Azure Active Directory: Excluded Groups From MFA enforcement Policy
submitted
S
Samuel Pierce
You will need to customize the displayName in the query to the string you use to describe your MFA policy. For example if your policy name is Required MFA DUO then your metric would look like this instead Groups[?contains(~.Policies.ConditionalAccess[?displayName ==
Required MFA DUO
].conditions.users.excludeGroups[], id) ].displayNameGroups[?contains(~.Policies.ConditionalAccess[?displayName ==
MFA Enforcement
].conditions.users.excludeGroups[], id) ].displayName