fido2AuthenticationMethod resource type

Namespace: microsoft.graph

Important

APIs under the /beta version in Microsoft Graph are subject to change. Use of these APIs in production applications is not supported. To determine whether an API is available in v1.0, use the Version selector.

A representation of a FIDO2 security key registered to a user. FIDO2 is a sign-in authentication method.

The fido2AuthenticationMethod resource is a derived type that inherits from the authenticationMethod resource type.

Methods

Method Return type Description
List fido2AuthenticationMethod collection Retrieve a list of a user's fido2AuthenticationMethod objects and their properties.
Create fido2AuthenticationMethod Create a new fido2AuthenticationMethod object based on WebAuthn W3C standards.
Get fido2AuthenticationMethod Read the properties and relationships of a user's fido2AuthenticationMethod object.
Delete None Deletes a user's fido2AuthenticationMethod object.
Creation options webauthnCredentialCreationOptions Retrieve creation options required to generate and register an Entra ID compatible passkey.

Properties

Property Type Description
id String The authentication method identifier.
displayName String The display name of the key as given by the user.
createdDateTime DateTimeOffset The timestamp when this key was registered to the user.
aaGuid String Authenticator Attestation GUID, an identifier that indicates the type (such as make and model) of the authenticator.
model String The manufacturer-assigned model of the FIDO2 security key.
attestationCertificates String collection The attestation certificate or certificates attached to this security key.
attestationLevel attestationLevel The attestation level of this FIDO2 security key. Possible values are: attested, notAttested, unknownFutureValue.
publicKeyCredential webauthnPublicKeyCredential Contains the WebAuthn public key credential information being registered. Only used for write requests. This property isn't returned on read operations.

Relationships

None.

JSON representation

The following JSON representation shows the resource type.

{
  "@odata.type": "#microsoft.graph.fido2AuthenticationMethod",
  "id": "String (identifier)",
  "displayName": "String",
  "createdDateTime": "String (timestamp)",
  "aaGuid": "String",
  "model": "String",
  "attestationCertificates": [
    "String"
  ],
  "attestationLevel": "String",
  "publicKeyCredential": {
    "@odata.type": "microsoft.graph.webauthnPublicKeyCredential"
  }
}