This control plane turns Conditional Access snapshots into one identity-governance surface: report-only admin policies, exclusion sprawl, device-trust gaps, missing sign-in risk coverage, weak session controls, and the remediation packets needed before audit or incident windows drift.
/, /policy-lane, /control-gaps, /exception-posture, /verification, /docs
/api/dashboard/summary, /api/policy-lane, /api/control-gaps, /api/exception-posture, /api/verification, /api/sample
npx conditional-access-posture fixtures/conditional-access-clean.json --format summary renders the same posture the dashboard exposes.