fido2authenticationmethodconfiguration-update.md

title	Update fido2AuthenticationMethodConfiguration
description	Update the properties of a fido2AuthenticationMethodConfiguration object.
author	hanki71
ms.reviewer	intelligentaccesspm
ms.localizationpriority	medium
ms.subservice	entra-sign-in
doc_type	apiPageType
ms.date	04/05/2024

Update fido2AuthenticationMethodConfiguration

Namespace: microsoft.graph

[!INCLUDE beta-disclaimer]

Update the properties of a fido2AuthenticationMethodConfiguration object, which represents the FIDO2 Security Keys authentication method policy for the Microsoft Entra tenant.

[!INCLUDE national-cloud-support]

Permissions

Choose the permission or permissions marked as least privileged for this API. Use a higher privileged permission or permissions only if your app requires it. For details about delegated and application permissions, see Permission types. To learn more about these permissions, see the permissions reference.

[!INCLUDE permissions-table]

[!INCLUDE rbac-authentication-methods-policy-apis-write]

HTTP request

PATCH /policies/authenticationMethodsPolicy/authenticationMethodConfigurations/fido2

Request headers

Name	Description
Authorization	Bearer {token}. Required. Learn more about authentication and authorization.
Content-Type	application/json. Required.

Request body

In the request body, supply a JSON representation of a fido2AuthenticationMethodConfiguration object with the values of fields that should be updated. Existing properties that are not included in the request body will maintain their previous values or be recalculated based on changes to other property values. For best performance, don't include existing values that haven't changed.

For the list of properties that can be updated, see fido2AuthenticationMethodConfiguration.

Note: The @odata.type property with a value of #microsoft.graph.fido2AuthenticationMethodConfiguration must be included in the body.

Response

If successful, this method returns a 204 No Content response code. It doesn't return anything in the response body.

Examples

Request

HTTP

PATCH https://graph.microsoft.com/beta/policies/authenticationMethodsPolicy/authenticationMethodConfigurations/fido2
Content-Type: application/json

{
    "@odata.type": "#microsoft.graph.fido2AuthenticationMethodConfiguration",
    "id": "Fido2",
    "state": "disabled",
    "isSelfServiceRegistrationAllowed": true,
    "isAttestationEnforced": true,
    "keyRestrictions": {
        "isEnforced": false,
        "enforcementType": "block",
        "aaGuids": []
    },
    "includeTargets": [
        {
            "targetType": "group",
            "id": "all_users",
            "isRegistrationRequired": false,
            "allowedPasskeyProfiles": [
                "00000000-0000-0000-0000-000000000001"
            ]
        }
    ],
    "excludeTargets": [],
    "passkeyProfiles": [
        {
            "id": "00000000-0000-0000-0000-000000000001",
            "name": "Default passkey profile",
            "passkeyTypes": "deviceBound,synced",
            "attestationEnforcement": "disabled",
            "keyRestrictions": {
                "isEnforced": false,
                "enforcementType": "allow",
                "aaGuids": [
                ]
            }
        }
    ]
}

C#

[!INCLUDE sample-code] [!INCLUDE sdk-documentation]

Go

[!INCLUDE sample-code] [!INCLUDE sdk-documentation]

Java

[!INCLUDE sample-code] [!INCLUDE sdk-documentation]

JavaScript

[!INCLUDE sample-code] [!INCLUDE sdk-documentation]

PHP

[!INCLUDE sample-code] [!INCLUDE sdk-documentation]

PowerShell

[!INCLUDE sample-code] [!INCLUDE sdk-documentation]

Python

[!INCLUDE sample-code] [!INCLUDE sdk-documentation]

---

Response

HTTP/1.1 204 No Content