Setting up Conditional Access on Azure can be a little bit tricky and may result in loosing access to the resource.

Off course you can (and should always) test the configuration before putting into production, but even then this is time consuming.

Now, you can evaluate your Conditional Access configuration before testing it with the What If functionality.

With this new test functionality, you can quickly evaluate the results of your Conditional Access by simulating the access.

To do so, just configure your Conditional Access and then use the What If button


When using the What If functionality, you can then select a user account (mandatory) you want to use for testing (meaning no need to ask this user to logon and try to access), the cloud application (optional) you want to evaluate the Conditional Access, IP address (optional) from which you are going to try to access the application, a device (optional), a client application (optional) or the sign-in risk level (optional)


Then you have a report of the conditional access policies being applied to this user