This blog article refers to Azure Active Directory (AAD) and outlines how to proceed if you are using the location condition in AAD conditional access and get the following error message "Blocked by conditional access". This error message can occur when creating a service for AttachmentExtractor or DocumentsCorePack.
The location condition is the most common condition and enables you to tie access controls to the network locations of your users. More information on how to configure the location condition can be found in this article.
The following error message "Blocked by conditional access" means that we cannot access your Dynamics 365. The location condition in your AAD blocks access for users accessing a service from specific countries/regions or IP ranges.
You must extend your local condition by two further IP addresses in any case! You MUST include the configuration website (126.96.36.199) AND the service data center. Please notice, that you must specify the instance your service will be running on (e.g. EU North Live4).
IP addresses of the instances:
EU North Live4
EU North Live2
EU West Live2
EU West Live3
Figure 2: Instances
If your data center is not listed here, please contact our support for further details.
That’s it! We appreciate your feedback! Please share your thoughts by sending an email to firstname.lastname@example.org.