authentication resource type

Namespace: microsoft.graph

Important

APIs under the /beta version in Microsoft Graph are subject to change. Use of these APIs in production applications is not supported. To determine whether an API is available in v1.0, use the Version selector.

Exposes authentication method states for users and relationships that represent the authentication methods supported by Microsoft Entra ID. The following authentication methods states are supported:

  • A user's sign-in preferences (system-preferred MFA)
  • A users's MFA state (per-user MFA)

Inherits from entity.

Methods

Method Return type Description
Get authentication Get the authentication states for a user, such as their sign-in preferences and their MFA state.
Update authentication Update the authentication states for a user, such as their sign-in preferences and their MFA state.

Properties

Property Type Description
id String Unique identifier. Read-only.
requirements strongAuthenticationRequirements The settings and preferences for per-user Microsoft Entra multifactor authentication.
signInPreferences signInPreferences The settings and preferences for the sign-in experience of a user. Use this property to configure the user's default multifactor authentication (MFA) method.

Relationships

Relationship Type Description
emailMethods emailAuthenticationMethod collection Represents the email addresses registered to a user for authentication.
fido2Methods fido2AuthenticationMethod collection Represents the FIDO2 security keys registered to a user for authentication.
methods authenticationMethod collection Represents all authentication methods registered to a user.
microsoftAuthenticatorMethods microsoftAuthenticatorAuthenticationMethod collection The details of the Microsoft Authenticator app registered to a user for authentication.
operations longRunningOperation collection Represents the status of a long-running operation, such as a password reset operation.
passwordlessMicrosoftAuthenticatorMethods passwordlessMicrosoftAuthenticatorAuthenticationMethod collection Represents the Microsoft Authenticator Passwordless Phone Sign-in methods registered to a user for authentication.
passwordMethods passwordAuthenticationMethod collection Represents the details of the password authentication method registered to a user for authentication.
phoneMethods phoneAuthenticationMethod collection Represents the phone registered to a user for authentication.
softwareOathMethods softwareOathAuthenticationMethod collection The software OATH time-based one-time password (TOTP) applications registered to a user for authentication.
temporaryAccessPassMethods temporaryAccessPassAuthenticationMethod collection Represents a Temporary Access Pass registered to a user for authentication through time-limited passcodes.
windowsHelloForBusinessMethods windowsHelloForBusinessAuthenticationMethod collection Represents the Windows Hello for Business authentication method registered to a user for authentication.

JSON representation

The following JSON representation shows the resource type.

{
  "@odata.type": "#microsoft.graph.authentication",
  "id": "String (identifier)",
  "signInPreferences": {
    "@odata.type": "microsoft.graph.signInPreferences"
  },
  "requirements": {
    "@odata.type": "microsoft.graph.strongAuthenticationRequirements"
  }
}