'userRegistrationDetails' graph API not listing all users MFA details

govind 0 Reputation points

I'd like to get customer's users who do not use MFA. I can do this using PowerShell but I didn't find a method property on graph API to get user's "strongauthenticationrequirements.state".

I am using graph API 'https://graph.microsoft.com/beta/reports/authenticationMethods'

which returns very few users MFA details. (its NOT filtering based on any criteria's like

'enabled users' or 'MFA enabled users'. because it returns details for disabled users also and MFA disabled users also') it returns less than 3000 user details, whereas actual total user count exceeds 100000.

Could you please advise is there a way to check all users who do not use MFA?



Microsoft Graph
Microsoft Graph
A Microsoft programmability model that exposes REST APIs and client libraries to access data on Microsoft 365 services.
11,085 questions
0 comments No comments
{count} votes

1 answer

Sort by: Most helpful
  1. Yakun Huang-MSFT 1,400 Reputation points Microsoft Vendor

    Hi @govind

    For your needs, you can use filter when sending requests to filter out users who do not use MFA.

    The value of the property isMfaRegistered indicates whether or not MFA is used, so the filter condition is isMfaRegistered eq false, and here is the full request path:

    GET https://graph.microsoft.com/beta/reports/authenticationMethods/userRegistrationDetails?$filter=isMfaRegistered eq false

    Here are the results of my tests, and you can see that all non-MFA users are filtered out.

    Screenshot 2024-05-28 105616

    See this link for more usage of this endpoint:


    Hope this helps.

    If the reply is helpful, please click Accept Answer and kindly upvote it. If you have additional questions about this answer, please click Comment.