# Conditional Access

Conditional Access consolidates signals to make decisions, and enforces organizational policies like in case of SCA, require a complaint device or App Protection Policies.

Use Conditional Access policies to apply the right access controls when needed to keep your organization secure. \
Azure AD Conditional Access is at the heart of the new identity-driven control plane.\ <br>

<figure><img src="https://3880789596-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2F4v109br9tFl1Rxk2qP0x%2Fuploads%2F7hEffoQDI3X4RdWlHk4e%2Fimage.png?alt=media&#x26;token=a0b0ce7f-b418-4cbe-9fc8-b5caf92d24b9" alt=""><figcaption></figcaption></figure>

{% hint style="danger" %}
Conditional Access policies are enforced after first-factor authentication is completed. Conditional Access isn't intended to be an organization's first line of defense for scenarios like denial-of-service (DoS) attacks, but it can use signals from these events to determine access.
{% endhint %}

<table data-view="cards"><thead><tr><th data-type="content-ref"></th></tr></thead><tbody><tr><td><a href="conditional-access/ca-with-sca-require-complaint-device">ca-with-sca-require-complaint-device</a></td></tr><tr><td><a href="conditional-access/sca-with-ca-require-app-protection-policy">sca-with-ca-require-app-protection-policy</a></td></tr></tbody></table>