Show / Hide Table of Contents

Policy.Read.ConditionalAccess

Allows the app to read your organization's conditional access policies on behalf of the signed-in user.

Graph Methods

Type: A = Application Permission, D = Delegate Permission

Ver Type Method
Beta A,D GET /identity/conditionalAccess/authenticationContextClassReferences
Beta A,D GET /identity/conditionalAccess/authenticationContextClassReferences/{id}

Delegate Permission

Id 633e0fce-8c58-4cfb-9495-12bbd5a24f7c
Consent Type User
Display String Read your organization's conditional access policies
Description Allows the app to read your organization's conditional access policies on behalf of the signed-in user.

Application Permission

Id 37730810-e9ba-4e46-b07e-8ca78d182097
Display String Read your organization's conditional access policies
Description Allows the app to read your organization's conditional access policies, without a signed-in user.

Resources

authenticationContextClassReference

Property Type Description
id String Identifier used to reference the authentication context class. The id is used to trigger step-up authentication for the referenced authentication requirements and is the value that will be issued in the acrs claim. This value in the claim is used to verify the required authentication context has been satisfied. The allowed id values are "c1" through "c25".
displayName String The display name is the friendly name of the authenticationContextClassReference. This value should be used to identify the authentication context class reference when building user facing admin experiences. For example, selection UX.
description String A short explanation of the policies that are enforced by authenticationContextClassReference. This value should be used to provide secondary text to describe the authentication context class reference when building user facing admin experiences. For example, selection UX.
isAvailable boolean Indicates whether the authenticationContextClassReference has been published by the security admin and is ready for use by apps. When it is set to false it should not be shown in admin UX experiences because the value is not currently available for selection.
In This Article
Back to top Created by merill | Submit feedback