authenticationMethodsPolicy resource type

Namespace: microsoft.graph

Important

APIs under the /beta version in Microsoft Graph are subject to change. Use of these APIs in production applications is not supported. To determine whether an API is available in v1.0, use the Version selector.

Defines authentication methods and the users that are allowed to use them to sign in and perform multi-factor authentication (MFA) in Microsoft Entra ID.

Methods

Method Return type Description
Get authenticationMethodsPolicy Read the properties and relationships of an authenticationMethodsPolicy object.
Update authenticationMethodsPolicy Update the properties of an authenticationMethodsPolicy object.

Properties

Property Type Description
description String A description of the policy.
displayName String The name of the policy.
id String The identifier of the policy. Inherited from entity.
lastModifiedDateTime DateTimeOffset The date and time of the last update to the policy.
policyVersion String The version of the policy in use.
policyMigrationState authenticationMethodsPolicyMigrationState The state of migration of the authentication methods policy from the legacy multifactor authentication and self-service password reset (SSPR) policies. The possible values are:
  • premigration - means the authentication methods policy is used for authentication only, legacy policies are respected.
  • migrationInProgress - means the authentication methods policy is used for both authentication and SSPR, legacy policies are respected.
  • migrationComplete - means the authentication methods policy is used for authentication and SSPR, legacy policies are ignored.
  • unknownFutureValue - Evolvable enumeration sentinel value. Don't use.
  • reconfirmationInDays Int32 Days before the user will be asked to reconfirm their method.
    registrationEnforcement registrationEnforcement Enforce registration at sign-in time. This property can be used to remind users to set up targeted authentication methods.
    reportSuspiciousActivitySettings reportSuspiciousActivitySettings Enable users to report unexpected voice call or phone app notification multi-factor authentication prompts as suspicious.
    systemCredentialPreferences systemCredentialPreferences Prompt users with their most-preferred credential for multifactor authentication.

    Relationships

    Relationship Type Description
    authenticationMethodConfigurations authenticationMethodConfiguration collection Represents the settings for each authentication method. Automatically expanded on GET /policies/authenticationMethodsPolicy.

    JSON representation

    The following JSON representation shows the resource type.

    {
      "@odata.type": "#microsoft.graph.authenticationMethodsPolicy",
      "description": "String",
      "displayName": "String",
      "id": "String (identifier)",
      "lastModifiedDateTime": "String (timestamp)",
      "policyVersion": "String",
      "registrationEnforcement": {
        "@odata.type": "microsoft.graph.registrationEnforcement"
      },
        "reportSuspiciousActivitySettings": {
        "@odata.type": "microsoft.graph.reportSuspiciousActivitySettings"
      },
      "systemCredentialPreferences": {
        "@odata.type": "microsoft.graph.systemCredentialPreferences"
      }
    }