MicrosoftAuthenticator featureSettings properties Push: Only traditional second factor push notifications are allowed. MicrosoftAuthenticator includeTarget propertiesĪny: Both passwordless phone sign-in and traditional second factor notifications are allowed.ĭeviceBasedPush: Only passwordless phone sign-in notifications are allowed. MicrosoftAuthenticatorFeatureSettings collectionĪ collection of Microsoft Authenticator features. MicrosoftAuthenticatorAuthenticationMethodTarget collectionĪ collection of users or groups who are enabled to use the authentication method. The Authentication method policy identifier. MicrosoftAuthenticatorAuthenticationMethodConfiguration properties Then use the following API endpoint to change the displayAppInformationRequiredState or displayLocationInformationRequiredState properties under featureSettings to enabled and include or exclude the groups you want: Identify your single target group for each of the features. In Graph Explorer, you'll need to consent to the and permissions. Make sure you use the new policy schema for Microsoft Graph APIs. Geographic location: displayLocationInformationRequiredState.Application name: displayAppInformationRequiredState.Under featureSettings, you can use the following name mapping for each feature:
You can enable and disable application name and geographic location separately. The additional context can be combined with number matching to further improve sign-in security. When a user receives a passwordless phone sign-in or MFA push notification in Microsoft Authenticator, they'll see the name of the application that requests the approval and the location based on the IP address where the sign-in originated from. Passwordless phone sign-in and multifactor authentication On-premises synchronized security groups and cloud-only security groups are supported for the Authentication method policy. Make sure you use the new schema to help prevent errors.Īdditional context can be targeted to only a single group, which can be dynamic or nested. The older policy schema is now deprecated. The policy schema for Microsoft Graph APIs has been improved.
0 kommentar(er)
