authentication resource type
Namespace: microsoft.graph
Important
APIs under the /beta version in Microsoft Graph are subject to change. Use of these APIs in production applications is not supported. To determine whether an API is available in v1.0, use the Version selector.
Exposes authentication method states for users and relationships that represent the authentication methods supported by Microsoft Entra ID. The following authentication methods states are supported:
- A user's sign-in preferences (system-preferred MFA)
- A users's MFA state (per-user MFA)
Inherits from entity.
Methods
| Method | Return type | Description |
|---|---|---|
| Get | authentication | Get the authentication states for a user, such as their sign-in preferences and their MFA state. |
| Update | authentication | Update the authentication states for a user, such as their sign-in preferences and their MFA state. |
Properties
| Property | Type | Description |
|---|---|---|
| id | String | Unique identifier. Read-only. |
| requirements | strongAuthenticationRequirements | The settings and preferences for per-user Microsoft Entra multifactor authentication. |
| signInPreferences | signInPreferences | The settings and preferences for the sign-in experience of a user. Use this property to configure the user's default multifactor authentication (MFA) method. |
Relationships
| Relationship | Type | Description |
|---|---|---|
| emailMethods | emailAuthenticationMethod collection | Represents the email addresses registered to a user for authentication. |
| fido2Methods | fido2AuthenticationMethod collection | Represents the FIDO2 security keys registered to a user for authentication. |
| methods | authenticationMethod collection | Represents all authentication methods registered to a user. |
| microsoftAuthenticatorMethods | microsoftAuthenticatorAuthenticationMethod collection | The details of the Microsoft Authenticator app registered to a user for authentication. |
| operations | longRunningOperation collection | Represents the status of a long-running operation, such as a password reset operation. |
| passwordlessMicrosoftAuthenticatorMethods | passwordlessMicrosoftAuthenticatorAuthenticationMethod collection | Represents the Microsoft Authenticator Passwordless Phone Sign-in methods registered to a user for authentication. |
| passwordMethods | passwordAuthenticationMethod collection | Represents the details of the password authentication method registered to a user for authentication. |
| phoneMethods | phoneAuthenticationMethod collection | Represents the phone registered to a user for authentication. |
| softwareOathMethods | softwareOathAuthenticationMethod collection | The software OATH time-based one-time password (TOTP) applications registered to a user for authentication. |
| temporaryAccessPassMethods | temporaryAccessPassAuthenticationMethod collection | Represents a Temporary Access Pass registered to a user for authentication through time-limited passcodes. |
| windowsHelloForBusinessMethods | windowsHelloForBusinessAuthenticationMethod collection | Represents the Windows Hello for Business authentication method registered to a user for authentication. |
JSON representation
The following JSON representation shows the resource type.
{
"@odata.type": "#microsoft.graph.authentication",
"id": "String (identifier)",
"signInPreferences": {
"@odata.type": "microsoft.graph.signInPreferences"
},
"requirements": {
"@odata.type": "microsoft.graph.strongAuthenticationRequirements"
}
}