New-MgBetaUserAuthenticationPhoneMethod
Add a new phone authentication method. A user may only have one phone of each type, captured in the phoneType property. This means, for example, adding a mobile phone to a user with a preexisting mobile phone will fail. Additionally, a user must always have a mobile phone before adding an alternateMobile phone. Adding a phone number makes it available for use in both Azure multifactor authentication (MFA) and self-service password reset (SSPR), if enabled. Additionally, if a user is enabled by policy to use SMS sign-in and a mobile number is added, the system attempts to register the number for use in that system.
Note
To view the v1.0 release of this cmdlet, view New-MgUserAuthenticationPhoneMethod
Syntax
New-MgBetaUserAuthenticationPhoneMethod
-UserId <String>
[-ResponseHeadersVariable <String>]
[-AdditionalProperties <Hashtable>]
[-CreatedDateTime <DateTime>]
[-Id <String>]
[-PhoneNumber <String>]
[-PhoneType <String>]
[-SmsSignInState <String>]
[-Headers <IDictionary>]
[-ProgressAction <ActionPreference>]
[-WhatIf]
[-Confirm]
[<CommonParameters>]
New-MgBetaUserAuthenticationPhoneMethod
-UserId <String>
-BodyParameter <IMicrosoftGraphPhoneAuthenticationMethod>
[-ResponseHeadersVariable <String>]
[-Headers <IDictionary>]
[-ProgressAction <ActionPreference>]
[-WhatIf]
[-Confirm]
[<CommonParameters>]
New-MgBetaUserAuthenticationPhoneMethod
-InputObject <IIdentitySignInsIdentity>
[-ResponseHeadersVariable <String>]
[-AdditionalProperties <Hashtable>]
[-CreatedDateTime <DateTime>]
[-Id <String>]
[-PhoneNumber <String>]
[-PhoneType <String>]
[-SmsSignInState <String>]
[-Headers <IDictionary>]
[-ProgressAction <ActionPreference>]
[-WhatIf]
[-Confirm]
[<CommonParameters>]
New-MgBetaUserAuthenticationPhoneMethod
-InputObject <IIdentitySignInsIdentity>
-BodyParameter <IMicrosoftGraphPhoneAuthenticationMethod>
[-ResponseHeadersVariable <String>]
[-Headers <IDictionary>]
[-ProgressAction <ActionPreference>]
[-WhatIf]
[-Confirm]
[<CommonParameters>]
Description
Add a new phone authentication method. A user may only have one phone of each type, captured in the phoneType property. This means, for example, adding a mobile phone to a user with a preexisting mobile phone will fail. Additionally, a user must always have a mobile phone before adding an alternateMobile phone. Adding a phone number makes it available for use in both Azure multifactor authentication (MFA) and self-service password reset (SSPR), if enabled. Additionally, if a user is enabled by policy to use SMS sign-in and a mobile number is added, the system attempts to register the number for use in that system.
Permissions
Permission type | Least privileged permissions | Higher privileged permissions |
---|---|---|
Delegated (work or school account) | UserAuthenticationMethod.ReadWrite.All | UserAuthenticationMethod.ReadWrite |
Delegated (personal Microsoft account) | Not supported. | Not supported. |
Application | UserAuthenticationMethod.ReadWrite.All | Not available. |
Examples
Example 1: Code snippet
Import-Module Microsoft.Graph.Beta.Identity.SignIns
$params = @{
phoneNumber = "+1 2065555555"
phoneType = "mobile"
}
New-MgBetaUserAuthenticationPhoneMethod -UserId $userId -BodyParameter $params
This example shows how to use the New-MgBetaUserAuthenticationPhoneMethod Cmdlet.
Parameters
-AdditionalProperties
Additional Parameters
Type: | Hashtable |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-BodyParameter
phoneAuthenticationMethod To construct, see NOTES section for BODYPARAMETER properties and create a hash table.
Type: | IMicrosoftGraphPhoneAuthenticationMethod |
Position: | Named |
Default value: | None |
Required: | True |
Accept pipeline input: | True |
Accept wildcard characters: | False |
-Confirm
Prompts you for confirmation before running the cmdlet.
Type: | SwitchParameter |
Aliases: | cf |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-CreatedDateTime
.
Type: | DateTime |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-Headers
Optional headers that will be added to the request.
Type: | IDictionary |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | True |
Accept wildcard characters: | False |
-Id
The unique identifier for an entity. Read-only.
Type: | String |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-InputObject
Identity Parameter To construct, see NOTES section for INPUTOBJECT properties and create a hash table.
Type: | IIdentitySignInsIdentity |
Position: | Named |
Default value: | None |
Required: | True |
Accept pipeline input: | True |
Accept wildcard characters: | False |
-PhoneNumber
The phone number to text or call for authentication.
Phone numbers use the format '+<country code>
<number>
x<extension>
', with extension optional.
For example, +1 5555551234 or +1 5555551234x123 are valid.
Numbers are rejected when creating/updating if they don't match the required format.
Type: | String |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-PhoneType
authenticationPhoneType
Type: | String |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-ProgressAction
{{ Fill ProgressAction Description }}
Type: | ActionPreference |
Aliases: | proga |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-ResponseHeadersVariable
Optional Response Headers Variable.
Type: | String |
Aliases: | RHV |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-SmsSignInState
authenticationMethodSignInState
Type: | String |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-UserId
The unique identifier of user
Type: | String |
Position: | Named |
Default value: | None |
Required: | True |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-WhatIf
Shows what would happen if the cmdlet runs. The cmdlet is not run.
Type: | SwitchParameter |
Aliases: | wi |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
Inputs
Microsoft.Graph.Beta.PowerShell.Models.IIdentitySignInsIdentity
Microsoft.Graph.Beta.PowerShell.Models.IMicrosoftGraphPhoneAuthenticationMethod
System.Collections.IDictionary
Outputs
Microsoft.Graph.Beta.PowerShell.Models.IMicrosoftGraphPhoneAuthenticationMethod
Notes
COMPLEX PARAMETER PROPERTIES
To create the parameters described below, construct a hash table containing the appropriate properties. For information on hash tables, run Get-Help about_Hash_Tables.
BODYPARAMETER <IMicrosoftGraphPhoneAuthenticationMethod>
: phoneAuthenticationMethod
[(Any) <Object>]
: This indicates any property can be added to this object.[CreatedDateTime <DateTime?>]
:[Id <String>]
: The unique identifier for an entity. Read-only.[PhoneNumber <String>]
: The phone number to text or call for authentication. Phone numbers use the format '+ x', with extension optional. For example, +1 5555551234 or +1 5555551234x123 are valid. Numbers are rejected when creating/updating if they don't match the required format.[PhoneType <String>]
: authenticationPhoneType[SmsSignInState <String>]
: authenticationMethodSignInState
INPUTOBJECT <IIdentitySignInsIdentity>
: Identity Parameter
[ActivityBasedTimeoutPolicyId <String>]
: The unique identifier of activityBasedTimeoutPolicy[AppManagementPolicyId <String>]
: The unique identifier of appManagementPolicy[AuthenticationCombinationConfigurationId <String>]
: The unique identifier of authenticationCombinationConfiguration[AuthenticationConditionApplicationAppId <String>]
: The unique identifier of authenticationConditionApplication[AuthenticationContextClassReferenceId <String>]
: The unique identifier of authenticationContextClassReference[AuthenticationEventListenerId <String>]
: The unique identifier of authenticationEventListener[AuthenticationEventsFlowId <String>]
: The unique identifier of authenticationEventsFlow[AuthenticationMethodConfigurationId <String>]
: The unique identifier of authenticationMethodConfiguration[AuthenticationMethodId <String>]
: The unique identifier of authenticationMethod[AuthenticationMethodModeDetailId <String>]
: The unique identifier of authenticationMethodModeDetail[AuthenticationMethodModes <String-
[]>]
: Usage: authenticationMethodModes={authenticationMethodModes}[AuthenticationStrengthPolicyId <String>]
: The unique identifier of authenticationStrengthPolicy[AuthorizationPolicyId <String>]
: The unique identifier of authorizationPolicy[B2CIdentityUserFlowId <String>]
: The unique identifier of b2cIdentityUserFlow[B2XIdentityUserFlowId <String>]
: The unique identifier of b2xIdentityUserFlow[BitlockerRecoveryKeyId <String>]
: The unique identifier of bitlockerRecoveryKey[CertificateBasedAuthConfigurationId <String>]
: The unique identifier of certificateBasedAuthConfiguration[ClaimsMappingPolicyId <String>]
: The unique identifier of claimsMappingPolicy[ConditionalAccessPolicyId <String>]
: The unique identifier of conditionalAccessPolicy[ConditionalAccessTemplateId <String>]
: The unique identifier of conditionalAccessTemplate[CrossTenantAccessPolicyConfigurationPartnerTenantId <String>]
: The unique identifier of crossTenantAccessPolicyConfigurationPartner[CustomAuthenticationExtensionId <String>]
: The unique identifier of customAuthenticationExtension[DataLossPreventionPolicyId <String>]
: The unique identifier of dataLossPreventionPolicy[DataPolicyOperationId <String>]
: The unique identifier of dataPolicyOperation[DefaultUserRoleOverrideId <String>]
: The unique identifier of defaultUserRoleOverride[DirectoryObjectId <String>]
: The unique identifier of directoryObject[EmailAuthenticationMethodId <String>]
: The unique identifier of emailAuthenticationMethod[FeatureRolloutPolicyId <String>]
: The unique identifier of featureRolloutPolicy[Fido2AuthenticationMethodId <String>]
: The unique identifier of fido2AuthenticationMethod[GroupId <String>]
: The unique identifier of group[HomeRealmDiscoveryPolicyId <String>]
: The unique identifier of homeRealmDiscoveryPolicy[IdentityApiConnectorId <String>]
: The unique identifier of identityApiConnector[IdentityProviderBaseId <String>]
: The unique identifier of identityProviderBase[IdentityProviderId <String>]
: The unique identifier of identityProvider[IdentityUserFlowAttributeAssignmentId <String>]
: The unique identifier of identityUserFlowAttributeAssignment[IdentityUserFlowAttributeId <String>]
: The unique identifier of identityUserFlowAttribute[IdentityUserFlowId <String>]
: The unique identifier of identityUserFlow[InformationProtectionLabelId <String>]
: The unique identifier of informationProtectionLabel[LongRunningOperationId <String>]
: The unique identifier of longRunningOperation[MicrosoftAuthenticatorAuthenticationMethodId <String>]
: The unique identifier of microsoftAuthenticatorAuthenticationMethod[MobilityManagementPolicyId <String>]
: The unique identifier of mobilityManagementPolicy[MultiTenantOrganizationMemberId <String>]
: The unique identifier of multiTenantOrganizationMember[NamedLocationId <String>]
: The unique identifier of namedLocation[OAuth2PermissionGrantId <String>]
: The unique identifier of oAuth2PermissionGrant[OrganizationId <String>]
: The unique identifier of organization[PasswordAuthenticationMethodId <String>]
: The unique identifier of passwordAuthenticationMethod[PasswordlessMicrosoftAuthenticatorAuthenticationMethodId <String>]
: The unique identifier of passwordlessMicrosoftAuthenticatorAuthenticationMethod[PermissionGrantConditionSetId <String>]
: The unique identifier of permissionGrantConditionSet[PermissionGrantPolicyId <String>]
: The unique identifier of permissionGrantPolicy[PermissionGrantPreApprovalPolicyId <String>]
: The unique identifier of permissionGrantPreApprovalPolicy[PhoneAuthenticationMethodId <String>]
: The unique identifier of phoneAuthenticationMethod[PlatformCredentialAuthenticationMethodId <String>]
: The unique identifier of platformCredentialAuthenticationMethod[RiskDetectionId <String>]
: The unique identifier of riskDetection[RiskyServicePrincipalHistoryItemId <String>]
: The unique identifier of riskyServicePrincipalHistoryItem[RiskyServicePrincipalId <String>]
: The unique identifier of riskyServicePrincipal[RiskyUserHistoryItemId <String>]
: The unique identifier of riskyUserHistoryItem[RiskyUserId <String>]
: The unique identifier of riskyUser[SensitivityLabelId <String>]
: The unique identifier of sensitivityLabel[SensitivityLabelId1 <String>]
: The unique identifier of sensitivityLabel[ServicePrincipalCreationConditionSetId <String>]
: The unique identifier of servicePrincipalCreationConditionSet[ServicePrincipalCreationPolicyId <String>]
: The unique identifier of servicePrincipalCreationPolicy[ServicePrincipalRiskDetectionId <String>]
: The unique identifier of servicePrincipalRiskDetection[SoftwareOathAuthenticationMethodId <String>]
: The unique identifier of softwareOathAuthenticationMethod[TemporaryAccessPassAuthenticationMethodId <String>]
: The unique identifier of temporaryAccessPassAuthenticationMethod[ThreatAssessmentRequestId <String>]
: The unique identifier of threatAssessmentRequest[ThreatAssessmentResultId <String>]
: The unique identifier of threatAssessmentResult[TokenIssuancePolicyId <String>]
: The unique identifier of tokenIssuancePolicy[TokenLifetimePolicyId <String>]
: The unique identifier of tokenLifetimePolicy[TrustFrameworkKeySetId <String>]
: The unique identifier of trustFrameworkKeySet[TrustFrameworkKeyV2Kid <String>]
: The unique identifier of trustFrameworkKey_v2[TrustFrameworkPolicyId <String>]
: The unique identifier of trustFrameworkPolicy[UnifiedRoleManagementPolicyAssignmentId <String>]
: The unique identifier of unifiedRoleManagementPolicyAssignment[UnifiedRoleManagementPolicyId <String>]
: The unique identifier of unifiedRoleManagementPolicy[UnifiedRoleManagementPolicyRuleId <String>]
: The unique identifier of unifiedRoleManagementPolicyRule[UserFlowLanguageConfigurationId <String>]
: The unique identifier of userFlowLanguageConfiguration[UserFlowLanguagePageId <String>]
: The unique identifier of userFlowLanguagePage[UserId <String>]
: The unique identifier of user[WindowsHelloForBusinessAuthenticationMethodId <String>]
: The unique identifier of windowsHelloForBusinessAuthenticationMethod