Share via

How do you get all authentication methods for all users with the Graph SDK in one command?

Todd Willett 0 Reputation points
2023-05-25T12:26:55.0133333+00:00

To get all users we can use Get-MgUser -All, but it doesn't have the authentication methods (and SMS number that we're looking for) like the soon to be deprecated Get-MsolUser does.

So if we try to use Get-MGUserAuthenticationMethod the -All switch doesn't work. If you look at the function itself, it has 2 parameter sets and both are to get 1 object returned.

Looping this in a for each loop "works" but we have tens of thousands of users so this is both time consuming and we run into throttling issues.

So the questions are:

  1. Is there a property for Get-MgUser that returns this info? I tried Authentication but it's blank.
  2. Is this something that's going to be updated soon in Get-MgUserAuthenticationMethod?

Hopefully there's a way to do this, but if it not...It's frustrating to tell us you're deprecating one technology when the "new and improved" one isn't finished or can't do the same thing.

Microsoft Security | Microsoft Graph
0 comments

1 answer

Sort by: Most helpful
Most helpful Newest Oldest
  1. Vasil Michev 125.5K Reputation points MVP Volunteer Moderator
    2023-05-25T16:21:19.3866667+00:00

    You cannot do this via a one-liner, at least not a good one, as the authentication methods data comes from a different API. Said endpoints expose more than just the MFA methods, so it's not 1:1 comparison with the good old MSOnline cmdlets.

    If you want to get the MFA details in a single call, use the credential registration report under /reports/credentialUserRegistrationDetails:

    GET https://graph.microsoft.com/beta/reports/credentialUserRegistrationDetails

Your answer

Answers can be marked as 'Accepted' by the question author and 'Recommended' by moderators, which helps users know the answer solved the author's problem.