How to use the “What If” tool to check Azure AD conditional access policies

  • Last update on September 15th, 2023

By using the What If tool you can easily identify any the policy that is currently blocking the access of our service accounts:

coreview.reports<randomicnumber>@<onmicrosoft domain>

or our management user:

 4ward365.admin@<onmicrosoft domain>

You can find the What If tool on the “Conditional Access - Policies” page in the Azure portal.

How to use the What If tool:

Step 1

To start the tool, in the toolbar on top of the list of policies, click “What If”. 

Step 2

In the User field type, expand the user or workload identity section, select User and select from the list one of our accounts (i.e. coreview.reports<randomicnumber>@<onmicrosoft domain>): 

  • In the IP address field: enter one of the addresses. Refer to the “List of IP addresses” for the IP addresses of each data center.
  • In the location field: choose the information appropriate for your location
For the… Choose… IP addresses
Europe Data center Ireland Azure CCC (EU)
USA Data center Virginia Azure CCC (US East)
Canadian Data Center Quebec City Azure CCC (Canada East)
GOV Data center Virginia Azure CCC (US East)
Australian Data center New South Wales Azure AUS (Australia)

List of IP addresses

Data centers and IPs

Europe: North Europe - Ireland

US: East US - Virginia

Canada: Canada East - Quebec

Government: US Gov Virginia - Virginia

Australia: Australia East - New South Wales


Click on “What If” button and let us know what the evaluation results are. 

Refer to the Microsoft documentation for more details.