Skip to content

fido2authenticationmethodconfiguration-get.md

Latest commit

 

History

History
146 lines (119 loc) · 5.43 KB

fido2authenticationmethodconfiguration-get.md

File metadata and controls

146 lines (119 loc) · 5.43 KB
title Get fido2AuthenticationMethodConfiguration
description Read the properties and relationships of a fido2AuthenticationMethodConfiguration object.
author hanki71
ms.reviewer intelligentaccesspm
ms.localizationpriority medium
ms.subservice entra-sign-in
doc_type apiPageType
ms.date 03/04/2026

Get fido2AuthenticationMethodConfiguration

Namespace: microsoft.graph

Retrieve the properties and relationships of the fido2AuthenticationMethodConfiguration object, which represents the passkey (FIDO2) authentication method policy for the Microsoft Entra tenant.

[!INCLUDE national-cloud-support]

Permissions

Choose the permission or permissions marked as least privileged for this API. Use a higher privileged permission or permissions only if your app requires it. For details about delegated and application permissions, see Permission types. To learn more about these permissions, see the permissions reference.

[!INCLUDE permissions-table]

[!INCLUDE rbac-authentication-methods-policy-apis-read]

HTTP request

GET /policies/authenticationMethodsPolicy/authenticationMethodConfigurations/fido2

Request headers

Name Description
Authorization Bearer {token}. Required. Learn more about authentication and authorization.

Request body

Don't supply a request body for this method.

Response

If successful, this method returns a 200 OK response code and a fido2AuthenticationMethodConfiguration object in the response body.

Examples

Request

HTTP

GET https://graph.microsoft.com/v1.0/policies/authenticationMethodsPolicy/authenticationMethodConfigurations/fido2

C#

[!INCLUDE sample-code] [!INCLUDE sdk-documentation]

Go

[!INCLUDE sample-code] [!INCLUDE sdk-documentation]

Java

[!INCLUDE sample-code] [!INCLUDE sdk-documentation]

JavaScript

[!INCLUDE sample-code] [!INCLUDE sdk-documentation]

PHP

[!INCLUDE sample-code] [!INCLUDE sdk-documentation]

PowerShell

[!INCLUDE sample-code] [!INCLUDE sdk-documentation]

Python

[!INCLUDE sample-code] [!INCLUDE sdk-documentation]

Response

The following example shows the response.

Note: The response object shown here might be shortened for readability.

HTTP/1.1 200 OK
Content-type: application/json

{
    "@odata.context": "https://graph.microsoft.com/v1.0/$metadata#authenticationMethodConfigurations/$entity",
    "@odata.type": "#microsoft.graph.fido2AuthenticationMethodConfiguration",
    "id": "Fido2",
    "state": "disabled",
    "isSelfServiceRegistrationAllowed": true,
    "isAttestationEnforced": true,
    "keyRestrictions": {
        "isEnforced": false,
        "enforcementType": "block",
        "aaGuids": []
    },
    "includeTargets": [
        {
            "targetType": "group",
            "id": "all_users",
            "isRegistrationRequired": false,
            "allowedPasskeyProfiles": [
                "00000000-0000-0000-0000-000000000001"
            ]
        }
    ],
    "excludeTargets": [],
    "passkeyProfiles": [
        {
            "id": "00000000-0000-0000-0000-000000000001",
            "name": "Default passkey profile",
            "passkeyTypes": "deviceBound,synced",
            "attestationEnforcement": "disabled",
            "keyRestrictions": {
                "isEnforced": false,
                "enforcementType": "allow",
                "aaGuids": [
                ]
            }
        }
    ]
}