authenticationMethodsPolicy resource type
Namespace: microsoft.graph
Important
APIs under the /beta version in Microsoft Graph are subject to change. Use of these APIs in production applications is not supported. To determine whether an API is available in v1.0, use the Version selector.
Defines authentication methods and the users that are allowed to use them to sign in and perform multi-factor authentication (MFA) in Microsoft Entra ID.
Methods
| Method | Return type | Description |
|---|---|---|
| Get | authenticationMethodsPolicy | Read the properties and relationships of an authenticationMethodsPolicy object. |
| Update | authenticationMethodsPolicy | Update the properties of an authenticationMethodsPolicy object. |
Properties
| Property | Type | Description |
|---|---|---|
| description | String | A description of the policy. |
| displayName | String | The name of the policy. |
| id | String | The identifier of the policy. Inherited from entity. |
| lastModifiedDateTime | DateTimeOffset | The date and time of the last update to the policy. |
| policyVersion | String | The version of the policy in use. |
| policyMigrationState | authenticationMethodsPolicyMigrationState | The state of migration of the authentication methods policy from the legacy multifactor authentication and self-service password reset (SSPR) policies. The possible values are: premigration - means the authentication methods policy is used for authentication only, legacy policies are respected. migrationInProgress - means the authentication methods policy is used for both authentication and SSPR, legacy policies are respected. migrationComplete - means the authentication methods policy is used for authentication and SSPR, legacy policies are ignored. unknownFutureValue - Evolvable enumeration sentinel value. Don't use. |
| reconfirmationInDays | Int32 | Days before the user will be asked to reconfirm their method. |
| registrationEnforcement | registrationEnforcement | Enforce registration at sign-in time. This property can be used to remind users to set up targeted authentication methods. |
| reportSuspiciousActivitySettings | reportSuspiciousActivitySettings | Enable users to report unexpected voice call or phone app notification multi-factor authentication prompts as suspicious. |
| systemCredentialPreferences | systemCredentialPreferences | Prompt users with their most-preferred credential for multifactor authentication. |
Relationships
| Relationship | Type | Description |
|---|---|---|
| authenticationMethodConfigurations | authenticationMethodConfiguration collection | Represents the settings for each authentication method. Automatically expanded on GET /policies/authenticationMethodsPolicy. |
JSON representation
The following JSON representation shows the resource type.
{
"@odata.type": "#microsoft.graph.authenticationMethodsPolicy",
"description": "String",
"displayName": "String",
"id": "String (identifier)",
"lastModifiedDateTime": "String (timestamp)",
"policyVersion": "String",
"registrationEnforcement": {
"@odata.type": "microsoft.graph.registrationEnforcement"
},
"reportSuspiciousActivitySettings": {
"@odata.type": "microsoft.graph.reportSuspiciousActivitySettings"
},
"systemCredentialPreferences": {
"@odata.type": "microsoft.graph.systemCredentialPreferences"
}
}