Below is a redacted payload I am viewing in QRadar. Within the payload is a field named "UserAuthenticationMethod" followed by a variable value. In this case it is 16. I am wondering where I can view documentation which shows what these values mean in terms of authentication? Please someone help.
{"CreationTime":"2023-07-19T10:31:42","Id":"ddd5f7e3-932c-4886-843c-1519748f1300","Operation":"UserLoggedIn","OrganizationId":"redacted","RecordType":15,"ResultStatus":"Success","UserKey":"redacted","UserType":0,"Version":1,"Workload":"AzureActiveDirectory","ClientIP":"redacted","ObjectId":"00000002-0000-0000-c000-000000000000","UserId":"redacted","AzureActiveDirectoryEventType":1,"ExtendedProperties":[{"Name":"ResultStatusDetail","Value":"Success"},{"Name":"UserAgent","Value":"Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36 Edg/114.0.1823.86"},{"Name":"UserAuthenticationMethod","Value":"16"},{"Name":"RequestType","Value":"Login:login"}],"ModifiedProperties":[],"Actor":[{"ID":"redacted","Type":0},{"ID":"redacted","Type":5}],"ActorContextId":"a72dda32-ee80-4da8-a3ac-ec0e9e41a50a","ActorIpAddress":"62.67.251.130","InterSystemsId":"dc7088bf-5adc-448d-a3df-24f1a6a3a895","IntraSystemId":"ddd5f7e3-932c-4886-843c-1519748f1300","SupportTicketId":"","Target":[{"ID":"00000002-0000-0000-c000-000000000000","Type":0}],"TargetContextId":"a72dda32-ee80-4da8-a3ac-ec0e9e41a50a","ApplicationId":"a93d9727-9989-48a9-ac5a-11702e33732f","DeviceProperties":[{"Name":"Id","Value":"54177c26-b44a-4c71-9f5c-7c20d2c58869"},{"Name":"DisplayName","Value":"BTA-L-PC0Z61DL"},{"Name":"OS","Value":"Windows 10"},{"Name":"BrowserType","Value":"Edge"},{"Name":"IsCompliantAndManaged","Value":"False"},{"Name":"TrustType","Value":"0"},{"Name":"SessionId","Value":"9e670809-f72e-4324-a408-ca94e930b13c"}],"ErrorNumber":"0"}