Conditional Access Policy - Exclude Service Provider

1.       Review your Azure AD sign-in logs for the failed attempt. The User will appear as “SHI Technician”. Review the Conditional Access Policy details tab

(Example)





2.       Exclude Guest User from Conditional Access Policy

a.       Go to the Azure Active Directory page



b.       On the left menu, select the Security Page





c.       Click on Conditional Access





d.       Select Policies in the left menu





e.       Select the CA policy you want to exclude a user from

f.        Click on Users or workload identities

g.       In the Exclude tab, click on Select excluded users

h.       Please exclude any guest or external account classified as a “Service Provider User” through your conditional access policy. Save the changes and the user/group selected is now excluded from the CA policy