In what seems an effort to drive adoption for the Azure Security Center, Microsoft has made some reorganizational changes in the Azure AD blade. With the added benefit of puzzling and annoying users by failing to provide any kind of indication or announcement for the changes. As it took me few moments to locate the new home of Conditional Access, I figured it might be helpful to share this in a short article.
So, if you have logged to the Azure AD blade in the past few days, you’ve probably noticed that Conditional Access tab/page is missing from its usual location on the left pane. Going over the entries in either the Manage or Monitoring sections on the left pane didn’t yield any results and neither did going over the Overview page. It wasn’t until I noticed the new Security entry (third down from the top) that I was able to find Conditional Access’s new home.
If you are using a direct link/shortcut to access the page, you will notice that the good old https://portal.azure.com/#blade/Microsoft_AAD_IAM/ConditionalAccessBlade/Policies one continues to work. However, the path displayed on the top when accessing the page directly does not reflect the steps to getting to its new location, instead it simply shows “Dashboard -> Conditional Access – Policies”. Similarly, using the Search box takes you directly to the CA page, without revealing the steps to get there if you are using the UI. In what seems like another interesting tidbit, Search actually lists two entries for Conditional Access now.
Anyway, now that you know where the Conditional Access pages have moved to, you might as well try the other functionalities available there. Notably, you can find the new Authentication methods page under Manage, where you can enable the freshly available passwordless sign-in via the Microsoft authenticator app. You can also find entries for Azure AD Identity Protection, the Identity Security Score, MFA setting and more. Last but not least, you will see the Security Center page.
The Security Center page looks a bit barren at the moment, and the only functionality it offers currently is a link to the Azure Security Center. Apart from that, few insights are shown as well as sections for Identity and access recommendations and Security alerts. I expect that this will change in the coming weeks or months, but at this point it looks like yet another (extremely) minimum viable product release on Microsoft’s side. And of course released without any prior notice.