CA Policy for Guests Requiring MFA
An Azure AD Conditional Access Policy for Guests that requires MFA for all applications.
Suggested name:
CA4{XX}-Guests-BaseProtection-AllApps-AllConditions-MFA
Assignments
Users
| Users and groups | |
|---|---|
| Include users | All guest and external users |
Cloud apps or actions
| Cloud apps | |
|---|---|
| Include | All cloud apps |
Access controls
| Grant access | |
|---|---|
| Require | Multifactor authentication |
References
https://learn.microsoft.com/en-us/azure/architecture/guide/security/conditional-access-architecture https://learn.microsoft.com/en-us/azure/architecture/guide/security/conditional-access-framework https://learn.microsoft.com/en-us/azure/active-directory/conditional-access/concept-conditional-access-policy-common