When creating your policy, the name is only displayed internally in Conditional Access, and isn't visible to the end user. The name displayed to the end user is the Display name field, which can be localised. Make as many policies as you require, you can tailor each terms policy to the service it protects.
Most of these settings are self explanatory but a couple which need some further explanation:
- Require users to consent on every device - this will require the device to be registered with Azure AD before the user can consent. Typically this will mean the user has to use a managed browser, such as Edge, and be signed in to the browser in order to continue.
- Expire consents on/Frequency - you can set a specific, static date when users will be required to re-consent, and you can require re-consent on a schedule - annually, bi-annually, quaterly or monthly.
- Duration before re-acceptance required - you can set the frequency that users must re-consent. Similar to the above settings except you can set a specific number of days, e.g. 90 for "every 90 days", rather than picking a start date and frequency.
- Enforce with conditional access policy templates - if you select Custom policy then you will be taken to the New Conditional Access policy flow once this has been created, if you select Create later you won't be.
In this example I want to present users with some usage guidance before they can access Forms. I've set up a very basic Conditional Access policy, opting to apply this to all users, for the selected Cloud App (Microsoft Forms), and Grant requirement is Forms ToU.
End User experience
End User experience
When I tested this on a Windows 10 VM, simulating a BYOD device as it was not joined to a domain or managed in any way, I went through Settings, Access work or school, and selected Sign in. I followed through the steps to sign in and eventually this notification appeared near the system tray:
In this post
- Configure Conditional Access rule
- Further Reading
Support My Work
I hope you find my content useful. Please consider tipping to support the running costs of hosting, licensing etc on my Ko-fi page.