Configure Microsoft Azure Conditional Access for Microsoft Teams tenant

  • リリースバージョン: Australia
  • 更新日 2026年03月12日
  • 所要時間:2分

    • You must configure conditional access in Microsoft Azure to restrict users from accessing the production applications. Conditional access helps you from accidentally overriding your production integration with a custom or personal instance integration.

    始める前に

    Roles required: virtual_agent_admin and user with Azure admin access.

    手順

    1. Log in to Microsoft Azure portal.
    2. Search for Azure AD Conditional Access.
    3. Navigate to New Policy > Create New Policy and provide the policy a name.<p>
      The new conditional policy form prompts you for a name, user assignments, cloud apps or actions, conditions, and access controls.
    4. Under Users or Workload identities, select 0 users or workload identities selected.
      A What does this policy apply to? pop-up is displayed.
    5. Under Include, select All users.
      Select All users on the pop-up to include all registered users.
      注:
      Selecting All users will include the users in the restriction policy.
    6. Under Exclude, select Users and groups to exclude admin users who have access to override the tenant.
      Exclude users to allow access.
    7. Under Select excluded users, select 0 users and groups selected to select an admin user and select Select.
    8. Under Cloud apps or actions, choose which assets to protect.
      For example, the NowBot or whatever the name of the ServiceNow bot is in Azure.
    9. Under Grant, select 0 controls selected and select Block access.
    10. In the Enable policy section, select On to turn on the Report-only function.
    11. Select Create.
      After the ACL (Access Control List) is configured, it takes about 15 minutes fr the synchronization.

    タスクの結果

    After the policy is created and the synchronization is complete, it restricts any user except the admins from overriding the tenant accidentally.
    Result of configuring conditional access for Microsoft Teams tenants. The policy is restricted for users other than admins.
    注:
    The restriction does not affect the restricted users from using the Microsoft Teams or the Now Virtual Agent.