Power Platform – New Continuous Access Evaluation (CAE) announcement

We are announcing our CAE rollout for user sign-in flows to Dataverse as part of ongoing security improvements for Power Platform. This change affects interactive user access to Dataverse and relies on Microsoft Entra Conditional Access (CAE) policies for near real-time session evaluation. This feature is being gradually rolled out across Dataverse environments, which is anticipated to be complete by September 2026.

Users are advised to review their user-focused CAE Conditional Access policies to ensure continued access to Dataverse.

How does this affect me?
Dataverse user access is transitioning to CAE-enabled authentication, where user sessions are continuously evaluated based on Conditional Access policy signals rather than only at the initial sign-in. As part of this rollout, user sign-in traffic to Dataverse may originate from managed locations that must be permitted and compliant with your organization’s CAE Conditional Access policies.

Note: This change applies only to interactive user sign-in flows.

Who is Impacted?
Customers with:

• CAE-enabled Conditional Access policies applied to users.
• Location-based conditions in user CAE policies.
• Sign-in frequency, session controls, or risk-based policies for Dataverse users.

What do I need to do to prepare?
Customers should take the following actions for user access scenarios:

1. Review user-targeted CAE Conditional Access policies
1. Ensure policies allow Dataverse user traffic from locations which are compliant as per your CAE policies.
2. Avoid overly restrictive location conditions that could unintentionally block user sessions.
2. Validate interactive user sign-in scenarios
1. Test Dataverse access for end users under current CAE policies.
2. Review the policies enforcing location, device, or risk conditions.

No action is required if existing user CAE policies already permit Dataverse access from managed locations.