Baseline/CA401-GuestUsers-AttackSurfaceReduction-AllApps-AnyPlatform-BlockNonGuestAppAccess.json
|
{
"@odata.context": "https://graph.microsoft.com/beta/$metadata#identity/conditionalAccess/policies/$entity", "@odata.type": "#microsoft.graph.conditionalAccessPolicy", "@odata.id": "identity/conditionalAccess/policies('5de6aa3c-e1f7-4e56-a8e0-ae37aa53cb4f')", "@odata.editLink": "identity/conditionalAccess/policies('5de6aa3c-e1f7-4e56-a8e0-ae37aa53cb4f')", "id": "5de6aa3c-e1f7-4e56-a8e0-ae37aa53cb4f", "templateId": null, "displayName": "CA401-GuestUsers-AttackSurfaceReduction-AllApps-AnyPlatform-BlockNonGuestAppAccess", "createdDateTime@odata.type": "#DateTimeOffset", "createdDateTime": "2024-05-24T09:28:09.3712249Z", "modifiedDateTime@odata.type": "#DateTimeOffset", "modifiedDateTime": "2024-05-24T10:57:44.7484241Z", "state@odata.type": "#microsoft.graph.conditionalAccessPolicyState", "state": "enabled", "deletedDateTime": null, "partialEnablementStrategy": null, "sessionControls": null, "conditions": { "@odata.type": "#microsoft.graph.conditionalAccessConditionSet", "userRiskLevels@odata.type": "#Collection(microsoft.graph.riskLevel)", "userRiskLevels": [], "signInRiskLevels@odata.type": "#Collection(microsoft.graph.riskLevel)", "signInRiskLevels": [], "clientAppTypes@odata.type": "#Collection(microsoft.graph.conditionalAccessClientApp)", "clientAppTypes": [ "all" ], "platforms": null, "locations": null, "times": null, "deviceStates": null, "devices": null, "clientApplications": null, "applications": { "@odata.type": "#microsoft.graph.conditionalAccessApplications", "includeApplications@odata.type": "#Collection(String)", "includeApplications": [ "All" ], "excludeApplications@odata.type": "#Collection(String)", "excludeApplications": [ "2793995e-0a7d-40d7-bd35-6968ba142197", "Office365" ], "includeUserActions@odata.type": "#Collection(String)", "includeUserActions": [], "includeAuthenticationContextClassReferences@odata.type": "#Collection(String)", "includeAuthenticationContextClassReferences": [], "applicationFilter": null }, "users": { "@odata.type": "#microsoft.graph.conditionalAccessUsers", "includeUsers@odata.type": "#Collection(String)", "includeUsers": [], "excludeUsers@odata.type": "#Collection(String)", "excludeUsers": [], "includeGroups@odata.type": "#Collection(String)", "includeGroups": [], "excludeGroups@odata.type": "#Collection(String)", "excludeGroups": [], "includeRoles@odata.type": "#Collection(String)", "includeRoles": [], "excludeRoles@odata.type": "#Collection(String)", "excludeRoles": [], "excludeGuestsOrExternalUsers": null, "includeGuestsOrExternalUsers": { "@odata.type": "#microsoft.graph.conditionalAccessGuestsOrExternalUsers", "guestOrExternalUserTypes@odata.type": "#microsoft.graph.conditionalAccessGuestOrExternalUserTypes", "guestOrExternalUserTypes": "internalGuest,b2bCollaborationGuest,b2bCollaborationMember,b2bDirectConnectUser,otherExternalUser", "externalTenants": { "@odata.type": "#microsoft.graph.conditionalAccessAllExternalTenants", "membershipKind@odata.type": "#microsoft.graph.conditionalAccessExternalTenantsMembershipKind", "membershipKind": "all" } } } }, "grantControls": { "@odata.type": "#microsoft.graph.conditionalAccessGrantControls", "operator": "OR", "builtInControls@odata.type": "#Collection(microsoft.graph.conditionalAccessGrantControl)", "builtInControls": [ "block" ], "customAuthenticationFactors@odata.type": "#Collection(String)", "customAuthenticationFactors": [], "termsOfUse@odata.type": "#Collection(String)", "termsOfUse": [], "authenticationStrength@odata.context": "https://graph.microsoft.com/beta/$metadata#identity/conditionalAccess/policies('5de6aa3c-e1f7-4e56-a8e0-ae37aa53cb4f')/grantControls/authenticationStrength/$entity", "authenticationStrength@odata.associationLink": "https://graph.microsoft.com/beta/identity/conditionalAccess/policies('5de6aa3c-e1f7-4e56-a8e0-ae37aa53cb4f')/grantControls/authenticationStrength/$ref", "authenticationStrength@odata.navigationLink": "https://graph.microsoft.com/beta/identity/conditionalAccess/policies('5de6aa3c-e1f7-4e56-a8e0-ae37aa53cb4f')/grantControls/authenticationStrength", "authenticationStrength": null }, "#microsoft.graph.restore": { "title": "microsoft.graph.restore", "target": "https://graph.microsoft.com/beta/identity/conditionalAccess/policies('5de6aa3c-e1f7-4e56-a8e0-ae37aa53cb4f')/microsoft.graph.restore" } } |