInclude||
|PlatformsExclude||
|PlatformsInclude||
|SignInRiskLevel||
|UsersExclude||
|UsersExcludeGroups|R\_Intune\_Mobile\_AccessR\_AAD\_Offshore\_Access\_MobileAAD\_MEM\_Autopilot\_TroubleshootingR\_Allow\_Bypass\_TimeRestrictionR\_AAD\_Offshore\_Access\_Desktop|
|UsersExcludeRoles||
|UsersInclude|All|
|UsersIncludeGroups||
|UsersIncludeRoles||
#### Grant Controls
|Name|Value|
|:--|:--|
|BuiltInControls|mfa|
|CustomControls||
|Operator|OR|
|TermsOfUse||
#### Session Controls
|Name|Value|
|:--|:--|
|ApplicationEnforcedRestriction||
|CloudAppSecurity||
|CloudAppSecurityType||
|PersistentBrowser||
|PersistentBrowserMode||
|SignInFrequency||
|SignInFrequencyTimeframe| |
### CA - CCX - AWS - Require MFA
#### Metadata
|Name|Value|
|:--|:--|
|Created|2024-08-02T00:47:57.4759172Z|
|DisplayName|CA - CCX - AWS - Require MFA|
|Id|55a52b38-c772-4abf-aeca-79080fe165b3|
|Modified|2024-08-02T00:59:29.7448389Z|
|State|enabled|
#### Conditions
|Name|Value|
|:--|:--|
|ApplicationsExclude||
|ApplicationsInclude|AWS IAM Identity Center (CCX)(280da9ad-192a-4b64-a323-d9a7bf129d38)|
|ApplicationsIncludeUserActions||
|ClientAppTypes|all|
|Devices||
|DeviceStates||
|LocationsExclude||
|LocationsInclude||
|PlatformsExclude||
|PlatformsInclude||
|SignInRiskLevel||
|UsersExclude||
|UsersExcludeGroups|R\_Intune\_Mobile\_AccessR\_AAD\_Offshore\_Access\_MobileAAD\_MEM\_Autopilot\_TroubleshootingR\_Allow\_Bypass\_TimeRestrictionR\_AAD\_Offshore\_Access\_Desktop|
|UsersExcludeRoles||
|UsersInclude|All|
|UsersIncludeGroups||
|UsersIncludeRoles||
#### Grant Controls
|Name|Value|
|:--|:--|
|BuiltInControls|mfa|
|CustomControls||
|Operator|OR|
|TermsOfUse||
#### Session Controls
|Name|Value|
|:--|:--|
|ApplicationEnforcedRestriction||
|CloudAppSecurity||
|CloudAppSecurityType||
|PersistentBrowser||
|PersistentBrowserMode||
|SignInFrequency|True|
|SignInFrequencyTimeframe|2 hours|
### CA - CCX - AWS - Require CCX Network/Devices
#### Metadata
|Name|Value|
|:--|:--|
|Created|2024-08-02T01:02:34.44919Z|
|DisplayName|CA - CCX - AWS - Require CCX Network/Devices|
|Id|32e0efd9-8e39-4347-8ebb-e182954a08c6|
|Modified|2024-08-02T01:04:01.2516409Z|
|State|enabled|
#### Conditions
|Name|Value|
|:--|:--|
|ApplicationsExclude||
|ApplicationsInclude|AWS IAM Identity Center (CCX)(280da9ad-192a-4b64-a323-d9a7bf129d38)|
|ApplicationsIncludeUserActions||
|ClientAppTypes|all|
|Devices||
|DeviceStates||
|LocationsExclude|0e8b6659-0af2-4ead-bf4d-fc7a69efe298|
|LocationsInclude|All|
|PlatformsExclude||
|PlatformsInclude||
|SignInRiskLevel||
|UsersExclude||
|UsersExcludeGroups|R\_Intune\_Mobile\_AccessR\_AAD\_Offshore\_Access\_MobileAAD\_MEM\_Autopilot\_TroubleshootingR\_Allow\_Bypass\_TimeRestrictionR\_AAD\_Offshore\_Access\_Desktop|
|UsersExcludeRoles||
|UsersInclude|All|
|UsersIncludeGroups||
|UsersIncludeRoles||
#### Grant Controls
|Name|Value|
|:--|:--|
|BuiltInControls|compliantDevice,domainJoinedDevice|
|CustomControls||
|Operator|OR|
|TermsOfUse||
#### Session Controls
|Name|Value|
|:--|:--|
|ApplicationEnforcedRestriction||
|CloudAppSecurity||
|CloudAppSecurityType||
|PersistentBrowser||
|PersistentBrowserMode||
|SignInFrequency||
|SignInFrequencyTimeframe| |
### CA - CCX - NICE - Require CCX Network/Devices
#### Metadata
|Name|Value|
|:--|:--|
|Created|2024-08-07T15:15:35.7189561Z|
|DisplayName|CA - CCX - NICE - Require CCX Network/Devices|
|Id|627ebbbf-90c6-4ddf-a8c3-84aac1a1de22|
|Modified|2024-11-25T15:31:59.5147857Z|
|State|enabled|
#### Conditions
|Name|Value|
|:--|:--|
|ApplicationsExclude||
|ApplicationsInclude|NICE CXone - Troubleshooting(b4cc398a-99da-4eb5-a688-525a4b35a65d)<br />NICE NDE(dc8bfd1a-51fb-42d5-9398-b4fe7791590b)<br />NICE CXone(15cde0a7-7611-4432-8a8c-dd7d6eded99a)|
|ApplicationsIncludeUserActions||
|ClientAppTypes|all|
|Devices||
|DeviceStates||
|LocationsExclude|0e8b6659-0af2-4ead-bf4d-fc7a69efe298|
|LocationsInclude|All|
|PlatformsExclude||
|PlatformsInclude||
|SignInRiskLevel||
|UsersExclude||
|UsersExcludeGroups|R\_Intune\_Mobile\_AccessR\_AAD\_Offshore\_Access\_MobileAAD\_MEM\_Autopilot\_TroubleshootingR\_Allow\_Bypass\_TimeRestrictionR\_AAD\_Offshore\_Access\_Desktop|
|UsersExcludeRoles||
|UsersInclude|All|
|UsersIncludeGroups||
|UsersIncludeRoles||
#### Grant Controls
|Name|Value|
|:--|:--|
|BuiltInControls|compliantDevice,domainJoinedDevice|
|CustomControls||
|Operator|OR|
|TermsOfUse||
#### Session Controls
|Name|Value|
|:--|:--|
|ApplicationEnforcedRestriction||
|CloudAppSecurity||
|CloudAppSecurityType||
|PersistentBrowser||
|PersistentBrowserMode||
|SignInFrequency||
|SignInFrequencyTimeframe| |
### CA - CCX - Provider Portal POC - Require MFA
#### Metadata
|Name|Value|
|:--|:--|
|Created|2024-08-15T16:30:18.9291167Z|
|DisplayName|CA - CCX - Provider Portal POC - Require MFA|
|Id|7a87172e-5624-4e93-be26-05bb4aa6601f|
|Modified||
|State|enabled|
#### Conditions
|Name|Value|
|:--|:--|
|ApplicationsExclude||
|ApplicationsInclude|Provider Portal - MFA POC(020b856f-ddcb-4e88-8973-e413d00f96d3)|
|ApplicationsIncludeUserActions||
|ClientAppTypes|all|
|Devices||
|DeviceStates||
|LocationsExclude||
|LocationsInclude||
|PlatformsExclude||
|PlatformsInclude||
|SignInRiskLevel||
|UsersExclude||
|UsersExcludeGroups|R\_Intune\_Mobile\_AccessR\_AAD\_Offshore\_Access\_MobileAAD\_MEM\_Autopilot\_TroubleshootingR\_Allow\_Bypass\_TimeRestrictionR\_AAD\_Offshore\_Access\_Desktop|
|UsersExcludeRoles||
|UsersInclude|All|
|UsersIncludeGroups||
|UsersIncludeRoles||
#### Grant Controls
|Name|Value|
|:--|:--|
|BuiltInControls|mfa|
|CustomControls||
|Operator|OR|
|TermsOfUse||
#### Session Controls
|Name|Value|
|:--|:--|
|ApplicationEnforcedRestriction||
|CloudAppSecurity||
|CloudAppSecurityType||
|PersistentBrowser||
|PersistentBrowserMode||
|SignInFrequency||
|SignInFrequencyTimeframe| |
### CA - CCX - Bitwarden - Require MFA and CCX Device
#### Metadata
|Name|Value|
|:--|:--|
|Created|2024-09-05T14:44:16.5552184Z|
|DisplayName|CA - CCX - Bitwarden - Require MFA and CCX Device|
|Id|60fa8cf3-5317-4694-ace3-2f6e9d8b0764|
|Modified|2024-11-12T19:19:04.479096Z|
|State|enabled|
#### Conditions
|Name|Value|
|:--|:--|
|ApplicationsExclude||
|ApplicationsInclude|Bitwarden SSO(1d934c2c-7c12-4e4a-8616-3dc5eb09c555)|
|ApplicationsIncludeUserActions||
|ClientAppTypes|all|
|Devices||
|DeviceStates||
|LocationsExclude|0e8b6659-0af2-4ead-bf4d-fc7a69efe298|
|LocationsInclude|All|
|PlatformsExclude||
|PlatformsInclude||
|SignInRiskLevel||
|UsersExclude||
|UsersExcludeGroups|R\_Intune\_Mobile\_AccessR\_AAD\_Offshore\_Access\_MobileAAD\_MEM\_Autopilot\_TroubleshootingR\_Allow\_Bypass\_TimeRestrictionR\_AAD\_Offshore\_Access\_Desktop|
|UsersExcludeRoles||
|UsersInclude||
|UsersIncludeGroups|R\_Bitwarden\_Login\_SSO|
|UsersIncludeRoles||
#### Grant Controls
|Name|Value|
|:--|:--|
|BuiltInControls|mfa,compliantDevice|
|CustomControls||
|Operator|AND|
|TermsOfUse||
#### Session Controls
|Name|Value|
|:--|:--|
|ApplicationEnforcedRestriction||
|CloudAppSecurity||
|CloudAppSecurityType||
|PersistentBrowser||
|PersistentBrowserMode||
|SignInFrequency|True|
|SignInFrequencyTimeframe|1 hours|
### CA - CCX - Proofpoint on Demand - Require MFA
#### Metadata
|Name|Value|
|:--|:--|
|Created|2024-09-24T15:44:39.2994353Z|
|DisplayName|CA - CCX - Proofpoint on Demand - Require MFA|
|Id|86a2cac6-466d-4cfe-aa61-a3a4f73456d9|
|Modified||
|State|enabled|
#### Conditions
|Name|Value|
|:--|:--|
|ApplicationsExclude||
|ApplicationsInclude|Proofpoint on Demand(dbbf6b93-d68e-4f8d-9dab-a028b0e49a57)|
|ApplicationsIncludeUserActions||
|ClientAppTypes|all|
|Devices||
|DeviceStates||
|LocationsExclude||
|LocationsInclude||
|PlatformsExclude||
|PlatformsInclude||
|SignInRiskLevel||
|UsersExclude||
|UsersExcludeGroups|R\_Intune\_Mobile\_AccessR\_AAD\_Offshore\_Access\_MobileAAD\_MEM\_Autopilot\_TroubleshootingR\_Allow\_Bypass\_TimeRestrictionR\_AAD\_Offshore\_Access\_Desktop|
|UsersExcludeRoles||
|UsersInclude|All|
|UsersIncludeGroups||
|UsersIncludeRoles||
#### Grant Controls
|Name|Value|
|:--|:--|
|BuiltInControls|mfa|
|CustomControls||
|Operator|OR|
|TermsOfUse||
#### Session Controls
|Name|Value|
|:--|:--|
|ApplicationEnforcedRestriction||
|CloudAppSecurity||
|CloudAppSecurityType||
|PersistentBrowser||
|PersistentBrowserMode||
|SignInFrequency||
|SignInFrequencyTimeframe| |
### CA - CCX - Proofpoint Admin Portal - Require MFA
#### Metadata
|Name|Value|
|:--|:--|
|Created|2024-09-24T15:58:30.6132496Z|
|DisplayName|CA - CCX - Proofpoint Admin Portal - Require MFA|
|Id|3322aa63-33d1-446a-9e16-31139a3fe54e|
|Modified|2024-09-25T14:53:55.5931791Z|
|State|enabled|
#### Conditions
|Name|Value|
|:--|:--|
|ApplicationsExclude||
|ApplicationsInclude|Proofpoint Admin Portal (POD)(5144935d-66fb-4662-ae74-0e62d4c44d7d)|
|ApplicationsIncludeUserActions||
|ClientAppTypes|all|
|Devices||
|DeviceStates||
|LocationsExclude||
|LocationsInclude||
|PlatformsExclude||
|PlatformsInclude||
|SignInRiskLevel||
|UsersExclude||
|UsersExcludeGroups|R\_Intune\_Mobile\_AccessR\_AAD\_Offshore\_Access\_MobileAAD\_MEM\_Autopilot\_TroubleshootingR\_Allow\_Bypass\_TimeRestrictionR\_AAD\_Offshore\_Access\_Desktop|
|UsersExcludeRoles||
|UsersInclude|All|
|UsersIncludeGroups||
|UsersIncludeRoles||
#### Grant Controls
|Name|Value|
|:--|:--|
|BuiltInControls|mfa|
|CustomControls||
|Operator|OR|
|TermsOfUse||
#### Session Controls
|Name|Value|
|:--|:--|
|ApplicationEnforcedRestriction||
|CloudAppSecurity||
|CloudAppSecurityType||
|PersistentBrowser||
|PersistentBrowserMode||
|SignInFrequency||
|SignInFrequencyTimeframe| |
### CA - CCX - NICE - Require CCX Network/Devices - WFM Reporting
#### Metadata
|Name|Value|
|:--|:--|
|Created|2024-10-31T20:39:16.4989029Z|
|DisplayName|CA - CCX - NICE - Require CCX Network/Devices - WFM Reporting|
|Id|74f14456-2a20-4691-a1d0-32066032f3f8|
|Modified|2024-11-01T20:05:33.5959864Z|
|State|enabledForReportingButNotEnforced|
#### Conditions
|Name|Value|
|:--|:--|
|ApplicationsExclude||
|ApplicationsInclude|NICE EEM(402a8daa-dc65-4c18-9842-beef25f7e084)<br />Nice WFM(d0be22d3-0d40-431b-87a6-f26654b44694)|
|ApplicationsIncludeUserActions||
|ClientAppTypes|all|
|Devices||
|DeviceStates||
|LocationsExclude|0e8b6659-0af2-4ead-bf4d-fc7a69efe298|
|LocationsInclude|All|
|PlatformsExclude|android,iOS,macOS,linux|
|PlatformsInclude|all|
|SignInRiskLevel||
|UsersExclude||
|UsersExcludeGroups|R\_Intune\_Mobile\_AccessR\_AAD\_Offshore\_Access\_MobileAAD\_MEM\_Autopilot\_TroubleshootingR\_Allow\_Bypass\_TimeRestrictionR\_AAD\_Offshore\_Access\_Desktop|
|UsersExcludeRoles||
|UsersInclude|All|
|UsersIncludeGroups||
|UsersIncludeRoles||
#### Grant Controls
|Name|Value|
|:--|:--|
|BuiltInControls|compliantDevice,domainJoinedDevice|
|CustomControls||
|Operator|OR|
|TermsOfUse||
#### Session Controls
|Name|Value|
|:--|:--|
|ApplicationEnforcedRestriction||
|CloudAppSecurity||
|CloudAppSecurityType||
|PersistentBrowser||
|PersistentBrowserMode||
|SignInFrequency||
|SignInFrequencyTimeframe| |
### Block TOR & Anonymous Proxies
#### Metadata
|Name|Value|
|:--|:--|
|Created|2024-11-08T18:43:48.2142577Z|
|DisplayName|Block TOR & Anonymous Proxies|
|Id|19f10781-9820-4cb0-856e-13a634578895|
|Modified|2024-12-02T14:27:27.2306555Z|
|State|disabled|
#### Conditions
|Name|Value|
|:--|:--|
|ApplicationsExclude||
|ApplicationsInclude|All|
|ApplicationsIncludeUserActions||
|ClientAppTypes|all|
|Devices||
|DeviceStates||
|LocationsExclude||
|LocationsInclude||
|PlatformsExclude||
|PlatformsInclude||
|SignInRiskLevel||
|UsersExclude||
|UsersExcludeGroups|R\_Intune\_Mobile\_AccessR\_AAD\_Offshore\_Access\_MobileAAD\_MEM\_Autopilot\_TroubleshootingR\_Allow\_Bypass\_TimeRestrictionR\_AAD\_Offshore\_Access\_Desktop|
|UsersExcludeRoles||
|UsersInclude|None|
|UsersIncludeGroups||
|UsersIncludeRoles||
#### Grant Controls
|Name|Value|
|:--|:--|
|BuiltInControls||
|CustomControls||
|Operator||
|TermsOfUse||
#### Session Controls
|Name|Value|
|:--|:--|
|ApplicationEnforcedRestriction||
|CloudAppSecurity|True|
|CloudAppSecurityType||
|PersistentBrowser||
|PersistentBrowserMode||
|SignInFrequency||
|SignInFrequencyTimeframe| |
### CA - CCX - Bitwarden - Require MFA and CCX IP
#### Metadata
|Name|Value|
|:--|:--|
|Created|2024-11-12T19:17:11.9020732Z|
|DisplayName|CA - CCX - Bitwarden - Require MFA and CCX IP|
|Id|ef4467fa-d9a9-4f3f-b245-cedb5f33fa7a|
|Modified|2024-11-13T15:20:45.047139Z|
|State|enabled|
#### Conditions
|Name|Value|
|:--|:--|
|ApplicationsExclude||
|ApplicationsInclude|Bitwarden SSO(1d934c2c-7c12-4e4a-8616-3dc5eb09c555)|
|ApplicationsIncludeUserActions||
|ClientAppTypes|all|
|Devices||
|DeviceStates||
|LocationsExclude||
|LocationsInclude|0e8b6659-0af2-4ead-bf4d-fc7a69efe298|
|PlatformsExclude||
|PlatformsInclude||
|SignInRiskLevel||
|UsersExclude||
|UsersExcludeGroups|R\_Intune\_Mobile\_AccessR\_AAD\_Offshore\_Access\_MobileAAD\_MEM\_Autopilot\_TroubleshootingR\_Allow\_Bypass\_TimeRestrictionR\_AAD\_Offshore\_Access\_Desktop|
|UsersExcludeRoles||
|UsersInclude||
|UsersIncludeGroups|R\_Bitwarden\_Login\_SSO|
|UsersIncludeRoles||
#### Grant Controls
|Name|Value|
|:--|:--|
|BuiltInControls|mfa|
|CustomControls||
|Operator|OR|
|TermsOfUse||
#### Session Controls
|Name|Value|
|:--|:--|
|ApplicationEnforcedRestriction||
|CloudAppSecurity||
|CloudAppSecurityType||
|PersistentBrowser||
|PersistentBrowserMode||
|SignInFrequency|True|
|SignInFrequencyTimeframe|1 hours|
### Supplimental: Multifactor authentication for admins accessing Microsoft Admin Portals COPY
#### Metadata
|Name|Value|
|:--|:--|
|Created|2024-11-14T20:27:14.6239241Z|
|DisplayName|Supplimental: Multifactor authentication for admins accessing Microsoft Admin Portals COPY|
|Id|45fab5d2-a2af-4ec3-ae65-4f58686b14d1|
|Modified|2025-02-24T15:01:01.3827304Z|
|State|enabled|
#### Conditions
|Name|Value|
|:--|:--|
|ApplicationsExclude||
|ApplicationsInclude|MicrosoftAdminPortals|
|ApplicationsIncludeUserActions||
|ClientAppTypes|all|
|Devices||
|DeviceStates||
|LocationsExclude||
|LocationsInclude||
|PlatformsExclude||
|PlatformsInclude||
|SignInRiskLevel||
|UsersExclude|Amason, Andrew(Andrew.Amason@carecentrix.com)|
|UsersExcludeGroups|R\_Intune\_Mobile\_AccessR\_AAD\_Offshore\_Access\_MobileAAD\_MEM\_Autopilot\_TroubleshootingR\_Allow\_Bypass\_TimeRestrictionR\_AAD\_Offshore\_Access\_Desktop|
|UsersExcludeRoles||
|UsersInclude||
|UsersIncludeGroups||
|UsersIncludeRoles|Exchange Administrator<br />Global Reader<br />Intune Administrator|
#### Grant Controls
|Name|Value|
|:--|:--|
|BuiltInControls|mfa|
|CustomControls||
|Operator|OR|
|TermsOfUse||
#### Session Controls
|Name|Value|
|:--|:--|
|ApplicationEnforcedRestriction||
|CloudAppSecurity||
|CloudAppSecurityType||
|PersistentBrowser||
|PersistentBrowserMode||
|SignInFrequency|True|
|SignInFrequencyTimeframe|2 hours|
### CA - CCX - MEM - Remote Help
#### Metadata
|Name|Value|
|:--|:--|
|Created|2025-01-24T21:49:55.029118Z|
|DisplayName|CA - CCX - MEM - Remote Help|
|Id|5491b1de-b07d-4ad0-b35b-cd8d2041f2d2|
|Modified|2025-01-30T18:11:52.0065847Z|
|State|enabled|
#### Conditions
|Name|Value|
|:--|:--|
|ApplicationsExclude||
|ApplicationsInclude|RemoteAssistanceService(1dee7b72-b80d-4e56-933d-8b6b04f9a3e2)|
|ApplicationsIncludeUserActions||
|ClientAppTypes|all|
|Devices||
|DeviceStates||
|LocationsExclude||
|LocationsInclude||
|PlatformsExclude||
|PlatformsInclude||
|SignInRiskLevel||
|UsersExclude||
|UsersExcludeGroups|R\_Intune\_Mobile\_AccessR\_AAD\_Offshore\_Access\_MobileAAD\_MEM\_Autopilot\_TroubleshootingR\_Allow\_Bypass\_TimeRestrictionR\_AAD\_Offshore\_Access\_Desktop|
|UsersExcludeRoles||
|UsersInclude||
|UsersIncludeGroups|AAD\_Microsoft365\_Licensing\_RemoteHelp|
|UsersIncludeRoles||
#### Grant Controls
|Name|Value|
|:--|:--|
|BuiltInControls|mfa|
|CustomControls||
|Operator|OR|
|TermsOfUse||
#### Session Controls
|Name|Value|
|:--|:--|
|ApplicationEnforcedRestriction||
|CloudAppSecurity||
|CloudAppSecurityType||
|PersistentBrowser||
|PersistentBrowserMode||
|SignInFrequency||
|SignInFrequencyTimeframe| |
### Microsoft-managed: Multifactor authentication and reauthentication for risky sign-ins
#### Metadata
|Name|Value|
|:--|:--|
|Created|2025-02-13T01:38:04.1923904Z|
|DisplayName|Microsoft-managed: Multifactor authentication and reauthentication for risky sign-ins|
|Id|f501b837-3b2b-4e04-8cda-7680becf3e37|
|Modified|2025-05-14T20:02:03.06783Z|
|State|enabled|
#### Conditions
|Name|Value|
|:--|:--|
|ApplicationsExclude||
|ApplicationsInclude|All|
|ApplicationsIncludeUserActions||
|ClientAppTypes|all|
|Devices||
|DeviceStates||
|LocationsExclude||
|LocationsInclude||
|PlatformsExclude||
|PlatformsInclude||
|SignInRiskLevel|high|
|UsersExclude||
|UsersExcludeGroups|R\_Intune\_Mobile\_AccessR\_AAD\_Offshore\_Access\_MobileAAD\_MEM\_Autopilot\_TroubleshootingR\_Allow\_Bypass\_TimeRestrictionR\_AAD\_Offshore\_Access\_Desktop|
|UsersExcludeRoles||
|UsersInclude||
|UsersIncludeGroups|Conditional Access: Risky sign-in multifactor authentication (a4ea6c0f-b8fb-4d29-91f1-9f8cf0601e98)|
|UsersIncludeRoles||
#### Grant Controls
|Name|Value|
|:--|:--|
|BuiltInControls|mfa|
|CustomControls||
|Operator|OR|
|TermsOfUse||
#### Session Controls
|Name|Value|
|:--|:--|
|ApplicationEnforcedRestriction||
|CloudAppSecurity||
|CloudAppSecurityType||
|PersistentBrowser||
|PersistentBrowserMode||
|SignInFrequency|True|
|SignInFrequencyTimeframe| |
### Block VPN IP Ranges
#### Metadata
|Name|Value|
|:--|:--|
|Created|2025-04-02T13:03:37.3048002Z|
|DisplayName|Block VPN IP Ranges|
|Id|fdbaf0e6-f585-4984-8a5b-e3204926c6f8|
|Modified|2025-04-02T15:22:37.4138687Z|
|State|enabled|
#### Conditions
|Name|Value|
|:--|:--|
|ApplicationsExclude||
|ApplicationsInclude|All|
|ApplicationsIncludeUserActions||
|ClientAppTypes|all|
|Devices||
|DeviceStates||
|LocationsExclude||
|LocationsInclude|00985883-fe80-46d2-aa8c-5e3aa8ebc24f|
|PlatformsExclude||
|PlatformsInclude||
|SignInRiskLevel||
|UsersExclude||
|UsersExcludeGroups|R\_Intune\_Mobile\_AccessR\_AAD\_Offshore\_Access\_MobileAAD\_MEM\_Autopilot\_TroubleshootingR\_Allow\_Bypass\_TimeRestrictionR\_AAD\_Offshore\_Access\_Desktop|
|UsersExcludeRoles||
|UsersInclude|()|
|UsersIncludeGroups||
|UsersIncludeRoles||
#### Grant Controls
|Name|Value|
|:--|:--|
|BuiltInControls|block|
|CustomControls||
|Operator|OR|
|TermsOfUse||
#### Session Controls
|Name|Value|
|:--|:--|
|ApplicationEnforcedRestriction||
|CloudAppSecurity||
|CloudAppSecurityType||
|PersistentBrowser||
|PersistentBrowserMode||
|SignInFrequency||
|SignInFrequencyTimeframe| |
### CA - CCX - Global - Block Windows Phone Access
#### Metadata
|Name|Value|
|:--|:--|
|Created|2025-04-03T20:40:52.652171Z|
|DisplayName|CA - CCX - Global - Block Windows Phone Access|
|Id|a045b8c1-caa2-4444-8b26-d0eba0377900|
|Modified|2025-04-15T17:43:16.5472313Z|
|State|enabled|
#### Conditions
|Name|Value|
|:--|:--|
|ApplicationsExclude||
|ApplicationsInclude|All|
|ApplicationsIncludeUserActions||
|ClientAppTypes|all|
|Devices||
|DeviceStates||
|LocationsExclude||
|LocationsInclude||
|PlatformsExclude||
|PlatformsInclude|windowsPhone|
|SignInRiskLevel||
|UsersExclude|Amason, Andrew(Andrew.Amason@carecentrix.com)|
|UsersExcludeGroups|R\_Intune\_Mobile\_AccessR\_AAD\_Offshore\_Access\_MobileAAD\_MEM\_Autopilot\_TroubleshootingR\_Allow\_Bypass\_TimeRestrictionR\_AAD\_Offshore\_Access\_Desktop|
|UsersExcludeRoles||
|UsersInclude|All|
|UsersIncludeGroups||
|UsersIncludeRoles||
#### Grant Controls
|Name|Value|
|:--|:--|
|BuiltInControls|block|
|CustomControls||
|Operator|OR|
|TermsOfUse||
#### Session Controls
|Name|Value|
|:--|:--|
|ApplicationEnforcedRestriction||
|CloudAppSecurity||
|CloudAppSecurityType||
|PersistentBrowser||
|PersistentBrowserMode||
|SignInFrequency||
|SignInFrequencyTimeframe| |
### Microsoft-managed: Block device code flow
#### Metadata
|Name|Value|
|:--|:--|
|Created|2025-04-22T00:41:54.9443682Z|
|DisplayName|Microsoft-managed: Block device code flow|
|Id|b3b9b82b-165e-4b31-a1aa-adb952835e62|
|Modified|2025-04-29T15:25:01.4610866Z|
|State|enabled|
#### Conditions
|Name|Value|
|:--|:--|
|ApplicationsExclude||
|ApplicationsInclude|All|
|ApplicationsIncludeUserActions||
|ClientAppTypes|all|
|Devices||
|DeviceStates||
|LocationsExclude||
|LocationsInclude||
|PlatformsExclude||
|PlatformsInclude||
|SignInRiskLevel||
|UsersExclude||
|UsersExcludeGroups|R\_Intune\_Mobile\_AccessR\_AAD\_Offshore\_Access\_MobileAAD\_MEM\_Autopilot\_TroubleshootingR\_Allow\_Bypass\_TimeRestrictionR\_AAD\_Offshore\_Access\_Desktop|
|UsersExcludeRoles||
|UsersInclude|All|
|UsersIncludeGroups||
|UsersIncludeRoles||
#### Grant Controls
|Name|Value|
|:--|:--|
|BuiltInControls|block|
|CustomControls||
|Operator|OR|
|TermsOfUse||
#### Session Controls
|Name|Value|
|:--|:--|
|ApplicationEnforcedRestriction||
|CloudAppSecurity||
|CloudAppSecurityType||
|PersistentBrowser||
|PersistentBrowserMode||
|SignInFrequency||
|SignInFrequencyTimeframe| |
## PIM Directory Roles
List the directory roles that are eligible assigned in the tenant.
### Authentication Administrator
Allowed to view, set and reset authentication method information for any non-admin user.
|@odata.type|displayName|id|
|:--|:--|:--|
|#microsoft.graph.group|AAD\_Role\_DesktopOperators|0403cee4-a4e5-4223-a1a0-4f067c57f340|
|#microsoft.graph.user|Demarzio, Sarah|153d1311-ae1b-4984-baf1-90922e538c72|
### Intune Administrator
Can manage all aspects of the Intune product.
### Compliance Administrator
Can read and manage compliance configuration and reports in Microsoft Entra ID and Microsoft 365.
|@odata.type|displayName|id|
|:--|:--|:--|
|#microsoft.graph.user|Bailey, Kito|e0ad6bb6-570e-438f-9f5d-69f93d1f4483|
|#microsoft.graph.user|Thomas, Shafton|f7c426bb-d2a4-429e-af06-6b625d1a1365|
### Security Administrator
Security Administrator allows ability to read and manage security configuration and reports.
### Global Reader
Can read everything that a Global Administrator can, but not update anything.
|@odata.type|displayName|id|
|:--|:--|:--|
|#microsoft.graph.user|Foster, Keith|d86ae8d2-f56c-42d4-bf6f-1b90e822e6ba|
|#microsoft.graph.user|Devlin, Jacob|4d5cc9c5-942a-41a0-b5f9-26639cefe480|
|#microsoft.graph.user|Thomas, Shafton|f7c426bb-d2a4-429e-af06-6b625d1a1365|
|#microsoft.graph.user|Mihal, Victoria|87f25e18-c24a-45dc-80e0-f672eb2cd969|
### Cloud Device Administrator
Limited access to manage devices in Microsoft Entra ID.
### Exchange Administrator
Can manage all aspects of the Exchange product.
### Password Administrator
Can reset passwords for non-administrators and Password Administrators.
## Directory Roles
List the directory roles that are activated in the tenant.
### Authentication Administrator
Allowed to view, set and reset authentication method information for any non-admin user.
### Intune Administrator
Can manage all aspects of the Intune product.
|@odata.type|displayName|userPrincipalName|
|:--|:--|:--|
|#microsoft.graph.directoryObject|Amason, Andrew|Andrew.Amason@carecentrix.com|
|#microsoft.graph.directoryObject|Grushinski, Stephen|Stephen.Grushinski@carecentrix.com|
|#microsoft.graph.directoryObject|Intune AD Connector|IntuneADConnector@carecentrix.onmicrosoft.com|
|#microsoft.graph.directoryObject|Service, SCCM|SCCM@carecentrix.onmicrosoft.com|
### License Administrator
Can manage product licenses on users and groups.
|@odata.type|displayName|userPrincipalName|
|:--|:--|:--|
|#microsoft.graph.directoryObject|Mihal, Victoria|Victoria.Mihal@carecentrix.com|
|#microsoft.graph.directoryObject|Prod Cloudficient O365|Prod\_CF\_O365@carecentrix.com|
### Teams Communications Administrator
Can manage calling and meetings features within the Microsoft Teams service.
|@odata.type|displayName|userPrincipalName|
|:--|:--|:--|
|#microsoft.graph.directoryObject|Ho, Davis|Davis.Ho@carecentrix.com|
|#microsoft.graph.directoryObject|Quade, Scott|Scott.Quade@carecentrix.com|
|#microsoft.graph.directoryObject|Foster, Keith|Keith.Foster@carecentrix.com|
### Reports Reader
Can read sign-in and audit reports.
|@odata.type|displayName|userPrincipalName|
|:--|:--|:--|
|#microsoft.graph.directoryObject|Quade, Scott|Scott.Quade@carecentrix.com|
|#microsoft.graph.directoryObject|Foster, Keith|Keith.Foster@carecentrix.com|
|#microsoft.graph.directoryObject|AAD\_Authenication\_Methods\_Admins||
|#microsoft.graph.directoryObject|Demarzio, Sarah|Sarah.Demarzio@carecentrix.com|
### Compliance Administrator
Can read and manage compliance configuration and reports in Microsoft Entra ID and Microsoft 365.
|@odata.type|displayName|userPrincipalName|
|:--|:--|:--|
|#microsoft.graph.directoryObject|Amason, Andrew|Andrew.Amason@carecentrix.com|
|#microsoft.graph.directoryObject|Palmer, Dane|Dane.Palmer@carecentrix.com|
|#microsoft.graph.directoryObject|Grushinski, Stephen|Stephen.Grushinski@carecentrix.com|
### Directory Readers
Can read basic directory information. Commonly used to grant directory read access to applications and guests.
|@odata.type|displayName|userPrincipalName|
|:--|:--|:--|
|#microsoft.graph.directoryObject|Mizrahi, Samantha|Samantha.Mizrahi@carecentrix.com|
|#microsoft.graph.directoryObject|Palo Alto AAD Sync|PAAADSYNC@carecentrix.onmicrosoft.com|
### Global Reader
Can read everything that a Global Administrator can, but not update anything.
|@odata.type|displayName|userPrincipalName|
|:--|:--|:--|
|#microsoft.graph.directoryObject|Amason, Andrew|Andrew.Amason@carecentrix.com|
|#microsoft.graph.directoryObject|Macias, Daniel|Daniel.Macias@carecentrix.com|
|#microsoft.graph.directoryObject|Gonzalez, Robert|Robert.Gonzalez@carecentrix.com|
|#microsoft.graph.directoryObject|Ho, Davis|Davis.Ho@carecentrix.com|
|#microsoft.graph.directoryObject|Quade, Scott|Scott.Quade@carecentrix.com|
|#microsoft.graph.directoryObject|Hill, Phil|Phillip.Hill@carecentrix.com|
|#microsoft.graph.directoryObject|Mihal, Victoria|Victoria.Mihal@carecentrix.com|
|#microsoft.graph.directoryObject|Grushinski, Stephen|Stephen.Grushinski@carecentrix.com|
|#microsoft.graph.directoryObject|Mizrahi, Samantha|Samantha.Mizrahi@carecentrix.com|
|#microsoft.graph.directoryObject|Muston, Craig|Craig.Muston@carecentrix.com|
|#microsoft.graph.directoryObject|Susemihl, Jonathan|Jonathan.Susemihl@carecentrix.com|
|#microsoft.graph.directoryObject|Kats, Dale|Dale.Kats@carecentrix.com|
|#microsoft.graph.directoryObject|Richard, Alexandria|Alexandria.Richard@carecentrix.com|
|#microsoft.graph.directoryObject|Wong, Edward|Edward.Wong@carecentrix.com|
### Global Administrator
Can manage all aspects of Microsoft Entra ID and Microsoft services that use Microsoft Entra identities.
|@odata.type|displayName|userPrincipalName|
|:--|:--|:--|
|#microsoft.graph.directoryObject|Panter, Robert|robert.panter@carecentrix.com|
|#microsoft.graph.directoryObject|Roth, Carrie|Carrie.Roth@carecentrix.com|
|#microsoft.graph.directoryObject|Boatright, Kevin|Kevin.Boatright@carecentrix.com|
|#microsoft.graph.directoryObject|Amason, Andrew|Andrew.Amason@carecentrix.com|
|#microsoft.graph.directoryObject|Palmer, Dane|Dane.Palmer@carecentrix.com|
|#microsoft.graph.directoryObject|Boyles, Brian|Brian.Boyles@carecentrix.com|
|#microsoft.graph.directoryObject|Nguyen, Christopher|Christopher.Nguyen@carecentrix.com|
|#microsoft.graph.directoryObject|Hafer, Dan|Dan.Hafer@carecentrix.com|
|#microsoft.graph.directoryObject|Bailey, Kito|Kito.Bailey@carecentrix.com|
|#microsoft.graph.directoryObject|Bukovac, Jeremy|Jeremy.Bukovac@carecentrix.com|
### Directory Synchronization Accounts
Only used by Microsoft Entra Connect service.
### Attribute Assignment Administrator
Assign custom security attribute keys and values to supported Microsoft Entra objects.
### Billing Administrator
Can perform common billing related tasks like updating payment information.
|@odata.type|displayName|userPrincipalName|
|:--|:--|:--|
|#microsoft.graph.directoryObject|Amason, Andrew|Andrew.Amason@carecentrix.com|
|#microsoft.graph.directoryObject|Gast, Cal|Cal.Gast@carecentrix.com|
|#microsoft.graph.directoryObject|Mihal, Victoria|Victoria.Mihal@carecentrix.com|
### User Administrator
Can manage all aspects of users and groups, including resetting passwords for limited admins.
|@odata.type|displayName|userPrincipalName|
|:--|:--|:--|
|#microsoft.graph.directoryObject|Mihal, Victoria|Victoria.Mihal@carecentrix.com|
|#microsoft.graph.directoryObject|Grushinski, Stephen|Stephen.Grushinski@carecentrix.com|
### User Experience Success Manager
View product feedback, survey results, and reports to find training and communication opportunities.
|@odata.type|displayName|userPrincipalName|
|:--|:--|:--|
|#microsoft.graph.directoryObject|Gonzalez, Robert|Robert.Gonzalez@carecentrix.com|
|#microsoft.graph.directoryObject|Mihal, Victoria|Victoria.Mihal@carecentrix.com|
|#microsoft.graph.directoryObject|Grushinski, Stephen|Stephen.Grushinski@carecentrix.com|
### Desktop Analytics Administrator
Can access and manage Desktop management tools and services.
### Teams Communications Support Engineer
Can troubleshoot communications issues within Teams using advanced tools.
### Teams Administrator
Can manage the Microsoft Teams service.
|@odata.type|displayName|userPrincipalName|
|:--|:--|:--|
|#microsoft.graph.directoryObject|Ho, Davis|Davis.Ho@carecentrix.com|
|#microsoft.graph.directoryObject|Mihal, Victoria|Victoria.Mihal@carecentrix.com|
### Service Support Administrator
Can read service health information and manage support tickets.
## Domains
Lists all domain associated with the tenant.
|authenticationType|availabilityStatus|id|isAdminManaged|isDefault|isInitial|isRoot|isVerified|passwordNotificationWindowInDays|passwordValidityPeriodInDays|state|supportedServices|
|:--|:--|:--|:--|:--|:--|:--|:--|:--|:--|:--|:--|
|Managed||carecentrix.com|True|True|False|True|True||||{Email, OfficeCommunicationsOnline, OrgIdAuthentication, Intune}|
|Managed||carecentrix.onmicrosoft.com|True|False|True|True|True||||{Email, OfficeCommunicationsOnline}|
|Managed||carecentrix.mail.onmicrosoft.com|True|False|False|True|True||||{}|
|Managed||SleepManagementSolutions.Com|True|False|False|True|True||||{Email}|
## Identity Providers
Represents an Azure Active Directory (Azure AD) identity provider. The identity provider can be Microsoft, Google, Facebook, Amazon, LinkedIn, or Twitter. The following Identity Providers are in Preview: Weibo, QQ, WeChat, GitHub and any OpenID Connect supported providers.
|@odata.type|displayName|id|identityProviderType|state|supportedTenantTypes|
|:--|:--|:--|:--|:--|:--|
|#microsoft.graph.builtInIdentityProvider|Azure Active Directory Sign up|AADSignup-OAUTH|AADSignup||entra|
|#microsoft.graph.builtInIdentityProvider|Email One Time Passcode|EmailOtpSignup-OAUTH|EmailOTP||entra|
|#microsoft.graph.builtInIdentityProvider|Microsoft Account|MSASignup-OAUTH|MicrosoftAccount||entra|
## Organization
Lists all Organizational settings.
### CareCentrix, Inc.
|Property|Value|
|:--|:--|
|businessPhones|{913-749-5696}|
|city|Hartford|
|country||
|countryLetterCode|US|
|createdDateTime|2015-01-30T07:01:39Z|
|deletedDateTime||
|directorySizeQuota||
|displayName|CareCentrix, Inc.|
|id|342619e0-4a9a-42e4-a66f-1ff9c85d08d6|
|isMultipleDataLocationsForServicesEnabled||
|marketingNotificationEmails|{}|
|onPremisesLastSyncDateTime|2025-05-19T19:30:42Z|
|onPremisesSyncEnabled|True|
|postalCode|06103-1246|
|preferredLanguage|en|
|privacyProfile||
|securityComplianceNotificationMails|{}|
|securityComplianceNotificationPhones|{}|
|state|ct|
|street|20 Church Street|
|technicalNotificationMails|{andrew.amason@carecentrix.com}|
|tenantType|AAD|
## AAD Policies
### Mobility Management Policy
In Azure AD, a mobility management policy represents an auto-enrollment configuration for a mobility management (MDM or MAM) application. These policies are only applicable to devices based on Windows 10 OS and its derivatives (Surface Hub, Hololens etc.). Auto-enrollment enables organizations to automatically enroll devices into their chosen mobility management application as part of Azure AD join or Azure AD register process on Windows 10 devices.
#### Microsoft Intune
|Property|Value|
|:--|:--|
|appliesTo|all|
|complianceUrl|https://portal.manage.microsoft.com/?portalAction=Compliance|
|description|Device Management Policy for Microsoft Intune|
|discoveryUrl|https://enrollment.manage.microsoft.com/enrollmentserver/discovery.svc|
|displayName|Microsoft Intune|
|id|0000000a-0000-0000-c000-000000000000|
|isValid|True|
|termsOfUseUrl|https://portal.manage.microsoft.com/TermsofUse.aspx|
#### Samsung Knox Manage
|Property|Value|
|:--|:--|
|appliesTo|none|
|complianceUrl|https://portal.manage.microsoft.com/?portalAction=Compliance|
|description|Device Management Policy for Samsung Knox Manage|
|discoveryUrl|https://crs.manage.samsungknox.com/crs/windows/enroll/discovery|
|displayName|Samsung Knox Manage|
|id|acffb494-d687-4dac-b04d-2e3117ac1d46|
|isValid|True|
|termsOfUseUrl|https://crs.manage.samsungknox.com/crs/windows/termsofuse.do|
### Permission Grant Policy
A permission grant policy is used to specify the conditions under which consent can be granted. A permission grant policy consists of a list of includes condition sets, and a list of excludes condition sets. For an event to match a permission grant policy, it must match at least one of the includes conditions sets, and none of the excludes condition sets.
#### All application permissions, for any client app
|Property|Value|
|:--|:--|
|description|Includes all application permissions (app roles), for all APIs, for any client application.|
|displayName|All application permissions, for any client app|
|excludes|{}|
|excludes@odata.context|https://graph.microsoft.com/beta/\$metadata#policies/permissionGrantPolicies('microsoft-all-application-permissions')/excludes|
|id|microsoft-all-application-permissions|
|includeAllPreApprovedApplications|False|
|includes|{@{id=bddda1ec-0174-44d5-84e2-47fb0ac01595; permissionClassification=all; permissionType=application; resourceApplication=any; permissions=System.Object[]; clientApplicationIds=System.Object[]; clientApplicationTenantIds=System.Object[]; clientApplicationPublisherIds=System.Object[]; clientApplicationsFromVerifiedPublisherOnly=False; certifiedClientApplicationsOnly=False; scopeSensitivityLabels=}}|
|includes@odata.context|https://graph.microsoft.com/beta/\$metadata#policies/permissionGrantPolicies('microsoft-all-application-permissions')/includes|
|resourceScopeType|tenant|
#### All chat resource-specific application permissions, for any client app
|Property|Value|
|:--|:--|
|description|Includes all chat resoruce-specific application permissions, for all APIs, for any client application.|
|displayName|All chat resource-specific application permissions, for any client app|
|excludes|{}|
|excludes@odata.context|https://graph.microsoft.com/beta/\$metadata#policies/permissionGrantPolicies('microsoft-all-application-permissions-for-chat')/excludes|
|id|microsoft-all-application-permissions-for-chat|
|includeAllPreApprovedApplications|False|
|includes|{@{id=013e8de3-5e79-4b0f-a440-8f7794086460; permissionClassification=all; permissionType=application; resourceApplication=any; permissions=System.Object[]; clientApplicationIds=System.Object[]; clientApplicationTenantIds=System.Object[]; clientApplicationPublisherIds=System.Object[]; clientApplicationsFromVerifiedPublisherOnly=False; certifiedClientApplicationsOnly=False; scopeSensitivityLabels=}}|
|includes@odata.context|https://graph.microsoft.com/beta/\$metadata#policies/permissionGrantPolicies('microsoft-all-application-permissions-for-chat')/includes|
|resourceScopeType|chat|
#### All team resource-specific application permissions, for any client app
|Property|Value|
|:--|:--|
|description|(Deprecated) Includes all team resource-specific application permissions, for all APIs, for any client application.|
|displayName|All team resource-specific application permissions, for any client app|
|excludes|{}|
|excludes@odata.context|https://graph.microsoft.com/beta/\$metadata#policies/permissionGrantPolicies('microsoft-all-application-permissions-for-team')/excludes|
|id|microsoft-all-application-permissions-for-team|
|includeAllPreApprovedApplications|False|
|includes|{@{id=1cf43e54-f240-4e19-8436-8d4fc4c97ab6; permissionClassification=all; permissionType=application; resourceApplication=any; permissions=System.Object[]; clientApplicationIds=System.Object[]; clientApplicationTenantIds=System.Object[]; clientApplicationPublisherIds=System.Object[]; clientApplicationsFromVerifiedPublisherOnly=False; certifiedClientApplicationsOnly=False; scopeSensitivityLabels=}}|
|includes@odata.context|https://graph.microsoft.com/beta/\$metadata#policies/permissionGrantPolicies('microsoft-all-application-permissions-for-team')/includes|
|resourceScopeType|team|
#### All application permissions, for client apps from verified publishers or this organization
|Property|Value|
|:--|:--|
|description|Includes all application permissions (app roles), for all APIs, for client applications from verified publishers or which were registered in this organization.|
|displayName|All application permissions, for client apps from verified publishers or this organization|
|excludes|{}|
|excludes@odata.context|https://graph.microsoft.com/beta/\$metadata#policies/permissionGrantPolicies('microsoft-all-application-permissions-verified')/excludes|
|id|microsoft-all-application-permissions-verified|
|includeAllPreApprovedApplications|False|
|includes|{@{id=c6b9e210-8bf5-446f-81bf-618f5a9cad09; permissionClassification=all; permissionType=application; resourceApplication=any; permissions=System.Object[]; clientApplicationIds=System.Object[]; clientApplicationTenantIds=System.Object[]; clientApplicationPublisherIds=System.Object[]; clientApplicationsFromVerifiedPublisherOnly=True; certifiedClientApplicationsOnly=False; scopeSensitivityLabels=}, @{id=13eda53f-4c56-4c8e-878c-6df6f1d331ee; permissionClassification=all; permissionType=application; resourceApplication=any; permissions=System.Object[]; clientApplicationIds=System.Object[]; clientApplicationTenantIds=System.Object[]; clientApplicationPublisherIds=System.Object[]; clientApplicationsFromVerifiedPublisherOnly=False; certifiedClientApplicationsOnly=False; scopeSensitivityLabels=}}|
|includes@odata.context|https://graph.microsoft.com/beta/\$metadata#policies/permissionGrantPolicies('microsoft-all-application-permissions-verified')/includes|
|resourceScopeType|tenant|
#### Application Admin Policy
|Property|Value|
|:--|:--|
|description|Permissions consentable by Application Administrators.|
|displayName|Application Admin Policy|
|excludes|{@{id=c85b029f-4abf-47d8-ae61-d2a38299033a; permissionClassification=all; permissionType=application; resourceApplication=00000003-0000-0000-c000-000000000000; permissions=System.Object[]; clientApplicationIds=System.Object[]; clientApplicationTenantIds=System.Object[]; clientApplicationPublisherIds=System.Object[]; clientApplicationsFromVerifiedPublisherOnly=False; certifiedClientApplicationsOnly=False; scopeSensitivityLabels=}, @{id=2a1fbb36-9d9a-42d8-8804-de2aa45aca80; permissionClassification=all; permissionType=application; resourceApplication=00000002-0000-0000-c000-000000000000; permissions=System.Object[]; clientApplicationIds=System.Object[]; clientApplicationTenantIds=System.Object[]; clientApplicationPublisherIds=System.Object[]; clientApplicationsFromVerifiedPublisherOnly=False; certifiedClientApplicationsOnly=False; scopeSensitivityLabels=}}|
|excludes@odata.context|https://graph.microsoft.com/beta/\$metadata#policies/permissionGrantPolicies('microsoft-application-admin')/excludes|
|id|microsoft-application-admin|
|includeAllPreApprovedApplications|False|
|includes|{@{id=811d2da7-443c-43da-96e7-28d285b234e9; permissionClassification=all; permissionType=application; resourceApplication=any; permissions=System.Object[]; clientApplicationIds=System.Object[]; clientApplicationTenantIds=System.Object[]; clientApplicationPublisherIds=System.Object[]; clientApplicationsFromVerifiedPublisherOnly=False; certifiedClientApplicationsOnly=False; scopeSensitivityLabels=}, @{id=60461179-740e-4d8b-9e00-1456a338c44b; permissionClassification=all; permissionType=delegated; resourceApplication=any; permissions=System.Object[]; clientApplicationIds=System.Object[]; clientApplicationTenantIds=System.Object[]; clientApplicationPublisherIds=System.Object[]; clientApplicationsFromVerifiedPublisherOnly=False; certifiedClientApplicationsOnly=False; scopeSensitivityLabels=}}|
|includes@odata.context|https://graph.microsoft.com/beta/\$metadata#policies/permissionGrantPolicies('microsoft-application-admin')/includes|
|resourceScopeType|tenant|
#### Company Admin Policy
|Property|Value|
|:--|:--|
|description|Permissions consentable by Company Administrators.|
|displayName|Company Admin Policy|
|excludes|{}|
|excludes@odata.context|https://graph.microsoft.com/beta/\$metadata#policies/permissionGrantPolicies('microsoft-company-admin')/excludes|
|id|microsoft-company-admin|
|includeAllPreApprovedApplications|False|
|includes|{@{id=1f06f3a1-42d3-4243-8fbc-5d0c30d4de4c; permissionClassification=all; permissionType=application; resourceApplication=any; permissions=System.Object[]; clientApplicationIds=System.Object[]; clientApplicationTenantIds=System.Object[]; clientApplicationPublisherIds=System.Object[]; clientApplicationsFromVerifiedPublisherOnly=False; certifiedClientApplicationsOnly=False; scopeSensitivityLabels=}, @{id=08619a19-ae6f-406c-b9a0-ea6af1f1558d; permissionClassification=all; permissionType=delegated; resourceApplication=any; permissions=System.Object[]; clientApplicationIds=System.Object[]; clientApplicationTenantIds=System.Object[]; clientApplicationPublisherIds=System.Object[]; clientApplicationsFromVerifiedPublisherOnly=False; certifiedClientApplicationsOnly=False; scopeSensitivityLabels=}}|
|includes@odata.context|https://graph.microsoft.com/beta/\$metadata#policies/permissionGrantPolicies('microsoft-company-admin')/includes|
|resourceScopeType|tenant|
#### Dynamically managed Microsoft policy for chat resource-specific consent
|Property|Value|
|:--|:--|
|description|Includes dynamically managed permissions allowed for chat resource-specific consent.|
|displayName|Dynamically managed Microsoft policy for chat resource-specific consent|
|excludes|{}|
|excludes@odata.context|https://graph.microsoft.com/beta/\$metadata#policies/permissionGrantPolicies('microsoft-dynamically-managed-permissions-for-chat')/excludes|
|id|microsoft-dynamically-managed-permissions-for-chat|
|includeAllPreApprovedApplications|False|
|includes|{@{id=feb0eaee-f52c-40bf-a932-4b6b86969877; permissionClassification=all; permissionType=application; resourceApplication=any; permissions=System.Object[]; clientApplicationIds=System.Object[]; clientApplicationTenantIds=System.Object[]; clientApplicationPublisherIds=System.Object[]; clientApplicationsFromVerifiedPublisherOnly=False; certifiedClientApplicationsOnly=False; scopeSensitivityLabels=}}|
|includes@odata.context|https://graph.microsoft.com/beta/\$metadata#policies/permissionGrantPolicies('microsoft-dynamically-managed-permissions-for-chat')/includes|
|resourceScopeType|chat|
#### Dynamically managed Microsoft policy for team resource-specific consent
|Property|Value|
|:--|:--|
|description|Includes dynamically managed permissions allowed for team resource-specific consent.|
|displayName|Dynamically managed Microsoft policy for team resource-specific consent|
|excludes|{}|
|excludes@odata.context|https://graph.microsoft.com/beta/\$metadata#policies/permissionGrantPolicies('microsoft-dynamically-managed-permissions-for-team')/excludes|
|id|microsoft-dynamically-managed-permissions-for-team|
|includeAllPreApprovedApplications|False|
|includes|{@{id=9cc16611-4f55-4405-ac32-3138bd0be516; permissionClassification=all; permissionType=application; resourceApplication=any; permissions=System.Object[]; clientApplicationIds=System.Object[]; clientApplicationTenantIds=System.Object[]; clientApplicationPublisherIds=System.Object[]; clientApplicationsFromVerifiedPublisherOnly=False; certifiedClientApplicationsOnly=False; scopeSensitivityLabels=}}|
|includes@odata.context|https://graph.microsoft.com/beta/\$metadata#policies/permissionGrantPolicies('microsoft-dynamically-managed-permissions-for-team')/includes|
|resourceScopeType|team|
#### Includes apps that have been pre-approved by permission grant pre-approval policy for chat
|Property|Value|
|:--|:--|
|description|Includes apps that have been pre-approved by permission grant pre-approval policy for chat resource specific consent.|
|displayName|Includes apps that have been pre-approved by permission grant pre-approval policy for chat|
|excludes|{}|
|excludes@odata.context|https://graph.microsoft.com/beta/\$metadata#policies/permissionGrantPolicies('microsoft-pre-approval-apps-for-chat')/excludes|
|id|microsoft-pre-approval-apps-for-chat|
|includeAllPreApprovedApplications|True|
|includes|{}|
|includes@odata.context|https://graph.microsoft.com/beta/\$metadata#policies/permissionGrantPolicies('microsoft-pre-approval-apps-for-chat')/includes|
|resourceScopeType|chat|
#### Includes apps that have been pre-approved by permission grant pre-approval policy for team
|Property|Value|
|:--|:--|
|description|Includes apps that have been pre-approved by permission grant pre-approval policy for team resource specific consent.|
|displayName|Includes apps that have been pre-approved by permission grant pre-approval policy for team|
|excludes|{}|
|excludes@odata.context|https://graph.microsoft.com/beta/\$metadata#policies/permissionGrantPolicies('microsoft-pre-approval-apps-for-team')/excludes|
|id|microsoft-pre-approval-apps-for-team|
|includeAllPreApprovedApplications|True|
|includes|{}|
|includes@odata.context|https://graph.microsoft.com/beta/\$metadata#policies/permissionGrantPolicies('microsoft-pre-approval-apps-for-team')/includes|
|resourceScopeType|team|
#### Default User Legacy Policy
|Property|Value|
|:--|:--|
|description|All delegated permissions that do not require admin consent as defined by the developer are consentable by member type users by default.|
|displayName|Default User Legacy Policy|
|excludes|{}|
|excludes@odata.context|https://graph.microsoft.com/beta/\$metadata#policies/permissionGrantPolicies('microsoft-user-default-legacy')/excludes|
|id|microsoft-user-default-legacy|
|includeAllPreApprovedApplications|False|
|includes|{@{id=e008dda9-5521-4e9b-a941-744b3aa7a610; permissionClassification=all; permissionType=delegatedUserConsentable; resourceApplication=any; permissions=System.Object[]; clientApplicationIds=System.Object[]; clientApplicationTenantIds=System.Object[]; clientApplicationPublisherIds=System.Object[]; clientApplicationsFromVerifiedPublisherOnly=False; certifiedClientApplicationsOnly=False; scopeSensitivityLabels=}}|
|includes@odata.context|https://graph.microsoft.com/beta/\$metadata#policies/permissionGrantPolicies('microsoft-user-default-legacy')/includes|
|resourceScopeType|tenant|
#### Default User Low Risk Policy
|Property|Value|
|:--|:--|
|description|All low risk permissions are consentable by member type users by default.|
|displayName|Default User Low Risk Policy|
|excludes|{}|
|excludes@odata.context|https://graph.microsoft.com/beta/\$metadata#policies/permissionGrantPolicies('microsoft-user-default-low')/excludes|
|id|microsoft-user-default-low|
|includeAllPreApprovedApplications|False|
|includes|{@{id=9c72ced4-50c7-4486-933e-6756d554b199; permissionClassification=low; permissionType=delegated; resourceApplication=any; permissions=System.Object[]; clientApplicationIds=System.Object[]; clientApplicationTenantIds=System.Object[]; clientApplicationPublisherIds=System.Object[]; clientApplicationsFromVerifiedPublisherOnly=False; certifiedClientApplicationsOnly=False; scopeSensitivityLabels=}, @{id=8ce99f96-730c-4ebd-8397-07ee65942b97; permissionClassification=low; permissionType=delegated; resourceApplication=any; permissions=System.Object[]; clientApplicationIds=System.Object[]; clientApplicationTenantIds=System.Object[]; clientApplicationPublisherIds=System.Object[]; clientApplicationsFromVerifiedPublisherOnly=True; certifiedClientApplicationsOnly=False; scopeSensitivityLabels=}}|
|includes@odata.context|https://graph.microsoft.com/beta/\$metadata#policies/permissionGrantPolicies('microsoft-user-default-low')/includes|
|resourceScopeType|tenant|
#### Microsoft User Default Recommended Policy
|Property|Value|
|:--|:--|
|description|Permissions consentable based on Microsoft's current recommendations.|
|displayName|Microsoft User Default Recommended Policy|
|excludes|{}|
|excludes@odata.context|https://graph.microsoft.com/beta/\$metadata#policies/permissionGrantPolicies('microsoft-user-default-recommended')/excludes|
|id|microsoft-user-default-recommended|
|includeAllPreApprovedApplications|False|
|includes|{@{id=939e5649-d754-4aa4-90df-8bfb027d11cc; permissionClassification=all; permissionType=delegated; resourceApplication=00000003-0000-0000-c000-000000000000; permissions=System.Object[]; clientApplicationIds=System.Object[]; clientApplicationTenantIds=System.Object[]; clientApplicationPublisherIds=System.Object[]; clientApplicationsFromVerifiedPublisherOnly=True; certifiedClientApplicationsOnly=False; scopeSensitivityLabels=}}|
|includes@odata.context|https://graph.microsoft.com/beta/\$metadata#policies/permissionGrantPolicies('microsoft-user-default-recommended')/includes|
|resourceScopeType|tenant|
### Token Issuance Policy
Represents the policy to specify the characteristics of SAML tokens issued by Azure AD. You can use token-issuance policies to:
Set signing options
Set signing algorithm
Set SAML token version
#### TokenIssuancePolicy
|Property|Value|
|:--|:--|
|definition|{{"TokenIssuancePolicy":{"Version":1,"SigningAlgorithm":"http://www.w3.org/2001/04/xmldsig-more#rsa-sha256","TokenResponseSigningPolicy":"ResponseOnly","SamlTokenVersion":"2.0","EmitSamlNameFormat":false}}}|
|deletedDateTime||
|displayName|TokenIssuancePolicy|
|id|fa2895d2-891e-4286-8837-e6924c06ce3a|
|isOrganizationDefault|False|
#### TokenIssuancePolicy
|Property|Value|
|:--|:--|
|definition|{{"TokenIssuancePolicy":{"Version":1,"SigningAlgorithm":"http://www.w3.org/2001/04/xmldsig-more#rsa-sha256","TokenResponseSigningPolicy":"ResponseAndToken","SamlTokenVersion":"2.0","EmitSamlNameFormat":false}}}|
|deletedDateTime||
|displayName|TokenIssuancePolicy|
|id|8788f1fa-ca5f-49f7-8e28-1ce724e771f7|
|isOrganizationDefault|False|
#### TokenIssuancePolicy
|Property|Value|
|:--|:--|
|definition|{{"TokenIssuancePolicy":{"Version":1,"SigningAlgorithm":"http://www.w3.org/2001/04/xmldsig-more#rsa-sha256","TokenResponseSigningPolicy":"ResponseAndToken","SamlTokenVersion":"2.0","EmitSamlNameFormat":false}}}|
|deletedDateTime||
|displayName|TokenIssuancePolicy|
|id|24263ac5-3814-4798-935e-923d95e5d9ad|
|isOrganizationDefault|False|
#### TokenIssuancePolicy
|Property|Value|
|:--|:--|
|definition|{{"TokenIssuancePolicy":{"Version":1,"SigningAlgorithm":"http://www.w3.org/2001/04/xmldsig-more#rsa-sha256","TokenResponseSigningPolicy":"ResponseAndToken","SamlTokenVersion":"2.0","EmitSamlNameFormat":false}}}|
|deletedDateTime||
|displayName|TokenIssuancePolicy|
|id|db45b70e-f5db-47c6-84f7-41c0569df5b8|
|isOrganizationDefault|False|
#### TokenIssuancePolicy
|Property|Value|
|:--|:--|
|definition|{{"TokenIssuancePolicy":{"Version":1,"SigningAlgorithm":"http://www.w3.org/2001/04/xmldsig-more#rsa-sha256","TokenResponseSigningPolicy":"ResponseAndToken","SamlTokenVersion":"2.0","EmitSamlNameFormat":false}}}|
|deletedDateTime||
|displayName|TokenIssuancePolicy|
|id|78cc2425-f990-4557-9c24-2995d20e96d7|
|isOrganizationDefault|False|
### Security Defaults Policy
Represents the Azure Active Directory security defaults policy. Security defaults contain preconfigured security settings that protect against common attacks.
### Continuous Access Evaluation Policy
Continuous Access Evaluation (CAE) manages authentication sessions in real time. CAE allows customers to handle access to resources by supporting instant revocation events.
### Authorization Policy
Represents a policy that can control Azure Active Directory authorization settings. It's a singleton that inherits from base policy type, and always exists for the tenant.
### Feature rollout policy
Creating a feature rollout policy helps tenant administrators to pilot features of Azure AD with a specific group before enabling features for entire organization. This minimizes the impact and helps administrators to test and rollout authentication related features gradually.
## Subscriptions
Contains information about Subscription/Online Services that a company is subscribed to.
|accountId|accountName|appliesTo|capabilityStatus|consumedUnits|id|prepaidUnits|servicePlans|skuId|skuPartNumber|subscriptionIds|
|:--|:--|:--|:--|:--|:--|:--|:--|:--|:--|:--|
|342619e0-4a9a-42e4-a66f-1ff9c85d08d6|carecentrix|User|Enabled|258|342619e0-4a9a-42e4-a66f-1ff9c85d08d6\_c5928f49-12ba-48f7-ada3-0d743a3601d5||{@{servicePlanId=da792a53-cbc0-4184-a10d-e544dd34b3c1; servicePlanName=ONEDRIVE\_BASIC; provisioningStatus=Success; appliesTo=User}, @{servicePlanId=2bdbaf8f-738f-4ac7-9234-3c3ee2ce7d0f; servicePlanName=VISIOONLINE; provisioningStatus=Success; appliesTo=User}, @{servicePlanId=113feb6c-3fe4-4440-bddc-54d774bf0318; servicePlanName=EXCHANGE\_S\_FOUNDATION; provisioningStatus=Success; appliesTo=Company}, @{servicePlanId=663a804f-1c30-4ff0-9915-9db84f0d1cea; servicePlanName=VISIO\_CLIENT\_SUBSCRIPTION; provisioningStatus=Success; appliesTo=User}}|c5928f49-12ba-48f7-ada3-0d743a3601d5|VISIOCLIENT|{dd26731c-0c59-4ade-99eb-bda926f3b607}|
|342619e0-4a9a-42e4-a66f-1ff9c85d08d6|carecentrix|User|Enabled|5|342619e0-4a9a-42e4-a66f-1ff9c85d08d6\_1f2f344a-700d-42c9-9427-5cea1d5d7ba6||{@{servicePlanId=113feb6c-3fe4-4440-bddc-54d774bf0318; servicePlanName=EXCHANGE\_S\_FOUNDATION; provisioningStatus=Success; appliesTo=Company}, @{servicePlanId=acffdce6-c30f-4dc2-81c0-372e33c515ec; servicePlanName=Microsoft Stream; provisioningStatus=Success; appliesTo=User}}|1f2f344a-700d-42c9-9427-5cea1d5d7ba6|STREAM|{2fc73105-5d05-477e-8af0-38c28aa4c5d2}|
|342619e0-4a9a-42e4-a66f-1ff9c85d08d6|carecentrix|User|Enabled|0|342619e0-4a9a-42e4-a66f-1ff9c85d08d6\_4a51bf65-409c-4a91-b845-1121b571cc9d||{@{servicePlanId=6ea4c1ef-c259-46df-bce2-943342cd3cb2; servicePlanName=DYN365\_CDS\_P2; provisioningStatus=Success; appliesTo=User}, @{servicePlanId=c5002c70-f725-4367-b409-f0eff4fee6c0; servicePlanName=FLOW\_PER\_USER; provisioningStatus=Success; appliesTo=User}, @{servicePlanId=113feb6c-3fe4-4440-bddc-54d774bf0318; servicePlanName=EXCHANGE\_S\_FOUNDATION; provisioningStatus=Success; appliesTo=Company}}|4a51bf65-409c-4a91-b845-1121b571cc9d|FLOW\_PER\_USER|{4a76c142-c03c-45cd-97ad-fa053c791970}|
|342619e0-4a9a-42e4-a66f-1ff9c85d08d6|carecentrix|User|Enabled|817|342619e0-4a9a-42e4-a66f-1ff9c85d08d6\_f5b15d67-b99e-406b-90f1-308452f94de6||{@{servicePlanId=795f6fe0-cc4d-4773-b050-5dde4dc704c9; servicePlanName=UNIVERSAL\_PRINT\_01; provisioningStatus=Success; appliesTo=User}, @{servicePlanId=7bf960f6-2cd9-443a-8046-5dbff9558365; servicePlanName=WINDOWSUPDATEFORBUSINESS\_DEPLOYMENTSERVICE; provisioningStatus=Success; appliesTo=User}, @{servicePlanId=3efbd4ed-8958-4824-8389-1321f8730af8; servicePlanName=MESH\_AVATARS\_ADDITIONAL\_FOR\_TEAMS; provisioningStatus=Success; appliesTo=User}, @{servicePlanId=dcf9d2f4-772e-4434-b757-77a453cfbc02; servicePlanName=MESH\_AVATARS\_FOR\_TEAMS; provisioningStatus=Success; appliesTo=User}, @{servicePlanId=c4b8c31a-fb44-4c65-9837-a21f55fcabda; servicePlanName=MICROSOFT\_LOOP; provisioningStatus=Success; appliesTo=User}, @{servicePlanId=0d0c0d31-fae7-41f2-b909-eaf4d7f26dba; servicePlanName=Bing\_Chat\_Enterprise; provisioningStatus=Success; appliesTo=User}, @{servicePlanId=a1ace008-72f3-4ea0-8dac-33b3a23a2472; servicePlanName=CLIPCHAMP; provisioningStatus=Success; appliesTo=User}, @{servicePlanId=9a6eeb79-0b4b-4bf0-9808-39d99a2cd5a3; servicePlanName=Windows\_Autopatch; provisioningStatus=Success; appliesTo=User}}|f5b15d67-b99e-406b-90f1-308452f94de6|Microsoft\_365\_E3\_Extra\_Features|{cf7681ba-6338-472a-8731-004eee9c45bb}|
|342619e0-4a9a-42e4-a66f-1ff9c85d08d6|carecentrix|User|Enabled|7|342619e0-4a9a-42e4-a66f-1ff9c85d08d6\_f8a1db68-be16-40ed-86d5-cb42ce701560||{@{servicePlanId=c948ea65-2053-4a5a-8a62-9eaaaf11b522; servicePlanName=PURVIEW\_DISCOVERY; provisioningStatus=Success; appliesTo=User}, @{servicePlanId=113feb6c-3fe4-4440-bddc-54d774bf0318; servicePlanName=EXCHANGE\_S\_FOUNDATION; provisioningStatus=Success; appliesTo=Company}, @{servicePlanId=70d33638-9c74-4d01-bfd3-562de28bd4ba; servicePlanName=BI\_AZURE\_P2; provisioningStatus=Success; appliesTo=User}}|f8a1db68-be16-40ed-86d5-cb42ce701560|POWER\_BI\_PRO|{9d14b0cc-74fb-449b-8bba-841cb4f35811}|
|342619e0-4a9a-42e4-a66f-1ff9c85d08d6|carecentrix|User|Enabled|10|342619e0-4a9a-42e4-a66f-1ff9c85d08d6\_639dec6b-bb19-468b-871c-c5c441c4b0cb||{@{servicePlanId=ff7b261f-d98b-415b-827c-42a3fdf015af; servicePlanName=WORKPLACE\_ANALYTICS\_INSIGHTS\_BACKEND; provisioningStatus=Success; appliesTo=Company}, @{servicePlanId=b622badb-1b45-48d5-920f-4b27a2c0996c; servicePlanName=WORKPLACE\_ANALYTICS\_INSIGHTS\_USER; provisioningStatus=Success; appliesTo=User}, @{servicePlanId=fe6c28b3-d468-44ea-bbd0-a10a5167435c; servicePlanName=COPILOT\_STUDIO\_IN\_COPILOT\_FOR\_M365; provisioningStatus=Success; appliesTo=User}, @{servicePlanId=0aedf20c-091d-420b-aadf-30c042609612; servicePlanName=M365\_COPILOT\_SHAREPOINT; provisioningStatus=Success; appliesTo=User}, @{servicePlanId=82d30987-df9b-4486-b146-198b21d164c7; servicePlanName=GRAPH\_CONNECTORS\_COPILOT; provisioningStatus=Success; appliesTo=User}, @{servicePlanId=89f1c4c8-0878-40f7-804d-869c9128ab5d; servicePlanName=M365\_COPILOT\_CONNECTORS; provisioningStatus=Success; appliesTo=User}, @{servicePlanId=a62f8878-de10-42f3-b68f-6149a25ceb97; servicePlanName=M365\_COPILOT\_APPS; provisioningStatus=Success; appliesTo=User}, @{servicePlanId=b95945de-b3bd-46db-8437-f2beb6ea2347; servicePlanName=M365\_COPILOT\_TEAMS; provisioningStatus=Success; appliesTo=User}, @{servicePlanId=3f30311c-6b1e-48a4-ab79-725b469da960; servicePlanName=M365\_COPILOT\_BUSINESS\_CHAT; provisioningStatus=Success; appliesTo=User}, @{servicePlanId=931e4a88-a67f-48b5-814f-16a5f1e6028d; servicePlanName=M365\_COPILOT\_INTELLIGENT\_SEARCH; provisioningStatus=Success; appliesTo=User}}|639dec6b-bb19-468b-871c-c5c441c4b0cb|Microsoft\_365\_Copilot|{87ba7873-96db-458a-967f-86b7c622aef3}|
|342619e0-4a9a-42e4-a66f-1ff9c85d08d6|carecentrix|User|Enabled|21|342619e0-4a9a-42e4-a66f-1ff9c85d08d6\_8f0c5670-4e56-4892-b06d-91c085d7004f||{@{servicePlanId=113feb6c-3fe4-4440-bddc-54d774bf0318; servicePlanName=EXCHANGE\_S\_FOUNDATION; provisioningStatus=Success; appliesTo=Company}, @{servicePlanId=0bfc98ed-1dbc-4a97-b246-701754e48b17; servicePlanName=SPZA; provisioningStatus=Success; appliesTo=User}}|8f0c5670-4e56-4892-b06d-91c085d7004f|SPZA\_IW|{3ee5edab-8704-4b74-9678-4be27aaed077}|
|342619e0-4a9a-42e4-a66f-1ff9c85d08d6|carecentrix|Company|Enabled|0|342619e0-4a9a-42e4-a66f-1ff9c85d08d6\_6470687e-a428-4b7a-bef2-8a291ad947c9||{@{servicePlanId=113feb6c-3fe4-4440-bddc-54d774bf0318; servicePlanName=EXCHANGE\_S\_FOUNDATION; provisioningStatus=Success; appliesTo=Company}, @{servicePlanId=a420f25f-a7b3-4ff5-a9d0-5d58f73b537d; servicePlanName=WINDOWS\_STORE; provisioningStatus=Success; appliesTo=Company}}|6470687e-a428-4b7a-bef2-8a291ad947c9|WINDOWS\_STORE|{78a20780-c981-4c21-946a-5031c1611f92}|
|342619e0-4a9a-42e4-a66f-1ff9c85d08d6|carecentrix|User|Enabled|1930|342619e0-4a9a-42e4-a66f-1ff9c85d08d6\_6fd2c87f-b296-42f0-b197-1e91e994b900||{@{servicePlanId=1fe6227d-3e01-46d0-9510-0acad4ff6e94; servicePlanName=PLACES\_CORE; provisioningStatus=Success; appliesTo=User}, @{servicePlanId=a6520331-d7d4-4276-95f5-15c0933bc757; servicePlanName=GRAPH\_CONNECTORS\_SEARCH\_INDEX; provisioningStatus=Success; appliesTo=User}, @{servicePlanId=a1ace008-72f3-4ea0-8dac-33b3a23a2472; servicePlanName=CLIPCHAMP; provisioningStatus=Success; appliesTo=User}, @{servicePlanId=0d0c0d31-fae7-41f2-b909-eaf4d7f26dba; servicePlanName=Bing\_Chat\_Enterprise; provisioningStatus=Success; appliesTo=User}, @{servicePlanId=f0ff6ac6-297d-49cd-be34-6dfef97f0c28; servicePlanName=MESH\_IMMERSIVE\_FOR\_TEAMS; provisioningStatus=Success; appliesTo=User}, @{servicePlanId=3efbd4ed-8958-4824-8389-1321f8730af8; servicePlanName=MESH\_AVATARS\_ADDITIONAL\_FOR\_TEAMS; provisioningStatus=Success; appliesTo=User}, @{servicePlanId=dcf9d2f4-772e-4434-b757-77a453cfbc02; servicePlanName=MESH\_AVATARS\_FOR\_TEAMS; provisioningStatus=Success; appliesTo=User}, @{servicePlanId=6f23d6a9-adbf-481c-8538-b4c095654487; servicePlanName=M365\_LIGHTHOUSE\_CUSTOMER\_PLAN1; provisioningStatus=Success; appliesTo=Company}, @{servicePlanId=a82fbf69-b4d7-49f4-83a6-915b2cf354f4; servicePlanName=VIVAENGAGE\_CORE; provisioningStatus=Success; appliesTo=User}, @{servicePlanId=b76fb638-6ba6-402a-b9f9-83d28acb3d86; servicePlanName=VIVA\_LEARNING\_SEEDED; provisioningStatus=Success; appliesTo=User}, @{servicePlanId=db4d623d-b514-490b-b7ef-8885eee514de; servicePlanName=Nucleus; provisioningStatus=Success; appliesTo=Company}, @{servicePlanId=2b815d45-56e4-4e3a-b65c-66cb9175b560; servicePlanName=ContentExplorer\_Standard; provisioningStatus=Success; appliesTo=Company}, @{servicePlanId=041fe683-03e4-45b6-b1af-c0cdc516daee; servicePlanName=POWER\_VIRTUAL\_AGENTS\_O365\_P2; provisioningStatus=Success; appliesTo=User}, @{servicePlanId=95b76021-6a53-4741-ab8b-1d1f3d66a95a; servicePlanName=CDS\_O365\_P2; provisioningStatus=Success; appliesTo=User}, @{servicePlanId=31b4e2fc-4cd6-4e7d-9c1b-41407303bd66; servicePlanName=PROJECT\_O365\_P2; provisioningStatus=Success; appliesTo=User}, @{servicePlanId=4ff01e01-1ba7-4d71-8cf8-ce96c3bbcf14; servicePlanName=DYN365\_CDS\_O365\_P2; provisioningStatus=Success; appliesTo=User}, @{servicePlanId=199a5c09-e0ca-4e37-8f7c-b05d533e1ea2; servicePlanName=MICROSOFTBOOKINGS; provisioningStatus=Success; appliesTo=User}, @{servicePlanId=aebd3021-9f8f-4bf8-bbe3-0ed2f4f047a1; servicePlanName=KAIZALA\_O365\_P3; provisioningStatus=Success; appliesTo=User}, @{servicePlanId=94065c59-bc8e-4e8b-89e5-5138d471eaff; servicePlanName=MICROSOFT\_SEARCH; provisioningStatus=Success; appliesTo=Company}, @{servicePlanId=94a54592-cd8b-425e-87c6-97868b000b91; servicePlanName=WHITEBOARD\_PLAN2; provisioningStatus=Success; appliesTo=User}, @{servicePlanId=5136a095-5cf0-4aff-bec3-e84448b38ea5; servicePlanName=MIP\_S\_CLP1; provisioningStatus=Success; appliesTo=User}, @{servicePlanId=33c4f319-9bdd-48d6-9c4d-410b750a4a5a; servicePlanName=MYANALYTICS\_P2; provisioningStatus=Success; appliesTo=User}, @{servicePlanId=c87f142c-d1e9-4363-8630-aaea9c4d9ae5; servicePlanName=BPOS\_S\_TODO\_2; provisioningStatus=Success; appliesTo=User}, @{servicePlanId=2789c901-c14e-48ab-a76a-be334d9d793a; servicePlanName=FORMS\_PLAN\_E3; provisioningStatus=Success; appliesTo=User}, @{servicePlanId=9e700747-8b1d-45e5-ab8d-ef187ceec156; servicePlanName=STREAM\_O365\_E3; provisioningStatus=Success; appliesTo=User}, @{servicePlanId=8c7d2df8-86f0-4902-b2ed-a0458298f3b3; servicePlanName=Deskless; provisioningStatus=Success; appliesTo=User}, @{servicePlanId=76846ad7-7776-4c40-a281-a386362dd1b9; servicePlanName=FLOW\_O365\_P2; provisioningStatus=Success; appliesTo=User}, @{servicePlanId=c68f8d98-5534-41c8-bf36-22fa496fa792; servicePlanName=POWERAPPS\_O365\_P2; provisioningStatus=Success; appliesTo=User}, @{servicePlanId=57ff2da0-773e-42df-b2af-ffb7a2317929; servicePlanName=TEAMS1; provisioningStatus=Success; appliesTo=User}, @{servicePlanId=b737dad2-2f6c-4c65-90e3-ca563267e8b9; servicePlanName=PROJECTWORKMANAGEMENT; provisioningStatus=Success; appliesTo=User}, @{servicePlanId=a23b959c-7ce8-4e57-9140-b90eb88a9e97; servicePlanName=SWAY; provisioningStatus=Success; appliesTo=User}, @{servicePlanId=882e1d05-acd1-4ccb-8708-6ee03664b117; servicePlanName=INTUNE\_O365; provisioningStatus=PendingActivation; appliesTo=Company}, @{servicePlanId=7547a3fe-08ee-4ccb-b430-5077c5041653; servicePlanName=YAMMER\_ENTERPRISE; provisioningStatus=Success; appliesTo=User}, @{servicePlanId=bea4c11e-220a-4e6d-8eb8-8ea15d019f90; servicePlanName=RMS\_S\_ENTERPRISE; provisioningStatus=Success; appliesTo=User}, @{servicePlanId=43de0ff5-c92c-492b-9116-175376d08c38; servicePlanName=OFFICESUBSCRIPTION; provisioningStatus=Success; appliesTo=User}, @{servicePlanId=0feaeb32-d00e-4d66-bd5a-43b5b83db82c; servicePlanName=MCOSTANDARD; provisioningStatus=Success; appliesTo=User}, @{servicePlanId=e95bec33-7c88-4a70-8e19-b10bd9d0c014; servicePlanName=SHAREPOINTWAC; provisioningStatus=Success; appliesTo=User}, @{servicePlanId=5dbe027f-2339-4123-9542-606e4d348a72; servicePlanName=SHAREPOINTENTERPRISE; provisioningStatus=Success; appliesTo=User}, @{servicePlanId=efb87545-963c-4e0d-99df-69c6916d9eb0; servicePlanName=EXCHANGE\_S\_ENTERPRISE; provisioningStatus=Success; appliesTo=User}}|6fd2c87f-b296-42f0-b197-1e91e994b900|ENTERPRISEPACK|{80a66e61-a898-4ab4-bf37-ce7c34fc3c27}|
|342619e0-4a9a-42e4-a66f-1ff9c85d08d6|carecentrix|User|Enabled|735|342619e0-4a9a-42e4-a66f-1ff9c85d08d6\_f30db892-07e9-47e9-837c-80727f46fd3d||{@{servicePlanId=113feb6c-3fe4-4440-bddc-54d774bf0318; servicePlanName=EXCHANGE\_S\_FOUNDATION; provisioningStatus=Success; appliesTo=Company}, @{servicePlanId=17ab22cd-a0b3-4536-910a-cb6eb12696c0; servicePlanName=DYN365\_CDS\_VIRAL; provisioningStatus=Success; appliesTo=User}, @{servicePlanId=50e68c76-46c6-4674-81f9-75456511b170; servicePlanName=FLOW\_P2\_VIRAL; provisioningStatus=Success; appliesTo=User}}|f30db892-07e9-47e9-837c-80727f46fd3d|FLOW\_FREE|{c56b7133-bfe7-4002-89e2-7739e29e2df8}|
|342619e0-4a9a-42e4-a66f-1ff9c85d08d6|carecentrix|User|Enabled|1908|342619e0-4a9a-42e4-a66f-1ff9c85d08d6\_6a0f6da5-0b87-4190-a6ae-9bb5a2b9546a||{@{servicePlanId=9a6eeb79-0b4b-4bf0-9808-39d99a2cd5a3; servicePlanName=Windows\_Autopatch; provisioningStatus=Success; appliesTo=User}, @{servicePlanId=2d589a15-b171-4e61-9b5f-31d15eeb2872; servicePlanName=POWERAUTOMATE\_DESKTOP\_FOR\_WIN; provisioningStatus=Success; appliesTo=User}, @{servicePlanId=59231cdf-b40d-4534-a93e-14d0cd31d27e; servicePlanName=DATAVERSE\_FOR\_POWERAUTOMATE\_DESKTOP; provisioningStatus=Success; appliesTo=User}, @{servicePlanId=7bf960f6-2cd9-443a-8046-5dbff9558365; servicePlanName=WINDOWSUPDATEFORBUSINESS\_DEPLOYMENTSERVICE; provisioningStatus=Success; appliesTo=User}, @{servicePlanId=795f6fe0-cc4d-4773-b050-5dde4dc704c9; servicePlanName=UNIVERSAL\_PRINT\_01; provisioningStatus=Success; appliesTo=User}, @{servicePlanId=113feb6c-3fe4-4440-bddc-54d774bf0318; servicePlanName=EXCHANGE\_S\_FOUNDATION; provisioningStatus=Success; appliesTo=Company}, @{servicePlanId=e7c91390-7625-45be-94e0-e16907e03118; servicePlanName=Virtualization Rights for Windows 10 (E3/E5+VDA); provisioningStatus=Success; appliesTo=User}}|6a0f6da5-0b87-4190-a6ae-9bb5a2b9546a|Win10\_VDA\_E3|{4b8de583-e51a-446d-a594-ed9259890355}|
|342619e0-4a9a-42e4-a66f-1ff9c85d08d6|carecentrix|User|Enabled|2|342619e0-4a9a-42e4-a66f-1ff9c85d08d6\_606b54a9-78d8-4298-ad8b-df6ef4481c80||{@{servicePlanId=5d798708-6473-48ad-9776-3acc301c40af; servicePlanName=FLOW\_CCI\_BOTS; provisioningStatus=Success; appliesTo=User}, @{servicePlanId=ce312d15-8fdf-44c0-9974-a25a177125ee; servicePlanName=CCIBOTS\_PRIVPREV\_VIRAL; provisioningStatus=Success; appliesTo=User}, @{servicePlanId=cf7034ed-348f-42eb-8bbd-dddeea43ee81; servicePlanName=DYN365\_CDS\_CCI\_BOTS; provisioningStatus=Success; appliesTo=User}}|606b54a9-78d8-4298-ad8b-df6ef4481c80|CCIBOTS\_PRIVPREV\_VIRAL|{36f07211-a50f-48c2-9182-21a1692c898b}|
|342619e0-4a9a-42e4-a66f-1ff9c85d08d6|carecentrix|User|Enabled|0|342619e0-4a9a-42e4-a66f-1ff9c85d08d6\_dcb1a3ae-b33f-4487-846a-a640262fadf4||{@{servicePlanId=113feb6c-3fe4-4440-bddc-54d774bf0318; servicePlanName=EXCHANGE\_S\_FOUNDATION; provisioningStatus=Success; appliesTo=Company}, @{servicePlanId=d20bfa21-e9ae-43fc-93c2-20783f0840c3; servicePlanName=FLOW\_P2\_VIRAL\_REAL; provisioningStatus=Success; appliesTo=User}, @{servicePlanId=17ab22cd-a0b3-4536-910a-cb6eb12696c0; servicePlanName=DYN365\_CDS\_VIRAL; provisioningStatus=Success; appliesTo=User}, @{servicePlanId=d5368ca3-357e-4acb-9c21-8495fb025d1f; servicePlanName=POWERAPPS\_P2\_VIRAL; provisioningStatus=Success; appliesTo=User}, @{servicePlanId=50e68c76-46c6-4674-81f9-75456511b170; servicePlanName=FLOW\_P2\_VIRAL; provisioningStatus=Success; appliesTo=User}}|dcb1a3ae-b33f-4487-846a-a640262fadf4|POWERAPPS\_VIRAL|{1ba14958-1b38-4616-8a0c-06eb6a57bb9d}|
|342619e0-4a9a-42e4-a66f-1ff9c85d08d6|carecentrix|User|Enabled|64|342619e0-4a9a-42e4-a66f-1ff9c85d08d6\_a403ebcc-fae0-4ca2-8c8c-7a907fd6c235||{@{servicePlanId=c948ea65-2053-4a5a-8a62-9eaaaf11b522; servicePlanName=PURVIEW\_DISCOVERY; provisioningStatus=Success; appliesTo=User}, @{servicePlanId=113feb6c-3fe4-4440-bddc-54d774bf0318; servicePlanName=EXCHANGE\_S\_FOUNDATION; provisioningStatus=Success; appliesTo=Company}, @{servicePlanId=2049e525-b859-401b-b2a0-e0a31c4b1fe4; servicePlanName=BI\_AZURE\_P0; provisioningStatus=Success; appliesTo=User}}|a403ebcc-fae0-4ca2-8c8c-7a907fd6c235|POWER\_BI\_STANDARD|{f90c3707-0fb1-4ad4-9704-5edb522290e2}|
|342619e0-4a9a-42e4-a66f-1ff9c85d08d6|carecentrix|User|Enabled|1889|342619e0-4a9a-42e4-a66f-1ff9c85d08d6\_47794cd0-f0e5-45c5-9033-2eb6b5fc84e0||{@{servicePlanId=505e180f-f7e0-4b65-91d4-00d670bbd18c; servicePlanName=MCOPSTNC; provisioningStatus=Success; appliesTo=User}}|47794cd0-f0e5-45c5-9033-2eb6b5fc84e0|MCOPSTNC|{f6a6b8d8-2f0b-49ab-9c0c-ee5d4f312586}|
|342619e0-4a9a-42e4-a66f-1ff9c85d08d6|carecentrix|User|Enabled|10|342619e0-4a9a-42e4-a66f-1ff9c85d08d6\_ae2343d1-0999-43f6-ae18-d816516f6e78||{@{servicePlanId=d777d602-8fec-430c-906e-990861c55287; servicePlanName=MCOSMS3; provisioningStatus=Success; appliesTo=User}, @{servicePlanId=4828c8ec-dc2e-4779-b502-87ac9ce28ab7; servicePlanName=MCOEV; provisioningStatus=Success; appliesTo=User}, @{servicePlanId=4ed3ff63-69d7-4fb7-b984-5aec7f605ca8; servicePlanName=MCOPSTN1; provisioningStatus=Success; appliesTo=User}}|ae2343d1-0999-43f6-ae18-d816516f6e78|MCOTEAMS\_ESSENTIALS|{616556a8-5943-4a22-a6c5-07791ef4001d}|
|342619e0-4a9a-42e4-a66f-1ff9c85d08d6|carecentrix|User|Enabled|0|342619e0-4a9a-42e4-a66f-1ff9c85d08d6\_c1d032e0-5619-4761-9b5c-75b6831e1711||{@{servicePlanId=c948ea65-2053-4a5a-8a62-9eaaaf11b522; servicePlanName=PURVIEW\_DISCOVERY; provisioningStatus=Success; appliesTo=User}, @{servicePlanId=70d33638-9c74-4d01-bfd3-562de28bd4ba; servicePlanName=BI\_AZURE\_P2; provisioningStatus=Success; appliesTo=User}, @{servicePlanId=113feb6c-3fe4-4440-bddc-54d774bf0318; servicePlanName=EXCHANGE\_S\_FOUNDATION; provisioningStatus=Success; appliesTo=Company}, @{servicePlanId=0bf3c642-7bb5-4ccc-884e-59d09df0266c; servicePlanName=BI\_AZURE\_P3; provisioningStatus=Success; appliesTo=User}}|c1d032e0-5619-4761-9b5c-75b6831e1711|PBI\_PREMIUM\_PER\_USER|{98b98472-6656-45c1-a4c1-0573c6a87313}|
|342619e0-4a9a-42e4-a66f-1ff9c85d08d6|carecentrix|User|Enabled|21|342619e0-4a9a-42e4-a66f-1ff9c85d08d6\_06ebc4ee-1bb5-47dd-8120-11324bc54e06||{@{servicePlanId=1fe6227d-3e01-46d0-9510-0acad4ff6e94; servicePlanName=PLACES\_CORE; provisioningStatus=Success; appliesTo=User}, @{servicePlanId=a312bdeb-1e21-40d0-84b1-0e73f128144f; servicePlanName=COMMON\_DEFENDER\_PLATFORM\_FOR\_OFFICE; provisioningStatus=Success; appliesTo=Company}, @{servicePlanId=f0ff6ac6-297d-49cd-be34-6dfef97f0c28; servicePlanName=MESH\_IMMERSIVE\_FOR\_TEAMS; provisioningStatus=Success; appliesTo=User}, @{servicePlanId=c948ea65-2053-4a5a-8a62-9eaaaf11b522; servicePlanName=PURVIEW\_DISCOVERY; provisioningStatus=Success; appliesTo=User}, @{servicePlanId=99cd49a9-0e54-4e07-aea1-d8d9f5f704f5; servicePlanName=Defender\_for\_Iot\_Enterprise; provisioningStatus=Success; appliesTo=User}, @{servicePlanId=3ec18638-bd4c-4d3b-8905-479ed636b83e; servicePlanName=CustomerLockboxA\_Enterprise; provisioningStatus=Success; appliesTo=User}, @{servicePlanId=3efbd4ed-8958-4824-8389-1321f8730af8; servicePlanName=MESH\_AVATARS\_ADDITIONAL\_FOR\_TEAMS; provisioningStatus=Success; appliesTo=User}, @{servicePlanId=dcf9d2f4-772e-4434-b757-77a453cfbc02; servicePlanName=MESH\_AVATARS\_FOR\_TEAMS; provisioningStatus=Success; appliesTo=User}, @{servicePlanId=c4b8c31a-fb44-4c65-9837-a21f55fcabda; servicePlanName=MICROSOFT\_LOOP; provisioningStatus=Success; appliesTo=User}, @{servicePlanId=0d0c0d31-fae7-41f2-b909-eaf4d7f26dba; servicePlanName=Bing\_Chat\_Enterprise; provisioningStatus=Success; appliesTo=User}, @{servicePlanId=a1ace008-72f3-4ea0-8dac-33b3a23a2472; servicePlanName=CLIPCHAMP; provisioningStatus=Success; appliesTo=User}, @{servicePlanId=f6de4823-28fa-440b-b886-4783fa86ddba; servicePlanName=M365\_AUDIT\_PLATFORM; provisioningStatus=Success; appliesTo=User}, @{servicePlanId=a82fbf69-b4d7-49f4-83a6-915b2cf354f4; servicePlanName=VIVAENGAGE\_CORE; provisioningStatus=Success; appliesTo=User}, @{servicePlanId=9a6eeb79-0b4b-4bf0-9808-39d99a2cd5a3; servicePlanName=Windows\_Autopatch; provisioningStatus=Success; appliesTo=User}, @{servicePlanId=6f23d6a9-adbf-481c-8538-b4c095654487; servicePlanName=M365\_LIGHTHOUSE\_CUSTOMER\_PLAN1; provisioningStatus=Success; appliesTo=Company}, @{servicePlanId=b76fb638-6ba6-402a-b9f9-83d28acb3d86; servicePlanName=VIVA\_LEARNING\_SEEDED; provisioningStatus=Success; appliesTo=User}, @{servicePlanId=db4d623d-b514-490b-b7ef-8885eee514de; servicePlanName=Nucleus; provisioningStatus=Success; appliesTo=Company}, @{servicePlanId=2b815d45-56e4-4e3a-b65c-66cb9175b560; servicePlanName=ContentExplorer\_Standard; provisioningStatus=Success; appliesTo=Company}, @{servicePlanId=7bf960f6-2cd9-443a-8046-5dbff9558365; servicePlanName=WINDOWSUPDATEFORBUSINESS\_DEPLOYMENTSERVICE; provisioningStatus=Success; appliesTo=User}, @{servicePlanId=795f6fe0-cc4d-4773-b050-5dde4dc704c9; servicePlanName=UNIVERSAL\_PRINT\_01; provisioningStatus=Success; appliesTo=User}, @{servicePlanId=cd31b152-6326-4d1b-ae1b-997b625182e6; servicePlanName=MIP\_S\_Exchange; provisioningStatus=Success; appliesTo=User}, @{servicePlanId=a413a9ff-720c-4822-98ef-2f37c2a21f4c; servicePlanName=MICROSOFT\_COMMUNICATION\_COMPLIANCE; provisioningStatus=Success; appliesTo=User}, @{servicePlanId=a6520331-d7d4-4276-95f5-15c0933bc757; servicePlanName=GRAPH\_CONNECTORS\_SEARCH\_INDEX; provisioningStatus=Success; appliesTo=User}, @{servicePlanId=d9fa6af4-e046-4c89-9226-729a0786685d; servicePlanName=Content\_Explorer; provisioningStatus=Success; appliesTo=Company}, @{servicePlanId=ded3d325-1bdc-453e-8432-5bac26d7a014; servicePlanName=POWER\_VIRTUAL\_AGENTS\_O365\_P3; provisioningStatus=Success; appliesTo=User}, @{servicePlanId=afa73018-811e-46e9-988f-f75d2b1b8430; servicePlanName=CDS\_O365\_P3; provisioningStatus=Success; appliesTo=User}, @{servicePlanId=b21a6b06-1988-436e-a07b-51ec6d9f52ad; servicePlanName=PROJECT\_O365\_P3; provisioningStatus=Success; appliesTo=User}, @{servicePlanId=64bfac92-2b17-4482-b5e5-a0304429de3e; servicePlanName=MICROSOFTENDPOINTDLP; provisioningStatus=Success; appliesTo=User}, @{servicePlanId=d587c7a3-bda9-4f99-8776-9bcf59c84f75; servicePlanName=INSIDER\_RISK; provisioningStatus=Success; appliesTo=User}, @{servicePlanId=531ee2f8-b1cb-453b-9c21-d2180d014ca5; servicePlanName=EXCEL\_PREMIUM; provisioningStatus=Success; appliesTo=User}, @{servicePlanId=bf28f719-7844-4079-9c78-c1307898e192; servicePlanName=MTP; provisioningStatus=Success; appliesTo=User}, @{servicePlanId=28b0fa46-c39a-4188-89e2-58e979a6b014; servicePlanName=DYN365\_CDS\_O365\_P3; provisioningStatus=Success; appliesTo=User}, @{servicePlanId=199a5c09-e0ca-4e37-8f7c-b05d533e1ea2; servicePlanName=MICROSOFTBOOKINGS; provisioningStatus=Success; appliesTo=User}, @{servicePlanId=65cc641f-cccd-4643-97e0-a17e3045e541; servicePlanName=RECORDS\_MANAGEMENT; provisioningStatus=Success; appliesTo=User}, @{servicePlanId=d2d51368-76c9-4317-ada2-a12c004c432f; servicePlanName=ML\_CLASSIFICATION; provisioningStatus=Success; appliesTo=User}, @{servicePlanId=9d0c4ee5-e4a1-4625-ab39-d82b619b1a34; servicePlanName=INSIDER\_RISK\_MANAGEMENT; provisioningStatus=Success; appliesTo=User}, @{servicePlanId=e26c2fcc-ab91-4a61-b35c-03cdc8dddf66; servicePlanName=INFO\_GOVERNANCE; provisioningStatus=Success; appliesTo=User}, @{servicePlanId=46129a58-a698-46f0-aa5b-17f6586297d9; servicePlanName=DATA\_INVESTIGATIONS; provisioningStatus=Success; appliesTo=User}, @{servicePlanId=6db1f1db-2b46-403f-be40-e39395f08dbb; servicePlanName=CUSTOMER\_KEY; provisioningStatus=Success; appliesTo=User}, @{servicePlanId=6dc145d6-95dd-4191-b9c3-185575ee6f6b; servicePlanName=COMMUNICATIONS\_DLP; provisioningStatus=Success; appliesTo=User}, @{servicePlanId=41fcdd7d-4733-4863-9cf4-c65b83ce2df4; servicePlanName=COMMUNICATIONS\_COMPLIANCE; provisioningStatus=Success; appliesTo=User}, @{servicePlanId=bf6f5520-59e3-4f82-974b-7dbbc4fd27c7; servicePlanName=SAFEDOCS; provisioningStatus=Success; appliesTo=User}, @{servicePlanId=2f442157-a11c-46b9-ae5b-6e39ff4e5849; servicePlanName=M365\_ADVANCED\_AUDITING; provisioningStatus=Success; appliesTo=User}, @{servicePlanId=c4801e8a-cb58-4c35-aca6-f2dcc106f287; servicePlanName=INFORMATION\_BARRIERS; provisioningStatus=Success; appliesTo=User}, @{servicePlanId=0898bdbb-73b0-471a-81e5-20f1fe4dd66e; servicePlanName=KAIZALA\_STANDALONE; provisioningStatus=Success; appliesTo=User}, @{servicePlanId=94065c59-bc8e-4e8b-89e5-5138d471eaff; servicePlanName=MICROSOFT\_SEARCH; provisioningStatus=Success; appliesTo=Company}, @{servicePlanId=617b097b-4b93-4ede-83de-5f075bb5fb2f; servicePlanName=PREMIUM\_ENCRYPTION; provisioningStatus=Success; appliesTo=User}, @{servicePlanId=4a51bca5-1eff-43f5-878c-177680f191af; servicePlanName=WHITEBOARD\_PLAN3; provisioningStatus=Success; appliesTo=User}, @{servicePlanId=efb0351d-3b08-4503-993d-383af8de41e3; servicePlanName=MIP\_S\_CLP2; provisioningStatus=Success; appliesTo=User}, @{servicePlanId=5136a095-5cf0-4aff-bec3-e84448b38ea5; servicePlanName=MIP\_S\_CLP1; provisioningStatus=Success; appliesTo=User}, @{servicePlanId=33c4f319-9bdd-48d6-9c4d-410b750a4a5a; servicePlanName=MYANALYTICS\_P2; provisioningStatus=Success; appliesTo=User}, @{servicePlanId=b1188c4c-1b36-4018-b48b-ee07604f6feb; servicePlanName=PAM\_ENTERPRISE; provisioningStatus=Success; appliesTo=User}, @{servicePlanId=14ab5db5-e6c4-4b20-b4bc-13e36fd2227f; servicePlanName=ATA; provisioningStatus=Success; appliesTo=User}, @{servicePlanId=3fb82609-8c27-4f7b-bd51-30634711ee67; servicePlanName=BPOS\_S\_TODO\_3; provisioningStatus=Success; appliesTo=User}, @{servicePlanId=07699545-9485-468e-95b6-2fca3738be01; servicePlanName=FLOW\_O365\_P3; provisioningStatus=Success; appliesTo=User}, @{servicePlanId=9c0dab89-a30c-4117-86e7-97bda240acd2; servicePlanName=POWERAPPS\_O365\_P3; provisioningStatus=Success; appliesTo=User}, @{servicePlanId=e212cbc7-0961-4c40-9825-01117710dcb1; servicePlanName=FORMS\_PLAN\_E5; provisioningStatus=Success; appliesTo=User}, @{servicePlanId=2e2ddb96-6af9-4b1d-a3f0-d6ecfd22edb2; servicePlanName=ADALLOM\_S\_STANDALONE; provisioningStatus=Success; appliesTo=User}, @{servicePlanId=6c6042f5-6f01-4d67-b8c1-eb99d36eed3e; servicePlanName=STREAM\_O365\_E5; provisioningStatus=Success; appliesTo=User}, @{servicePlanId=8c7d2df8-86f0-4902-b2ed-a0458298f3b3; servicePlanName=Deskless; provisioningStatus=Success; appliesTo=User}, @{servicePlanId=8e0c0a52-6a6c-4d40-8370-dd62790dcd70; servicePlanName=THREAT\_INTELLIGENCE; provisioningStatus=Success; appliesTo=User}, @{servicePlanId=57ff2da0-773e-42df-b2af-ffb7a2317929; servicePlanName=TEAMS1; provisioningStatus=Success; appliesTo=User}, @{servicePlanId=871d91ec-ec1a-452b-a83f-bd76c7d770ef; servicePlanName=WINDEFATP; provisioningStatus=Success; appliesTo=User}, @{servicePlanId=21b439ba-a0ca-424f-a6cc-52f954a5b111; servicePlanName=WIN10\_PRO\_ENT\_SUB; provisioningStatus=Success; appliesTo=User}, @{servicePlanId=5689bec4-755d-4753-8b61-40975025187c; servicePlanName=RMS\_S\_PREMIUM2; provisioningStatus=Success; appliesTo=User}, @{servicePlanId=eec0eb4f-6444-4f95-aba0-50c24d67f998; servicePlanName=AAD\_PREMIUM\_P2; provisioningStatus=Success; appliesTo=User}, @{servicePlanId=6c57d4b6-3b23-47a5-9bc9-69f17b4947b3; servicePlanName=RMS\_S\_PREMIUM; provisioningStatus=Success; appliesTo=User}, @{servicePlanId=bea4c11e-220a-4e6d-8eb8-8ea15d019f90; servicePlanName=RMS\_S\_ENTERPRISE; provisioningStatus=Success; appliesTo=User}, @{servicePlanId=8a256a2b-b617-496d-b51b-e76466e88db0; servicePlanName=MFA\_PREMIUM; provisioningStatus=Success; appliesTo=User}, @{servicePlanId=c1ec4a95-1f05-45b3-a911-aa3fa01094f5; servicePlanName=INTUNE\_A; provisioningStatus=Success; appliesTo=User}, @{servicePlanId=41781fb2-bc02-4b7c-bd55-b576c07bb09d; servicePlanName=AAD\_PREMIUM; provisioningStatus=Success; appliesTo=User}, @{servicePlanId=7547a3fe-08ee-4ccb-b430-5077c5041653; servicePlanName=YAMMER\_ENTERPRISE; provisioningStatus=Success; appliesTo=User}, @{servicePlanId=a23b959c-7ce8-4e57-9140-b90eb88a9e97; servicePlanName=SWAY; provisioningStatus=Success; appliesTo=User}, @{servicePlanId=e95bec33-7c88-4a70-8e19-b10bd9d0c014; servicePlanName=SHAREPOINTWAC; provisioningStatus=Success; appliesTo=User}, @{servicePlanId=5dbe027f-2339-4123-9542-606e4d348a72; servicePlanName=SHAREPOINTENTERPRISE; provisioningStatus=Success; appliesTo=User}, @{servicePlanId=b737dad2-2f6c-4c65-90e3-ca563267e8b9; servicePlanName=PROJECTWORKMANAGEMENT; provisioningStatus=Success; appliesTo=User}, @{servicePlanId=43de0ff5-c92c-492b-9116-175376d08c38; servicePlanName=OFFICESUBSCRIPTION; provisioningStatus=Success; appliesTo=User}, @{servicePlanId=0feaeb32-d00e-4d66-bd5a-43b5b83db82c; servicePlanName=MCOSTANDARD; provisioningStatus=Success; appliesTo=User}, @{servicePlanId=3e26ee1f-8a5f-4d52-aee2-b81ce45c8f40; servicePlanName=MCOMEETADV; provisioningStatus=Success; appliesTo=User}, @{servicePlanId=4828c8ec-dc2e-4779-b502-87ac9ce28ab7; servicePlanName=MCOEV; provisioningStatus=Success; appliesTo=User}, @{servicePlanId=9f431833-0334-42de-a7dc-70aa40db46db; servicePlanName=LOCKBOX\_ENTERPRISE; provisioningStatus=Success; appliesTo=User}, @{servicePlanId=882e1d05-acd1-4ccb-8708-6ee03664b117; servicePlanName=INTUNE\_O365; provisioningStatus=PendingActivation; appliesTo=Company}, @{servicePlanId=efb87545-963c-4e0d-99df-69c6916d9eb0; servicePlanName=EXCHANGE\_S\_ENTERPRISE; provisioningStatus=Success; appliesTo=User}, @{servicePlanId=34c0d7a0-a70f-4668-9238-47f9fc208882; servicePlanName=EXCHANGE\_ANALYTICS; provisioningStatus=Success; appliesTo=User}, @{servicePlanId=4de31727-a228-4ec3-a5bf-8e45b5ca48cc; servicePlanName=EQUIVIO\_ANALYTICS; provisioningStatus=Success; appliesTo=User}, @{servicePlanId=70d33638-9c74-4d01-bfd3-562de28bd4ba; servicePlanName=BI\_AZURE\_P2; provisioningStatus=Success; appliesTo=User}, @{servicePlanId=f20fedf3-f3c3-43c3-8267-2bfdd51c0939; servicePlanName=ATP\_ENTERPRISE; provisioningStatus=Success; appliesTo=Company}, @{servicePlanId=8c098270-9dd4-4350-9b30-ba4703f3b36b; servicePlanName=ADALLOM\_S\_O365; provisioningStatus=Success; appliesTo=User}}|06ebc4ee-1bb5-47dd-8120-11324bc54e06|SPE\_E5|{319ce723-9569-4826-aa1f-9ff1c4b96fc8}|
|342619e0-4a9a-42e4-a66f-1ff9c85d08d6|carecentrix|User|Enabled|1908|342619e0-4a9a-42e4-a66f-1ff9c85d08d6\_efccb6f7-5641-4e0e-bd10-b4976e1bf68e||{@{servicePlanId=113feb6c-3fe4-4440-bddc-54d774bf0318; servicePlanName=EXCHANGE\_S\_FOUNDATION; provisioningStatus=Success; appliesTo=Company}, @{servicePlanId=932ad362-64a8-4783-9106-97849a1a30b9; servicePlanName=ADALLOM\_S\_DISCOVERY; provisioningStatus=Success; appliesTo=User}, @{servicePlanId=6c57d4b6-3b23-47a5-9bc9-69f17b4947b3; servicePlanName=RMS\_S\_PREMIUM; provisioningStatus=Success; appliesTo=User}, @{servicePlanId=c1ec4a95-1f05-45b3-a911-aa3fa01094f5; servicePlanName=INTUNE\_A; provisioningStatus=Success; appliesTo=User}, @{servicePlanId=bea4c11e-220a-4e6d-8eb8-8ea15d019f90; servicePlanName=RMS\_S\_ENTERPRISE; provisioningStatus=Success; appliesTo=User}, @{servicePlanId=41781fb2-bc02-4b7c-bd55-b576c07bb09d; servicePlanName=AAD\_PREMIUM; provisioningStatus=Success; appliesTo=User}, @{servicePlanId=8a256a2b-b617-496d-b51b-e76466e88db0; servicePlanName=MFA\_PREMIUM; provisioningStatus=Success; appliesTo=User}}|efccb6f7-5641-4e0e-bd10-b4976e1bf68e|EMS|{a4b57e7e-4c1b-4200-9c5e-352911442f29, 3225e6ae-6b91-4e22-8d58-61d27846a2c2}|
|342619e0-4a9a-42e4-a66f-1ff9c85d08d6|carecentrix|User|Enabled|1889|342619e0-4a9a-42e4-a66f-1ff9c85d08d6\_0c266dff-15dd-4b49-8397-2bb16070ed52||{@{servicePlanId=3e26ee1f-8a5f-4d52-aee2-b81ce45c8f40; servicePlanName=MCOMEETADV; provisioningStatus=Success; appliesTo=User}}|0c266dff-15dd-4b49-8397-2bb16070ed52|MCOMEETADV|{8fd72e22-7b12-4ebc-8dc4-36c5fac7711a}|
|342619e0-4a9a-42e4-a66f-1ff9c85d08d6|carecentrix|Company|Enabled|0|342619e0-4a9a-42e4-a66f-1ff9c85d08d6\_093e8d14-a334-43d9-93e3-30589a8b47d0||{@{servicePlanId=113feb6c-3fe4-4440-bddc-54d774bf0318; servicePlanName=EXCHANGE\_S\_FOUNDATION; provisioningStatus=Success; appliesTo=Company}, @{servicePlanId=31cf2cfc-6b0d-4adc-a336-88b724ed8122; servicePlanName=RMS\_S\_BASIC; provisioningStatus=Success; appliesTo=Company}}|093e8d14-a334-43d9-93e3-30589a8b47d0|RMSBASIC|{0fc3262c-e836-4190-9246-054fb8a99a94}|
|342619e0-4a9a-42e4-a66f-1ff9c85d08d6|carecentrix|User|Enabled|67|342619e0-4a9a-42e4-a66f-1ff9c85d08d6\_53818b1b-4a27-454b-8896-0dba576410e6||{@{servicePlanId=818523f5-016b-4355-9be8-ed6944946ea7; servicePlanName=PROJECT\_PROFESSIONAL; provisioningStatus=Success; appliesTo=User}, @{servicePlanId=fa200448-008c-4acb-abd4-ea106ed2199d; servicePlanName=FLOW\_FOR\_PROJECT; provisioningStatus=Success; appliesTo=User}, @{servicePlanId=50554c47-71d9-49fd-bc54-42a2765c555c; servicePlanName=DYN365\_CDS\_PROJECT; provisioningStatus=Success; appliesTo=User}, @{servicePlanId=113feb6c-3fe4-4440-bddc-54d774bf0318; servicePlanName=EXCHANGE\_S\_FOUNDATION; provisioningStatus=Success; appliesTo=Company}, @{servicePlanId=e95bec33-7c88-4a70-8e19-b10bd9d0c014; servicePlanName=SHAREPOINTWAC; provisioningStatus=Success; appliesTo=User}, @{servicePlanId=fe71d6c3-a2ea-4499-9778-da042bf08063; servicePlanName=SHAREPOINT\_PROJECT; provisioningStatus=Success; appliesTo=User}, @{servicePlanId=5dbe027f-2339-4123-9542-606e4d348a72; servicePlanName=SHAREPOINTENTERPRISE; provisioningStatus=Success; appliesTo=User}, @{servicePlanId=fafd7243-e5c1-4a3a-9e40-495efcb1d3c3; servicePlanName=PROJECT\_CLIENT\_SUBSCRIPTION; provisioningStatus=Success; appliesTo=User}}|53818b1b-4a27-454b-8896-0dba576410e6|PROJECTPROFESSIONAL|{bd6fd8fb-7da0-487b-966a-ac6528a7b438}|
|342619e0-4a9a-42e4-a66f-1ff9c85d08d6|carecentrix|User|Enabled|25|342619e0-4a9a-42e4-a66f-1ff9c85d08d6\_ddece720-327c-4056-bbd7-b7a2fbaec735||{@{servicePlanId=c7022e1e-c71e-479d-8901-6361e33197cf; servicePlanName=MCOMEETADV\_DIALOUT\_US; provisioningStatus=Success; appliesTo=User}}|ddece720-327c-4056-bbd7-b7a2fbaec735|MCOMEETADV\_DIALOUT\_US|{b05217a2-87e3-4a0d-9cf2-91bd543bf6d0}|
|342619e0-4a9a-42e4-a66f-1ff9c85d08d6|carecentrix|User|Enabled|5|342619e0-4a9a-42e4-a66f-1ff9c85d08d6\_a2367322-2be4-443f-837c-06798507b89d||{@{servicePlanId=3eeb8536-fecf-41bf-a3f8-d6f17a9f3efc; servicePlanName=Intune\_ServiceNow; provisioningStatus=Success; appliesTo=User}, @{servicePlanId=a4c6cf29-1168-4076-ba5c-e8fe0e62b17e; servicePlanName=REMOTE\_HELP; provisioningStatus=Success; appliesTo=User}}|a2367322-2be4-443f-837c-06798507b89d|Remote\_Help\_AddOn|{5c1a47ff-3eeb-4908-8e71-989d9863f827}|
|342619e0-4a9a-42e4-a66f-1ff9c85d08d6|carecentrix|User|Enabled|8|342619e0-4a9a-42e4-a66f-1ff9c85d08d6\_52ea0e27-ae73-4983-a08f-13561ebdb823||{@{servicePlanId=f8566154-2a62-48cb-a0ab-d4d25be26e51; servicePlanName=PLACES\_ENHANCED; provisioningStatus=Success; appliesTo=User}, @{servicePlanId=ab2d4fb5-f80a-4bf1-a11d-7f1da254041b; servicePlanName=QUEUES\_APP; provisioningStatus=Success; appliesTo=User}, @{servicePlanId=acbca54f-c771-423b-a476-6d7a98cbbcec; servicePlanName=MESH\_IMMERSIVE; provisioningStatus=Success; appliesTo=User}, @{servicePlanId=78b58230-ec7e-4309-913c-93a45cc4735b; servicePlanName=TEAMSPRO\_WEBINAR; provisioningStatus=Success; appliesTo=User}, @{servicePlanId=711413d0-b36e-4cd4-93db-0a50a4ab7ea3; servicePlanName=MCO\_VIRTUAL\_APPT; provisioningStatus=Success; appliesTo=User}, @{servicePlanId=9104f592-f2a7-4f77-904c-ca5a5715883f; servicePlanName=TEAMSPRO\_VIRTUALAPPT; provisioningStatus=Success; appliesTo=User}, @{servicePlanId=f8b44f54-18bb-46a3-9658-44ab58712968; servicePlanName=TEAMSPRO\_PROTECTION; provisioningStatus=Success; appliesTo=User}, @{servicePlanId=cc8c0802-a325-43df-8cba-995d0c6cb373; servicePlanName=TEAMSPRO\_CUST; provisioningStatus=Success; appliesTo=User}, @{servicePlanId=0504111f-feb8-4a3c-992a-70280f9a2869; servicePlanName=TEAMSPRO\_MGMT; provisioningStatus=Success; appliesTo=User}, @{servicePlanId=85704d55-2e73-47ee-93b4-4b8ea14db92b; servicePlanName=MICROSOFT\_ECDN; provisioningStatus=Success; appliesTo=Company}}|52ea0e27-ae73-4983-a08f-13561ebdb823|Teams\_Premium\_(for\_Departments)|{bb966b94-ce3f-4210-8c98-a8353af48cb6}|
|342619e0-4a9a-42e4-a66f-1ff9c85d08d6|carecentrix|User|Enabled|1|342619e0-4a9a-42e4-a66f-1ff9c85d08d6\_1e1a282c-9c54-43a2-9310-98ef728faace||{@{servicePlanId=60bf28f9-2b70-4522-96f7-335f5e06c941; servicePlanName=Power\_Pages\_Internal\_User; provisioningStatus=Success; appliesTo=User}, @{servicePlanId=a933a62f-c3fb-48e5-a0b7-ac92b94b4420; servicePlanName=Microsoft\_Viva\_Sales\_PowerAutomate; provisioningStatus=Success; appliesTo=User}, @{servicePlanId=8ba1ff15-7bf6-4620-b65c-ecedb6942766; servicePlanName=Microsoft\_Viva\_Sales\_PremiumTrial; provisioningStatus=Success; appliesTo=User}, @{servicePlanId=8839ef0e-91f1-4085-b485-62e06e7c7987; servicePlanName=Forms\_Pro\_SalesEnt; provisioningStatus=Success; appliesTo=User}, @{servicePlanId=113feb6c-3fe4-4440-bddc-54d774bf0318; servicePlanName=EXCHANGE\_S\_FOUNDATION; provisioningStatus=Success; appliesTo=Company}, @{servicePlanId=7e6d7d78-73de-46ba-83b1-6d25117334ba; servicePlanName=FLOW\_DYN\_APPS; provisioningStatus=Success; appliesTo=User}, @{servicePlanId=874fc546-6efe-4d22-90b8-5c4e7aa59f4b; servicePlanName=POWERAPPS\_DYN\_APPS; provisioningStatus=Success; appliesTo=User}, @{servicePlanId=5dbe027f-2339-4123-9542-606e4d348a72; servicePlanName=SHAREPOINTENTERPRISE; provisioningStatus=Success; appliesTo=User}, @{servicePlanId=e95bec33-7c88-4a70-8e19-b10bd9d0c014; servicePlanName=SHAREPOINTWAC; provisioningStatus=Success; appliesTo=User}, @{servicePlanId=1259157c-8581-4875-bca7-2ffb18c51bda; servicePlanName=PROJECT\_ESSENTIALS; provisioningStatus=Success; appliesTo=User}, @{servicePlanId=03acaee3-9492-4f40-aed4-bcb6b32981b6; servicePlanName=NBENTERPRISE; provisioningStatus=Success; appliesTo=User}, @{servicePlanId=2da8e897-7791-486b-b08f-cc63c8129df7; servicePlanName=DYN365\_ENTERPRISE\_SALES; provisioningStatus=Success; appliesTo=User}}|1e1a282c-9c54-43a2-9310-98ef728faace|DYN365\_ENTERPRISE\_SALES|{12582f0e-6fdf-42b7-9130-403268994f01}|
|342619e0-4a9a-42e4-a66f-1ff9c85d08d6|carecentrix|User|Enabled|1|342619e0-4a9a-42e4-a66f-1ff9c85d08d6\_16a55f2f-ff35-4cd5-9146-fb784e3761a5||{@{servicePlanId=1689aade-3d6a-4bfc-b017-46d2672df5ad; servicePlanName=Intune\_Defender; provisioningStatus=Success; appliesTo=Company}, @{servicePlanId=292cc034-7b7c-4950-aaf5-943befd3f1d4; servicePlanName=MDE\_LITE; provisioningStatus=Success; appliesTo=User}}|16a55f2f-ff35-4cd5-9146-fb784e3761a5|DEFENDER\_ENDPOINT\_P1|{a19b4e6d-0de3-47f9-a52a-817eefe23542}|
|342619e0-4a9a-42e4-a66f-1ff9c85d08d6|carecentrix|User|Enabled|1888|342619e0-4a9a-42e4-a66f-1ff9c85d08d6\_1c27243e-fb4d-42b1-ae8c-fe25c9616588||{@{servicePlanId=9974d6cf-cd24-4ba2-921c-e2aa687da846; servicePlanName=MCOMEETBASIC; provisioningStatus=Success; appliesTo=User}}|1c27243e-fb4d-42b1-ae8c-fe25c9616588|Microsoft\_Teams\_Audio\_Conferencing\_select\_dial\_out|{979535d6-f740-4394-91e8-fc09a826cd8a, bb619395-7759-411d-b455-392340ef874e}|
|342619e0-4a9a-42e4-a66f-1ff9c85d08d6|carecentrix|User|Enabled|7|342619e0-4a9a-42e4-a66f-1ff9c85d08d6\_5b631642-bd26-49fe-bd20-1daaa972ef80||{@{servicePlanId=113feb6c-3fe4-4440-bddc-54d774bf0318; servicePlanName=EXCHANGE\_S\_FOUNDATION; provisioningStatus=Success; appliesTo=Company}, @{servicePlanId=d8c638e2-9508-40e3-9877-feb87603837b; servicePlanName=DYN365\_CDS\_DEV\_VIRAL; provisioningStatus=Success; appliesTo=User}, @{servicePlanId=c7ce3f26-564d-4d3a-878d-d8ab868c85fe; servicePlanName=FLOW\_DEV\_VIRAL; provisioningStatus=Success; appliesTo=User}, @{servicePlanId=a2729df7-25f8-4e63-984b-8a8484121554; servicePlanName=POWERAPPS\_DEV\_VIRAL; provisioningStatus=Success; appliesTo=User}}|5b631642-bd26-49fe-bd20-1daaa972ef80|POWERAPPS\_DEV|{d76cb20b-43ca-4b83-8725-fecc63beaf14}|
|342619e0-4a9a-42e4-a66f-1ff9c85d08d6|carecentrix|User|Enabled|2|342619e0-4a9a-42e4-a66f-1ff9c85d08d6\_46102f44-d912-47e7-b0ca-1bd7b70ada3b||{@{servicePlanId=5dbe027f-2339-4123-9542-606e4d348a72; servicePlanName=SHAREPOINTENTERPRISE; provisioningStatus=Success; appliesTo=User}, @{servicePlanId=818523f5-016b-4355-9be8-ed6944946ea7; servicePlanName=PROJECT\_PROFESSIONAL; provisioningStatus=Success; appliesTo=User}, @{servicePlanId=fe71d6c3-a2ea-4499-9778-da042bf08063; servicePlanName=SHAREPOINT\_PROJECT; provisioningStatus=Success; appliesTo=User}, @{servicePlanId=fafd7243-e5c1-4a3a-9e40-495efcb1d3c3; servicePlanName=PROJECT\_CLIENT\_SUBSCRIPTION; provisioningStatus=Success; appliesTo=User}, @{servicePlanId=e95bec33-7c88-4a70-8e19-b10bd9d0c014; servicePlanName=SHAREPOINTWAC; provisioningStatus=Success; appliesTo=User}, @{servicePlanId=fa200448-008c-4acb-abd4-ea106ed2199d; servicePlanName=FLOW\_FOR\_PROJECT; provisioningStatus=Success; appliesTo=User}, @{servicePlanId=113feb6c-3fe4-4440-bddc-54d774bf0318; servicePlanName=EXCHANGE\_S\_FOUNDATION; provisioningStatus=Success; appliesTo=Company}, @{servicePlanId=50554c47-71d9-49fd-bc54-42a2765c555c; servicePlanName=DYN365\_CDS\_PROJECT; provisioningStatus=Success; appliesTo=User}}|46102f44-d912-47e7-b0ca-1bd7b70ada3b|PROJECT\_PLAN3\_DEPT|{9185e9d5-c0bc-45fb-84a3-c75bbe5039b9}|
# M365 Documentation
Date: 15:48 19.05.2025
Components: AzureAD
Tenant: CareCentrix, Inc.
## Contents
_TOC_
## Authentication Method Policies
Authentication methods policies define authentication methods and the users that are allowed to use them to sign in and perform multi-factor authentication (MFA) in Azure Active Directory (Azure AD). Authentication methods policies that can be managed in Microsoft Graph include FIDO2 Security Keys and Passwordless Phone Sign-in with Microsoft Authenticator app.
### Temporary Access Pass
### Email
### Text Message
## Organizational branding
Organizations can customize their Azure AD sign-in pages which appear when users sign in to their organization's tenant-specific apps, or when Azure AD identifies the user's tenant from their username. A developer can also read the company's branding information and customize their app experience to tailor it specifically for the signed-in user using their company's branding.
## Conditional Access Policies
This section contains a list of all conditional Access policies configured in Azure AD.
|Property|Value|
|:--|:--|
|C\_ApplicationsExclude||
|C\_ApplicationsInclude|Office365|
|C\_ApplicationsIncludeUserActions||
|C\_ClientAppTypes|exchangeActiveSync,browser,mobileAppsAndDesktopClients,other|
|C\_Devices||
|C\_DeviceStates||
|C\_LocationsExclude||
|C\_LocationsInclude||
|C\_PlatformsExclude||
|C\_PlatformsInclude|android,iOS|
|C\_SignInRiskLevel||
|C\_UsersExclude||
|C\_UsersExcludeGroups|R\_Intune\_Mobile\_Access|
|C\_UsersExcludeRoles||
|C\_UsersInclude|All|
|C\_UsersIncludeGroups||
|C\_UsersIncludeRoles||
|G\_BuiltInControls|block|
|G\_CustomControls||
|G\_Operator|OR|
|G\_TermsOfUse||
|M\_Created|2022-02-17T21:12:20.8304534Z|
|M\_DisplayName|CA - CCX - M365 - Block Unapproved Mobile Users|
|M\_Id|3e3b4744-0993-4f0b-9b85-cc7900e4d924|
|M\_Modified|2024-01-25T21:34:17.1586076Z|
|M\_State|enabled|
|S\_ApplicationEnforcedRestriction||
|S\_CloudAppSecurity||
|S\_CloudAppSecurityType||
|S\_PersistentBrowser||
|S\_PersistentBrowserMode||
|S\_SignInFrequency||
|S\_SignInFrequencyTimeframe| |
|Property|Value|
|:--|:--|
|C\_ApplicationsExclude||
|C\_ApplicationsInclude|Office365|
|C\_ApplicationsIncludeUserActions||
|C\_ClientAppTypes|all|
|C\_Devices||
|C\_DeviceStates||
|C\_LocationsExclude|133e40bf-ecd0-4bcd-8d4c-434fec8df72d|
|C\_LocationsInclude|All|
|C\_PlatformsExclude||
|C\_PlatformsInclude|android,iOS|
|C\_SignInRiskLevel||
|C\_UsersExclude||
|C\_UsersExcludeGroups|R\_AAD\_Offshore\_Access\_Mobile|
|C\_UsersExcludeRoles||
|C\_UsersInclude|All|
|C\_UsersIncludeGroups||
|C\_UsersIncludeRoles||
|G\_BuiltInControls|block|
|G\_CustomControls||
|G\_Operator|OR|
|G\_TermsOfUse||
|M\_Created|2022-03-22T20:23:37.3397458Z|
|M\_DisplayName|CA - CCX - Global - Restrict Mobile Access to US|
|M\_Id|d110337f-09ee-4ec7-97d1-173a3ba97d6e|
|M\_Modified|2023-08-29T16:05:56.0085224Z|
|M\_State|enabled|
|S\_ApplicationEnforcedRestriction||
|S\_CloudAppSecurity||
|S\_CloudAppSecurityType||
|S\_PersistentBrowser||
|S\_PersistentBrowserMode||
|S\_SignInFrequency||
|S\_SignInFrequencyTimeframe| |
|Property|Value|
|:--|:--|
|C\_ApplicationsExclude|VMware Horizon - Unified Access Gateway(17a58be3-afbe-45c4-a4ab-4e7640c285fc)|
|C\_ApplicationsInclude|All|
|C\_ApplicationsIncludeUserActions||
|C\_ClientAppTypes|all|
|C\_Devices||
|C\_DeviceStates||
|C\_LocationsExclude|AllTrusted|
|C\_LocationsInclude|All|
|C\_PlatformsExclude||
|C\_PlatformsInclude|macOS|
|C\_SignInRiskLevel||
|C\_UsersExclude||
|C\_UsersExcludeGroups||
|C\_UsersExcludeRoles||
|C\_UsersInclude|All|
|C\_UsersIncludeGroups||
|C\_UsersIncludeRoles||
|G\_BuiltInControls|compliantDevice|
|G\_CustomControls||
|G\_Operator|OR|
|G\_TermsOfUse||
|M\_Created|2022-03-31T13:54:15.2358463Z|
|M\_DisplayName|CA - CCX - M365 - Grant Compliance Access- MacOS|
|M\_Id|76f1d229-e04d-4490-8dc9-a6ba605b0f82|
|M\_Modified|2025-05-13T12:27:21.1072702Z|
|M\_State|enabled|
|S\_ApplicationEnforcedRestriction||
|S\_CloudAppSecurity||
|S\_CloudAppSecurityType||
|S\_PersistentBrowser||
|S\_PersistentBrowserMode||
|S\_SignInFrequency|True|
|S\_SignInFrequencyTimeframe|7 days|
|Property|Value|
|:--|:--|
|C\_ApplicationsExclude|VMware Horizon - Unified Access Gateway(17a58be3-afbe-45c4-a4ab-4e7640c285fc)|
|C\_ApplicationsInclude|All|
|C\_ApplicationsIncludeUserActions||
|C\_ClientAppTypes|all|
|C\_Devices||
|C\_DeviceStates||
|C\_LocationsExclude|0e8b6659-0af2-4ead-bf4d-fc7a69efe298|
|C\_LocationsInclude|All|
|C\_PlatformsExclude||
|C\_PlatformsInclude|linux|
|C\_SignInRiskLevel||
|C\_UsersExclude||
|C\_UsersExcludeGroups||
|C\_UsersExcludeRoles||
|C\_UsersInclude|All|
|C\_UsersIncludeGroups||
|C\_UsersIncludeRoles||
|G\_BuiltInControls|block|
|G\_CustomControls||
|G\_Operator|OR|
|G\_TermsOfUse||
|M\_Created|2022-08-09T15:32:33.3564342Z|
|M\_DisplayName|CA - CCX - Global - Block Linux External Access|
|M\_Id|a0463337-0645-4708-b0e5-98e5966e1f55|
|M\_Modified|2025-01-03T13:36:42.5390569Z|
|M\_State|enabled|
|S\_ApplicationEnforcedRestriction||
|S\_CloudAppSecurity||
|S\_CloudAppSecurityType||
|S\_PersistentBrowser||
|S\_PersistentBrowserMode||
|S\_SignInFrequency||
|S\_SignInFrequencyTimeframe| |
|Property|Value|
|:--|:--|
|C\_ApplicationsExclude||
|C\_ApplicationsInclude|Adobe Identity Management (OIDC)(6aba272b-e383-44cd-8eda-34c66dfd9546)<br />Adobe Workfront(a846bde4-f407-45ea-ad51-c0fc77a0bb16)<br />MicrosoftAdminPortals<br />Windows Azure Service Management API(797f4846-ba00-4fd7-ba43-dac1f8f63013)<br />Office365|
|C\_ApplicationsIncludeUserActions||
|C\_ClientAppTypes|all|
|C\_Devices|@{includeDeviceStates=System.Object[]; excludeDeviceStates=System.Object[]; includeDevices=System.Object[]; excludeDevices=System.Object[]; deviceFilter=}|
|C\_DeviceStates||
|C\_LocationsExclude|0e8b6659-0af2-4ead-bf4d-fc7a69efe298|
|C\_LocationsInclude|All|
|C\_PlatformsExclude||
|C\_PlatformsInclude|windows|
|C\_SignInRiskLevel||
|C\_UsersExclude|iCIMS Candidate Tracking Service Account(iCIMSCandidate.TrackingServiceAccount@carecentrix.com)|
|C\_UsersExcludeGroups|AAD\_MEM\_Autopilot\_Troubleshooting|
|C\_UsersExcludeRoles||
|C\_UsersInclude|All|
|C\_UsersIncludeGroups||
|C\_UsersIncludeRoles||
|G\_BuiltInControls|domainJoinedDevice|
|G\_CustomControls||
|G\_Operator|OR|
|G\_TermsOfUse||
|M\_Created|2022-08-15T12:15:36.5634255Z|
|M\_DisplayName|CA - CCX - M365 - Grant Hybrid Join Access - Windows|
|M\_Id|59e77730-c800-4952-8708-f34b80a3267d|
|M\_Modified|2025-05-12T18:32:36.5341764Z|
|M\_State|enabled|
|S\_ApplicationEnforcedRestriction||
|S\_CloudAppSecurity||
|S\_CloudAppSecurityType||
|S\_PersistentBrowser||
|S\_PersistentBrowserMode||
|S\_SignInFrequency|True|
|S\_SignInFrequencyTimeframe|10 days|
|Property|Value|
|:--|:--|
|C\_ApplicationsExclude||
|C\_ApplicationsInclude|Palo Alto Networks - GlobalProtect(96c5df68-2489-4cd6-9f01-a25a1ebd5071)|
|C\_ApplicationsIncludeUserActions||
|C\_ClientAppTypes|all|
|C\_Devices||
|C\_DeviceStates||
|C\_LocationsExclude||
|C\_LocationsInclude||
|C\_PlatformsExclude||
|C\_PlatformsInclude||
|C\_SignInRiskLevel||
|C\_UsersExclude||
|C\_UsersExcludeGroups||
|C\_UsersExcludeRoles||
|C\_UsersInclude|All|
|C\_UsersIncludeGroups||
|C\_UsersIncludeRoles||
|G\_BuiltInControls|mfa|
|G\_CustomControls||
|G\_Operator|OR|
|G\_TermsOfUse||
|M\_Created|2022-09-02T13:29:38.5885644Z|
|M\_DisplayName|CA - CCX - PAGlobalProtect - Require MFA|
|M\_Id|64f6402e-fc9d-4fcb-bffc-8a7fe2b433c9|
|M\_Modified|2023-03-21T20:08:34.4480472Z|
|M\_State|enabled|
|S\_ApplicationEnforcedRestriction||
|S\_CloudAppSecurity||
|S\_CloudAppSecurityType||
|S\_PersistentBrowser||
|S\_PersistentBrowserMode||
|S\_SignInFrequency|True|
|S\_SignInFrequencyTimeframe|4 hours|
|Property|Value|
|:--|:--|
|C\_ApplicationsExclude||
|C\_ApplicationsInclude|Microsoft Intune Enrollment(d4ebce55-015a-49b5-a083-c84d1797ae8c)|
|C\_ApplicationsIncludeUserActions||
|C\_ClientAppTypes|all|
|C\_Devices|@{includeDeviceStates=System.Object[]; excludeDeviceStates=System.Object[]; includeDevices=System.Object[]; excludeDevices=System.Object[]; deviceFilter=}|
|C\_DeviceStates||
|C\_LocationsExclude|0e8b6659-0af2-4ead-bf4d-fc7a69efe298|
|C\_LocationsInclude|All|
|C\_PlatformsExclude|android,iOS,macOS|
|C\_PlatformsInclude|windows|
|C\_SignInRiskLevel||
|C\_UsersExclude||
|C\_UsersExcludeGroups||
|C\_UsersExcludeRoles||
|C\_UsersInclude|All|
|C\_UsersIncludeGroups||
|C\_UsersIncludeRoles||
|G\_BuiltInControls|mfa,compliantDevice|
|G\_CustomControls||
|G\_Operator|OR|
|G\_TermsOfUse||
|M\_Created|2022-09-21T19:10:46.3478047Z|
|M\_DisplayName|CA - CCX - Intune Enrollment - Enforce MFA|
|M\_Id|7d52c0ab-d842-47c5-b4ca-a1597e64eb9f|
|M\_Modified|2024-05-22T18:52:16.9516782Z|
|M\_State|enabled|
|S\_ApplicationEnforcedRestriction||
|S\_CloudAppSecurity||
|S\_CloudAppSecurityType||
|S\_PersistentBrowser||
|S\_PersistentBrowserMode||
|S\_SignInFrequency|True|
|S\_SignInFrequencyTimeframe|5 days|
|Property|Value|
|:--|:--|
|C\_ApplicationsExclude||
|C\_ApplicationsInclude|Office365|
|C\_ApplicationsIncludeUserActions||
|C\_ClientAppTypes|all|
|C\_Devices|@{includeDeviceStates=System.Object[]; excludeDeviceStates=System.Object[]; includeDevices=System.Object[]; excludeDevices=System.Object[]; deviceFilter=}|
|C\_DeviceStates||
|C\_LocationsExclude|0e8b6659-0af2-4ead-bf4d-fc7a69efe298|
|C\_LocationsInclude|All|
|C\_PlatformsExclude||
|C\_PlatformsInclude|windows|
|C\_SignInRiskLevel||
|C\_UsersExclude||
|C\_UsersExcludeGroups||
|C\_UsersExcludeRoles||
|C\_UsersInclude|All|
|C\_UsersIncludeGroups||
|C\_UsersIncludeRoles||
|G\_BuiltInControls|compliantDevice|
|G\_CustomControls||
|G\_Operator|OR|
|G\_TermsOfUse||
|M\_Created|2022-09-22T16:04:32.3335064Z|
|M\_DisplayName|CA - CCX - M365 - Grant Compliance Access - AutoPilot|
|M\_Id|c7dc70c0-e9f8-4e15-9781-a77af3800385|
|M\_Modified|2023-01-20T19:55:54.1432067Z|
|M\_State|enabled|
|S\_ApplicationEnforcedRestriction||
|S\_CloudAppSecurity||
|S\_CloudAppSecurityType||
|S\_PersistentBrowser||
|S\_PersistentBrowserMode||
|S\_SignInFrequency|True|
|S\_SignInFrequencyTimeframe|10 days|
|Property|Value|
|:--|:--|
|C\_ApplicationsExclude||
|C\_ApplicationsInclude|Office365|
|C\_ApplicationsIncludeUserActions||
|C\_ClientAppTypes|exchangeActiveSync|
|C\_Devices||
|C\_DeviceStates||
|C\_LocationsExclude||
|C\_LocationsInclude||
|C\_PlatformsExclude|android,windows,windowsPhone,macOS,linux|
|C\_PlatformsInclude|iOS|
|C\_SignInRiskLevel||
|C\_UsersExclude||
|C\_UsersExcludeGroups||
|C\_UsersExcludeRoles||
|C\_UsersInclude||
|C\_UsersIncludeGroups|AAD\_MEM\_iOS\_Calendar\_Sync|
|C\_UsersIncludeRoles||
|G\_BuiltInControls|mfa,compliantDevice|
|G\_CustomControls||
|G\_Operator|AND|
|G\_TermsOfUse||
|M\_Created|2022-10-12T20:28:29.7053954Z|
|M\_DisplayName|ZZZ - CA - CCX - M365 - Grant O365 Calendar Access - iOS|
|M\_Id|00307607-8bb1-4eb9-96c6-95ecab7ad932|
|M\_Modified|2024-06-14T13:52:07.4310621Z|
|M\_State|disabled|
|S\_ApplicationEnforcedRestriction||
|S\_CloudAppSecurity||
|S\_CloudAppSecurityType||
|S\_PersistentBrowser||
|S\_PersistentBrowserMode||
|S\_SignInFrequency||
|S\_SignInFrequencyTimeframe| |
|Property|Value|
|:--|:--|
|C\_ApplicationsExclude||
|C\_ApplicationsInclude|Workday (Prod)(4b61b374-6382-428c-8ef4-ec028803b626)<br />Adobe Workfront(a846bde4-f407-45ea-ad51-c0fc77a0bb16)<br />Adobe Identity Management (OIDC)(6aba272b-e383-44cd-8eda-34c66dfd9546)<br />Graph API(ba7a4277-b289-4a26-991b-f5dfc94aada3)<br />MicrosoftAdminPortals<br />Workday (CCX2)(bea684e8-d221-4334-be55-df87934e91a8)<br />Workday (CCX1)(60377700-b284-4127-8cd7-c1a8eaba2012)|
|C\_ApplicationsIncludeUserActions||
|C\_ClientAppTypes|browser,mobileAppsAndDesktopClients|
|C\_Devices||
|C\_DeviceStates||
|C\_LocationsExclude||
|C\_LocationsInclude||
|C\_PlatformsExclude||
|C\_PlatformsInclude|android,iOS|
|C\_SignInRiskLevel||
|C\_UsersExclude|Amason, Andrew(Andrew.Amason@carecentrix.com)|
|C\_UsersExcludeGroups||
|C\_UsersExcludeRoles||
|C\_UsersInclude||
|C\_UsersIncludeGroups|R\_Intune\_Mobile\_Access|
|C\_UsersIncludeRoles||
|G\_BuiltInControls|compliantDevice|
|G\_CustomControls||
|G\_Operator|OR|
|G\_TermsOfUse||
|M\_Created|2022-10-26T12:30:44.5653473Z|
|M\_DisplayName|CA - CCX - MEM - Grant Compliance Access - Mobile|
|M\_Id|dbc6f77d-9990-4625-b347-214a0327ff6f|
|M\_Modified|2025-05-19T13:45:58.961663Z|
|M\_State|enabled|
|S\_ApplicationEnforcedRestriction||
|S\_CloudAppSecurity||
|S\_CloudAppSecurityType||
|S\_PersistentBrowser||
|S\_PersistentBrowserMode||
|S\_SignInFrequency||
|S\_SignInFrequencyTimeframe| |
|Property|Value|
|:--|:--|
|C\_ApplicationsExclude||
|C\_ApplicationsInclude|Graph API(ba7a4277-b289-4a26-991b-f5dfc94aada3)<br />Microsoft Intune(0000000a-0000-0000-c000-000000000000)<br />Microsoft Intune Enrollment(d4ebce55-015a-49b5-a083-c84d1797ae8c)|
|C\_ApplicationsIncludeUserActions||
|C\_ClientAppTypes|all|
|C\_Devices||
|C\_DeviceStates||
|C\_LocationsExclude||
|C\_LocationsInclude||
|C\_PlatformsExclude||
|C\_PlatformsInclude||
|C\_SignInRiskLevel||
|C\_UsersExclude||
|C\_UsersExcludeGroups||
|C\_UsersExcludeRoles||
|C\_UsersInclude||
|C\_UsersIncludeGroups|AAD\_MEM\_Autopilot\_Troubleshooting|
|C\_UsersIncludeRoles||
|G\_BuiltInControls|mfa|
|G\_CustomControls||
|G\_Operator|OR|
|G\_TermsOfUse||
|M\_Created|2022-10-27T21:33:11.7093232Z|
|M\_DisplayName|CA - CCX - MEM - Autopilot Troubleshooting|
|M\_Id|285eaffe-3a88-4ad6-810b-3adcf01703c2|
|M\_Modified|2025-02-21T13:37:55.172635Z|
|M\_State|enabled|
|S\_ApplicationEnforcedRestriction||
|S\_CloudAppSecurity||
|S\_CloudAppSecurityType||
|S\_PersistentBrowser||
|S\_PersistentBrowserMode||
|S\_SignInFrequency|True|
|S\_SignInFrequencyTimeframe|1 hours|
|Property|Value|
|:--|:--|
|C\_ApplicationsExclude||
|C\_ApplicationsInclude|CCX-CyberArk SAML Authentication PVWA 2025(bc15cc8a-6189-4de4-9580-fb7a1b59a186)<br />CCX-CyberArk SAML Authentication(d9e999f7-f8d9-484b-9717-2fe1c0949ad5)|
|C\_ApplicationsIncludeUserActions||
|C\_ClientAppTypes|all|
|C\_Devices||
|C\_DeviceStates||
|C\_LocationsExclude||
|C\_LocationsInclude||
|C\_PlatformsExclude||
|C\_PlatformsInclude||
|C\_SignInRiskLevel||
|C\_UsersExclude||
|C\_UsersExcludeGroups||
|C\_UsersExcludeRoles||
|C\_UsersInclude|All|
|C\_UsersIncludeGroups||
|C\_UsersIncludeRoles||
|G\_BuiltInControls|mfa|
|G\_CustomControls||
|G\_Operator|OR|
|G\_TermsOfUse||
|M\_Created|2022-11-18T19:27:03.7597384Z|
|M\_DisplayName|CA - CCX - CyberArk - Require MFA|
|M\_Id|4bdb9a13-7aaa-4bf4-95b3-fdd5adde1215|
|M\_Modified|2025-05-09T20:27:54.8528808Z|
|M\_State|enabled|
|S\_ApplicationEnforcedRestriction||
|S\_CloudAppSecurity||
|S\_CloudAppSecurityType||
|S\_PersistentBrowser||
|S\_PersistentBrowserMode||
|S\_SignInFrequency|True|
|S\_SignInFrequencyTimeframe|1 hours|
|Property|Value|
|:--|:--|
|C\_ApplicationsExclude||
|C\_ApplicationsInclude|Salesforce - HomeBridge Org1 (Prod)(a3c7328f-ae5e-484f-b430-4c3c0136d991)<br />Salesforce Hombridge1 (pjdev Sandbox)(45e5f412-c3ba-4203-8eed-4d9a087604e9)<br />Salesforce Hombridge1 (Backup1 Sandbox)(4f9900f4-fd9f-45dd-a0a6-91ee304d987a)<br />Salesforce Sales (MFA Sandbox)(3ace8261-b1cf-4c6a-b61f-325981299fca)<br />(35c4adb6-2eb7-4e65-a989-50dddb870850)<br />Salesforce Hombridge1 (MFA Sandbox)(0489475e-c795-4943-9253-b688eb4cea33)|
|C\_ApplicationsIncludeUserActions||
|C\_ClientAppTypes|all|
|C\_Devices||
|C\_DeviceStates||
|C\_LocationsExclude||
|C\_LocationsInclude||
|C\_PlatformsExclude||
|C\_PlatformsInclude||
|C\_SignInRiskLevel||
|C\_UsersExclude||
|C\_UsersExcludeGroups||
|C\_UsersExcludeRoles||
|C\_UsersInclude|All|
|C\_UsersIncludeGroups||
|C\_UsersIncludeRoles||
|G\_BuiltInControls|mfa|
|G\_CustomControls||
|G\_Operator|OR|
|G\_TermsOfUse||
|M\_Created|2023-02-09T15:30:50.8612667Z|
|M\_DisplayName|CA - CCX - Salesforce - Require MFA|
|M\_Id|8ac99af1-b5de-4434-ad1e-fb5439937a91|
|M\_Modified|2023-04-21T01:14:42.0273544Z|
|M\_State|enabled|
|S\_ApplicationEnforcedRestriction||
|S\_CloudAppSecurity||
|S\_CloudAppSecurityType||
|S\_PersistentBrowser||
|S\_PersistentBrowserMode||
|S\_SignInFrequency||
|S\_SignInFrequencyTimeframe| |
|Property|Value|
|:--|:--|
|C\_ApplicationsExclude||
|C\_ApplicationsInclude|Apple Business Manager(fc67d51f-bf39-4530-8155-3714f897281b)<br />Apple Internet Accounts(f8d98a96-0999-43f5-8af3-69971c7bb423)|
|C\_ApplicationsIncludeUserActions||
|C\_ClientAppTypes|all|
|C\_Devices||
|C\_DeviceStates||
|C\_LocationsExclude||
|C\_LocationsInclude||
|C\_PlatformsExclude||
|C\_PlatformsInclude|android,iOS|
|C\_SignInRiskLevel||
|C\_UsersExclude||
|C\_UsersExcludeGroups||
|C\_UsersExcludeRoles||
|C\_UsersInclude||
|C\_UsersIncludeGroups|R\_Intune\_Mobile\_Access|
|C\_UsersIncludeRoles||
|G\_BuiltInControls|mfa|
|G\_CustomControls||
|G\_Operator|OR|
|G\_TermsOfUse||
|M\_Created|2023-05-18T13:30:48.7571343Z|
|M\_DisplayName|CA - CCX - M365 - Grant ABM Access|
|M\_Id|8ed226b3-fbb5-4a9f-9e39-c8d4e32aa7a9|
|M\_Modified||
|M\_State|enabled|
|S\_ApplicationEnforcedRestriction||
|S\_CloudAppSecurity||
|S\_CloudAppSecurityType||
|S\_PersistentBrowser||
|S\_PersistentBrowserMode||
|S\_SignInFrequency||
|S\_SignInFrequencyTimeframe| |
|Property|Value|
|:--|:--|
|C\_ApplicationsExclude||
|C\_ApplicationsInclude|All|
|C\_ApplicationsIncludeUserActions||
|C\_ClientAppTypes|all|
|C\_Devices||
|C\_DeviceStates||
|C\_LocationsExclude||
|C\_LocationsInclude||
|C\_PlatformsExclude|android,iOS,windows,windowsPhone,macOS,linux|
|C\_PlatformsInclude|all|
|C\_SignInRiskLevel||
|C\_UsersExclude|Boatright, Kevin(Kevin.Boatright@carecentrix.com)|
|C\_UsersExcludeGroups||
|C\_UsersExcludeRoles||
|C\_UsersInclude|All|
|C\_UsersIncludeGroups||
|C\_UsersIncludeRoles||
|G\_BuiltInControls|block|
|G\_CustomControls||
|G\_Operator|OR|
|G\_TermsOfUse||
|M\_Created|2023-06-27T19:19:49.4479974Z|
|M\_DisplayName|CA - CCX - Global - Block access for unknown or unsupported device platform|
|M\_Id|078daecb-3500-4641-9a2d-0f4486ffac05|
|M\_Modified|2024-05-22T17:24:39.0407319Z|
|M\_State|enabled|
|S\_ApplicationEnforcedRestriction||
|S\_CloudAppSecurity||
|S\_CloudAppSecurityType||
|S\_PersistentBrowser||
|S\_PersistentBrowserMode||
|S\_SignInFrequency||
|S\_SignInFrequencyTimeframe| |
|Property|Value|
|:--|:--|
|C\_ApplicationsExclude||
|C\_ApplicationsInclude|All|
|C\_ApplicationsIncludeUserActions||
|C\_ClientAppTypes|exchangeActiveSync,other|
|C\_Devices||
|C\_DeviceStates||
|C\_LocationsExclude||
|C\_LocationsInclude||
|C\_PlatformsExclude||
|C\_PlatformsInclude||
|C\_SignInRiskLevel||
|C\_UsersExclude|Amason, Andrew(Andrew.Amason@carecentrix.com)|
|C\_UsersExcludeGroups||
|C\_UsersExcludeRoles||
|C\_UsersInclude|All|
|C\_UsersIncludeGroups||
|C\_UsersIncludeRoles||
|G\_BuiltInControls|block|
|G\_CustomControls||
|G\_Operator|OR|
|G\_TermsOfUse||
|M\_Created|2023-07-05T18:46:02.5563718Z|
|M\_DisplayName|CA - CCX - Global - Block legacy authentication|
|M\_Id|68063282-76fe-475d-9177-cf17f411f4f4|
|M\_Modified|2024-06-23T00:02:11.9459079Z|
|M\_State|enabled|
|S\_ApplicationEnforcedRestriction||
|S\_CloudAppSecurity||
|S\_CloudAppSecurityType||
|S\_PersistentBrowser||
|S\_PersistentBrowserMode||
|S\_SignInFrequency||
|S\_SignInFrequencyTimeframe| |
|Property|Value|
|:--|:--|
|C\_ApplicationsExclude||
|C\_ApplicationsInclude|Palo Alto Networks - GlobalProtect(96c5df68-2489-4cd6-9f01-a25a1ebd5071)<br />Office365|
|C\_ApplicationsIncludeUserActions||
|C\_ClientAppTypes|all|
|C\_Devices||
|C\_DeviceStates||
|C\_LocationsExclude||
|C\_LocationsInclude||
|C\_PlatformsExclude||
|C\_PlatformsInclude|all|
|C\_SignInRiskLevel||
|C\_UsersExclude||
|C\_UsersExcludeGroups|R\_Allow\_Bypass\_TimeRestriction|
|C\_UsersExcludeRoles||
|C\_UsersInclude||
|C\_UsersIncludeGroups|R\_Block\_All\_Access<br />R\_Block\_All\_Access\_RCM|
|C\_UsersIncludeRoles||
|G\_BuiltInControls|block|
|G\_CustomControls||
|G\_Operator|OR|
|G\_TermsOfUse||
|M\_Created|2023-08-03T18:02:44.4020998Z|
|M\_DisplayName|CCX - CA - Block Hourly Users from Connection outside of logonhours|
|M\_Id|34e6cec4-2896-45f3-9a70-240b29b9a7a9|
|M\_Modified|2024-11-16T14:02:50.4320079Z|
|M\_State|enabledForReportingButNotEnforced|
|S\_ApplicationEnforcedRestriction||
|S\_CloudAppSecurity||
|S\_CloudAppSecurityType||
|S\_PersistentBrowser||
|S\_PersistentBrowserMode||
|S\_SignInFrequency||
|S\_SignInFrequencyTimeframe| |
|Property|Value|
|:--|:--|
|C\_ApplicationsExclude||
|C\_ApplicationsInclude|All|
|C\_ApplicationsIncludeUserActions||
|C\_ClientAppTypes|all|
|C\_Devices||
|C\_DeviceStates||
|C\_LocationsExclude|0e8b6659-0af2-4ead-bf4d-fc7a69efe298|
|C\_LocationsInclude|All|
|C\_PlatformsExclude||
|C\_PlatformsInclude|windows|
|C\_SignInRiskLevel||
|C\_UsersExclude||
|C\_UsersExcludeGroups||
|C\_UsersExcludeRoles||
|C\_UsersInclude|Nguyen, Christopher(Christopher.Nguyen@carecentrix.com)<br />Amason, Andrew(Andrew.Amason@carecentrix.com)|
|C\_UsersIncludeGroups||
|C\_UsersIncludeRoles||
|G\_BuiltInControls|compliantDevice|
|G\_CustomControls||
|G\_Operator|OR|
|G\_TermsOfUse||
|M\_Created|2023-11-09T19:51:02.4973061Z|
|M\_DisplayName|CA - CCX - M365 - Grant Compliance Access - Windows|
|M\_Id|fbf4a646-01d9-40a1-ac13-83571d5f72ff|
|M\_Modified|2024-01-04T19:14:16.7230578Z|
|M\_State|enabledForReportingButNotEnforced|
|S\_ApplicationEnforcedRestriction||
|S\_CloudAppSecurity||
|S\_CloudAppSecurityType||
|S\_PersistentBrowser||
|S\_PersistentBrowserMode||
|S\_SignInFrequency||
|S\_SignInFrequencyTimeframe| |
|Property|Value|
|:--|:--|
|C\_ApplicationsExclude||
|C\_ApplicationsInclude|MicrosoftAdminPortals|
|C\_ApplicationsIncludeUserActions||
|C\_ClientAppTypes|all|
|C\_Devices||
|C\_DeviceStates||
|C\_LocationsExclude||
|C\_LocationsInclude||
|C\_PlatformsExclude||
|C\_PlatformsInclude||
|C\_SignInRiskLevel||
|C\_UsersExclude||
|C\_UsersExcludeGroups||
|C\_UsersExcludeRoles||
|C\_UsersInclude||
|C\_UsersIncludeGroups||
|C\_UsersIncludeRoles|Global Administrator<br />Security Administrator<br />SharePoint Administrator<br />Exchange Administrator<br />Conditional Access Administrator<br />Helpdesk Administrator<br />Billing Administrator<br />User Administrator<br />Authentication Administrator<br />Application Administrator<br />Cloud Application Administrator<br />Password Administrator<br />Privileged Authentication Administrator<br />Privileged Role Administrator|
|G\_BuiltInControls|mfa|
|G\_CustomControls||
|G\_Operator|OR|
|G\_TermsOfUse||
|M\_Created|2023-11-13T22:46:21.4971797Z|
|M\_DisplayName|Microsoft-managed: Multifactor authentication for admins accessing Microsoft Admin Portals|
|M\_Id|86b5910c-dcba-432d-8e92-761c89592fc2|
|M\_Modified|2024-06-10T20:43:09.6885003Z|
|M\_State|enabled|
|S\_ApplicationEnforcedRestriction||
|S\_CloudAppSecurity||
|S\_CloudAppSecurityType||
|S\_PersistentBrowser||
|S\_PersistentBrowserMode||
|S\_SignInFrequency||
|S\_SignInFrequencyTimeframe| |
|Property|Value|
|:--|:--|
|C\_ApplicationsExclude||
|C\_ApplicationsInclude|VMware Horizon - Unified Access Gateway(17a58be3-afbe-45c4-a4ab-4e7640c285fc)|
|C\_ApplicationsIncludeUserActions||
|C\_ClientAppTypes|all|
|C\_Devices||
|C\_DeviceStates||
|C\_LocationsExclude||
|C\_LocationsInclude||
|C\_PlatformsExclude||
|C\_PlatformsInclude||
|C\_SignInRiskLevel||
|C\_UsersExclude||
|C\_UsersExcludeGroups||
|C\_UsersExcludeRoles||
|C\_UsersInclude|All|
|C\_UsersIncludeGroups||
|C\_UsersIncludeRoles||
|G\_BuiltInControls|mfa|
|G\_CustomControls||
|G\_Operator|OR|
|G\_TermsOfUse||
|M\_Created|2024-02-09T15:51:46.3678241Z|
|M\_DisplayName|CA - CCX - Horizon VDI - Require MFA|
|M\_Id|c46f1758-eeb3-4fc9-8127-4f65214e051b|
|M\_Modified||
|M\_State|enabled|
|S\_ApplicationEnforcedRestriction||
|S\_CloudAppSecurity||
|S\_CloudAppSecurityType||
|S\_PersistentBrowser||
|S\_PersistentBrowserMode||
|S\_SignInFrequency||
|S\_SignInFrequencyTimeframe| |
|Property|Value|
|:--|:--|
|C\_ApplicationsExclude|Adobe Workfront(a846bde4-f407-45ea-ad51-c0fc77a0bb16)<br />Adobe Identity Management (OIDC)(6aba272b-e383-44cd-8eda-34c66dfd9546)<br />Graph API(ba7a4277-b289-4a26-991b-f5dfc94aada3)<br />MicrosoftAdminPortals<br />Workday (CCX2)(bea684e8-d221-4334-be55-df87934e91a8)<br />Workday (CCX1)(60377700-b284-4127-8cd7-c1a8eaba2012)<br />iCares Acheivers Prod(89a8edbd-eda9-408a-86e2-b1791c34acaf)<br />iCares Achievers Non-Prod(1278cadf-4d1f-4da4-af94-b04bfebae3a2)<br />VMware Horizon - Unified Access Gateway(17a58be3-afbe-45c4-a4ab-4e7640c285fc)|
|C\_ApplicationsInclude|All|
|C\_ApplicationsIncludeUserActions||
|C\_ClientAppTypes|browser,mobileAppsAndDesktopClients|
|C\_Devices||
|C\_DeviceStates||
|C\_LocationsExclude||
|C\_LocationsInclude||
|C\_PlatformsExclude||
|C\_PlatformsInclude|android,iOS|
|C\_SignInRiskLevel||
|C\_UsersExclude||
|C\_UsersExcludeGroups||
|C\_UsersExcludeRoles||
|C\_UsersInclude||
|C\_UsersIncludeGroups|R\_Intune\_Mobile\_Access|
|C\_UsersIncludeRoles||
|G\_BuiltInControls|compliantDevice,compliantApplication|
|G\_CustomControls||
|G\_Operator|AND|
|G\_TermsOfUse||
|M\_Created|2024-05-01T17:36:58.904788Z|
|M\_DisplayName|CA - CCX - MEM - Grant Compliance Access - App Protection - Mobile |
|M\_Id|e50a2e91-a37f-43e0-a623-b19606cd19b8|
|M\_Modified|2025-05-12T18:31:37.3953553Z|
|M\_State|enabled|
|S\_ApplicationEnforcedRestriction||
|S\_CloudAppSecurity||
|S\_CloudAppSecurityType||
|S\_PersistentBrowser||
|S\_PersistentBrowserMode||
|S\_SignInFrequency||
|S\_SignInFrequencyTimeframe| |
|Property|Value|
|:--|:--|
|C\_ApplicationsExclude|VMware Horizon - Unified Access Gateway(17a58be3-afbe-45c4-a4ab-4e7640c285fc)|
|C\_ApplicationsInclude|All|
|C\_ApplicationsIncludeUserActions||
|C\_ClientAppTypes|all|
|C\_Devices||
|C\_DeviceStates||
|C\_LocationsExclude|133e40bf-ecd0-4bcd-8d4c-434fec8df72d|
|C\_LocationsInclude|All|
|C\_PlatformsExclude||
|C\_PlatformsInclude|windows,macOS,linux|
|C\_SignInRiskLevel||
|C\_UsersExclude||
|C\_UsersExcludeGroups|R\_AAD\_Offshore\_Access\_Desktop|
|C\_UsersExcludeRoles||
|C\_UsersInclude|All|
|C\_UsersIncludeGroups||
|C\_UsersIncludeRoles||
|G\_BuiltInControls|block|
|G\_CustomControls||
|G\_Operator|OR|
|G\_TermsOfUse||
|M\_Created|2024-05-14T16:21:34.1740646Z|
|M\_DisplayName|CA - CCX - Global - Restrict Desktop Access to US|
|M\_Id|4b2d07c0-3cf2-4810-847c-d2b3e533478e|
|M\_Modified|2024-08-25T00:59:16.8055874Z|
|M\_State|enabled|
|S\_ApplicationEnforcedRestriction||
|S\_CloudAppSecurity||
|S\_CloudAppSecurityType||
|S\_PersistentBrowser||
|S\_PersistentBrowserMode||
|S\_SignInFrequency||
|S\_SignInFrequencyTimeframe| |
|Property|Value|
|:--|:--|
|C\_ApplicationsExclude||
|C\_ApplicationsInclude|(2fa253eb-05fe-4877-9bdb-3c085f9288ac)|
|C\_ApplicationsIncludeUserActions||
|C\_ClientAppTypes|all|
|C\_Devices||
|C\_DeviceStates||
|C\_LocationsExclude||
|C\_LocationsInclude||
|C\_PlatformsExclude||
|C\_PlatformsInclude||
|C\_SignInRiskLevel||
|C\_UsersExclude||
|C\_UsersExcludeGroups||
|C\_UsersExcludeRoles||
|C\_UsersInclude|All|
|C\_UsersIncludeGroups||
|C\_UsersIncludeRoles||
|G\_BuiltInControls|mfa|
|G\_CustomControls||
|G\_Operator|OR|
|G\_TermsOfUse||
|M\_Created|2024-06-17T18:52:54.4123008Z|
|M\_DisplayName|CA - CCX - Provider Portal - MFA POC - Require MFA|
|M\_Id|a20b3ea9-8f59-4d57-bfd5-1589c345da65|
|M\_Modified|2024-06-21T21:09:19.9669461Z|
|M\_State|enabled|
|S\_ApplicationEnforcedRestriction||
|S\_CloudAppSecurity||
|S\_CloudAppSecurityType||
|S\_PersistentBrowser||
|S\_PersistentBrowserMode||
|S\_SignInFrequency||
|S\_SignInFrequencyTimeframe| |
|Property|Value|
|:--|:--|
|C\_ApplicationsExclude||
|C\_ApplicationsInclude|NICE CXone - Troubleshooting(b4cc398a-99da-4eb5-a688-525a4b35a65d)<br />NICE EEM(402a8daa-dc65-4c18-9842-beef25f7e084)<br />NICE NDE(dc8bfd1a-51fb-42d5-9398-b4fe7791590b)<br />Nice WFM(d0be22d3-0d40-431b-87a6-f26654b44694)<br />NICE CXone(15cde0a7-7611-4432-8a8c-dd7d6eded99a)|
|C\_ApplicationsIncludeUserActions||
|C\_ClientAppTypes|all|
|C\_Devices||
|C\_DeviceStates||
|C\_LocationsExclude||
|C\_LocationsInclude||
|C\_PlatformsExclude||
|C\_PlatformsInclude||
|C\_SignInRiskLevel||
|C\_UsersExclude||
|C\_UsersExcludeGroups||
|C\_UsersExcludeRoles||
|C\_UsersInclude|All|
|C\_UsersIncludeGroups||
|C\_UsersIncludeRoles||
|G\_BuiltInControls|mfa|
|G\_CustomControls||
|G\_Operator|OR|
|G\_TermsOfUse||
|M\_Created|2024-08-01T16:41:41.0357993Z|
|M\_DisplayName|CA - CCX - Nice - Require MFA|
|M\_Id|f1849c07-5c67-458e-84ec-59514427ded1|
|M\_Modified|2024-11-25T15:31:22.6475098Z|
|M\_State|enabled|
|S\_ApplicationEnforcedRestriction||
|S\_CloudAppSecurity||
|S\_CloudAppSecurityType||
|S\_PersistentBrowser||
|S\_PersistentBrowserMode||
|S\_SignInFrequency||
|S\_SignInFrequencyTimeframe| |
|Property|Value|
|:--|:--|
|C\_ApplicationsExclude||
|C\_ApplicationsInclude|AWS IAM Identity Center (CCX)(280da9ad-192a-4b64-a323-d9a7bf129d38)|
|C\_ApplicationsIncludeUserActions||
|C\_ClientAppTypes|all|
|C\_Devices||
|C\_DeviceStates||
|C\_LocationsExclude||
|C\_LocationsInclude||
|C\_PlatformsExclude||
|C\_PlatformsInclude||
|C\_SignInRiskLevel||
|C\_UsersExclude||
|C\_UsersExcludeGroups||
|C\_UsersExcludeRoles||
|C\_UsersInclude|All|
|C\_UsersIncludeGroups||
|C\_UsersIncludeRoles||
|G\_BuiltInControls|mfa|
|G\_CustomControls||
|G\_Operator|OR|
|G\_TermsOfUse||
|M\_Created|2024-08-02T00:47:57.4759172Z|
|M\_DisplayName|CA - CCX - AWS - Require MFA|
|M\_Id|55a52b38-c772-4abf-aeca-79080fe165b3|
|M\_Modified|2024-08-02T00:59:29.7448389Z|
|M\_State|enabled|
|S\_ApplicationEnforcedRestriction||
|S\_CloudAppSecurity||
|S\_CloudAppSecurityType||
|S\_PersistentBrowser||
|S\_PersistentBrowserMode||
|S\_SignInFrequency|True|
|S\_SignInFrequencyTimeframe|2 hours|
|Property|Value|
|:--|:--|
|C\_ApplicationsExclude||
|C\_ApplicationsInclude|AWS IAM Identity Center (CCX)(280da9ad-192a-4b64-a323-d9a7bf129d38)|
|C\_ApplicationsIncludeUserActions||
|C\_ClientAppTypes|all|
|C\_Devices||
|C\_DeviceStates||
|C\_LocationsExclude|0e8b6659-0af2-4ead-bf4d-fc7a69efe298|
|C\_LocationsInclude|All|
|C\_PlatformsExclude||
|C\_PlatformsInclude||
|C\_SignInRiskLevel||
|C\_UsersExclude||
|C\_UsersExcludeGroups||
|C\_UsersExcludeRoles||
|C\_UsersInclude|All|
|C\_UsersIncludeGroups||
|C\_UsersIncludeRoles||
|G\_BuiltInControls|compliantDevice,domainJoinedDevice|
|G\_CustomControls||
|G\_Operator|OR|
|G\_TermsOfUse||
|M\_Created|2024-08-02T01:02:34.44919Z|
|M\_DisplayName|CA - CCX - AWS - Require CCX Network/Devices|
|M\_Id|32e0efd9-8e39-4347-8ebb-e182954a08c6|
|M\_Modified|2024-08-02T01:04:01.2516409Z|
|M\_State|enabled|
|S\_ApplicationEnforcedRestriction||
|S\_CloudAppSecurity||
|S\_CloudAppSecurityType||
|S\_PersistentBrowser||
|S\_PersistentBrowserMode||
|S\_SignInFrequency||
|S\_SignInFrequencyTimeframe| |
|Property|Value|
|:--|:--|
|C\_ApplicationsExclude||
|C\_ApplicationsInclude|NICE CXone - Troubleshooting(b4cc398a-99da-4eb5-a688-525a4b35a65d)<br />NICE NDE(dc8bfd1a-51fb-42d5-9398-b4fe7791590b)<br />NICE CXone(15cde0a7-7611-4432-8a8c-dd7d6eded99a)|
|C\_ApplicationsIncludeUserActions||
|C\_ClientAppTypes|all|
|C\_Devices||
|C\_DeviceStates||
|C\_LocationsExclude|0e8b6659-0af2-4ead-bf4d-fc7a69efe298|
|C\_LocationsInclude|All|
|C\_PlatformsExclude||
|C\_PlatformsInclude||
|C\_SignInRiskLevel||
|C\_UsersExclude||
|C\_UsersExcludeGroups||
|C\_UsersExcludeRoles||
|C\_UsersInclude|All|
|C\_UsersIncludeGroups||
|C\_UsersIncludeRoles||
|G\_BuiltInControls|compliantDevice,domainJoinedDevice|
|G\_CustomControls||
|G\_Operator|OR|
|G\_TermsOfUse||
|M\_Created|2024-08-07T15:15:35.7189561Z|
|M\_DisplayName|CA - CCX - NICE - Require CCX Network/Devices|
|M\_Id|627ebbbf-90c6-4ddf-a8c3-84aac1a1de22|
|M\_Modified|2024-11-25T15:31:59.5147857Z|
|M\_State|enabled|
|S\_ApplicationEnforcedRestriction||
|S\_CloudAppSecurity||
|S\_CloudAppSecurityType||
|S\_PersistentBrowser||
|S\_PersistentBrowserMode||
|S\_SignInFrequency||
|S\_SignInFrequencyTimeframe| |
|Property|Value|
|:--|:--|
|C\_ApplicationsExclude||
|C\_ApplicationsInclude|Provider Portal - MFA POC(020b856f-ddcb-4e88-8973-e413d00f96d3)|
|C\_ApplicationsIncludeUserActions||
|C\_ClientAppTypes|all|
|C\_Devices||
|C\_DeviceStates||
|C\_LocationsExclude||
|C\_LocationsInclude||
|C\_PlatformsExclude||
|C\_PlatformsInclude||
|C\_SignInRiskLevel||
|C\_UsersExclude||
|C\_UsersExcludeGroups||
|C\_UsersExcludeRoles||
|C\_UsersInclude|All|
|C\_UsersIncludeGroups||
|C\_UsersIncludeRoles||
|G\_BuiltInControls|mfa|
|G\_CustomControls||
|G\_Operator|OR|
|G\_TermsOfUse||
|M\_Created|2024-08-15T16:30:18.9291167Z|
|M\_DisplayName|CA - CCX - Provider Portal POC - Require MFA|
|M\_Id|7a87172e-5624-4e93-be26-05bb4aa6601f|
|M\_Modified||
|M\_State|enabled|
|S\_ApplicationEnforcedRestriction||
|S\_CloudAppSecurity||
|S\_CloudAppSecurityType||
|S\_PersistentBrowser||
|S\_PersistentBrowserMode||
|S\_SignInFrequency||
|S\_SignInFrequencyTimeframe| |
|Property|Value|
|:--|:--|
|C\_ApplicationsExclude||
|C\_ApplicationsInclude|Bitwarden SSO(1d934c2c-7c12-4e4a-8616-3dc5eb09c555)|
|C\_ApplicationsIncludeUserActions||
|C\_ClientAppTypes|all|
|C\_Devices||
|C\_DeviceStates||
|C\_LocationsExclude|0e8b6659-0af2-4ead-bf4d-fc7a69efe298|
|C\_LocationsInclude|All|
|C\_PlatformsExclude||
|C\_PlatformsInclude||
|C\_SignInRiskLevel||
|C\_UsersExclude||
|C\_UsersExcludeGroups||
|C\_UsersExcludeRoles||
|C\_UsersInclude||
|C\_UsersIncludeGroups|R\_Bitwarden\_Login\_SSO|
|C\_UsersIncludeRoles||
|G\_BuiltInControls|mfa,compliantDevice|
|G\_CustomControls||
|G\_Operator|AND|
|G\_TermsOfUse||
|M\_Created|2024-09-05T14:44:16.5552184Z|
|M\_DisplayName|CA - CCX - Bitwarden - Require MFA and CCX Device|
|M\_Id|60fa8cf3-5317-4694-ace3-2f6e9d8b0764|
|M\_Modified|2024-11-12T19:19:04.479096Z|
|M\_State|enabled|
|S\_ApplicationEnforcedRestriction||
|S\_CloudAppSecurity||
|S\_CloudAppSecurityType||
|S\_PersistentBrowser||
|S\_PersistentBrowserMode||
|S\_SignInFrequency|True|
|S\_SignInFrequencyTimeframe|1 hours|
|Property|Value|
|:--|:--|
|C\_ApplicationsExclude||
|C\_ApplicationsInclude|Proofpoint on Demand(dbbf6b93-d68e-4f8d-9dab-a028b0e49a57)|
|C\_ApplicationsIncludeUserActions||
|C\_ClientAppTypes|all|
|C\_Devices||
|C\_DeviceStates||
|C\_LocationsExclude||
|C\_LocationsInclude||
|C\_PlatformsExclude||
|C\_PlatformsInclude||
|C\_SignInRiskLevel||
|C\_UsersExclude||
|C\_UsersExcludeGroups||
|C\_UsersExcludeRoles||
|C\_UsersInclude|All|
|C\_UsersIncludeGroups||
|C\_UsersIncludeRoles||
|G\_BuiltInControls|mfa|
|G\_CustomControls||
|G\_Operator|OR|
|G\_TermsOfUse||
|M\_Created|2024-09-24T15:44:39.2994353Z|
|M\_DisplayName|CA - CCX - Proofpoint on Demand - Require MFA|
|M\_Id|86a2cac6-466d-4cfe-aa61-a3a4f73456d9|
|M\_Modified||
|M\_State|enabled|
|S\_ApplicationEnforcedRestriction||
|S\_CloudAppSecurity||
|S\_CloudAppSecurityType||
|S\_PersistentBrowser||
|S\_PersistentBrowserMode||
|S\_SignInFrequency||
|S\_SignInFrequencyTimeframe| |
|Property|Value|
|:--|:--|
|C\_ApplicationsExclude||
|C\_ApplicationsInclude|Proofpoint Admin Portal (POD)(5144935d-66fb-4662-ae74-0e62d4c44d7d)|
|C\_ApplicationsIncludeUserActions||
|C\_ClientAppTypes|all|
|C\_Devices||
|C\_DeviceStates||
|C\_LocationsExclude||
|C\_LocationsInclude||
|C\_PlatformsExclude||
|C\_PlatformsInclude||
|C\_SignInRiskLevel||
|C\_UsersExclude||
|C\_UsersExcludeGroups||
|C\_UsersExcludeRoles||
|C\_UsersInclude|All|
|C\_UsersIncludeGroups||
|C\_UsersIncludeRoles||
|G\_BuiltInControls|mfa|
|G\_CustomControls||
|G\_Operator|OR|
|G\_TermsOfUse||
|M\_Created|2024-09-24T15:58:30.6132496Z|
|M\_DisplayName|CA - CCX - Proofpoint Admin Portal - Require MFA|
|M\_Id|3322aa63-33d1-446a-9e16-31139a3fe54e|
|M\_Modified|2024-09-25T14:53:55.5931791Z|
|M\_State|enabled|
|S\_ApplicationEnforcedRestriction||
|S\_CloudAppSecurity||
|S\_CloudAppSecurityType||
|S\_PersistentBrowser||
|S\_PersistentBrowserMode||
|S\_SignInFrequency||
|S\_SignInFrequencyTimeframe| |
|Property|Value|
|:--|:--|
|C\_ApplicationsExclude||
|C\_ApplicationsInclude|NICE EEM(402a8daa-dc65-4c18-9842-beef25f7e084)<br />Nice WFM(d0be22d3-0d40-431b-87a6-f26654b44694)|
|C\_ApplicationsIncludeUserActions||
|C\_ClientAppTypes|all|
|C\_Devices||
|C\_DeviceStates||
|C\_LocationsExclude|0e8b6659-0af2-4ead-bf4d-fc7a69efe298|
|C\_LocationsInclude|All|
|C\_PlatformsExclude|android,iOS,macOS,linux|
|C\_PlatformsInclude|all|
|C\_SignInRiskLevel||
|C\_UsersExclude||
|C\_UsersExcludeGroups||
|C\_UsersExcludeRoles||
|C\_UsersInclude|All|
|C\_UsersIncludeGroups||
|C\_UsersIncludeRoles||
|G\_BuiltInControls|compliantDevice,domainJoinedDevice|
|G\_CustomControls||
|G\_Operator|OR|
|G\_TermsOfUse||
|M\_Created|2024-10-31T20:39:16.4989029Z|
|M\_DisplayName|CA - CCX - NICE - Require CCX Network/Devices - WFM Reporting|
|M\_Id|74f14456-2a20-4691-a1d0-32066032f3f8|
|M\_Modified|2024-11-01T20:05:33.5959864Z|
|M\_State|enabledForReportingButNotEnforced|
|S\_ApplicationEnforcedRestriction||
|S\_CloudAppSecurity||
|S\_CloudAppSecurityType||
|S\_PersistentBrowser||
|S\_PersistentBrowserMode||
|S\_SignInFrequency||
|S\_SignInFrequencyTimeframe| |
|Property|Value|
|:--|:--|
|C\_ApplicationsExclude||
|C\_ApplicationsInclude|All|
|C\_ApplicationsIncludeUserActions||
|C\_ClientAppTypes|all|
|C\_Devices||
|C\_DeviceStates||
|C\_LocationsExclude||
|C\_LocationsInclude||
|C\_PlatformsExclude||
|C\_PlatformsInclude||
|C\_SignInRiskLevel||
|C\_UsersExclude||
|C\_UsersExcludeGroups||
|C\_UsersExcludeRoles||
|C\_UsersInclude|None|
|C\_UsersIncludeGroups||
|C\_UsersIncludeRoles||
|G\_BuiltInControls||
|G\_CustomControls||
|G\_Operator||
|G\_TermsOfUse||
|M\_Created|2024-11-08T18:43:48.2142577Z|
|M\_DisplayName|Block TOR & Anonymous Proxies|
|M\_Id|19f10781-9820-4cb0-856e-13a634578895|
|M\_Modified|2024-12-02T14:27:27.2306555Z|
|M\_State|disabled|
|S\_ApplicationEnforcedRestriction||
|S\_CloudAppSecurity|True|
|S\_CloudAppSecurityType||
|S\_PersistentBrowser||
|S\_PersistentBrowserMode||
|S\_SignInFrequency||
|S\_SignInFrequencyTimeframe| |
|Property|Value|
|:--|:--|
|C\_ApplicationsExclude||
|C\_ApplicationsInclude|Bitwarden SSO(1d934c2c-7c12-4e4a-8616-3dc5eb09c555)|
|C\_ApplicationsIncludeUserActions||
|C\_ClientAppTypes|all|
|C\_Devices||
|C\_DeviceStates||
|C\_LocationsExclude||
|C\_LocationsInclude|0e8b6659-0af2-4ead-bf4d-fc7a69efe298|
|C\_PlatformsExclude||
|C\_PlatformsInclude||
|C\_SignInRiskLevel||
|C\_UsersExclude||
|C\_UsersExcludeGroups||
|C\_UsersExcludeRoles||
|C\_UsersInclude||
|C\_UsersIncludeGroups|R\_Bitwarden\_Login\_SSO|
|C\_UsersIncludeRoles||
|G\_BuiltInControls|mfa|
|G\_CustomControls||
|G\_Operator|OR|
|G\_TermsOfUse||
|M\_Created|2024-11-12T19:17:11.9020732Z|
|M\_DisplayName|CA - CCX - Bitwarden - Require MFA and CCX IP|
|M\_Id|ef4467fa-d9a9-4f3f-b245-cedb5f33fa7a|
|M\_Modified|2024-11-13T15:20:45.047139Z|
|M\_State|enabled|
|S\_ApplicationEnforcedRestriction||
|S\_CloudAppSecurity||
|S\_CloudAppSecurityType||
|S\_PersistentBrowser||
|S\_PersistentBrowserMode||
|S\_SignInFrequency|True|
|S\_SignInFrequencyTimeframe|1 hours|
|Property|Value|
|:--|:--|
|C\_ApplicationsExclude||
|C\_ApplicationsInclude|MicrosoftAdminPortals|
|C\_ApplicationsIncludeUserActions||
|C\_ClientAppTypes|all|
|C\_Devices||
|C\_DeviceStates||
|C\_LocationsExclude||
|C\_LocationsInclude||
|C\_PlatformsExclude||
|C\_PlatformsInclude||
|C\_SignInRiskLevel||
|C\_UsersExclude|Amason, Andrew(Andrew.Amason@carecentrix.com)|
|C\_UsersExcludeGroups||
|C\_UsersExcludeRoles||
|C\_UsersInclude||
|C\_UsersIncludeGroups||
|C\_UsersIncludeRoles|Exchange Administrator<br />Global Reader<br />Intune Administrator|
|G\_BuiltInControls|mfa|
|G\_CustomControls||
|G\_Operator|OR|
|G\_TermsOfUse||
|M\_Created|2024-11-14T20:27:14.6239241Z|
|M\_DisplayName|Supplimental: Multifactor authentication for admins accessing Microsoft Admin Portals COPY|
|M\_Id|45fab5d2-a2af-4ec3-ae65-4f58686b14d1|
|M\_Modified|2025-02-24T15:01:01.3827304Z|
|M\_State|enabled|
|S\_ApplicationEnforcedRestriction||
|S\_CloudAppSecurity||
|S\_CloudAppSecurityType||
|S\_PersistentBrowser||
|S\_PersistentBrowserMode||
|S\_SignInFrequency|True|
|S\_SignInFrequencyTimeframe|2 hours|
|Property|Value|
|:--|:--|
|C\_ApplicationsExclude||
|C\_ApplicationsInclude|RemoteAssistanceService(1dee7b72-b80d-4e56-933d-8b6b04f9a3e2)|
|C\_ApplicationsIncludeUserActions||
|C\_ClientAppTypes|all|
|C\_Devices||
|C\_DeviceStates||
|C\_LocationsExclude||
|C\_LocationsInclude||
|C\_PlatformsExclude||
|C\_PlatformsInclude||
|C\_SignInRiskLevel||
|C\_UsersExclude||
|C\_UsersExcludeGroups||
|C\_UsersExcludeRoles||
|C\_UsersInclude||
|C\_UsersIncludeGroups|AAD\_Microsoft365\_Licensing\_RemoteHelp|
|C\_UsersIncludeRoles||
|G\_BuiltInControls|mfa|
|G\_CustomControls||
|G\_Operator|OR|
|G\_TermsOfUse||
|M\_Created|2025-01-24T21:49:55.029118Z|
|M\_DisplayName|CA - CCX - MEM - Remote Help|
|M\_Id|5491b1de-b07d-4ad0-b35b-cd8d2041f2d2|
|M\_Modified|2025-01-30T18:11:52.0065847Z|
|M\_State|enabled|
|S\_ApplicationEnforcedRestriction||
|S\_CloudAppSecurity||
|S\_CloudAppSecurityType||
|S\_PersistentBrowser||
|S\_PersistentBrowserMode||
|S\_SignInFrequency||
|S\_SignInFrequencyTimeframe| |
|Property|Value|
|:--|:--|
|C\_ApplicationsExclude||
|C\_ApplicationsInclude|All|
|C\_ApplicationsIncludeUserActions||
|C\_ClientAppTypes|all|
|C\_Devices||
|C\_DeviceStates||
|C\_LocationsExclude||
|C\_LocationsInclude||
|C\_PlatformsExclude||
|C\_PlatformsInclude||
|C\_SignInRiskLevel|high|
|C\_UsersExclude||
|C\_UsersExcludeGroups||
|C\_UsersExcludeRoles||
|C\_UsersInclude||
|C\_UsersIncludeGroups|Conditional Access: Risky sign-in multifactor authentication (a4ea6c0f-b8fb-4d29-91f1-9f8cf0601e98)|
|C\_UsersIncludeRoles||
|G\_BuiltInControls|mfa|
|G\_CustomControls||
|G\_Operator|OR|
|G\_TermsOfUse||
|M\_Created|2025-02-13T01:38:04.1923904Z|
|M\_DisplayName|Microsoft-managed: Multifactor authentication and reauthentication for risky sign-ins|
|M\_Id|f501b837-3b2b-4e04-8cda-7680becf3e37|
|M\_Modified|2025-05-14T20:02:03.06783Z|
|M\_State|enabled|
|S\_ApplicationEnforcedRestriction||
|S\_CloudAppSecurity||
|S\_CloudAppSecurityType||
|S\_PersistentBrowser||
|S\_PersistentBrowserMode||
|S\_SignInFrequency|True|
|S\_SignInFrequencyTimeframe| |
|Property|Value|
|:--|:--|
|C\_ApplicationsExclude||
|C\_ApplicationsInclude|All|
|C\_ApplicationsIncludeUserActions||
|C\_ClientAppTypes|all|
|C\_Devices||
|C\_DeviceStates||
|C\_LocationsExclude||
|C\_LocationsInclude|00985883-fe80-46d2-aa8c-5e3aa8ebc24f|
|C\_PlatformsExclude||
|C\_PlatformsInclude||
|C\_SignInRiskLevel||
|C\_UsersExclude||
|C\_UsersExcludeGroups||
|C\_UsersExcludeRoles||
|C\_UsersInclude|()|
|C\_UsersIncludeGroups||
|C\_UsersIncludeRoles||
|G\_BuiltInControls|block|
|G\_CustomControls||
|G\_Operator|OR|
|G\_TermsOfUse||
|M\_Created|2025-04-02T13:03:37.3048002Z|
|M\_DisplayName|Block VPN IP Ranges|
|M\_Id|fdbaf0e6-f585-4984-8a5b-e3204926c6f8|
|M\_Modified|2025-04-02T15:22:37.4138687Z|
|M\_State|enabled|
|S\_ApplicationEnforcedRestriction||
|S\_CloudAppSecurity||
|S\_CloudAppSecurityType||
|S\_PersistentBrowser||
|S\_PersistentBrowserMode||
|S\_SignInFrequency||
|S\_SignInFrequencyTimeframe| |
|Property|Value|
|:--|:--|
|C\_ApplicationsExclude||
|C\_ApplicationsInclude|All|
|C\_ApplicationsIncludeUserActions||
|C\_ClientAppTypes|all|
|C\_Devices||
|C\_DeviceStates||
|C\_LocationsExclude||
|C\_LocationsInclude||
|C\_PlatformsExclude||
|C\_PlatformsInclude|windowsPhone|
|C\_SignInRiskLevel||
|C\_UsersExclude|Amason, Andrew(Andrew.Amason@carecentrix.com)|
|C\_UsersExcludeGroups||
|C\_UsersExcludeRoles||
|C\_UsersInclude|All|
|C\_UsersIncludeGroups||
|C\_UsersIncludeRoles||
|G\_BuiltInControls|block|
|G\_CustomControls||
|G\_Operator|OR|
|G\_TermsOfUse||
|M\_Created|2025-04-03T20:40:52.652171Z|
|M\_DisplayName|CA - CCX - Global - Block Windows Phone Access|
|M\_Id|a045b8c1-caa2-4444-8b26-d0eba0377900|
|M\_Modified|2025-04-15T17:43:16.5472313Z|
|M\_State|enabled|
|S\_ApplicationEnforcedRestriction||
|S\_CloudAppSecurity||
|S\_CloudAppSecurityType||
|S\_PersistentBrowser||
|S\_PersistentBrowserMode||
|S\_SignInFrequency||
|S\_SignInFrequencyTimeframe| |
|Property|Value|
|:--|:--|
|C\_ApplicationsExclude||
|C\_ApplicationsInclude|All|
|C\_ApplicationsIncludeUserActions||
|C\_ClientAppTypes|all|
|C\_Devices||
|C\_DeviceStates||
|C\_LocationsExclude||
|C\_LocationsInclude||
|C\_PlatformsExclude||
|C\_PlatformsInclude||
|C\_SignInRiskLevel||
|C\_UsersExclude||
|C\_UsersExcludeGroups||
|C\_UsersExcludeRoles||
|C\_UsersInclude|All|
|C\_UsersIncludeGroups||
|C\_UsersIncludeRoles||
|G\_BuiltInControls|block|
|G\_CustomControls||
|G\_Operator|OR|
|G\_TermsOfUse||
|M\_Created|2025-04-22T00:41:54.9443682Z|
|M\_DisplayName|Microsoft-managed: Block device code flow|
|M\_Id|b3b9b82b-165e-4b31-a1aa-adb952835e62|
|M\_Modified|2025-04-29T15:25:01.4610866Z|
|M\_State|enabled|
|S\_ApplicationEnforcedRestriction||
|S\_CloudAppSecurity||
|S\_CloudAppSecurityType||
|S\_PersistentBrowser||
|S\_PersistentBrowserMode||
|S\_SignInFrequency||
|S\_SignInFrequencyTimeframe| |
## Conditional Access Policies
This section contains a list of all conditional Access policies configured in Azure AD.
### CA - CCX - M365 - Block Unapproved Mobile Users
#### Metadata
|Name|Value|
|:--|:--|
|Created|2022-02-17T21:12:20.8304534Z|
|DisplayName|CA - CCX - M365 - Block Unapproved Mobile Users|
|Id|3e3b4744-0993-4f0b-9b85-cc7900e4d924|
|Modified|2024-01-25T21:34:17.1586076Z|
|State|enabled|
#### Conditions
|Name|Value|
|:--|:--|
|ApplicationsExclude||
|ApplicationsInclude|Office365|
|ApplicationsIncludeUserActions||
|ClientAppTypes|exchangeActiveSync,browser,mobileAppsAndDesktopClients,other|
|Devices||
|DeviceStates||
|LocationsExclude||
|LocationsInclude||
|PlatformsExclude||
|PlatformsInclude|android,iOS|
|SignInRiskLevel||
|UsersExclude||
|UsersExcludeGroups|R\_Intune\_Mobile\_Access|
|UsersExcludeRoles||
|UsersInclude|All|
|UsersIncludeGroups||
|UsersIncludeRoles||
#### Grant Controls
|Name|Value|
|:--|:--|
|BuiltInControls|block|
|CustomControls||
|Operator|OR|
|TermsOfUse||
#### Session Controls
|Name|Value|
|:--|:--|
|ApplicationEnforcedRestriction||
|CloudAppSecurity||
|CloudAppSecurityType||
|PersistentBrowser||
|PersistentBrowserMode||
|SignInFrequency||
|SignInFrequencyTimeframe| |
### CA - CCX - Global - Restrict Mobile Access to US
#### Metadata
|Name|Value|
|:--|:--|
|Created|2022-03-22T20:23:37.3397458Z|
|DisplayName|CA - CCX - Global - Restrict Mobile Access to US|
|Id|d110337f-09ee-4ec7-97d1-173a3ba97d6e|
|Modified|2023-08-29T16:05:56.0085224Z|
|State|enabled|
#### Conditions
|Name|Value|
|:--|:--|
|ApplicationsExclude||
|ApplicationsInclude|Office365|
|ApplicationsIncludeUserActions||
|ClientAppTypes|all|
|Devices||
|DeviceStates||
|LocationsExclude|133e40bf-ecd0-4bcd-8d4c-434fec8df72d|
|LocationsInclude|All|
|PlatformsExclude||
|PlatformsInclude|android,iOS|
|SignInRiskLevel||
|UsersExclude||
|UsersExcludeGroups|R\_Intune\_Mobile\_AccessR\_AAD\_Offshore\_Access\_Mobile|
|UsersExcludeRoles||
|UsersInclude|All|
|UsersIncludeGroups||
|UsersIncludeRoles||
#### Grant Controls
|Name|Value|
|:--|:--|
|BuiltInControls|block|
|CustomControls||
|Operator|OR|
|TermsOfUse||
#### Session Controls
|Name|Value|
|:--|:--|
|ApplicationEnforcedRestriction||
|CloudAppSecurity||
|CloudAppSecurityType||
|PersistentBrowser||
|PersistentBrowserMode||
|SignInFrequency||
|SignInFrequencyTimeframe| |
### CA - CCX - M365 - Grant Compliance Access- MacOS
#### Metadata
|Name|Value|
|:--|:--|
|Created|2022-03-31T13:54:15.2358463Z|
|DisplayName|CA - CCX - M365 - Grant Compliance Access- MacOS|
|Id|76f1d229-e04d-4490-8dc9-a6ba605b0f82|
|Modified|2025-05-13T12:27:21.1072702Z|
|State|enabled|
#### Conditions
|Name|Value|
|:--|:--|
|ApplicationsExclude|VMware Horizon - Unified Access Gateway(17a58be3-afbe-45c4-a4ab-4e7640c285fc)|
|ApplicationsInclude|All|
|ApplicationsIncludeUserActions||
|ClientAppTypes|all|
|Devices||
|DeviceStates||
|LocationsExclude|AllTrusted|
|LocationsInclude|All|
|PlatformsExclude||
|PlatformsInclude|macOS|
|SignInRiskLevel||
|UsersExclude||
|UsersExcludeGroups|R\_Intune\_Mobile\_AccessR\_AAD\_Offshore\_Access\_Mobile|
|UsersExcludeRoles||
|UsersInclude|All|
|UsersIncludeGroups||
|UsersIncludeRoles||
#### Grant Controls
|Name|Value|
|:--|:--|
|BuiltInControls|compliantDevice|
|CustomControls||
|Operator|OR|
|TermsOfUse||
#### Session Controls
|Name|Value|
|:--|:--|
|ApplicationEnforcedRestriction||
|CloudAppSecurity||
|CloudAppSecurityType||
|PersistentBrowser||
|PersistentBrowserMode||
|SignInFrequency|True|
|SignInFrequencyTimeframe|7 days|
### CA - CCX - Global - Block Linux External Access
#### Metadata
|Name|Value|
|:--|:--|
|Created|2022-08-09T15:32:33.3564342Z|
|DisplayName|CA - CCX - Global - Block Linux External Access|
|Id|a0463337-0645-4708-b0e5-98e5966e1f55|
|Modified|2025-01-03T13:36:42.5390569Z|
|State|enabled|
#### Conditions
|Name|Value|
|:--|:--|
|ApplicationsExclude|VMware Horizon - Unified Access Gateway(17a58be3-afbe-45c4-a4ab-4e7640c285fc)|
|ApplicationsInclude|All|
|ApplicationsIncludeUserActions||
|ClientAppTypes|all|
|Devices||
|DeviceStates||
|LocationsExclude|0e8b6659-0af2-4ead-bf4d-fc7a69efe298|
|LocationsInclude|All|
|PlatformsExclude||
|PlatformsInclude|linux|
|SignInRiskLevel||
|UsersExclude||
|UsersExcludeGroups|R\_Intune\_Mobile\_AccessR\_AAD\_Offshore\_Access\_Mobile|
|UsersExcludeRoles||
|UsersInclude|All|
|UsersIncludeGroups||
|UsersIncludeRoles||
#### Grant Controls
|Name|Value|
|:--|:--|
|BuiltInControls|block|
|CustomControls||
|Operator|OR|
|TermsOfUse||
#### Session Controls
|Name|Value|
|:--|:--|
|ApplicationEnforcedRestriction||
|CloudAppSecurity||
|CloudAppSecurityType||
|PersistentBrowser||
|PersistentBrowserMode||
|SignInFrequency||
|SignInFrequencyTimeframe| |
### CA - CCX - M365 - Grant Hybrid Join Access - Windows
#### Metadata
|Name|Value|
|:--|:--|
|Created|2022-08-15T12:15:36.5634255Z|
|DisplayName|CA - CCX - M365 - Grant Hybrid Join Access - Windows|
|Id|59e77730-c800-4952-8708-f34b80a3267d|
|Modified|2025-05-12T18:32:36.5341764Z|
|State|enabled|
#### Conditions
|Name|Value|
|:--|:--|
|ApplicationsExclude||
|ApplicationsInclude|Adobe Identity Management (OIDC)(6aba272b-e383-44cd-8eda-34c66dfd9546)<br />Adobe Workfront(a846bde4-f407-45ea-ad51-c0fc77a0bb16)<br />MicrosoftAdminPortals<br />Windows Azure Service Management API(797f4846-ba00-4fd7-ba43-dac1f8f63013)<br />Office365|
|ApplicationsIncludeUserActions||
|ClientAppTypes|all|
|Devices|@{includeDeviceStates=System.Object[]; excludeDeviceStates=System.Object[]; includeDevices=System.Object[]; excludeDevices=System.Object[]; deviceFilter=}|
|DeviceStates||
|LocationsExclude|0e8b6659-0af2-4ead-bf4d-fc7a69efe298|
|LocationsInclude|All|
|PlatformsExclude||
|PlatformsInclude|windows|
|SignInRiskLevel||
|UsersExclude|iCIMS Candidate Tracking Service Account(iCIMSCandidate.TrackingServiceAccount@carecentrix.com)|
|UsersExcludeGroups|R\_Intune\_Mobile\_AccessR\_AAD\_Offshore\_Access\_MobileAAD\_MEM\_Autopilot\_Troubleshooting|
|UsersExcludeRoles||
|UsersInclude|All|
|UsersIncludeGroups||
|UsersIncludeRoles||
#### Grant Controls
|Name|Value|
|:--|:--|
|BuiltInControls|domainJoinedDevice|
|CustomControls||
|Operator|OR|
|TermsOfUse||
#### Session Controls
|Name|Value|
|:--|:--|
|ApplicationEnforcedRestriction||
|CloudAppSecurity||
|CloudAppSecurityType||
|PersistentBrowser||
|PersistentBrowserMode||
|SignInFrequency|True|
|SignInFrequencyTimeframe|10 days|
### CA - CCX - PAGlobalProtect - Require MFA
#### Metadata
|Name|Value|
|:--|:--|
|Created|2022-09-02T13:29:38.5885644Z|
|DisplayName|CA - CCX - PAGlobalProtect - Require MFA|
|Id|64f6402e-fc9d-4fcb-bffc-8a7fe2b433c9|
|Modified|2023-03-21T20:08:34.4480472Z|
|State|enabled|
#### Conditions
|Name|Value|
|:--|:--|
|ApplicationsExclude||
|ApplicationsInclude|Palo Alto Networks - GlobalProtect(96c5df68-2489-4cd6-9f01-a25a1ebd5071)|
|ApplicationsIncludeUserActions||
|ClientAppTypes|all|
|Devices||
|DeviceStates||
|LocationsExclude||
|LocationsInclude||
|PlatformsExclude||
|PlatformsInclude||
|SignInRiskLevel||
|UsersExclude||
|UsersExcludeGroups|R\_Intune\_Mobile\_AccessR\_AAD\_Offshore\_Access\_MobileAAD\_MEM\_Autopilot\_Troubleshooting|
|UsersExcludeRoles||
|UsersInclude|All|
|UsersIncludeGroups||
|UsersIncludeRoles||
#### Grant Controls
|Name|Value|
|:--|:--|
|BuiltInControls|mfa|
|CustomControls||
|Operator|OR|
|TermsOfUse||
#### Session Controls
Reference in New Issue View Git Blame Copy Permalink