Update-MgBetaPolicyAuthenticationMethodPolicy
Update the properties of an authenticationMethodsPolicy object.
Note
To view the v1.0 release of this cmdlet, view Update-MgPolicyAuthenticationMethodPolicy
Syntax
Update-MgBetaPolicyAuthenticationMethodPolicy
[-ResponseHeadersVariable <String>]
[-AdditionalProperties <Hashtable>]
[-AuthenticationMethodConfigurations <IMicrosoftGraphAuthenticationMethodConfiguration[]>]
[-Description <String>]
[-DisplayName <String>]
[-Id <String>]
[-LastModifiedDateTime <DateTime>]
[-MicrosoftAuthenticatorPlatformSettings <IMicrosoftGraphMicrosoftAuthenticatorPlatformSettings>]
[-PolicyMigrationState <String>]
[-PolicyVersion <String>]
[-ReconfirmationInDays <Int32>]
[-RegistrationEnforcement <IMicrosoftGraphRegistrationEnforcement>]
[-ReportSuspiciousActivitySettings <IMicrosoftGraphReportSuspiciousActivitySettings>]
[-SystemCredentialPreferences <IMicrosoftGraphSystemCredentialPreferences>]
[-Headers <IDictionary>]
[-ProgressAction <ActionPreference>]
[-WhatIf]
[-Confirm]
[<CommonParameters>] Update-MgBetaPolicyAuthenticationMethodPolicy
-BodyParameter <IMicrosoftGraphAuthenticationMethodsPolicy>
[-ResponseHeadersVariable <String>]
[-Headers <IDictionary>]
[-ProgressAction <ActionPreference>]
[-WhatIf]
[-Confirm]
[<CommonParameters>] Description
Update the properties of an authenticationMethodsPolicy object.
Permissions
| Permission type | Least privileged permissions | Higher privileged permissions |
|---|---|---|
| Delegated (work or school account) | Policy.ReadWrite.AuthenticationMethod | Not available. |
| Delegated (personal Microsoft account) | Not supported. | Not supported. |
| Application | Policy.ReadWrite.AuthenticationMethod | Not available. |
Examples
Example 1: Code snippet
Import-Module Microsoft.Graph.Beta.Identity.SignIns
$params = @{
registrationEnforcement = @{
authenticationMethodsRegistrationCampaign = @{
snoozeDurationInDays = 1
enforceRegistrationAfterAllowedSnoozes = $true
state = "enabled"
excludeTargets = @(
)
includeTargets = @(
@{
id = "3ee3a9de-0a86-4e12-a287-9769accf1ba2"
targetType = "group"
targetedAuthenticationMethod = "microsoftAuthenticator"
}
)
}
}
reportSuspiciousActivitySettings = @{
state = "enabled"
includeTarget = @{
targetType = "group"
id = "all_users"
}
voiceReportingCode = 0
}
}
Update-MgBetaPolicyAuthenticationMethodPolicy -BodyParameter $paramsThis example shows how to use the Update-MgBetaPolicyAuthenticationMethodPolicy Cmdlet.
Parameters
-AdditionalProperties
Additional Parameters
| Type: | Hashtable |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-AuthenticationMethodConfigurations
Represents the settings for each authentication method. Automatically expanded on GET /policies/authenticationMethodsPolicy. To construct, see NOTES section for AUTHENTICATIONMETHODCONFIGURATIONS properties and create a hash table.
| Type: | IMicrosoftGraphAuthenticationMethodConfiguration[] |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-BodyParameter
authenticationMethodsPolicy To construct, see NOTES section for BODYPARAMETER properties and create a hash table.
| Type: | IMicrosoftGraphAuthenticationMethodsPolicy |
| Position: | Named |
| Default value: | None |
| Required: | True |
| Accept pipeline input: | True |
| Accept wildcard characters: | False |
-Confirm
Prompts you for confirmation before running the cmdlet.
| Type: | SwitchParameter |
| Aliases: | cf |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-Description
A description of the policy.
| Type: | String |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-DisplayName
The name of the policy.
| Type: | String |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-Headers
Optional headers that will be added to the request.
| Type: | IDictionary |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | True |
| Accept wildcard characters: | False |
-Id
The unique identifier for an entity. Read-only.
| Type: | String |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-LastModifiedDateTime
The date and time of the last update to the policy.
| Type: | DateTime |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-MicrosoftAuthenticatorPlatformSettings
microsoftAuthenticatorPlatformSettings To construct, see NOTES section for MICROSOFTAUTHENTICATORPLATFORMSETTINGS properties and create a hash table.
| Type: | IMicrosoftGraphMicrosoftAuthenticatorPlatformSettings |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-PolicyMigrationState
authenticationMethodsPolicyMigrationState
| Type: | String |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-PolicyVersion
The version of the policy in use.
| Type: | String |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-ProgressAction
{{ Fill ProgressAction Description }}
| Type: | ActionPreference |
| Aliases: | proga |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-ReconfirmationInDays
Days before the user will be asked to reconfirm their method.
| Type: | Int32 |
| Position: | Named |
| Default value: | 0 |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-RegistrationEnforcement
registrationEnforcement To construct, see NOTES section for REGISTRATIONENFORCEMENT properties and create a hash table.
| Type: | IMicrosoftGraphRegistrationEnforcement |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-ReportSuspiciousActivitySettings
reportSuspiciousActivitySettings To construct, see NOTES section for REPORTSUSPICIOUSACTIVITYSETTINGS properties and create a hash table.
| Type: | IMicrosoftGraphReportSuspiciousActivitySettings |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-ResponseHeadersVariable
Optional Response Headers Variable.
| Type: | String |
| Aliases: | RHV |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-SystemCredentialPreferences
systemCredentialPreferences To construct, see NOTES section for SYSTEMCREDENTIALPREFERENCES properties and create a hash table.
| Type: | IMicrosoftGraphSystemCredentialPreferences |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-WhatIf
Shows what would happen if the cmdlet runs. The cmdlet is not run.
| Type: | SwitchParameter |
| Aliases: | wi |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
Inputs
Microsoft.Graph.Beta.PowerShell.Models.IMicrosoftGraphAuthenticationMethodsPolicy
System.Collections.IDictionary
Outputs
Microsoft.Graph.Beta.PowerShell.Models.IMicrosoftGraphAuthenticationMethodsPolicy
Notes
COMPLEX PARAMETER PROPERTIES
To create the parameters described below, construct a hash table containing the appropriate properties. For information on hash tables, run Get-Help about_Hash_Tables.
AUTHENTICATIONMETHODCONFIGURATIONS <IMicrosoftGraphAuthenticationMethodConfiguration- []>: Represents the settings for each authentication method.
Automatically expanded on GET /policies/authenticationMethodsPolicy.
[Id <String>]: The unique identifier for an entity. Read-only.[ExcludeTargets <IMicrosoftGraphExcludeTarget-[]>]: Groups of users that are excluded from a policy.[Id <String>]: The object identifier of a Microsoft Entra group.[TargetType <String>]: authenticationMethodTargetType
[State <String>]: authenticationMethodState
BODYPARAMETER <IMicrosoftGraphAuthenticationMethodsPolicy>: authenticationMethodsPolicy
[(Any) <Object>]: This indicates any property can be added to this object.[Id <String>]: The unique identifier for an entity. Read-only.[AuthenticationMethodConfigurations <IMicrosoftGraphAuthenticationMethodConfiguration-[]>]: Represents the settings for each authentication method. Automatically expanded on GET /policies/authenticationMethodsPolicy.[Id <String>]: The unique identifier for an entity. Read-only.[ExcludeTargets <IMicrosoftGraphExcludeTarget-[]>]: Groups of users that are excluded from a policy.[Id <String>]: The object identifier of a Microsoft Entra group.[TargetType <String>]: authenticationMethodTargetType
[State <String>]: authenticationMethodState
[Description <String>]: A description of the policy.[DisplayName <String>]: The name of the policy.[LastModifiedDateTime <DateTime?>]: The date and time of the last update to the policy.[MicrosoftAuthenticatorPlatformSettings <IMicrosoftGraphMicrosoftAuthenticatorPlatformSettings>]: microsoftAuthenticatorPlatformSettings[(Any) <Object>]: This indicates any property can be added to this object.[EnforceAppPin <IMicrosoftGraphEnforceAppPin>]: enforceAppPIN[(Any) <Object>]: This indicates any property can be added to this object.[ExcludeTargets <IMicrosoftGraphExcludeTarget-[]>]:[IncludeTargets <IMicrosoftGraphIncludeTarget-[]>]:[Id <String>]: The ID of the entity targeted.[TargetType <String>]: authenticationMethodTargetType
[PolicyMigrationState <String>]: authenticationMethodsPolicyMigrationState[PolicyVersion <String>]: The version of the policy in use.[ReconfirmationInDays <Int32?>]: Days before the user will be asked to reconfirm their method.[RegistrationEnforcement <IMicrosoftGraphRegistrationEnforcement>]: registrationEnforcement[(Any) <Object>]: This indicates any property can be added to this object.[AuthenticationMethodsRegistrationCampaign <IMicrosoftGraphAuthenticationMethodsRegistrationCampaign>]: authenticationMethodsRegistrationCampaign[(Any) <Object>]: This indicates any property can be added to this object.[EnforceRegistrationAfterAllowedSnoozes <Boolean?>]: Specifies whether a user is required to perform registration after snoozing 3 times. If true, the user is required to register after 3 snoozes. If false, the user can snooze indefinitely. The default value is true.[ExcludeTargets <IMicrosoftGraphExcludeTarget-[]>]: Users and groups of users that are excluded from being prompted to set up the authentication method.[IncludeTargets <IMicrosoftGraphAuthenticationMethodsRegistrationCampaignIncludeTarget-[]>]: Users and groups of users that are prompted to set up the authentication method.[Id <String>]: The object identifier of a Microsoft Entra user or group.[TargetType <String>]: authenticationMethodTargetType[TargetedAuthenticationMethod <String>]: The authentication method that the user is prompted to register. The value must be microsoftAuthenticator.
[SnoozeDurationInDays <Int32?>]: Specifies the number of days that the user sees a prompt again if they select 'Not now' and snoozes the prompt. Minimum 0 days. Maximum: 14 days. If the value is 0 - The user is prompted during every MFA attempt.[State <String>]: advancedConfigState
[ReportSuspiciousActivitySettings <IMicrosoftGraphReportSuspiciousActivitySettings>]: reportSuspiciousActivitySettings[(Any) <Object>]: This indicates any property can be added to this object.[IncludeTarget <IMicrosoftGraphIncludeTarget>]: includeTarget[State <String>]: advancedConfigState[VoiceReportingCode <Int32?>]: Specifies the number the user enters on their phone to report the MFA prompt as suspicious.
[SystemCredentialPreferences <IMicrosoftGraphSystemCredentialPreferences>]: systemCredentialPreferences[(Any) <Object>]: This indicates any property can be added to this object.[ExcludeTargets <IMicrosoftGraphExcludeTarget-[]>]: Users and groups excluded from the preferred authentication method experience of the system.[IncludeTargets <IMicrosoftGraphIncludeTarget-[]>]: Users and groups included in the preferred authentication method experience of the system.[State <String>]: advancedConfigState
MICROSOFTAUTHENTICATORPLATFORMSETTINGS <IMicrosoftGraphMicrosoftAuthenticatorPlatformSettings>: microsoftAuthenticatorPlatformSettings
[(Any) <Object>]: This indicates any property can be added to this object.[EnforceAppPin <IMicrosoftGraphEnforceAppPin>]: enforceAppPIN[(Any) <Object>]: This indicates any property can be added to this object.[ExcludeTargets <IMicrosoftGraphExcludeTarget-[]>]:[Id <String>]: The object identifier of a Microsoft Entra group.[TargetType <String>]: authenticationMethodTargetType
[IncludeTargets <IMicrosoftGraphIncludeTarget-[]>]:[Id <String>]: The ID of the entity targeted.[TargetType <String>]: authenticationMethodTargetType
REGISTRATIONENFORCEMENT <IMicrosoftGraphRegistrationEnforcement>: registrationEnforcement
[(Any) <Object>]: This indicates any property can be added to this object.[AuthenticationMethodsRegistrationCampaign <IMicrosoftGraphAuthenticationMethodsRegistrationCampaign>]: authenticationMethodsRegistrationCampaign[(Any) <Object>]: This indicates any property can be added to this object.[EnforceRegistrationAfterAllowedSnoozes <Boolean?>]: Specifies whether a user is required to perform registration after snoozing 3 times. If true, the user is required to register after 3 snoozes. If false, the user can snooze indefinitely. The default value is true.[ExcludeTargets <IMicrosoftGraphExcludeTarget-[]>]: Users and groups of users that are excluded from being prompted to set up the authentication method.[Id <String>]: The object identifier of a Microsoft Entra group.[TargetType <String>]: authenticationMethodTargetType
[IncludeTargets <IMicrosoftGraphAuthenticationMethodsRegistrationCampaignIncludeTarget-[]>]: Users and groups of users that are prompted to set up the authentication method.[Id <String>]: The object identifier of a Microsoft Entra user or group.[TargetType <String>]: authenticationMethodTargetType[TargetedAuthenticationMethod <String>]: The authentication method that the user is prompted to register. The value must be microsoftAuthenticator.
[SnoozeDurationInDays <Int32?>]: Specifies the number of days that the user sees a prompt again if they select 'Not now' and snoozes the prompt. Minimum 0 days. Maximum: 14 days. If the value is 0 - The user is prompted during every MFA attempt.[State <String>]: advancedConfigState
REPORTSUSPICIOUSACTIVITYSETTINGS <IMicrosoftGraphReportSuspiciousActivitySettings>: reportSuspiciousActivitySettings
[(Any) <Object>]: This indicates any property can be added to this object.[IncludeTarget <IMicrosoftGraphIncludeTarget>]: includeTarget[(Any) <Object>]: This indicates any property can be added to this object.[Id <String>]: The ID of the entity targeted.[TargetType <String>]: authenticationMethodTargetType
[State <String>]: advancedConfigState[VoiceReportingCode <Int32?>]: Specifies the number the user enters on their phone to report the MFA prompt as suspicious.
SYSTEMCREDENTIALPREFERENCES <IMicrosoftGraphSystemCredentialPreferences>: systemCredentialPreferences
[(Any) <Object>]: This indicates any property can be added to this object.[ExcludeTargets <IMicrosoftGraphExcludeTarget-[]>]: Users and groups excluded from the preferred authentication method experience of the system.[Id <String>]: The object identifier of a Microsoft Entra group.[TargetType <String>]: authenticationMethodTargetType
[IncludeTargets <IMicrosoftGraphIncludeTarget-[]>]: Users and groups included in the preferred authentication method experience of the system.[Id <String>]: The ID of the entity targeted.[TargetType <String>]: authenticationMethodTargetType
[State <String>]: advancedConfigState