What can we help you with?

View Categories

Apply a Conditional Access Policy to the Infortel Call Queue Analytics Service Account

Getting Started #

This document provides the instructions for adding a Conditional Access policy to the Infortel Call Queue Analytics Service Account. Before you begin, please ensure you have the following:

  • A Service Account in Entra ID used for ISI Analytics Call Queues
  • Microsoft 365 Administrator Privileges

Create a Named Location #

  1. Login to https://entra.microsoft.com
  2. Navigate to Protection -> Conditional Access on the left
  3. On the Conditional Access page, navigate to Mange -> Named locations
  4. Click + IP ranges location
  5. Name the location ISI Analytics Service Addresses or something similar
  6. Click the + button, input the IP Range 157.56.30.194/32, and click Add
  7. Click Create

Create Conditional Access Policy #

Once the Named location is created

  1. Navigate to Policies on the left
  2. Click + Create new policy
  3. Name the policy ISI Analytics Service Account Restrictions or something similar
  4. Assign the Service Account to the Policy
    1. Under Users, click 0 users and groups selected

    2. Under Include, Select Select users and groups. Check Users and groups and select your service account. Once finished, the configuration should look like this, with your service account selected. 
  5. Set the Target resource to All cloud apps
    1. Under Target resources, click No target resources selected
    2. Under Include, Select All cloud apps. When selected All cloud apps, the system will show a warning. Be sure to have only selected the service account in the previous steps. 
  6. Set the Condition to only allow ISI Analytics Service Addresses
    1. Under Conditions, click 0 conditions selected

    2. Under Locations, click Not configured

    3. Change Configure to Yes

    4. Under Include, select Any network or location

    5. Under Exclude, select Selected networks and locations. Under Select, click None and select the Named location you created and click Save
    6. Once finished, the configuration should look like this, with your Named location selected
  7. Set the Grant to Block access
    1. Under Grant, select 0 controls selected
    2. Select Block access and click Select
  8. Under Enable Policy, change to On
  9. Confirm the configuration is correct:
    • Users should say Specific users included and only the ISI Analytics Queue Service Account is selected
    • Target resources should say All cloud apps
    • Conditions should say 1 condition selected with a Location setup for the ISI Analytics Service Addresses
    • Grant should should say Block access
  10. Once everything is confirmed, click Create