Actions129
- Calendar Permission Actions
- CIPP Administration Actions
- Execute API Client (GET)
- Execute Auto Backup
- Execute Extension Mapping (GET)
- Execute Extension Mapping (POST)
- Execute Extension Sync
- Execute Extensions Config
- Execute Password Config (POST)
- Execute Restore Backup
- Execute Run Backup
- List Custom Roles
- List Extension Sync
- List Logs
- List Scheduled Items
- Remove Scheduled Item
- Execute API Client (POST)
- Execute Extension Test
- Execute Password Config (GET)
- List Backups
- List Function Parameters
- Group Actions
- Intune Actions
- Add MSP App
- Add Office App
- Add Policy
- Add Store App
- Assign App
- Assign Autopilot Device
- Device Action
- Get Recovery Key
- List Applications
- List Application Queue
- List Autopilot Config
- List Devices
- List Intune Scripts
- List Intune Templates
- Remove Autopilot Device
- Remove Policy
- Remove Queued App
- Add Choco App
- Add WinGet App
- Assign Policy
- Get Local Admin Password
- List Autopilot Devices
- List Intune Policies
- Remove App
- Remove Intune Script
- Sync Autopilot Devices
- License Actions
- Security & Compliance Actions
- Teams & SharePoint Actions
- Tenant Actions
- Add Alert
- Clear Tenant Cache
- Execute CA Exclusion
- Execute Named Location
- Get Tenant
- List Alerts Queue
- List Azure AD Connect Status
- List Conditional Access Policies
- List Named Locations
- List Shared Mailbox Statistics
- List Standards
- List Tenants
- Remove Standard Template
- Add Named Location
- Edit Tenant
- Execute Standards Run
- List Audit Logs
- List CSP Licenses
- List Roles
- List Standard Templates
- Tool Actions
- User Actions
- Add User
- Exec Restore Deleted User
- List User
- List User Conditional Access Policies
- List User Groups
- Clear Immutable ID
- Create Temporary Access Password
- Delete User Device
- Dismiss Risky User
- List Deleted Items
- List Inactive Accounts
- List Sign-Ins
- Remove User
- Reset MFA
- Restore Deleted Item
- Revoke Sessions
- Set Email Forward
- Set Per-User MFA
- List All Users
- List User Counts
- List User Devices
- Convert Mailbox
- Disable User
- Enable Archive
- List MFA Users
- Offboard User
- Reset Password
- Send MFA Push
- Set Out of Office
Overview
This node interacts with the CIPP API to execute a Conditional Access (CA) exclusion for a specified tenant. It allows users to exclude a particular user from a conditional access policy within a tenant for a defined time period. This is useful in scenarios where temporary exceptions to access policies are needed, such as during troubleshooting or special access requirements.
Use Case Examples
- Exclude a user from a conditional access policy in a tenant for a specific date range to allow temporary access without policy enforcement.
- Automate the process of managing conditional access exclusions across multiple tenants and users.
Properties
| Name | Meaning |
|---|---|
| Tenant Filter | Specifies the tenant ID or domain name to target the exclusion. |
| GUID | The GUID of the conditional access policy from which the user will be excluded. |
| User ID | The user ID of the user to be excluded from the conditional access policy. |
| Start Date | The start date for the exclusion period. |
| End Date | The end date for the exclusion period. |
| Request Options | Additional request settings such as batching, SSL certificate validation, proxy configuration, and timeout settings. |
Output
JSON
response- The JSON response from the CIPP API after executing the CA exclusion, typically containing status or confirmation details.
Dependencies
- CIPP API with OAuth2 authentication
Troubleshooting
- Ensure the tenant ID or domain name is correct and accessible.
- Verify the GUID corresponds to an existing conditional access policy.
- Confirm the user ID is valid and exists in the tenant.
- Check date formats for start and end dates are correct and logical (start date before end date).
- If SSL issues occur, consider enabling the option to ignore SSL certificate validation, but be aware of security risks.
- Proxy settings must be correctly configured if used, including authentication if required.
- Timeouts may occur if the server is slow or unresponsive; adjust the timeout setting accordingly.