| title | authenticationStrengthPolicy: findByMethodMode (deprecated) |
|---|---|
| description | Get authentication strength policies that include the specified authentication method modes. |
| author | InbarckMS |
| ms.reviewer | conditionalaccesspm |
| ms.localizationpriority | medium |
| ms.subservice | entra-sign-in |
| doc_type | apiPageType |
| ms.date | 04/05/2024 |
[!INCLUDE beta-disclaimer]
Get a list of the authenticationStrengthPolicy objects and their properties filtered to only include policies that include the authentication method mode specified in the request.
[!INCLUDE national-cloud-support]
Choose the permission or permissions marked as least privileged for this API. Use a higher privileged permission or permissions only if your app requires it. For details about delegated and application permissions, see Permission types. To learn more about these permissions, see the permissions reference.
[!INCLUDE permissions-table]
[!INCLUDE rbac-authenticationstrength-apis-read]
Note
The findByMethodMode function is deprecated and will be retired on March 31, 2023. Use the following syntax instead.
GET /policies/authenticationStrengthPolicies?$filter=allowedCombinations/any(x:x has 'sms, password')
GET /policies/authenticationStrengthPolicies/findByMethodMode(authenticationMethodModes={authenticationMethodMode})In the request URL, provide the following query parameters with values. The following table shows the parameters that must be used with this function.
| Parameter | Type | Description |
|---|---|---|
| authenticationMethodModes | authenticationMethodModes collection | The authentication method modes to search for in existing authentication strength policies. |
| Name | Description |
|---|---|
| Authorization | Bearer {token}. Required. Learn more about authentication and authorization. |
Don't supply a request body for this method.
If successful, this function returns a 200 OK response code and a authenticationStrengthPolicy collection in the response body.
The following example shows a request.
GET https://graph.microsoft.com/beta/policies/authenticationStrengthPolicies/findByMethodMode(authenticationMethodModes=["sms"])[!INCLUDE sample-code] [!INCLUDE sdk-documentation]
[!INCLUDE sample-code] [!INCLUDE sdk-documentation]
[!INCLUDE sample-code] [!INCLUDE sdk-documentation]
[!INCLUDE sample-code] [!INCLUDE sdk-documentation]
[!INCLUDE sample-code] [!INCLUDE sdk-documentation]
[!INCLUDE sample-code] [!INCLUDE sdk-documentation]
[!INCLUDE sample-code] [!INCLUDE sdk-documentation]
The following example shows the response.
Note: The response object shown here might be shortened for readability.
HTTP/1.1 200 OK
Content-Type: application/json
{
"value": [
{
"@odata.type" : "authenticationStrengthPolicy",
"id": "00000000-0000-0000-0000-000000000002",
"createdDateTime": "2022-09-30T10:59:01Z",
"modifiedDateTime": "2022-09-30T10:59:01Z",
"displayName": "Multi-factor authentication (MFA)",
"description": "Combinations of methods that satisfy strong authentication, such as a password + SMS",
"policyType": "builtIn",
"requirementsSatisfied": "mfa",
"allowedCombinations": [
"windowsHelloForBusiness",
"fido2",
"x509CertificateMultiFactor",
"deviceBasedPush",
"temporaryAccessPassOneTime",
"temporaryAccessPassMultiUse",
"password, microsoftAuthenticatorPush",
"password, softwareOath",
"password, hardwareOath",
"password, sms",
"password, voice",
"federatedMultiFactor",
"federatedSingleFactor, microsoftAuthenticatorPush",
"federatedSingleFactor, softwareOath",
"federatedSingleFactor, hardwareOath",
"federatedSingleFactor, sms",
"federatedSingleFactor, voice"
],
"combinationConfigurations": []
}
]
}