Skip to content

Latest commit

 

History

History
72 lines (63 loc) · 5.17 KB

authenticationstrengthpolicy.md

File metadata and controls

72 lines (63 loc) · 5.17 KB
title description author ms.reviewer ms.localizationpriority ms.subservice doc_type
authenticationStrengthPolicy resource type
A collection of settings that define specific combinations of authentication methods and metadata. The authentication strength policy, when applied to a given scenario using Microsoft Entra Conditional Access, defines which authentication methods must be used to authenticate in that scenario.
InbarckMS
conditionalaccesspm
medium
entra-sign-in
resourcePageType

authenticationStrengthPolicy resource type

Namespace: microsoft.graph

[!INCLUDE beta-disclaimer]

A collection of settings that define specific combinations of authentication methods and metadata. The authentication strength policy, when applied to a given scenario using Microsoft Entra Conditional Access, defines which authentication methods must be used to authenticate in that scenario. An authentication strength may be built-in or custom (defined by the tenant) and may or may not fulfill the requirements to grant an MFA claim.

Inherits from entity.

Methods

Method Return type Description
List authenticationStrengthPolicy collection Get a list of the authenticationStrengthPolicy objects and their properties.
Create authenticationStrengthPolicy Create a new custom authenticationStrengthPolicy object.
Get authenticationStrengthPolicy Read the properties and relationships of an authenticationStrengthPolicy object.
Update authenticationStrengthPolicy Update the properties of a custom authenticationStrengthPolicy object. You can't update a built-in authenticationStrengthPolicy object.
Delete None Delete a custom authenticationStrengthPolicy object. You can't delete a built-in authenticationStrengthPolicy object.
List usage authenticationStrengthUsage Find all conditionalAccessPolicies that reference an authentication strength.
Find by method mode (deprecated) authenticationStrengthPolicy collection Find an authenticationStrengthPolicy by allowed mode.

Properties

Property Type Description
allowedCombinations authenticationMethodModes collection A collection of authentication method modes that are required be used to satify this authentication strength.
createdDateTime DateTimeOffset The datetime when this policy was created.
description String The human-readable description of this policy.
displayName String The human-readable display name of this policy.

Supports $filter (eq, ne, not , and in).
id String The system-generated identifier for this mode. Inherited from entity.
modifiedDateTime DateTimeOffset The datetime when this policy was last modified.
policyType authenticationStrengthPolicyType A descriptor of whether this policy is built into Microsoft Entra Conditional Access or created by an admin for the tenant. The possible values are: builtIn, custom, unknownFutureValue.

Supports $filter (eq, ne, not , and in).
requirementsSatisfied authenticationStrengthRequirements A descriptor of whether this authentication strength grants the MFA claim upon successful satisfaction. The possible values are: none, mfa, unknownFutureValue.

Relationships

Relationship Type Description
combinationConfigurations authenticationCombinationConfiguration collection Settings that may be used to require specific types or instances of an authentication method to be used when authenticating with a specified combination of authentication methods.

JSON representation

The following JSON representation shows the resource type.

{
  "@odata.type": "#microsoft.graph.authenticationStrengthPolicy",
  "id": "String (identifier)",
  "createdDateTime": "String (timestamp)",
  "modifiedDateTime": "String (timestamp)",
  "displayName": "String",
  "description": "String",
  "policyType": "String",
  "requirementsSatisfied": "String",
  "allowedCombinations": [
    "String"
  ]
}