Skip to content

Commit 900f8f6

Browse files
author
Markus Vilcinskas
committed
mon110
1 parent da69c4b commit 900f8f6

File tree

1 file changed

+3
-3
lines changed

1 file changed

+3
-3
lines changed

articles/active-directory/reports-monitoring/how-to-view-applied-conditional-access-policies.md

Lines changed: 3 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -87,11 +87,11 @@ The following built in roles grant permission to view sign-in logs:
8787

8888
If you use a client app to pull sign-in logs from Graph, your app needs permissions to receive the **appliedConditionalAccessPolicy** resource from Graph. As a best practice, assign **Policy.Read.ConditionalAccess** because it's the least privileged permission. Any of the following permissions is sufficient for a client app to access applied CA policies in sign-in logs through Graph:
8989

90-
Policy.Read.ConditionalAccess
90+
- Policy.Read.ConditionalAccess
9191

92-
Policy.ReadWrite.ConditionalAccess
92+
- Policy.ReadWrite.ConditionalAccess
9393

94-
Policy.Read.All
94+
- Policy.Read.All
9595

9696

9797

0 commit comments

Comments
 (0)