Forum Discussion

Copper Contributor

Feb 16, 2018

Solved

Conditional Access based on location only?

I recently upgraded our azure a/d licenses to get access to more security and reporting in azure a/d. I want to create a conditional access policy that is very simple. I want to allow access to...

azure

Anonymous
Feb 17, 2018
Hi Jim,

Can you try it the other way around? Create a Block policy and exclude the United States region? If i'm not mistaken, that's the way to go with Conditional Acces Policies based on region/location.

Best regards,

Ruud Gijsbers

Anonymous

Feb 17, 2018

Hi Jim,

Can you try it the other way around? Create a Block policy and exclude the United States region? If i'm not mistaken, that's the way to go with Conditional Acces Policies based on region/location.

Best regards,

Ruud Gijsbers

Jim Kacerguis
Copper Contributor
Feb 19, 2018
Yes, that was the correct approach. Thank you.

For anyone else trying to do this, I created a named location of united states. I created a new policy, selected all cloud apps, set conditions of all platforms, and set client apps to browser and mobile apps and desktop clients.

Under the location condition, under the exclude tab, I used the united states named location.

Then, under access controls > Grant, I set it to block access and it let me create the policy. I tested it with a test user and vpn outside the US and it blocked access as expected.