| title | List passwordMethods |
|---|---|
| description | Retrieve a user's passwordAuthenticationMethod objects. This will return exactly one object, as a user can have exactly one password. |
| ms.localizationpriority | medium |
| author | zhvolosh |
| ms.reviewer | intelligentaccesspm |
| ms.subservice | entra-sign-in |
| doc_type | apiPageType |
| ms.date | 06/07/2024 |
Namespace: microsoft.graph
Retrieve a list of the passwords registered to a user, represented by a passwordAuthenticationMethod object. This API returns exactly one object referenced by ID 28c10230-6103-485e-b985-444c60001490, as a user can have exactly one password. For security, the password itself is never returned in the object and the password property is always null.
[!INCLUDE national-cloud-support]
One of the following permissions is required to call this API. To learn more, including how to choose permissions, see Permissions.
| Permission type | Least privileged permissions | Higher privileged permissions |
|---|---|---|
| Delegated (work or school account) | UserAuthenticationMethod.Read | UserAuthenticationMethod.Read.All, UserAuthenticationMethod.ReadWrite, UserAuthenticationMethod.ReadWrite.All |
| Delegated (personal Microsoft account) | Not supported. | Not supported. |
| Application | Not supported. | Not supported. |
| Permission type | Least privileged permissions | Higher privileged permissions |
|---|---|---|
| Delegated (work or school account) | UserAuthenticationMethod.Read.All | UserAuthenticationMethod.ReadWrite.All |
| Delegated (personal Microsoft account) | Not supported. | Not supported. |
| Application | UserAuthenticationMethod.Read.All | UserAuthenticationMethod.ReadWrite.All |
[!INCLUDE rbac-authentication-methods-apis-read]
Admins with User Administrator, Helpdesk Administrator, or Password Administrator roles can also reset passwords for non-admin users and a limited set of admin roles as defined in Who can reset passwords.
Get details of your own password authentication method.
GET /me/authentication/passwordMethods[!INCLUDE me-apis-sign-in-note]
Get details of your own or another user's password authentication method.
GET /users/{id | userPrincipalName}/authentication/passwordMethodsThis method doesn't support optional query parameters to customize the response.
| Name | Description |
|---|---|
| Authorization | Bearer {token}. Required. Learn more about authentication and authorization. |
Don't supply a request body for this method.
If successful, this method returns a 200 OK response code and a collection of passwordAuthenticationMethod objects in the response body.
The following example shows a request.
GET https://graph.microsoft.com/v1.0/me/authentication/passwordMethods
[!INCLUDE sample-code] [!INCLUDE sdk-documentation]
[!INCLUDE sample-code] [!INCLUDE sdk-documentation]
[!INCLUDE sample-code] [!INCLUDE sdk-documentation]
[!INCLUDE sample-code] [!INCLUDE sdk-documentation]
[!INCLUDE sample-code] [!INCLUDE sdk-documentation]
[!INCLUDE sample-code] [!INCLUDE sdk-documentation]
[!INCLUDE sample-code] [!INCLUDE sdk-documentation]
[!INCLUDE sample-code] [!INCLUDE sdk-documentation]
The following example shows the response.
Note: The response object shown here might be shortened for readability.
HTTP/1.1 200 OK
Content-type: application/json
{
"@odata.context": "https://graph.microsoft.com/v1.0/$metadata#users('67273bfa-5cd8-477a-acf7-e13ff81ebf70')/authentication/passwordMethods",
"value": [
{
"id": "28c10230-6103-485e-b985-444c60001490",
"password": null,
"createdDateTime": null
}
]
}