Skip to content

Control 1.11: Conditional Access and Phishing-Resistant MFA

Overview

Control ID: 1.11 Control Name: Conditional Access and Phishing-Resistant MFA Regulatory Reference: GLBA 501(b), FINRA 4511, SEC Reg SHO, SOX 302 Setup Time: 2-4 hours

Purpose

Implement adaptive access control using Microsoft Entra Conditional Access to enforce risk-based policies for both human users creating and managing AI agents, and for the agents themselves through Microsoft Entra Agent ID. This control ensures only authorized, authenticated users can create, publish, and manage agents in regulated environments.

US-only scope: This control is written for US financial services environments.

Description

Microsoft Entra Conditional Access provides adaptive access control for both human users and AI agents. With the introduction of Microsoft Entra Agent ID (Preview), Conditional Access now treats AI agents as first-class identities, enabling Zero Trust policies for agent access.

See Conditional Access overview and Microsoft Entra Agent ID for detailed capabilities.

Key Capabilities

Capability Description FSI Relevance
Conditional Access policies Risk-based access control Adaptive security
Phishing-resistant MFA FIDO2, passkeys, certificates Strong authentication
Agent identity protection Risk detection for AI agents Agent security
Authentication methods Configure allowed auth methods Compliance enforcement
Agent ID governance Sponsor-based agent lifecycle Accountability

Prerequisites

Primary Owner Admin Role: Entra Security Admin Supporting Roles: None

Licenses Required

License Purpose Required For
Microsoft Entra ID P1 Basic Conditional Access All governance levels
Microsoft Entra ID P2 Risk-based policies, PIM Level 2+
Microsoft Entra ID Governance Agent ID, Access Reviews Level 4
FIDO2 Security Keys Phishing-resistant MFA Enterprise-managed users

Permissions Required

Role Purpose Assignment Method
Conditional Access Administrator Create and manage CA policies Entra ID
Security Administrator View and configure security settings Entra ID
Authentication Administrator Configure auth methods Entra ID
Global Administrator Full tenant administration Entra ID (limited use)

Dependencies

Dependency Description Verification
Entra ID P1/P2 Conditional Access licensing Check license assignment
MFA configured Multi-factor authentication Authentication methods configured
Named Locations Define trusted networks Create in CA → Manage
Agent ID (Preview) For agent identity governance Check preview enrollment

Pre-Setup Checklist

  • [ ] Entra ID P1/P2 licenses assigned to target users
  • [ ] Emergency access accounts configured (excluded from CA)
  • [ ] Named locations defined for office networks
  • [ ] Authentication methods configured
  • [ ] Break-glass procedure documented
  • [ ] Agent inventory available for policy targeting

Emergency Access (Break-Glass) Accounts

Maintain at least two emergency access accounts that are excluded from Conditional Access policies (including MFA and authentication strength requirements) to prevent tenant lockout.

FSI implementation notes (US):

  • Use cloud-only accounts with long, unique passwords stored in an approved secrets vault; do not use these accounts for day-to-day administration.
  • Assign privileged roles only when needed (or use PIM where available); review role assignments quarterly.
  • Restrict sign-in where feasible (e.g., named locations) and create alerts for any sign-in by these accounts.
  • Document: account IDs, exclusions, storage location for credentials, approval process, and incident workflow when used.
  • Validate exclusions using Conditional Access → What if for each break-glass account after any CA policy change.
  • Test break-glass access at least quarterly (controlled window) and retain evidence: successful sign-in + Conditional Access details showing exclusions applied as intended.

Governance Levels

Level 1 - Baseline

Requirement Configuration
MFA enabled All agent creators require MFA
Basic policies At least one Conditional Access policy
Agent visibility Access Agent ID Overview

Minimum requirements:

  • Enable MFA for all users
  • Create baseline Conditional Access policy
  • Document authentication requirements
Requirement Configuration
Risk-based policies Sign-in and user risk policies
Agent monitoring Review Agent ID dashboard weekly
Authentication strengths Define strength requirements
Agent sponsorship Assign sponsors to all agents

FSI recommendations:

  • Enable risk-based Conditional Access
  • Configure authentication strengths for each governance tier
  • Monitor Agent ID dashboard for unmanaged agents
  • Establish agent sponsorship process

Level 4 - Regulated/High-Risk

Requirement Configuration
Phishing-resistant MFA FIDO2/Certificate for enterprise-managed
Agent collections Use Quarantined for review
Continuous evaluation Real-time policy enforcement
Agent access packages Time-bound agent access

FSI requirements:

  • Mandatory phishing-resistant MFA for enterprise-managed agent creators
  • All enterprise-managed agents in managed collections
  • Agent access via access packages with expiration
  • Daily review of agent sign-in logs

Setup & Configuration

Entra ID Navigation

Accessing Conditional Access

  1. Open Microsoft Entra admin center
  2. Navigate to Entra ID → Conditional Access
  3. Access available management sections

Conditional Access Navigation Structure

Section Path Purpose
Overview Conditional Access → Overview Policy summary and insights
Policies Conditional Access → Policies Create and manage policies
Deleted Policies Conditional Access → Deleted Policies (Preview) Recover deleted policies
Insights and reporting Conditional Access → Insights and reporting Policy analytics
Diagnose and solve problems Conditional Access → Diagnose and solve problems Troubleshooting

Conditional Access - Manage Section

Item Purpose
Named locations Define trusted/untrusted locations
Custom controls (Preview) External authentication providers
Terms of use Acceptance requirements
VPN connectivity VPN-based access control
Authentication contexts Step-up authentication triggers
Authentication strengths Define MFA strength requirements
Classic policies Legacy policy management

Conditional Access - Monitoring Section

Item Purpose
Sign-in logs Authentication activity
Audit logs Policy change history

Conditional Access Overview Dashboard

Dashboard Tabs

Tab Purpose
Getting started Setup guidance
Overview Policy summary
Coverage Policy coverage analysis
Tutorials Learning resources

Policy Summary Cards

Card Description FSI Action
Agent Identities Agent identities in tenant with protection status Monitor agent coverage
Policy Snapshot Enabled, Report-only, Off counts Track policy state
Users Users without policy coverage Address coverage gaps
Devices Unmanaged/non-compliant device sign-ins Device compliance
Applications Unprotected applications Application coverage

What's New Announcements

The Overview page displays important announcements including:

  • Conditional Access Insider Risk policy (Adaptive Protection)
  • Named Locations IPv6 support
  • Policy deprecation notices

Conditional Access Policies

Policy Management Actions

Action Description
+ New policy Create custom policy
+ New policy from template Use Microsoft templates
Upload policy file Import policy configuration
What if Test policy impact
Refresh Update policy list
Preview features Enable preview capabilities

Policy Summary

Category Description
Microsoft-managed policies Policies managed by Microsoft
User created policies Custom organizational policies

Policy Table Columns

Column Description
Policy name Policy identifier
Created by USER or MICROSOFT
State On, Off, Report-only
Alert Policy alerts
Creation date When policy was created

Sample FSI Policies

Policy State Purpose
Multifactor authentication for partners and vendors On External user MFA
Reauthentication on signin risk On Risk-based reauthentication
Secure password change on high user risk On Compromised account protection
Block access for users with Insider Risk Report-only Insider threat response

Authentication Methods

Accessing Authentication Methods

  1. Navigate to Entra ID → Authentication methods
  2. Select Policies to configure methods

Authentication Methods Navigation

Section Purpose
Policies Configure authentication methods
Password protection Password policy settings
Registration campaign Drive MFA adoption
Authentication strengths Define strength levels
Settings Global authentication settings

Authentication Method Policies

Method FSI Recommendation Phishing-Resistant
Passkey (FIDO2) Enable for enterprise-managed ✅ Yes
Microsoft Authenticator Enable for all ⚠️ With number matching
SMS Disable ❌ No
Temporary Access Pass Enable for onboarding ❌ No
Hardware OATH tokens Enable for high-security ⚠️ Partial
Software OATH tokens Enable as backup ⚠️ Partial
Voice call Disable ❌ No
Email OTP Disable for primary auth ❌ No
Certificate-based authentication Enable for enterprise-managed ✅ Yes
QR code Disable ❌ No

FSI Authentication Strength Requirements

Tier Minimum Requirement Recommended
Tier 1 MFA (any method) Microsoft Authenticator
Tier 2 MFA with number matching Authenticator + backup
Tier 3 Phishing-resistant MFA FIDO2/Passkey or Certificate

Microsoft Entra Agent ID (Preview)

Microsoft Entra Agent ID extends Zero Trust identity protection to AI agents. This is a critical new capability for FSI agent governance.

Accessing Agent ID

  1. Navigate to Entra ID → Agent ID (Preview)
  2. Access available management sections

Agent ID Navigation Structure

Section Path Purpose
Overview (Preview) Agent ID → Overview Agent dashboard and metrics
All agent identities (Preview) Agent ID → All agent identities Complete agent identity list
Agent registry (Preview) Agent ID → Agent registry Cross-platform agent discovery
Agent collections (Preview) Agent ID → Agent collections Trust-based agent grouping
Sign-in logs (Preview) Agent ID → Sign-in logs Agent authentication activity

Agent ID Overview Dashboard

Agents in Your Tenant

The Overview displays total agent count with growth percentage:

  • Total agents - All agent identities
  • Growth % - Change over time

Description: "Gain full visibility into all agent identities in your tenant, apply governance policies, and secure them by default with Entra's integrated registry and lifecycle controls."

Agent Metrics Cards

Card Description FSI Action
Recently created Agents created in last 30 days Monitor growth
Unmanaged Agents without owners/sponsors Assign sponsors
Active Agents enabled for access Track active count
No identities Agents without identities Remediate

Types of Agents Chart

Type Description
Agent identities (with no user) Standalone agent identities
Agent identities (with user) User-delegated agents
Agents with service principals Service principal-based agents
Agents with no identities Unregistered agents

Agent Blueprints

Agent blueprints are parent templates that power agent identities in your tenant. Monitor blueprint usage for governance.

Agent Collections Overview

Collection Count Description
Global Count Visible to all identities
Quarantined Count Hidden from all identities
Custom Count Organization-defined collections

All Agent Identities

Actions

Action Description
Disable Disable selected agents
Refresh Update agent list
Choose Columns Customize view
View agent blueprints See blueprint templates

Agent Identities Table

Column Description
Name Agent name and platform (e.g., Copilot Studio)
Created on Creation date
Status Active, Disabled
Object ID Entra object identifier

Agent Registry (Preview)

The Agent Registry provides cross-platform agent discovery.

Description: "Review all agents and their data in your tenant. See how they connect to your identity and security setup."

Registry Table Columns

Column Description
Name Agent name
Registry ID Unique registry identifier
Created in Source platform
Has Agent ID Whether agent has Entra identity
Source ID Source system identifier

Agent Collections (Preview)

Agent collections group agents by trust level and visibility.

Predefined Collections

Collection Description Discovered By
Global Visible to all identities in tenant All users and agents
Quarantined Not visible to any identities No users or agents

Custom Collections

Create custom collections for organization-specific groupings (e.g., by department or risk level).

FSI Recommendation

Use Quarantined collection for agents under review or suspected of compromise.

Agent Sign-in Logs (Preview)

Log Filters

Filter Options
Date range Last 24 hours, custom
Is Agent Yes (filter for agents only)
Add filter Additional criteria

Sign-in Log Tabs

Tab Description
User sign-ins (interactive) Interactive agent sign-ins
User sign-ins (non-interactive) Background agent activity
Service principal sign-ins Service principal authentication
Managed identity sign-ins Managed identity activity

Log Table Columns

Column Description
Date Sign-in timestamp
Request ID Unique request identifier
User principal name Agent identity
Application Target application
Status Success, Failure
IP address Source IP
Resource Accessed resource

Workload Identity Considerations (Service Principals and Managed Identities)

This control primarily enforces Conditional Access for human users (interactive sign-ins). Agents may also authenticate using service principals or managed identities, which require different enforcement and evidence.

  • Do not attempt to apply phishing-resistant MFA requirements to non-human identities.
  • Monitor Service principal sign-ins and Managed identity sign-ins for anomalous activity and failed access.
  • Prefer least-privilege app permissions, credential lifecycle controls, and sign-in monitoring for workload identities; document which agent platforms use user vs workload identities.

Agent Identity Governance

Sponsorship Model

Every agent identity requires a human sponsor accountable for:

  • Agent lifecycle decisions
  • Access appropriateness reviews
  • Compliance oversight

Automatic Sponsorship Transfer: When a sponsor leaves, sponsorship automatically transfers to their manager.

Lifecycle Management

Capability Description FSI Benefit
Sponsor assignment Human accountability Compliance requirement
Access expiration Time-bound access Least privilege
Automatic transfer Manager inheritance No orphaned agents
Lifecycle workflows Automated notifications Governance efficiency

Access Packages for Agents

Agents can be assigned access packages for controlled resource access:

  1. Agent-initiated - Programmatic access requests
  2. Sponsor-initiated - Human-approved requests
  3. Administrator-initiated - Direct assignment

PowerShell Configuration

Connect to Microsoft Graph

# Install Microsoft Graph module if needed
Install-Module Microsoft.Graph -Force -AllowClobber

# Connect with appropriate scopes
Connect-MgGraph -Scopes "Policy.Read.All","Policy.ReadWrite.ConditionalAccess","Directory.Read.All","AuditLog.Read.All"

# Verify connection
Get-MgContext

Get Conditional Access Policies

# List all Conditional Access policies
Get-MgIdentityConditionalAccessPolicy |
    Select-Object DisplayName, State, CreatedDateTime, ModifiedDateTime |
    Format-Table

# Get details of a specific policy
$policy = Get-MgIdentityConditionalAccessPolicy -Filter "displayName eq 'Require MFA for Agent Creators'"
$policy | ConvertTo-Json -Depth 10

Create Conditional Access Policy for Agent Creators

# Discover the phishing-resistant Authentication Strength policy Id in this tenant (tenant-specific; do not hard-code)
$phishingResistantStrengthId = (Get-MgPolicyAuthenticationStrengthPolicy |
    Where-Object { $_.DisplayName -match "phishing" -and $_.DisplayName -match "resistant" } |
    Select-Object -First 1).Id

if (-not $phishingResistantStrengthId) {
    throw "Could not find a phishing-resistant Authentication Strength policy. Create/enable it in Entra ID → Authentication methods → Authentication strengths, then re-run discovery."
}

# Define policy for enterprise-managed agent creators requiring phishing-resistant MFA
$params = @{
    DisplayName = "FSI-Enterprise-Agent-Creators-PhishingResistantMFA"
    State = "enabledForReportingButNotEnforced"  # Start in report-only
    Conditions = @{
        Users = @{
            IncludeGroups = @("sg-enterprise-agent-creators")  # Security group GUID
            ExcludeGroups = @("sg-emergency-access")  # Break-glass exclusion
        }
        Applications = @{
            IncludeApplications = @("All")
        }
        ClientAppTypes = @("all")
    }
    GrantControls = @{
        Operator = "OR"
        BuiltInControls = @()
        AuthenticationStrength = @{
            Id = $phishingResistantStrengthId
        }
    }
}

New-MgIdentityConditionalAccessPolicy -BodyParameter $params

Get Authentication Strengths

# List available authentication strengths
Get-MgPolicyAuthenticationStrengthPolicy |
    Select-Object Id, DisplayName, Description, PolicyType |
    Format-Table -AutoSize

# Tip: capture the phishing-resistant Authentication Strength Id for use in CA policies
$phishingResistant = Get-MgPolicyAuthenticationStrengthPolicy |
    Where-Object { $_.DisplayName -match "phishing" -or $_.DisplayName -match "resistant" } |
    Select-Object -First 1

$phishingResistant | Format-List Id, DisplayName, Description

Audit Agent Sign-In Activity

# Get sign-in logs for agents (requires Graph beta endpoint)
$agentSignIns = Get-MgBetaAuditLogSignIn -Filter "isInteractive eq false and signInEventTypes/any(t: t eq 'nonInteractiveUser')" -Top 100

# Filter for agent-related sign-ins (check appDisplayName patterns)
$agentSignIns | Where-Object { $_.AppDisplayName -match "Copilot|Agent|Bot" } |
    Select-Object CreatedDateTime, UserDisplayName, AppDisplayName, Status, ConditionalAccessStatus |
    Format-Table

# Export agent sign-in report
$agentSignIns | Export-Csv -Path "Agent-SignIn-Report.csv" -NoTypeInformation

Monitor Conditional Access Policy Enforcement

# Get CA policy application results from sign-in logs
$caResults = Get-MgBetaAuditLogSignIn -Filter "createdDateTime ge $(Get-Date).AddDays(-7).ToString('yyyy-MM-ddTHH:mm:ssZ')" -Top 500

# Analyze CA enforcement
$caResults | ForEach-Object {
    foreach ($caPolicy in $_.AppliedConditionalAccessPolicies) {
        [PSCustomObject]@{
            Date = $_.CreatedDateTime
            User = $_.UserDisplayName
            PolicyName = $caPolicy.DisplayName
            Result = $caPolicy.Result
            GrantControls = ($caPolicy.GrantControls -join ", ")
        }
    }
} | Group-Object PolicyName, Result |
    Select-Object Name, Count |
    Sort-Object Count -Descending |
    Format-Table

# Export CA enforcement report
$caResults | Export-Csv -Path "CA-Enforcement-Report.csv" -NoTypeInformation

Configure Named Locations

# Create a named location for corporate offices
$namedLocationParams = @{
    "@odata.type" = "#microsoft.graph.ipNamedLocation"
    DisplayName = "Corporate Offices"
    IsTrusted = $true
    IpRanges = @(
        @{
            "@odata.type" = "#microsoft.graph.iPv4CidrRange"
            CidrAddress = "203.0.113.0/24"
        },
        @{
            "@odata.type" = "#microsoft.graph.iPv4CidrRange"
            CidrAddress = "198.51.100.0/24"
        }
    )
}

New-MgIdentityConditionalAccessNamedLocation -BodyParameter $namedLocationParams

# List named locations
Get-MgIdentityConditionalAccessNamedLocation |
    Select-Object DisplayName, IsTrusted, CreatedDateTime |
    Format-Table

Financial Sector Considerations

Regulatory Mapping

Regulation CA/MFA Requirement Control Implementation
GLBA 501(b) Strong authentication Phishing-resistant MFA for enterprise-managed
FINRA 4511 Access control and audit CA policies with sign-in logging
SEC Reg SHO Identity verification Risk-based CA policies
SOX 302 Internal access controls CA for privileged operations
FFIEC Authentication Risk-based MFA Tiered authentication by governance tier

Governance Tier CA Configuration

Tier MFA Requirement CA Policy Mode Authentication Strength
Tier 1 Any MFA Report-only MFA (standard)
Tier 2 Passwordless preferred Enabled Passwordless MFA
Tier 3 Phishing-resistant required Enforced Phishing-resistant MFA

Authentication Methods by Governance Tier

Method Tier 1 Tier 2 Tier 3
SMS/Voice ✅ Allowed ⚠️ Not recommended ❌ Blocked
Authenticator App ✅ Allowed ✅ Allowed ⚠️ Limited
Passwordless Phone ✅ Allowed ✅ Recommended ⚠️ Limited
FIDO2 Security Key ✅ Allowed ✅ Recommended Required
Certificate-based ✅ Allowed ✅ Recommended Required

FSI Example: Investment Advisor CA Configuration

Organization: Registered Investment Advisor
Regulatory Context: SEC, FINRA, GLBA

Conditional Access Policies:
  1. FSI-Baseline-All-Users:
     State: Enabled
     Users: All users
     Apps: All cloud apps
     Conditions: Any location
     Grant: Require MFA

  2. FSI-Team-Agent-Makers:
     State: Enabled
      Users: sg-team-agent-creators
     Apps: Power Platform, Copilot Studio
     Conditions: Any location
     Grant: Require passwordless MFA

    3. FSI-Enterprise-Privileged-Access:
     State: Enabled
         Users: sg-enterprise-agent-publishers
     Apps: Power Platform Admin Center
     Conditions:
       - Exclude trusted locations
       - Include high-risk sign-ins
     Grant: Require phishing-resistant MFA
     Session: Sign-in frequency 4 hours

Agent ID Configuration:
  Collections:
    - Global: All production agents
    - Quarantined: Agents pending review
  Sponsors:
        - All enterprise-managed agents have assigned sponsor
    - Sponsor review: Quarterly

Regulatory Context

Primary Regulations: GLBA 501(b), FINRA 4511, SEC Reg SHO, SOX 302

Regulation Conditional Access Support
GLBA 501(b) Strong authentication requirements
FINRA 4511 Access control and audit trails
SEC Reg SHO Identity verification controls
SOX 302 Internal access controls

Examination Considerations

Regulators may request:

  • Conditional Access policy configuration
  • Authentication method settings
  • Agent identity inventory
  • Agent sponsor assignments
  • Sign-in logs for agents

Zone-Specific Configuration

Zone 1 (Personal Productivity):

  • Apply a baseline minimum of Conditional Access and phishing-resistant MFA that impacts tenant-wide safety (where applicable), and document any exceptions for personal agents.
  • Avoid expanding scope beyond the user’s own data unless explicitly justified.
  • Rationale: reduces risk from personal use while keeping friction low; legal/compliance can tighten later.

Zone 2 (Team Collaboration):

  • Apply enforce strong auth and risk-aware access for admin/maker roles for shared agents and shared data sources; require an identified owner and an approval trail.
  • Validate configuration in a pilot environment before broader rollout; retain policy JSON/export + sign-in log samples.
  • Rationale: shared agents increase blast radius; controls must be consistently applied and provable.

Zone 3 (Enterprise Managed):

  • Require the strictest configuration for Conditional Access and phishing-resistant MFA and enforce it via policy where possible (not manual-only).
  • Treat changes as controlled (change ticket + documented testing); retain policy JSON/export + sign-in log samples.
  • Rationale: enterprise agents handle the most sensitive content and are the highest audit/regulatory risk.

Verification & Testing

Step Action Expected Result
1 Navigate to entra.microsoft.com → Conditional Access Overview dashboard displayed
2 Check Policy Summary Agent Identities card shows count
3 Review Policies list Policies visible with states
4 Navigate to Authentication methods Method policies displayed
5 Navigate to Agent ID (Preview) Agent overview with metrics
6 Check All agent identities Agent list with status
7 Review Agent collections Global and Quarantined visible
8 Check Sign-in logs (Is Agent: Yes) Agent sign-ins logged
9 Open a recent maker/admin sign-in event Applied Conditional Access Policies shows expected policy name(s) and result (Success/Report-only)
10 Validate authentication details for Tier 3 users Authentication method indicates FIDO2/Passkey or Certificate-based authentication when required
11 Review Conditional Access policy changes Audit logs show policy create/modify events with actor identity
12 Run Conditional Access What if for each break-glass account No CA policies apply (or only intended non-CA tenant controls), preventing lockout
13 Export one Tier 3 maker/admin sign-in record (JSON) Record includes appliedConditionalAccessPolicies and authenticationDetails supporting phishing-resistant enforcement

Evidence Artifacts (Audit-Ready)

Collect and retain the following evidence for US regulatory/audit requests:

  • Conditional Access policy export (JSON) or screenshot of policy configuration (Assignments, Conditions, Grant controls, Session controls)
  • Authentication methods and Authentication Strengths configuration (screenshots/exports), including the phishing-resistant strength definition
  • Sign-in log samples showing policy evaluation:
    • Interactive user sign-ins for agent makers/admins with Applied Conditional Access Policies populated
    • Agent-related sign-ins (Agent ID / non-interactive) with relevant CA status fields captured
  • Audit log entries for policy lifecycle (created/modified/deleted) and authentication method changes
  • Break-glass accounts evidence:
    • Account list (redacted as needed), documented CA exclusions, and alerting/monitoring configuration
    • Proof of periodic access reviews and credential custody process
    • Evidence of quarterly break-glass sign-in test and post-incident credential rotation (when used)
  • Conditional Access What if output (screenshot/export) demonstrating break-glass exclusions and Tier 3 enforcement scenarios

Troubleshooting & Validation

Issue: Users Blocked by CA Policy Unexpectedly

Symptoms: Legitimate users cannot access Power Platform or Copilot Studio

Solutions:

  1. Open the failed sign-in → Conditional Access tab → capture failure reason, evaluated policies, and the policy that blocked access
  2. Use Conditional Access → What if with the same user/app/device/location to reproduce evaluation deterministically
  3. Validate group targeting and exclusions (include/exclude groups, break-glass exclusions, and any recently changed dynamic group rules)
  4. Confirm client app type and device state (compliant/hybrid joined) match the policy conditions you intended
  5. Verify Named Locations/trusted locations and any IP range updates; re-test from known-good corporate IP

Issue: Break-Glass Account Blocked or Challenged

Symptoms: Emergency access account cannot sign in during an incident

Solutions:

  1. Confirm the account is excluded from all relevant CA policies (including policy templates and Microsoft-managed policies)
  2. Check Sign-in logs for Conditional Access details to identify which policy evaluated and why
  3. Validate the account is not subject to authentication method restrictions (e.g., blocked protocols)
  4. Ensure the account is not blocked by other tenant controls (user risk, password reset requirements, user is blocked)
  5. After incident: rotate credentials and document root cause
  6. Run Conditional Access → What if for the break-glass account to confirm exclusions still apply after recent changes

Issue: Phishing-Resistant MFA Not Working

Symptoms: Users cannot complete phishing-resistant MFA even with FIDO2 keys

Solutions:

  1. Verify FIDO2 method is enabled in Authentication methods
  2. Check that user has registered a FIDO2 key
  3. Confirm browser supports WebAuthn (modern browsers)
  4. Verify authentication strength policy includes FIDO2
  5. Test with a different FIDO2 key to rule out hardware issues
  6. In the user’s sign-in log, review Authentication Details to confirm which method was actually used and why stronger methods were not available

Issue: Authentication Strength Not Enforced as Expected

Symptoms: Users authenticate with weaker methods than intended, or report-only results differ from enforced behavior

Solutions:

  1. Validate the CA policy grant control is set to the correct Authentication Strength (not just “Require MFA”)
  2. Ensure the user is in-scope (group assignment, app scope, and any exclusions)
  3. Review the sign-in event’s Applied Conditional Access Policies and confirm the policy result
  4. Check the user’s registered methods and whether the strength policy allows fallback methods
  5. Move from Report-only → On in a staged rollout and compare sign-in log outcomes before/after
  6. Verify the Authentication Strength Id used by the policy matches the intended tenant policy (re-run discovery via Graph if renamed/duplicated)

Issue: Agent ID Not Showing Agents

Symptoms: Agent ID dashboard shows zero agents despite active agents

Solutions:

  1. Verify tenant is enrolled in Agent ID preview
  2. Check that agents are using service principals (not user context)
  3. Confirm agents have made recent authentication attempts
  4. Wait for data synchronization (can take 24-48 hours)
  5. Verify appropriate permissions to view Agent ID

Issue: Report-Only Policy Not Logging

Symptoms: CA policy in report-only mode not showing in logs

Solutions:

  1. Verify policy is actually in "enabledForReportingButNotEnforced" state
  2. Check that users are within policy scope
  3. Review Sign-in logs → open an affected event → confirm Applied Conditional Access Policies includes the report-only policy result
  4. Confirm policy conditions are being met
  5. Wait for log ingestion (up to 2 hours delay)

Issue: CA Policy Not Applying to Agent Creators

Symptoms: Users can create agents without meeting CA requirements

Solutions:

  1. Verify policy targets correct applications (Power Platform apps)
  2. Check if user is in exclusion group
  3. Confirm policy state is "Enabled" (not report-only)
  4. Review if trusted location is bypassing policy
  5. Check for conflicting policies with lower priority
  6. Validate with a real sign-in event for the maker/admin role and confirm the target cloud app in logs matches the policy’s app assignment

Additional Resources

Control Relationship
Control 1.4: Advanced Connector Policies Connector access control
Control 1.12: Insider Risk Detection Risk management
Control 3.8: Copilot Hub Agent management
Control 3.1: Agent Inventory Agent tracking

Support & Questions

For implementation support or questions about this control, contact:

  • Identity Administrator: Conditional Access and MFA configuration
  • Security Administrator: Authentication methods and policies
  • Compliance Officer: Regulatory requirements for authentication
  • AI Governance Lead: Agent identity governance strategy

Updated: Dec 2025
Version: v1.0 Beta (Dec 2025)
UI Verification Status: ❌ Needs verification