Thanks for the continued feedback on this. We’re in planning.
An error occurred while saving the commentDaniel McAuley commented
We would like the ability to granularly modify the failure notices which are shown to users when they do not meet conditional access requirements.
For example, with COVID19, we have made changes to conditional access policies to only allow authentication from North America. However, when an employee logs in from outside of this region, they are presented with the following notice: "Your sign-in was successful but does not meet the criteria to access this resource. For example, you might be signing in from a browser, app, or location which is not support by your admin".
This is a wealth of information for a threat actor as they would now know they have valid credentials and they may attempt to log in from different geographies to circumvent conditional access.
We would love the ability to granularly modify the notification for conditional access policies to provide a much simpler answer with less details. For example, "Authentication failure. Please contact your administrator".Daniel McAuley supported this idea ·