January 11, 2025
How to Create a Conditional Access Policy for Windows 365 using the Microsoft Graph API
Today I have decided to share the script related to creating conditional access policy. You can download the same from my github link following this article.
Prerequisites
- Register an EntraID App and assign the Policy.ReadWrite.ConditionalAccess permission.
- Install dependencies:
- pip install msal requests
- Replace placeholder values (TENANT_ID, CLIENT_ID, CLIENT_SECRET) with your Azure AD credentials.
You can download the script from my github repo here.
Explanation of this above script:
- Authenticates with Microsoft Graph API using the MSAL library.
- Defines a Conditional Access Policy that:
- Applies to Windows 365 and related services.
- Requires Multi-Factor Authentication (MFA).
- Targets all users on Windows devices.
- Applies only from trusted locations.
- Sends the policy to Microsoft Graph API.
How to Run
Pull or download the script from my github repo and Save the script as create_conditional_access.py or can give any name of your choice, then execute:
python create_conditional_access.py
If everything is set up correctly, you should see:
✅Conditional Access Policy created successfully!
Step by Step Deployment of Microsoft Cloud PC (Windows 365 Enterprise) from Scratch – Part 1
What to do when users unable to connect to Windows 365 Cloud PC
Configuring ZScaler Client Connector for Microsoft Windows 365 Cloud PCs
About Author
