New-MgBetaPolicyAuthenticationStrengthPolicy
Create a new custom authenticationStrengthPolicy object.
Note
To view the v1.0 release of this cmdlet, view New-MgPolicyAuthenticationStrengthPolicy
Syntax
New-MgBetaPolicyAuthenticationStrengthPolicy
[-ResponseHeadersVariable <String>]
[-AdditionalProperties <Hashtable>]
[-AllowedCombinations <String[]>]
[-CombinationConfigurations <IMicrosoftGraphAuthenticationCombinationConfiguration[]>]
[-CreatedDateTime <DateTime>]
[-Description <String>]
[-DisplayName <String>]
[-Id <String>]
[-ModifiedDateTime <DateTime>]
[-PolicyType <String>]
[-RequirementsSatisfied <String>]
[-Headers <IDictionary>]
[-ProgressAction <ActionPreference>]
[-WhatIf]
[-Confirm]
[<CommonParameters>]
New-MgBetaPolicyAuthenticationStrengthPolicy
-BodyParameter <IMicrosoftGraphAuthenticationStrengthPolicy>
[-ResponseHeadersVariable <String>]
[-Headers <IDictionary>]
[-ProgressAction <ActionPreference>]
[-WhatIf]
[-Confirm]
[<CommonParameters>]
Description
Create a new custom authenticationStrengthPolicy object.
Permissions
Permission type | Least privileged permissions | Higher privileged permissions |
---|---|---|
Delegated (work or school account) | Policy.ReadWrite.ConditionalAccess | Policy.ReadWrite.AuthenticationMethod |
Delegated (personal Microsoft account) | Not supported. | Not supported. |
Application | Policy.ReadWrite.ConditionalAccess | Policy.ReadWrite.AuthenticationMethod |
Examples
Example 1: Code snippet
Import-Module Microsoft.Graph.Beta.Identity.SignIns
$params = @{
displayName = "Example"
requirementsSatisfied = "mfa"
allowedCombinations = @(
"fido2"
)
"combinationConfigurations@odata.context" = "https://graph.microsoft.com/beta/$metadata#policies/authenticationStrengthPolicies('5790842a-5bab-44c2-9cf1-b38d675b70ea')/combinationConfigurations"
combinationConfigurations = @(
@{
"@odata.type" = "#microsoft.graph.fido2CombinationConfiguration"
id = "42235320-c8db-4d8c-9344-8f1ce87f734b"
appliesToCombinations = @(
"fido2"
)
allowedAAGUIDs = @(
"de1e552d-db1d-4423-a619-566b625cdc84"
"90a3ccdf-635c-4729-a248-9b709135078f"
)
}
)
}
New-MgBetaPolicyAuthenticationStrengthPolicy -BodyParameter $params
This example shows how to use the New-MgBetaPolicyAuthenticationStrengthPolicy Cmdlet.
Parameters
-AdditionalProperties
Additional Parameters
Type: | Hashtable |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-AllowedCombinations
A collection of authentication method modes that are required be used to satify this authentication strength.
Type: | String[] |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-BodyParameter
authenticationStrengthPolicy To construct, see NOTES section for BODYPARAMETER properties and create a hash table.
Type: | IMicrosoftGraphAuthenticationStrengthPolicy |
Position: | Named |
Default value: | None |
Required: | True |
Accept pipeline input: | True |
Accept wildcard characters: | False |
-CombinationConfigurations
Settings that may be used to require specific types or instances of an authentication method to be used when authenticating with a specified combination of authentication methods. To construct, see NOTES section for COMBINATIONCONFIGURATIONS properties and create a hash table.
Type: | IMicrosoftGraphAuthenticationCombinationConfiguration[] |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-Confirm
Prompts you for confirmation before running the cmdlet.
Type: | SwitchParameter |
Aliases: | cf |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-CreatedDateTime
The datetime when this policy was created.
Type: | DateTime |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-Description
The human-readable description of this policy.
Type: | String |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-DisplayName
The human-readable display name of this policy. Supports $filter (eq, ne, not , and in).
Type: | String |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-Headers
Optional headers that will be added to the request.
Type: | IDictionary |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | True |
Accept wildcard characters: | False |
-Id
The unique identifier for an entity. Read-only.
Type: | String |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-ModifiedDateTime
The datetime when this policy was last modified.
Type: | DateTime |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-PolicyType
authenticationStrengthPolicyType
Type: | String |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-ProgressAction
{{ Fill ProgressAction Description }}
Type: | ActionPreference |
Aliases: | proga |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-RequirementsSatisfied
authenticationStrengthRequirements
Type: | String |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-ResponseHeadersVariable
Optional Response Headers Variable.
Type: | String |
Aliases: | RHV |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-WhatIf
Shows what would happen if the cmdlet runs. The cmdlet is not run.
Type: | SwitchParameter |
Aliases: | wi |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
Inputs
Microsoft.Graph.Beta.PowerShell.Models.IMicrosoftGraphAuthenticationStrengthPolicy
System.Collections.IDictionary
Outputs
Microsoft.Graph.Beta.PowerShell.Models.IMicrosoftGraphAuthenticationStrengthPolicy
Notes
COMPLEX PARAMETER PROPERTIES
To create the parameters described below, construct a hash table containing the appropriate properties. For information on hash tables, run Get-Help about_Hash_Tables.
BODYPARAMETER <IMicrosoftGraphAuthenticationStrengthPolicy>
: authenticationStrengthPolicy
[(Any) <Object>]
: This indicates any property can be added to this object.[Id <String>]
: The unique identifier for an entity. Read-only.[AllowedCombinations <String-
[]>]
: A collection of authentication method modes that are required be used to satify this authentication strength.[CombinationConfigurations <IMicrosoftGraphAuthenticationCombinationConfiguration-
[]>]
: Settings that may be used to require specific types or instances of an authentication method to be used when authenticating with a specified combination of authentication methods.[Id <String>]
: The unique identifier for an entity. Read-only.[AppliesToCombinations <String-
[]>]
: Which authentication method combinations this configuration applies to. Must be an allowedCombinations object defined for the authenticationStrengthPolicy. For fido2combinationConfigurations use 'fido2', for x509certificatecombinationconfiguration use 'x509CertificateSingleFactor' or 'x509CertificateMultiFactor'.
[CreatedDateTime <DateTime?>]
: The datetime when this policy was created.[Description <String>]
: The human-readable description of this policy.[DisplayName <String>]
: The human-readable display name of this policy. Supports $filter (eq, ne, not , and in).[ModifiedDateTime <DateTime?>]
: The datetime when this policy was last modified.[PolicyType <String>]
: authenticationStrengthPolicyType[RequirementsSatisfied <String>]
: authenticationStrengthRequirements
COMBINATIONCONFIGURATIONS <IMicrosoftGraphAuthenticationCombinationConfiguration- []
>: Settings that may be used to require specific types or instances of an authentication method to be used when authenticating with a specified combination of authentication methods.
[Id <String>]
: The unique identifier for an entity. Read-only.[AppliesToCombinations <String-
[]>]
: Which authentication method combinations this configuration applies to. Must be an allowedCombinations object defined for the authenticationStrengthPolicy. For fido2combinationConfigurations use 'fido2', for x509certificatecombinationconfiguration use 'x509CertificateSingleFactor' or 'x509CertificateMultiFactor'.