How To Monitor Azure Active Directory Conditional Access Policies

Following my previews article about Conditional Access and how to block legacy authentication, in this blog post, I will show you to monitor policies.

Monitoring Conditional Access policies is essential as setting them up.

Knowing how to monitor them will help you troubleshoot issues and understand if they are being applied.

In my case, and as shown in the screenshot below, I have my Block Legacy Authentication policy in place.

Monitor Policies

To monitor Conditional Access policies, we use the Sign-ins login feature located under Azure Active Directory Menu.

From the Sign-ins page, I will run a search using the built-in options.

As shown below, the right side column shows the Conditional Access events an in my Case I have a failure.

If I click on the event, I use the Conditional Access tab to review why the user blocked and try to fix the issue if needed.

My recommendation here is to have some weekly reviewing process that will help keep an eye on all policies.