Note
Access to this page requires authorization. You can try signing in or .
Access to this page requires authorization. You can try .
New-MgPolicyAuthenticationStrengthPolicy
Create a new custom authenticationStrengthPolicy object.
Note
To view the beta release of this cmdlet, view New-MgBetaPolicyAuthenticationStrengthPolicy
Syntax
CreateExpanded (Default)
New-MgPolicyAuthenticationStrengthPolicy
[-ResponseHeadersVariable <string>]
[-AdditionalProperties <hashtable>]
[-AllowedCombinations <string[]>]
[-CombinationConfigurations <IMicrosoftGraphAuthenticationCombinationConfiguration[]>]
[-CreatedDateTime <datetime>]
[-Description <string>]
[-DisplayName <string>]
[-Id <string>]
[-ModifiedDateTime <datetime>]
[-PolicyType <string>]
[-RequirementsSatisfied <string>]
[-Break]
[-Headers <IDictionary>]
[-HttpPipelineAppend <SendAsyncStep[]>]
[-HttpPipelinePrepend <SendAsyncStep[]>]
[-Proxy <uri>]
[-ProxyCredential <pscredential>]
[-ProxyUseDefaultCredentials]
[-WhatIf]
[-Confirm]
[<CommonParameters>]
Create
New-MgPolicyAuthenticationStrengthPolicy
-BodyParameter <IMicrosoftGraphAuthenticationStrengthPolicy>
[-ResponseHeadersVariable <string>]
[-Break]
[-Headers <IDictionary>]
[-HttpPipelineAppend <SendAsyncStep[]>]
[-HttpPipelinePrepend <SendAsyncStep[]>]
[-Proxy <uri>]
[-ProxyCredential <pscredential>]
[-ProxyUseDefaultCredentials]
[-WhatIf]
[-Confirm]
[<CommonParameters>]
Description
Create a new custom authenticationStrengthPolicy object.
Permissions
| Permission type | Permissions (from least to most privileged) |
|---|---|
| Delegated (work or school account) | Policy.ReadWrite.ConditionalAccess, Policy.ReadWrite.AuthenticationMethod, |
| Delegated (personal Microsoft account) | Not supported |
| Application | Policy.ReadWrite.ConditionalAccess, Policy.ReadWrite.AuthenticationMethod, |
Examples
Example 1: Code snippet
Import-Module Microsoft.Graph.Identity.SignIns
$params = @{
displayName = "Example"
requirementsSatisfied = "mfa"
allowedCombinations = @(
"fido2"
)
"combinationConfigurations@odata.context" = "https://graph.microsoft.com/v1.0/$metadata#policies/authenticationStrengthPolicies('5790842a-5bab-44c2-9cf1-b38d675b70ea')/combinationConfigurations"
combinationConfigurations = @(
@{
"@odata.type" = "#microsoft.graph.fido2CombinationConfiguration"
id = "42235320-c8db-4d8c-9344-8f1ce87f734b"
appliesToCombinations = @(
"fido2"
)
allowedAAGUIDs = @(
"de1e552d-db1d-4423-a619-566b625cdc84"
"90a3ccdf-635c-4729-a248-9b709135078f"
)
}
)
}
New-MgPolicyAuthenticationStrengthPolicy -BodyParameter $params
This example shows how to use the New-MgPolicyAuthenticationStrengthPolicy Cmdlet.
Parameters
-AdditionalProperties
Additional Parameters
Parameter properties
| Type: | System.Collections.Hashtable |
| Supports wildcards: | False |
| DontShow: | False |
Parameter sets
-AllowedCombinations
A collection of authentication method modes that are required be used to satify this authentication strength.
Parameter properties
| Type: | System.String[] |
| Supports wildcards: | False |
| DontShow: | False |
Parameter sets
-BodyParameter
authenticationStrengthPolicy To construct, see NOTES section for BODYPARAMETER properties and create a hash table.
Parameter properties
| Type: | Microsoft.Graph.PowerShell.Models.IMicrosoftGraphAuthenticationStrengthPolicy |
| Supports wildcards: | False |
| DontShow: | False |
Parameter sets
-Break
Wait for .NET debugger to attach
Parameter properties
| Type: | System.Management.Automation.SwitchParameter |
| Default value: | False |
| Supports wildcards: | False |
| DontShow: | False |
Parameter sets
-CombinationConfigurations
Settings that may be used to require specific types or instances of an authentication method to be used when authenticating with a specified combination of authentication methods. To construct, see NOTES section for COMBINATIONCONFIGURATIONS properties and create a hash table.
Parameter properties
| Type: | Microsoft.Graph.PowerShell.Models.IMicrosoftGraphAuthenticationCombinationConfiguration[] |
| Supports wildcards: | False |
| DontShow: | False |
Parameter sets
-Confirm
Prompts you for confirmation before running the cmdlet.
Parameter properties
| Type: | System.Management.Automation.SwitchParameter |
| Supports wildcards: | False |
| DontShow: | False |
| Aliases: | cf |
Parameter sets
-CreatedDateTime
The datetime when this policy was created.
Parameter properties
| Type: | System.DateTime |
| Supports wildcards: | False |
| DontShow: | False |
Parameter sets
-Description
The human-readable description of this policy.
Parameter properties
| Type: | System.String |
| Supports wildcards: | False |
| DontShow: | False |
Parameter sets
-DisplayName
The human-readable display name of this policy. Supports $filter (eq, ne, not , and in).
Parameter properties
| Type: | System.String |
| Supports wildcards: | False |
| DontShow: | False |
Parameter sets
-Headers
Optional headers that will be added to the request.
Parameter properties
| Type: | System.Collections.IDictionary |
| Supports wildcards: | False |
| DontShow: | False |
Parameter sets
-HttpPipelineAppend
SendAsync Pipeline Steps to be appended to the front of the pipeline
Parameter properties
| Type: | Microsoft.Graph.PowerShell.Runtime.SendAsyncStep[] |
| Supports wildcards: | False |
| DontShow: | False |
Parameter sets
-HttpPipelinePrepend
SendAsync Pipeline Steps to be prepended to the front of the pipeline
Parameter properties
| Type: | Microsoft.Graph.PowerShell.Runtime.SendAsyncStep[] |
| Supports wildcards: | False |
| DontShow: | False |
Parameter sets
-Id
The unique identifier for an entity. Read-only.
Parameter properties
| Type: | System.String |
| Supports wildcards: | False |
| DontShow: | False |
Parameter sets
-ModifiedDateTime
The datetime when this policy was last modified.
Parameter properties
| Type: | System.DateTime |
| Supports wildcards: | False |
| DontShow: | False |
Parameter sets
-PolicyType
authenticationStrengthPolicyType
Parameter properties
| Type: | System.String |
| Supports wildcards: | False |
| DontShow: | False |
Parameter sets
-Proxy
The URI for the proxy server to use
Parameter properties
| Type: | System.Uri |
| Supports wildcards: | False |
| DontShow: | False |
Parameter sets
-ProxyCredential
Credentials for a proxy server to use for the remote call
Parameter properties
| Type: | System.Management.Automation.PSCredential |
| Supports wildcards: | False |
| DontShow: | False |
Parameter sets
-ProxyUseDefaultCredentials
Use the default credentials for the proxy
Parameter properties
| Type: | System.Management.Automation.SwitchParameter |
| Default value: | False |
| Supports wildcards: | False |
| DontShow: | False |
Parameter sets
-RequirementsSatisfied
authenticationStrengthRequirements
Parameter properties
| Type: | System.String |
| Supports wildcards: | False |
| DontShow: | False |
Parameter sets
-ResponseHeadersVariable
Optional Response Headers Variable.
Parameter properties
| Type: | System.String |
| Supports wildcards: | False |
| DontShow: | False |
| Aliases: | RHV |
Parameter sets
-WhatIf
Runs the command in a mode that only reports what would happen without performing the actions.
Parameter properties
| Type: | System.Management.Automation.SwitchParameter |
| Supports wildcards: | False |
| DontShow: | False |
| Aliases: | wi |
Parameter sets
CommonParameters
This cmdlet supports the common parameters: -Debug, -ErrorAction, -ErrorVariable, -InformationAction, -InformationVariable, -OutBuffer, -OutVariable, -PipelineVariable, -ProgressAction, -Verbose, -WarningAction, and -WarningVariable. For more information, see about_CommonParameters.
Inputs
Microsoft.Graph.PowerShell.Models.IMicrosoftGraphAuthenticationStrengthPolicy
{{ Fill in the Description }}
System.Collections.IDictionary
{{ Fill in the Description }}
Outputs
Microsoft.Graph.PowerShell.Models.IMicrosoftGraphAuthenticationStrengthPolicy
{{ Fill in the Description }}
Notes
COMPLEX PARAMETER PROPERTIES
To create the parameters described below, construct a hash table containing the appropriate properties. For information on hash tables, run Get-Help about_Hash_Tables.
BODYPARAMETER <IMicrosoftGraphAuthenticationStrengthPolicy>: authenticationStrengthPolicy
[(Any) <Object>]: This indicates any property can be added to this object.
[Id <String>]: The unique identifier for an entity.
Read-only.
[AllowedCombinations <String[]>]: A collection of authentication method modes that are required be used to satify this authentication strength.
[CombinationConfigurations <IMicrosoftGraphAuthenticationCombinationConfiguration[]>]: Settings that may be used to require specific types or instances of an authentication method to be used when authenticating with a specified combination of authentication methods.
[Id <String>]: The unique identifier for an entity.
Read-only.
[AppliesToCombinations <String[]>]: Which authentication method combinations this configuration applies to.
Must be an allowedCombinations object, part of the authenticationStrengthPolicy.
The only possible value for fido2combinationConfigurations is 'fido2'.
[CreatedDateTime <DateTime?>]: The datetime when this policy was created.
[Description <String>]: The human-readable description of this policy.
[DisplayName <String>]: The human-readable display name of this policy.
Supports $filter (eq, ne, not , and in).
[ModifiedDateTime <DateTime?>]: The datetime when this policy was last modified.
[PolicyType <String>]: authenticationStrengthPolicyType
[RequirementsSatisfied <String>]: authenticationStrengthRequirements
COMBINATIONCONFIGURATIONS <IMicrosoftGraphAuthenticationCombinationConfiguration[]>: Settings that may be used to require specific types or instances of an authentication method to be used when authenticating with a specified combination of authentication methods. [Id <String>]: The unique identifier for an entity. Read-only. [AppliesToCombinations <String[]>]: Which authentication method combinations this configuration applies to. Must be an allowedCombinations object, part of the authenticationStrengthPolicy. The only possible value for fido2combinationConfigurations is 'fido2'.