Skip to content
English
Contact us
  • There are no suggestions because the search field is empty.

Conditional Access Policies Blocking Attic Access

In this article, we explain how to identify which Conditional Access policy is blocking Attic’s access. By reviewing the sign-in logs in Microsoft Entra ID and filtering on the Attic service principal, you can pinpoint exactly which policy prevented the sign-in. Follow the steps below to determine which policy is responsible and how to locate it.

Go to the Azure portal:

Open your browser and navigate to https://portal.azure.com.

Navigate to Microsoft Entra ID:

In the menu, select Microsoft Entra ID (formerly known as Azure Active Directory).

 


Go to the Sign-in logs:

Click on Monitoring and then choose Sign-in logs.

 

Select Service-principal sign-ins:

In the Sign-in logs, select Service-principal sign-ins at the top to view all sign-ins from service principals (such as Attic).

 

Add a filter:

Click Add Filter to add a filter.

Choose Service Principal Name and click Apply.

Enter “Attic” in the filter field and press Apply. This ensures that only sign-in attempts from Attic are displayed.

 

Look for failed sign-in attempts:

Search the list for a sign-in attempt with the status “Failed”.

Check Conditional Access:

When you find a failed item, select it and click Conditional Access in the right sidebar. Here you can see which Conditional Access policy blocked the sign-in.

 

By analyzing the sign-in logs and filtering on Attic, you can easily determine which Conditional Access policy is blocking access. Adjust the relevant policy to restore Attic’s access.