Skip to Main Content
Liongard Library

Welcome to Liongard Library, where Lions share! This is a community-led space where Liongard users can come to teach and learn from one another.
Share custom Metrics, get inspired and see what’s trending in the Pride.

Pride Etiquette:
➕ Have great custom Metrics? Add them as entries!
🌟 Want to use a Metric? Copy the query and
follow this doc.
👍 Tried a Metric from the Library? Like it!
📣 Have a question or feedback on a Metric? Add a comment!
🔎 Not sure where to start? Learn about Metrics and how to write them.
💬 Need help writing a metric or want to help support others? Join the conversation in our Liongard Lounge #metrics slack channel.

🥴 See something off? Open a support chat to let us know.

Created by David Chapman
Created on May 19, 2023

Azure AD: Complete List of Conditional Access Policies and Excluded Users

This metric will return a complete list of Azure AD Conditional Access policies and a list of excluded users for each policy. This is difficult because the policies only contain a list of user's ID, not their display names.


Policies.ConditionalAccess[].{ca_displayName: displayName, user_displayName: join(', ', map_by_key(conditions.users.excludeUsers[].{id: @}, ~.Users[], `id`)[].displayName)}[].join(': ', [ca_displayName, to_string(user_displayName)])

  • Attach files
  • Noah Tatum
    Dec 6, 2023

    Thanks for this! I took this and ran with it to add the ability to grab the users from any excluded groups as well. My metric is "Azure Active Directory: Conditional Access Policies with Excluded Users Summary"