Conditional Access Baseline Generator
Work through Microsoft 365 workload-specific questions to generate a ready-to-build Conditional Access baseline. No tenant access required.
Baseline Generator
Work through each section at your own pace. Results are shown immediately — no email required.
Microsoft 365 Security Tool
Conditional Access Baseline Generator
Work through Microsoft 365 workload-specific questions — Exchange, SharePoint, Teams, and admin portals — to generate a ready-to-build workload-specific Conditional Access baseline.
FAQ
Common Questions
How is this different from the Conditional Access Planner?
The Conditional Access Planner (in the Identity & Access Management cluster) covers general-purpose policies — baseline MFA, device, risk, and privileged-role patterns applicable to any identity platform use. This generator is specific to Microsoft 365 workloads — Exchange, SharePoint, Teams, and their admin portals.
Should we use both tools?
Yes — most Microsoft 365 organizations benefit from building the general baseline first (via the Conditional Access Planner) and then layering these workload-specific refinements on top.
Operational Support
Need help building and testing these policies?
IT KORR can design, build, and safely roll out Microsoft 365 workload-specific Conditional Access policies, tested in Report-only mode before enforcement.
No commitment required — we respond within one business day.