You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: articles/active-directory/conditional-access/workload-identity.md
+5-5Lines changed: 5 additions & 5 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -1,5 +1,5 @@
1
1
---
2
-
title: Azure Active Directory Conditional Access for workload identities preview
2
+
title: Azure Active Directory Conditional Access for workload identities
3
3
description: Protecting workload identities with Conditional Access policies
4
4
5
5
services: active-directory
@@ -15,9 +15,9 @@ ms.reviewer: dawoo
15
15
16
16
ms.collection: M365-identity-device-management
17
17
---
18
-
# Conditional Access for workload identities preview
18
+
# Conditional Access for workload identities
19
19
20
-
Previously, Conditional Access policies applied only to users when they access apps and services like SharePoint online or the Azure portal. This preview adds support for Conditional Access policies applied to service principals owned by the organization. We call this capability Conditional Access for workload identities.
20
+
Conditional Access policies have histroically applied only to users when they access apps and services like SharePoint online or the Azure portal. We are now extending support for Conditional Access policies to be applied to service principals owned by the organization. We call this capability Conditional Access for workload identities.
21
21
22
22
A [workload identity](../develop/workload-identities-overview.md) is an identity that allows an application or service principal access to resources, sometimes in the context of a user. These workload identities differ from traditional user accounts as they:
23
23
@@ -28,12 +28,12 @@ A [workload identity](../develop/workload-identities-overview.md) is an identity
28
28
These differences make workload identities harder to manage and put them at higher risk for compromise.
29
29
30
30
> [!IMPORTANT]
31
-
> In public preview, you can scope Conditional Access policies to service principals in Azure AD with an Azure Active Directory Premium P2 edition active in your tenant. After general availability, additional licenses might be required.
31
+
> Conditional Access policies can be scoped to to service principals in Azure AD with Workload Identities Premium licenses.
32
32
33
33
> [!NOTE]
34
34
> Policy can be applied to single tenant service principals that have been registered in your tenant. Third party SaaS and multi-tenanted apps are out of scope. Managed identities are not covered by policy.
35
35
36
-
This preview enables blocking service principals from outside of trusted public IP ranges, or based on risk detected by Azure AD Identity Protection.
36
+
Conditional Access for workload identities enables blocking service principals from outside of trusted public IP ranges, or based on risk detected by Azure AD Identity Protection.
![prmerger-automator[bot]](https://avatars.githubusercontent.com/u/22479449?v=4&size=40){kind=avatar}
0 commit comments