Update-MgBetaPolicyAuthenticationMethodPolicy

Update-MgBetaPolicyAuthenticationMethodPolicy
    [-ResponseHeadersVariable <String>]
    [-AdditionalProperties <Hashtable>]
    [-AuthenticationMethodConfigurations <IMicrosoftGraphAuthenticationMethodConfiguration[]>]
    [-Description <String>]
    [-DisplayName <String>]
    [-Id <String>]
    [-LastModifiedDateTime <DateTime>]
    [-MicrosoftAuthenticatorPlatformSettings <IMicrosoftGraphMicrosoftAuthenticatorPlatformSettings>]
    [-PolicyMigrationState <String>]
    [-PolicyVersion <String>]
    [-ReconfirmationInDays <Int32>]
    [-RegistrationEnforcement <IMicrosoftGraphRegistrationEnforcement>]
    [-ReportSuspiciousActivitySettings <IMicrosoftGraphReportSuspiciousActivitySettings>]
    [-SystemCredentialPreferences <IMicrosoftGraphSystemCredentialPreferences>]
    [-Headers <IDictionary>]
    [-WhatIf]
    [-Confirm]
    [<CommonParameters>]

Update-MgBetaPolicyAuthenticationMethodPolicy
    -BodyParameter <IMicrosoftGraphAuthenticationMethodsPolicy>
    [-ResponseHeadersVariable <String>]
    [-Headers <IDictionary>]
    [-WhatIf]
    [-Confirm]
    [<CommonParameters>]

Update the properties of an authenticationMethodsPolicy object.

Permissions

Import-Module Microsoft.Graph.Beta.Identity.SignIns

$params = @{
	registrationEnforcement = @{
		authenticationMethodsRegistrationCampaign = @{
			snoozeDurationInDays = 1
			enforceRegistrationAfterAllowedSnoozes = $true
			state = "enabled"
			excludeTargets = @(
			)
			includeTargets = @(
				@{
					id = "3ee3a9de-0a86-4e12-a287-9769accf1ba2"
					targetType = "group"
					targetedAuthenticationMethod = "microsoftAuthenticator"
				}
			)
		}
	}
	reportSuspiciousActivitySettings = @{
		state = "enabled"
		includeTarget = @{
			targetType = "group"
			id = "all_users"
		}
		voiceReportingCode = 0
	}
}

Update-MgBetaPolicyAuthenticationMethodPolicy -BodyParameter $params

This example shows how to use the Update-MgBetaPolicyAuthenticationMethodPolicy Cmdlet.

This cmdlet supports the common parameters: -Debug, -ErrorAction, -ErrorVariable, -InformationAction, -InformationVariable, -OutBuffer, -OutVariable, -PipelineVariable, -ProgressAction, -Verbose, -WarningAction, and -WarningVariable. For more information, see about_CommonParameters.

COMPLEX PARAMETER PROPERTIES

To create the parameters described below, construct a hash table containing the appropriate properties. For information on hash tables, run Get-Help about_Hash_Tables.

AUTHENTICATIONMETHODCONFIGURATIONS <IMicrosoftGraphAuthenticationMethodConfiguration- []>: Represents the settings for each authentication method. Automatically expanded on GET /policies/authenticationMethodsPolicy.

• [Id <String>]: The unique identifier for an entity. Read-only.
• [ExcludeTargets <IMicrosoftGraphExcludeTarget- []>]: Groups of users that are excluded from a policy.
  • [Id <String>]: The object identifier of a Microsoft Entra group.
  • [TargetType <String>]: authenticationMethodTargetType
• [State <String>]: authenticationMethodState

BODYPARAMETER <IMicrosoftGraphAuthenticationMethodsPolicy>: authenticationMethodsPolicy

• [(Any) <Object>]: This indicates any property can be added to this object.
• [Id <String>]: The unique identifier for an entity. Read-only.
• [AuthenticationMethodConfigurations <IMicrosoftGraphAuthenticationMethodConfiguration- []>]: Represents the settings for each authentication method. Automatically expanded on GET /policies/authenticationMethodsPolicy.
  • [Id <String>]: The unique identifier for an entity. Read-only.
  • [ExcludeTargets <IMicrosoftGraphExcludeTarget- []>]: Groups of users that are excluded from a policy.
    • [Id <String>]: The object identifier of a Microsoft Entra group.
    • [TargetType <String>]: authenticationMethodTargetType
  • [State <String>]: authenticationMethodState
• [Description <String>]: A description of the policy.
• [DisplayName <String>]: The name of the policy.
• [LastModifiedDateTime <DateTime?>]: The date and time of the last update to the policy.
• [MicrosoftAuthenticatorPlatformSettings <IMicrosoftGraphMicrosoftAuthenticatorPlatformSettings>]: microsoftAuthenticatorPlatformSettings
  • [(Any) <Object>]: This indicates any property can be added to this object.
  • [EnforceAppPin <IMicrosoftGraphEnforceAppPin>]: enforceAppPIN
    • [(Any) <Object>]: This indicates any property can be added to this object.
    • [ExcludeTargets <IMicrosoftGraphExcludeTarget- []>]:
    • [IncludeTargets <IMicrosoftGraphIncludeTarget- []>]:
      • [Id <String>]: The ID of the entity targeted.
      • [TargetType <String>]: authenticationMethodTargetType
• [PolicyMigrationState <String>]: authenticationMethodsPolicyMigrationState
• [PolicyVersion <String>]: The version of the policy in use.
• [ReconfirmationInDays <Int32?>]: Days before the user will be asked to reconfirm their method.
• [RegistrationEnforcement <IMicrosoftGraphRegistrationEnforcement>]: registrationEnforcement
  • [(Any) <Object>]: This indicates any property can be added to this object.
  • [AuthenticationMethodsRegistrationCampaign <IMicrosoftGraphAuthenticationMethodsRegistrationCampaign>]: authenticationMethodsRegistrationCampaign
    • [(Any) <Object>]: This indicates any property can be added to this object.
    • [EnforceRegistrationAfterAllowedSnoozes <Boolean?>]: Specifies whether a user is required to perform registration after snoozing 3 times. If true, the user is required to register after 3 snoozes. If false, the user can snooze indefinitely. The default value is true.
    • [ExcludeTargets <IMicrosoftGraphExcludeTarget- []>]: Users and groups of users that are excluded from being prompted to set up the authentication method.
    • [IncludeTargets <IMicrosoftGraphAuthenticationMethodsRegistrationCampaignIncludeTarget- []>]: Users and groups of users that are prompted to set up the authentication method.
      • [Id <String>]: The object identifier of a Microsoft Entra user or group.
      • [TargetType <String>]: authenticationMethodTargetType
      • [TargetedAuthenticationMethod <String>]: The authentication method that the user is prompted to register. The value must be microsoftAuthenticator.
    • [SnoozeDurationInDays <Int32?>]: Specifies the number of days that the user sees a prompt again if they select 'Not now' and snoozes the prompt. Minimum 0 days. Maximum: 14 days. If the value is 0 - The user is prompted during every MFA attempt.
    • [State <String>]: advancedConfigState
• [ReportSuspiciousActivitySettings <IMicrosoftGraphReportSuspiciousActivitySettings>]: reportSuspiciousActivitySettings
  • [(Any) <Object>]: This indicates any property can be added to this object.
  • [IncludeTarget <IMicrosoftGraphIncludeTarget>]: includeTarget
  • [State <String>]: advancedConfigState
  • [VoiceReportingCode <Int32?>]: Specifies the number the user enters on their phone to report the MFA prompt as suspicious.
• [SystemCredentialPreferences <IMicrosoftGraphSystemCredentialPreferences>]: systemCredentialPreferences
  • [(Any) <Object>]: This indicates any property can be added to this object.
  • [ExcludeTargets <IMicrosoftGraphExcludeTarget- []>]: Users and groups excluded from the preferred authentication method experience of the system.
  • [IncludeTargets <IMicrosoftGraphIncludeTarget- []>]: Users and groups included in the preferred authentication method experience of the system.
  • [State <String>]: advancedConfigState

MICROSOFTAUTHENTICATORPLATFORMSETTINGS <IMicrosoftGraphMicrosoftAuthenticatorPlatformSettings>: microsoftAuthenticatorPlatformSettings

• [(Any) <Object>]: This indicates any property can be added to this object.
• [EnforceAppPin <IMicrosoftGraphEnforceAppPin>]: enforceAppPIN
  • [(Any) <Object>]: This indicates any property can be added to this object.
  • [ExcludeTargets <IMicrosoftGraphExcludeTarget- []>]:
    • [Id <String>]: The object identifier of a Microsoft Entra group.
    • [TargetType <String>]: authenticationMethodTargetType
  • [IncludeTargets <IMicrosoftGraphIncludeTarget- []>]:
    • [Id <String>]: The ID of the entity targeted.
    • [TargetType <String>]: authenticationMethodTargetType

REGISTRATIONENFORCEMENT <IMicrosoftGraphRegistrationEnforcement>: registrationEnforcement

• [(Any) <Object>]: This indicates any property can be added to this object.
• [AuthenticationMethodsRegistrationCampaign <IMicrosoftGraphAuthenticationMethodsRegistrationCampaign>]: authenticationMethodsRegistrationCampaign
  • [(Any) <Object>]: This indicates any property can be added to this object.
  • [EnforceRegistrationAfterAllowedSnoozes <Boolean?>]: Specifies whether a user is required to perform registration after snoozing 3 times. If true, the user is required to register after 3 snoozes. If false, the user can snooze indefinitely. The default value is true.
  • [ExcludeTargets <IMicrosoftGraphExcludeTarget- []>]: Users and groups of users that are excluded from being prompted to set up the authentication method.
    • [Id <String>]: The object identifier of a Microsoft Entra group.
    • [TargetType <String>]: authenticationMethodTargetType
  • [IncludeTargets <IMicrosoftGraphAuthenticationMethodsRegistrationCampaignIncludeTarget- []>]: Users and groups of users that are prompted to set up the authentication method.
    • [Id <String>]: The object identifier of a Microsoft Entra user or group.
    • [TargetType <String>]: authenticationMethodTargetType
    • [TargetedAuthenticationMethod <String>]: The authentication method that the user is prompted to register. The value must be microsoftAuthenticator.
  • [SnoozeDurationInDays <Int32?>]: Specifies the number of days that the user sees a prompt again if they select 'Not now' and snoozes the prompt. Minimum 0 days. Maximum: 14 days. If the value is 0 - The user is prompted during every MFA attempt.
  • [State <String>]: advancedConfigState

REPORTSUSPICIOUSACTIVITYSETTINGS <IMicrosoftGraphReportSuspiciousActivitySettings>: reportSuspiciousActivitySettings

• [(Any) <Object>]: This indicates any property can be added to this object.
• [IncludeTarget <IMicrosoftGraphIncludeTarget>]: includeTarget
  • [(Any) <Object>]: This indicates any property can be added to this object.
  • [Id <String>]: The ID of the entity targeted.
  • [TargetType <String>]: authenticationMethodTargetType
• [State <String>]: advancedConfigState
• [VoiceReportingCode <Int32?>]: Specifies the number the user enters on their phone to report the MFA prompt as suspicious.

SYSTEMCREDENTIALPREFERENCES <IMicrosoftGraphSystemCredentialPreferences>: systemCredentialPreferences

• [(Any) <Object>]: This indicates any property can be added to this object.
• [ExcludeTargets <IMicrosoftGraphExcludeTarget- []>]: Users and groups excluded from the preferred authentication method experience of the system.
  • [Id <String>]: The object identifier of a Microsoft Entra group.
  • [TargetType <String>]: authenticationMethodTargetType
• [IncludeTargets <IMicrosoftGraphIncludeTarget- []>]: Users and groups included in the preferred authentication method experience of the system.
  • [Id <String>]: The ID of the entity targeted.
  • [TargetType <String>]: authenticationMethodTargetType
• [State <String>]: advancedConfigState