| title | Update customAuthenticationExtension |
|---|---|
| description | Update the properties of a customAuthenticationExtension object. |
| author | soneff |
| ms.localizationpriority | medium |
| ms.subservice | entra-sign-in |
| doc_type | apiPageType |
| ms.date | 12/10/2024 |
Namespace: microsoft.graph
[!INCLUDE beta-disclaimer]
Update the properties of a customAuthenticationExtension object. The following derived types are currently supported.
- onTokenIssuanceStartCustomExtension resource type.
- onAttributeCollectionStartCustomExtension resource type.
- onAttributeCollectionSubmitCustomExtension resource type.
- onOtpSendCustomExtension resource type.
- onPasswordSubmitCustomExtension resource type.
[!INCLUDE national-cloud-support]
Choose the permission or permissions marked as least privileged for this API. Use a higher privileged permission or permissions only if your app requires it. For details about delegated and application permissions, see Permission types. To learn more about these permissions, see the permissions reference.
[!INCLUDE permissions-table]
[!INCLUDE rbac-custom-auth-ext-apis-write]
PATCH /identity/customAuthenticationExtensions/{customAuthenticationExtensionId}| Name | Description |
|---|---|
| Authorization | Bearer {token}. Required. Learn more about authentication and authorization. |
| Content-Type | application/json. Required. |
[!INCLUDE table-intro]
You must specify the @odata.type property when updating a customAuthenticationExtension object. For example, to update an onTokenIssuanceStartCustomExtension object type, set the @odata.type property to #microsoft.graph.onTokenIssuanceStartCustomExtension.
| Property | Type | Description |
|---|---|---|
| authenticationConfiguration | customExtensionAuthenticationConfiguration | The authentication configuration for this custom extension. Inherited from customCalloutExtension. Optional. |
| description | String | Description for the custom extension. Inherited from customCalloutExtension. Optional. |
| displayName | String | Display name for the custom extension. Inherited from customCalloutExtension. Optional. |
| handler | onAttributeCollectionStartCustomExtensionHandler | The handler to invoke when conditions are met. Can be updated for the onAttributeCollectionStartCustomExtensionListener listener type. |
| handler | onAttributeCollectionSubmitCustomExtensionHandler | The handler to invoke when conditions are met. Can be updated for the onAttributeCollectionSubmitCustomExtensionListener listener type. |
| handler | onOtpSendCustomExtensionHandler | The handler to invoke when conditions are met. Can be updated for the onOtpSendCustomExtensionListener listener type. |
| handler | onTokenIssuanceStartCustomExtensionHandler | The handler to invoke when conditions are met. Can be updated for the onTokenIssuanceStartCustomExtensionListener listener type. |
| endpointConfiguration | customExtensionEndpointConfiguration | Configuration for the API endpoint that the custom extension will call. Inherited from customCalloutExtension. Optional. |
| behaviorOnError | customExtensionBehaviorOnError | Let to configure behavior if the call to custom authentication extension returns error. Optional. |
If successful, this method returns a 204 No Content response code.
The following example shows a request.
PATCH hhttps://graph.microsoft.com/beta/identity/customAuthenticationExtensions/6fc5012e-7665-43d6-9708-4370863f4e6e
Content-Type: application/json
Content-length: 468
{
"@odata.type": "#microsoft.graph.onTokenIssuanceStartCustomExtension",
"displayName": "onTokenIssuanceStartCustomExtension",
"description": "Fetch additional claims from custom user store",
"endpointConfiguration": {
"@odata.type": "#microsoft.graph.httpRequestEndpoint",
"targetUrl": "https://authenticationeventsAPI.contoso.com"
},
"authenticationConfiguration": {
"@odata.type": "#microsoft.graph.azureAdTokenAuthentication",
"resourceId": "api://authenticationeventsAPI.contoso.com/a13d0fc1-04ab-4ede-b215-63de0174cbb4"
},
"claimsForTokenConfiguration": [
{
"claimIdInApiResponse": "DateOfBirth"
},
{
"claimIdInApiResponse": "CustomRoles"
}
]
}[!INCLUDE sample-code] [!INCLUDE sdk-documentation]
[!INCLUDE sample-code] [!INCLUDE sdk-documentation]
[!INCLUDE sample-code] [!INCLUDE sdk-documentation]
[!INCLUDE sample-code] [!INCLUDE sdk-documentation]
[!INCLUDE sample-code] [!INCLUDE sdk-documentation]
[!INCLUDE sample-code] [!INCLUDE sdk-documentation]
[!INCLUDE sample-code] [!INCLUDE sdk-documentation]
The following example shows the response.
HTTP/1.1 204 No Content