List passwordMethods
Namespace: microsoft.graph
Retrieve a list of the passwords registered to a user, represented by a passwordAuthenticationMethod object. This API returns exactly one object referenced by ID 28c10230-6103-485e-b985-444c60001490
, as a user can have exactly one password. For security, the password itself is never returned in the object and the password property is always null
.
This API is available in the following national cloud deployments.
Global service | US Government L4 | US Government L5 (DOD) | China operated by 21Vianet |
---|---|---|---|
✅ | ✅ | ✅ | ❌ |
Permissions
One of the following permissions is required to call this API. To learn more, including how to choose permissions, see Permissions.
Permissions acting on self
Permission type | Permissions (from least to most privileged) |
---|---|
Delegated (work or school account) | UserAuthenticationMethod.Read, UserAuthenticationMethod.ReadWrite |
Delegated (personal Microsoft account) | Not supported. |
Application | Not supported. |
Permissions acting on other users
Permission type | Permissions (from least to most privileged) |
---|---|
Delegated (work or school account) | UserAuthenticationMethod.Read.All, UserAuthenticationMethod.ReadWrite.All |
Delegated (personal Microsoft account) | Not supported. |
Application | UserAuthenticationMethod.Read.All, UserAuthenticationMethod.ReadWrite.All |
In delegated scenarios with work or school accounts, the signed-in user must be assigned a supported Microsoft Entra role or a custom role with a supported role permission. The following least privileged roles are supported for this operation.
- Global Reader
- Authentication Administrator
- Privileged Authentication Administrator
Admins with User Administrator, Helpdesk Administrator, or Password Administrator roles can also reset passwords for non-admin users and a limited set of admin roles as defined in Who can reset passwords.
HTTP request
Get details of your own password authentication method.
GET /me/authentication/passwordMethods
Get details of your own or another user's password authentication method.
GET /users/{id | userPrincipalName}/authentication/passwordMethods
Optional query parameters
This method doesn't support optional query parameters to customize the response.
Request headers
Name | Description |
---|---|
Authorization | Bearer {token}. Required. Learn more about authentication and authorization. |
Request body
Don't supply a request body for this method.
Response
If successful, this method returns a 200 OK
response code and a collection of passwordAuthenticationMethod objects in the response body.
Examples
Request
The following example shows a request.
GET https://graph.microsoft.com/v1.0/me/authentication/passwordMethods
Response
The following example shows the response.
Note: The response object shown here might be shortened for readability.
HTTP/1.1 200 OK
Content-type: application/json
{
"@odata.context": "https://graph.microsoft.com/v1.0/$metadata#users('67273bfa-5cd8-477a-acf7-e13ff81ebf70')/authentication/passwordMethods",
"value": [
{
"id": "28c10230-6103-485e-b985-444c60001490",
"password": null,
"createdDateTime": null
}
]
}