| title | List methods |
|---|---|
| description | Retrieve a list of authentication methods registered to a user. |
| ms.localizationpriority | medium |
| author | jpettere |
| ms.reviewer | intelligentaccesspm |
| ms.subservice | entra-sign-in |
| doc_type | apiPageType |
| ms.date | 09/13/2024 |
Namespace: microsoft.graph
Retrieve a list of authentication methods registered to a user. The authentication methods are defined by the types derived from the authenticationMethod resource type, and only the methods supported on this API version. See Microsoft Entra authentication methods API overview for a list of currently supported methods.
We don't recommend using the authentication methods APIs for scenarios where you need to iterate over your entire user population for auditing or security check purposes. For these types of scenarios, we recommend using the authentication method registration and usage reporting APIs.
[!INCLUDE national-cloud-support]
The following tables show the least privileged permission or permissions required to call this API on each supported resource type. Follow best practices to request least privileged permissions. For details about delegated and application permissions, see Permission types. To learn more about these permissions, see the permissions reference.
[!INCLUDE permissions-table]
[!INCLUDE permissions-table]
[!INCLUDE rbac-authentication-methods-apis-read-others]
Note
The authentication administrator only sees masked phone numbers.
List your own authentication methods.
GET /me/authentication/methods[!INCLUDE me-apis-sign-in-note]
List your own or another user's authentication methods.
GET /users/{id | userPrincipalName}/authentication/methodsThis method does not support optional query parameters to customize the response.
| Name | Description |
|---|---|
| Authorization | Bearer {token}. Required. Learn more about authentication and authorization. |
Don't supply a request body for this method.
If successful, this method returns a 200 OK response code and a collection of authenticationMethod objects in the response body.
The following example shows a request.
GET https://graph.microsoft.com/v1.0/me/authentication/methods
[!INCLUDE sample-code] [!INCLUDE sdk-documentation]
[!INCLUDE sample-code] [!INCLUDE sdk-documentation]
[!INCLUDE sample-code] [!INCLUDE sdk-documentation]
[!INCLUDE sample-code] [!INCLUDE sdk-documentation]
[!INCLUDE sample-code] [!INCLUDE sdk-documentation]
[!INCLUDE sample-code] [!INCLUDE sdk-documentation]
[!INCLUDE sample-code] [!INCLUDE sdk-documentation]
The following example shows the response.
Note: The response object shown here might be shortened for readability.
HTTP/1.1 200 OK
Content-type: application/json
{
"value": [
{
"@odata.type": "#microsoft.graph.fido2AuthenticationMethod",
"id": "-2_GRUg2-HYz6_1YG4YRAQ2",
"displayName": "Red key",
"creationDateTime": "2020-08-10T06:44:09Z",
"aaGuid": "2fc0579f-8113-47ea-b116-555a8db9202a",
"model": "NFC key",
"attestationCertificates": [
"dbe793efdf1945e2df25d93653a1e8a3268a9075"
],
"attestationLevel": "attested"
},
{
"@odata.type": "#microsoft.graph.windowsHelloForBusinessAuthenticationMethod",
"id": "b5e01f81-1f81-b5e0-811f-e0b5811fe0b5",
"displayName": "Jordan's Surface Book",
"createdDateTime": "2020-11-27T23:12:49Z",
"keyStrength": "normal"
}
]
}