Microsoft Security Product Hub

Continuous Access Evaluation

Overview

Azure AD continuous access evaluation can provide near real-time evaluation of Conditional Access policies for certain applications such as Exchange Online, SharePoint Online and Teams. Instead of waiting for an access token to expire, going to Azure AD to refresh the token and re-evaluate the Conditional Access Policy, continuous access evaluation can invalidate access tokens and require re-evaluation of Conditional Access policies. This is especially useful where a user has been disabled, a password changes, a network location changes or a high user risk was detected. Azure AD as the token issuer can inform the application that the token should be revoked immediately.

Outcomes

  • Near real-time expiration of Azure AD issued tokens on supported relying part applications like Exchange Online, SharePoint Online and Microsoft Teams
All
Secure Remote Work
Zero Trust