Namespace: nftgamef.comh
Authentication strategies are the ways in which customers authenticate in Azure Lively Listing (AD). Authentication strategies in Azure AD embody password and telephone (for instance, SMS and voice calls), that are manageable in Microsoft Graph beta endpoint at present, amongst many others corresponding to FIDO2 safety keys and the Microsoft Authenticator app. Authentication strategies are utilized in major, second-factor, and step-up authentication, and in addition within the self-service password reset (SSPR) course of.
The authentication methodology APIs are used to handle a person’s authentication strategies. For instance:
- You’ll be able to retrieve particulars of a person’s FIDO2 Safety Key, and delete it if the person has misplaced the important thing.
- You’ll be able to retrieve particulars of a person’s Microsoft Authenticator registration, and delete it if the person has misplaced the telephone.
What authentication strategies may be managed in Microsoft Graph?
Authentication methodology Description Examples fido2AuthenticationMethod A FIDO2 Safety Key can be utilized by a person to sign-in to Azure AD. Delete a misplaced FIDO2 Safety Key. microsoftAuthenticatorAuthenticationMethod Microsoft Authenticator can be utilized by a person to sign-in or carry out multi-factor authentication to Azure AD Delete a Microsoft Authenticator authentication methodology. windowsHelloForBusinessAuthenticationMethod Home windows Hey for Enterprise is a passwordless sign-in methodology on Home windows gadgets. See gadgets the place a person has enabled Home windows Hey for Enterprise sign-in. Delete a Home windows Hey for Enterprise credential.
The next authentication strategies are usually not but supported in Microsoft Graph v1.0.
Authentication methodology Description Examples Password A password is at the moment the default major authentication methodology in Azure AD. Reset a person’s password. phoneAuthenticationMethod (not but supported) A telephone can be utilized by a person to authenticate utilizing SMS or voice calls (as allowed by coverage). See a person’s authentication telephone numbers. Add, replace, or take away a telephone quantity to a person. Allow or disable a major cell phone for SMS sign-in. Electronic mail An e-mail handle may be person by a person as a part of the Self-Service Password Reset (SSPR) course of. See a person’s authentication e-mail handle. Add, replace, or take away an e-mail handle to a person. Non permanent Entry Go Non permanent Entry Go is a time-limited passcode that serves as a powerful credential and permits onboarding of passwordless credentials. Set a brand new Non permanent Entry Go on a person. {Hardware} token Permit customers to carry out multifactor authentication utilizing a bodily system that gives a one-time code. Get a {hardware} token assigned to a person. Software program token Permit customers to carry out multifactor authentication utilizing an utility that supporters the OATH specification and supplies a one-time code. Get and delete a software program token assigned to a person. Safety questions and solutions Permit customers to validate their identification when performing a self-service password reset. Delete a safety query a person registered. Default methodology Represents the tactic the person has chosen as default for performing multi-factor authentication. Change a person’s default MFA methodology. NOTE: Managing the small print of the default methodology is at the moment supported solely by means of the MSOL Get-MsolUser and Set-MsolUser cmdlets, utilizing the StrongAuthenticationMethods property. Require re-register MFA Represents a configuration that requires that when person indicators in subsequent time, they’re requested to arrange a brand new MFA authentication methodology. Permit the person to arrange new MFA strategies, for instance, in the event that they modified their authentication system. NOTE: This characteristic is at the moment supported solely by means of the MSOLSet-MsolUser cmdlet, utilizing the StrongAuthenticationMethods property.
Subsequent steps
- Evaluation the authentication methodology varieties and their numerous strategies.
- Strive the API in Graph Explorer.
