Azure-docs: What is the difference between User Risk Policy vs Sign in Risk Policy
Why would a admin want to configure, User Risk Policy vs a Sign in Risk Policy or vice versa?
What does each policy do, that other won't do?
Document Details
⚠Do not edit this section. It is required for docs.microsoft.com ➟ GitHub issue linking.
- ID: 572d0eef-20ce-fe8e-68fe-6bec1bd15ab6
- Version Independent ID: b28b8d19-5475-c6a5-32f8-56c6fce1d74d
- Content: How to configure the sign-in risk policy in Azure Active Directory Identity Protection
- Content Source: articles/active-directory/identity-protection/howto-sign-in-risk-policy.md
- Service: active-directory
- GitHub Login: @MarkusVi
- Microsoft Alias: markvi
DMoonesinghe
All 6 comments
@DMoonesinghe
Thanks for your feedback! We will investigate and update as appropriate.
MarileeTurscak-MSFT
on 27 Mar 2019
The sign-in risk policy detects suspicious actions that come along with the sign-in. It is focused on the sign-in activity itself and analyzes the probability that the sign-in may not have been performed by the user. The sign-in risk checks for things like whether a user has signed in from an unfamiliar location or unfamiliar IP address. You can then choose to require MFA for users based on the risk level of their sign-ins.
The user risk policy detects the probability that a user account has been compromised by detecting risk events that are atypical of a users behavior. Risk events require the recording of a user's activity over a length of time so that it's possible to detect abnormalities. You can then choose to block access to users based on their risk levels.
MarileeTurscak-MSFT
on 27 Mar 2019
Hope this helps! If you have further questions feel free to tag me or @MarkusVi in the comments or reach out to me on MSDN. https://social.msdn.microsoft.com/Forums/en-US/home?forum=WindowsAzureAD
MarileeTurscak-MSFT
on 27 Mar 2019
Thank you for the answer Marilee. But none of your documentation explains that. It would be nice if folks at Microsoft Documentation update the following docs.
https://docs.microsoft.com/en-us/azure/active-directory/identity-protection/howto-user-risk-policy
https://docs.microsoft.com/en-us/azure/active-directory/identity-protection/howto-sign-in-risk-policy
Or at least put a link to them that points to that explanation. It is important bit of info . That way the documentation itself explains without us having to ask individual questions.
DMoonesinghe
on 28 Mar 2019
Maybe have a look at this. Does that answer your question?
andrePKI
on 21 Nov 2019
Thanks, that was helpful
terryhugill
on 24 Jul 2020
Related issues
paulmarshall
·
3Comments
JamesDLD
·
3Comments
Agazoth
·
3Comments
Ponant
·
3Comments
AronT-TLV
·
3Comments
Most helpful comment
Thank you for the answer Marilee. But none of your documentation explains that. It would be nice if folks at Microsoft Documentation update the following docs.
https://docs.microsoft.com/en-us/azure/active-directory/identity-protection/howto-user-risk-policy
https://docs.microsoft.com/en-us/azure/active-directory/identity-protection/howto-sign-in-risk-policy
Or at least put a link to them that points to that explanation. It is important bit of info . That way the documentation itself explains without us having to ask individual questions.