Share via

Test-MgIdentityConditionalAccess

Module:
Microsoft.Graph.Identity.SignIns Module

Evaluates the applicability of Conditional Access Policies in your tenant based on the provided sign-in properties.

Syntax

EvaluateExpanded (Default) 

Test-MgIdentityConditionalAccess
    [-ResponseHeadersVariable <string>]
    [-AdditionalProperties <hashtable>]
    [-AppliedPoliciesOnly]
    [-SignInConditions <IMicrosoftGraphSignInConditions>]
    [-SignInContext <hashtable>]
    [-SignInIdentity <hashtable>]
    [-Break]
    [-Headers <IDictionary>]
    [-HttpPipelineAppend <SendAsyncStep[]>]
    [-HttpPipelinePrepend <SendAsyncStep[]>]
    [-Proxy <uri>]
    [-ProxyCredential <pscredential>]
    [-ProxyUseDefaultCredentials]
    [-WhatIf]
    [-Confirm]
    [<CommonParameters>]

Evaluate 

Test-MgIdentityConditionalAccess

    -BodyParameter <IPathsDqhne3IdentityConditionalaccessMicrosoftGraphEvaluatePostRequestbodyContentApplicationJsonSchema>
    [-ResponseHeadersVariable <string>]
    [-Break]
    [-Headers <IDictionary>]
    [-HttpPipelineAppend <SendAsyncStep[]>]
    [-HttpPipelinePrepend <SendAsyncStep[]>]
    [-Proxy <uri>]
    [-ProxyCredential <pscredential>]
    [-ProxyUseDefaultCredentials]
    [-WhatIf]
    [-Confirm]
    [<CommonParameters>]

Parameters

-AdditionalProperties

Additional Parameters

Parameter properties

Type:System.Collections.Hashtable
Supports wildcards:False
DontShow:False

Parameter sets

EvaluateExpanded
Position:Named
Mandatory:False
Value from pipeline:False
Value from pipeline by property name:False
Value from remaining arguments:False

-AppliedPoliciesOnly

Parameter properties

Type:System.Management.Automation.SwitchParameter
Default value:False
Supports wildcards:False
DontShow:False

Parameter sets

EvaluateExpanded
Position:Named
Mandatory:False
Value from pipeline:False
Value from pipeline by property name:False
Value from remaining arguments:False

-BodyParameter

To construct, see NOTES section for BODYPARAMETER properties and create a hash table.

Parameter properties

Type:Microsoft.Graph.PowerShell.Models.IPathsDqhne3IdentityConditionalaccessMicrosoftGraphEvaluatePostRequestbodyContentApplicationJsonSchema
Supports wildcards:False
DontShow:False

Parameter sets

Evaluate
Position:Named
Mandatory:True
Value from pipeline:True
Value from pipeline by property name:False
Value from remaining arguments:False

-Break

Wait for .NET debugger to attach

Parameter properties

Type:System.Management.Automation.SwitchParameter
Default value:False
Supports wildcards:False
DontShow:False

Parameter sets

(All)
Position:Named
Mandatory:False
Value from pipeline:False
Value from pipeline by property name:False
Value from remaining arguments:False

-Confirm

Prompts you for confirmation before running the cmdlet.

Parameter properties

Type:System.Management.Automation.SwitchParameter
Supports wildcards:False
DontShow:False
Aliases:cf

Parameter sets

(All)
Position:Named
Mandatory:False
Value from pipeline:False
Value from pipeline by property name:False
Value from remaining arguments:False

-Headers

Optional headers that will be added to the request.

Parameter properties

Type:System.Collections.IDictionary
Supports wildcards:False
DontShow:False

Parameter sets

(All)
Position:Named
Mandatory:False
Value from pipeline:True
Value from pipeline by property name:False
Value from remaining arguments:False

-HttpPipelineAppend

SendAsync Pipeline Steps to be appended to the front of the pipeline

Parameter properties

Type:

Microsoft.Graph.PowerShell.Runtime.SendAsyncStep[]

Supports wildcards:False
DontShow:False

Parameter sets

(All)
Position:Named
Mandatory:False
Value from pipeline:False
Value from pipeline by property name:False
Value from remaining arguments:False

-HttpPipelinePrepend

SendAsync Pipeline Steps to be prepended to the front of the pipeline

Parameter properties

Type:

Microsoft.Graph.PowerShell.Runtime.SendAsyncStep[]

Supports wildcards:False
DontShow:False

Parameter sets

(All)
Position:Named
Mandatory:False
Value from pipeline:False
Value from pipeline by property name:False
Value from remaining arguments:False

-Proxy

The URI for the proxy server to use

Parameter properties

Type:System.Uri
Supports wildcards:False
DontShow:False

Parameter sets

(All)
Position:Named
Mandatory:False
Value from pipeline:False
Value from pipeline by property name:False
Value from remaining arguments:False

-ProxyCredential

Credentials for a proxy server to use for the remote call

Parameter properties

Type:System.Management.Automation.PSCredential
Supports wildcards:False
DontShow:False

Parameter sets

(All)
Position:Named
Mandatory:False
Value from pipeline:False
Value from pipeline by property name:False
Value from remaining arguments:False

-ProxyUseDefaultCredentials

Use the default credentials for the proxy

Parameter properties

Type:System.Management.Automation.SwitchParameter
Default value:False
Supports wildcards:False
DontShow:False

Parameter sets

(All)
Position:Named
Mandatory:False
Value from pipeline:False
Value from pipeline by property name:False
Value from remaining arguments:False

-ResponseHeadersVariable

Optional Response Headers Variable.

Parameter properties

Type:System.String
Supports wildcards:False
DontShow:False
Aliases:RHV

Parameter sets

(All)
Position:Named
Mandatory:False
Value from pipeline:False
Value from pipeline by property name:False
Value from remaining arguments:False

-SignInConditions

signInConditions To construct, see NOTES section for SIGNINCONDITIONS properties and create a hash table.

Parameter properties

Type:Microsoft.Graph.PowerShell.Models.IMicrosoftGraphSignInConditions
Supports wildcards:False
DontShow:False

Parameter sets

EvaluateExpanded
Position:Named
Mandatory:False
Value from pipeline:False
Value from pipeline by property name:False
Value from remaining arguments:False

-SignInContext

signInContext

Parameter properties

Type:System.Collections.Hashtable
Supports wildcards:False
DontShow:False

Parameter sets

EvaluateExpanded
Position:Named
Mandatory:False
Value from pipeline:False
Value from pipeline by property name:False
Value from remaining arguments:False

-SignInIdentity

signInIdentity

Parameter properties

Type:System.Collections.Hashtable
Supports wildcards:False
DontShow:False

Parameter sets

EvaluateExpanded
Position:Named
Mandatory:False
Value from pipeline:False
Value from pipeline by property name:False
Value from remaining arguments:False

-WhatIf

Runs the command in a mode that only reports what would happen without performing the actions.

Parameter properties

Type:System.Management.Automation.SwitchParameter
Supports wildcards:False
DontShow:False
Aliases:wi

Parameter sets

(All)
Position:Named
Mandatory:False
Value from pipeline:False
Value from pipeline by property name:False
Value from remaining arguments:False

CommonParameters

This cmdlet supports the common parameters: -Debug, -ErrorAction, -ErrorVariable, -InformationAction, -InformationVariable, -OutBuffer, -OutVariable, -PipelineVariable, -ProgressAction, -Verbose, -WarningAction, and -WarningVariable. For more information, see about_CommonParameters.

Inputs

Microsoft.Graph.PowerShell.Models.IPathsDqhne3IdentityConditionalaccessMicrosoftGraphEvaluatePostRequestbodyContentApplicationJsonSchema

{{ Fill in the Description }}

System.Collections.IDictionary

{{ Fill in the Description }}

Outputs

Microsoft.Graph.PowerShell.Models.IMicrosoftGraphWhatIfAnalysisResult

{{ Fill in the Description }}

Notes

COMPLEX PARAMETER PROPERTIES

To create the parameters described below, construct a hash table containing the appropriate properties. For information on hash tables, run Get-Help about_Hash_Tables.

BODYPARAMETER <IPathsDqhne3IdentityConditionalaccessMicrosoftGraphEvaluatePostRequestbodyContentApplicationJsonSchema>: . [(Any) <Object>]: This indicates any property can be added to this object. [AppliedPoliciesOnly <Boolean?>]: [SignInConditions <IMicrosoftGraphSignInConditions>]: signInConditions [(Any) <Object>]: This indicates any property can be added to this object. [AuthenticationFlow <IMicrosoftGraphAuthenticationFlow>]: authenticationFlow [(Any) <Object>]: This indicates any property can be added to this object. [TransferMethod <String>]: conditionalAccessTransferMethods [ClientAppType <String>]: conditionalAccessClientApp [Country <String>]: Country from where the identity is authenticating. [DeviceInfo <IMicrosoftGraphDeviceInfo>]: deviceInfo [(Any) <Object>]: This indicates any property can be added to this object. [DeviceId <String>]: Unique identifier set by Azure Device Registration Service at the time of registration. [DisplayName <String>]: The display name for the device. [EnrollmentProfileName <String>]: Enrollment profile applied to the device. [ExtensionAttribute1 <String>]: Extension attribute. [ExtensionAttribute10 <String>]: Extension attribute. [ExtensionAttribute11 <String>]: Extension attribute. [ExtensionAttribute12 <String>]: Extension attribute. [ExtensionAttribute13 <String>]: Extension attribute. [ExtensionAttribute14 <String>]: Extension attribute. [ExtensionAttribute15 <String>]: Extension attribute. [ExtensionAttribute2 <String>]: Extension attribute. [ExtensionAttribute3 <String>]: Extension attribute. [ExtensionAttribute4 <String>]: Extension attribute. [ExtensionAttribute5 <String>]: Extension attribute. [ExtensionAttribute6 <String>]: Extension attribute. [ExtensionAttribute7 <String>]: Extension attribute. [ExtensionAttribute8 <String>]: Extension attribute. [ExtensionAttribute9 <String>]: Extension attribute. [IsCompliant <Boolean?>]: Indicates the device compliance status with Mobile Management Device (MDM) policies. Default is false. [Manufacturer <String>]: Manufacturer of the device. [MdmAppId <String>]: Application identifier used to register device into MDM. [Model <String>]: Model of the device. [OperatingSystem <String>]: The type of operating system on the device. [OperatingSystemVersion <String>]: The version of the operating system on the device. [Ownership <String>]: Ownership of the device. This property is set by Intune. [PhysicalIds <String[]>]: A collection of physical identifiers for the device. [ProfileType <String>]: The profile type of the device. [SystemLabels <String[]>]: List of labels applied to the device by the system. [TrustType <String>]: Type of trust for the joined device. [DevicePlatform <String>]: conditionalAccessDevicePlatform [IPAddress <String>]: Ip address of the authenticating identity. [InsiderRiskLevel <String>]: insiderRiskLevel [ServicePrincipalRiskLevel <String>]: riskLevel [SignInRiskLevel <String>]: riskLevel [UserRiskLevel <String>]: riskLevel [SignInContext <IMicrosoftGraphSignInContext>]: signInContext [(Any) <Object>]: This indicates any property can be added to this object. [SignInIdentity <IMicrosoftGraphSignInIdentity>]: signInIdentity [(Any) <Object>]: This indicates any property can be added to this object.

SIGNINCONDITIONS <IMicrosoftGraphSignInConditions>: signInConditions [(Any) <Object>]: This indicates any property can be added to this object. [AuthenticationFlow <IMicrosoftGraphAuthenticationFlow>]: authenticationFlow [(Any) <Object>]: This indicates any property can be added to this object. [TransferMethod <String>]: conditionalAccessTransferMethods [ClientAppType <String>]: conditionalAccessClientApp [Country <String>]: Country from where the identity is authenticating. [DeviceInfo <IMicrosoftGraphDeviceInfo>]: deviceInfo [(Any) <Object>]: This indicates any property can be added to this object. [DeviceId <String>]: Unique identifier set by Azure Device Registration Service at the time of registration. [DisplayName <String>]: The display name for the device. [EnrollmentProfileName <String>]: Enrollment profile applied to the device. [ExtensionAttribute1 <String>]: Extension attribute. [ExtensionAttribute10 <String>]: Extension attribute. [ExtensionAttribute11 <String>]: Extension attribute. [ExtensionAttribute12 <String>]: Extension attribute. [ExtensionAttribute13 <String>]: Extension attribute. [ExtensionAttribute14 <String>]: Extension attribute. [ExtensionAttribute15 <String>]: Extension attribute. [ExtensionAttribute2 <String>]: Extension attribute. [ExtensionAttribute3 <String>]: Extension attribute. [ExtensionAttribute4 <String>]: Extension attribute. [ExtensionAttribute5 <String>]: Extension attribute. [ExtensionAttribute6 <String>]: Extension attribute. [ExtensionAttribute7 <String>]: Extension attribute. [ExtensionAttribute8 <String>]: Extension attribute. [ExtensionAttribute9 <String>]: Extension attribute. [IsCompliant <Boolean?>]: Indicates the device compliance status with Mobile Management Device (MDM) policies. Default is false. [Manufacturer <String>]: Manufacturer of the device. [MdmAppId <String>]: Application identifier used to register device into MDM. [Model <String>]: Model of the device. [OperatingSystem <String>]: The type of operating system on the device. [OperatingSystemVersion <String>]: The version of the operating system on the device. [Ownership <String>]: Ownership of the device. This property is set by Intune. [PhysicalIds <String[]>]: A collection of physical identifiers for the device. [ProfileType <String>]: The profile type of the device. [SystemLabels <String[]>]: List of labels applied to the device by the system. [TrustType <String>]: Type of trust for the joined device. [DevicePlatform <String>]: conditionalAccessDevicePlatform [IPAddress <String>]: Ip address of the authenticating identity. [InsiderRiskLevel <String>]: insiderRiskLevel [ServicePrincipalRiskLevel <String>]: riskLevel [SignInRiskLevel <String>]: riskLevel [UserRiskLevel <String>]: riskLevel