emailAuthenticationMethodConfiguration resource type

Namespace: microsoft.graph

Represents this tenant's email OTP authentication methods policy. Authentication methods policies define configuration settings and users or groups who are enabled to use the authentication method. Email OTP may be used by the tenant's cloud-native users for self-service password reset. Email OTP may be used by external users for authentication during invitation redemption and self-service sign up for specific apps in user flows.

Inherits from authenticationMethodConfiguration.


Method Return type Description
Get emailAuthenticationMethodConfiguration emailAuthenticationMethodConfiguration Read the properties and relationships of an emailAuthenticationMethodConfiguration object.
Update emailAuthenticationMethodConfiguration emailAuthenticationMethodConfiguration Update the properties of an emailAuthenticationMethodConfiguration object.
Delete emailAuthenticationMethodConfiguration None Deletes an emailAuthenticationMethodConfiguration object.


Property Type Description
allowExternalIdToUseEmailOtp externalEmailOtpState Determines whether email OTP is usable by external users for authentication. Possible values are: default, enabled, disabled, unknownFutureValue. Tenants in the default state who didn't use public preview will automatically have email OTP enabled beginning in October 2021.
excludeTargets excludeTarget collection Groups of users that are excluded from the policy.
id String The authentication method policy identifier. Inherited from authenticationMethodConfiguration.
state authenticationMethodState Indicates whether this authentication method is enabled or not. Possible values are: enabled, disabled.


Relationship Type Description
includeTargets authenticationMethodTarget collection A collection of groups that are enabled to use the authentication method.

JSON representation

Here's a JSON representation of the resource.

  "@odata.type": "#microsoft.graph.emailAuthenticationMethodConfiguration",
  "allowExternalIdToUseEmailOtp": "String",
  "excludeTargets": [
      "@odata.type": "microsoft.graph.excludeTarget"
  "id": "String (identifier)",
  "includeTargets": [ { "@odata.type": "microsoft.graph.authenticationMethodTarget" } ],
  "state": "String"