What Is Conditional Access?
Conditional access is the practice of attaching conditions to a permission so it applies only when those conditions are met. In CI/CD this can mean a role is assumable only from a particular branch, or a secret is readable only in a named environment. The conditions are evaluated at request time against token claims or context.
Why it matters
Static grants give the same access regardless of context, which is often broader than intended. Conditional rules tighten access to exactly the situations where it is appropriate.
Related guides
What Is a Subject Claim?A subject claim is the field in an identity token that names who or what the token represents, used by access…
What Is Just-in-Time Access?Just-in-time access grants a permission only at the moment it is needed and revokes it shortly after, so no s…
What Is a Trust Relationship?A trust relationship is the policy defining which external identities a role or resource will accept, control…