Forum Discussion
Conditional Access Policy
Is there any issue with CA? I am testing a CA policy to block access to the resource if the device is noncompliant, but it's not working at all now.
2 Replies
You might want to try revoking the user session. If the service you're testing the authentication with doesn't support continuous access evaluation, it might take an hour for the access token to be revoked / depending on your CA policies Session settings.
Also make sure to specify that the device should be marked as non-compliant "immediately" in the Compliance policy settings.
Anything in the Entra sign in logs? You can run the What if tool in CA to validate your policy.
