Note
Access to this page requires authorization. You can try signing in or .
Access to this page requires authorization. You can try .
New-MgUserAuthenticationTemporaryAccessPassMethod
Create a new temporaryAccessPassAuthenticationMethod object on a user. A user can only have one Temporary Access Pass that's usable within its specified lifetime. If the user requires a new Temporary Access Pass while the current Temporary Access Pass is valid, the admin can create a new Temporary Access Pass for the user, the previous Temporary Access Pass will be deleted, and a new Temporary Access Pass will be created.
Note
To view the beta release of this cmdlet, view New-MgBetaUserAuthenticationTemporaryAccessPassMethod
Syntax
CreateExpanded (Default)
New-MgUserAuthenticationTemporaryAccessPassMethod
-UserId <string>
[-ResponseHeadersVariable <string>]
[-AdditionalProperties <hashtable>]
[-CreatedDateTime <datetime>]
[-Id <string>]
[-IsUsable]
[-IsUsableOnce]
[-LifetimeInMinutes <int>]
[-MethodUsabilityReason <string>]
[-StartDateTime <datetime>]
[-TemporaryAccessPass <string>]
[-Break]
[-Headers <IDictionary>]
[-HttpPipelineAppend <SendAsyncStep[]>]
[-HttpPipelinePrepend <SendAsyncStep[]>]
[-Proxy <uri>]
[-ProxyCredential <pscredential>]
[-ProxyUseDefaultCredentials]
[-WhatIf]
[-Confirm]
[<CommonParameters>]
Create
New-MgUserAuthenticationTemporaryAccessPassMethod
-UserId <string>
-BodyParameter <IMicrosoftGraphTemporaryAccessPassAuthenticationMethod>
[-ResponseHeadersVariable <string>]
[-Break]
[-Headers <IDictionary>]
[-HttpPipelineAppend <SendAsyncStep[]>]
[-HttpPipelinePrepend <SendAsyncStep[]>]
[-Proxy <uri>]
[-ProxyCredential <pscredential>]
[-ProxyUseDefaultCredentials]
[-WhatIf]
[-Confirm]
[<CommonParameters>]
CreateViaIdentityExpanded
New-MgUserAuthenticationTemporaryAccessPassMethod
-InputObject <IIdentitySignInsIdentity>
[-ResponseHeadersVariable <string>]
[-AdditionalProperties <hashtable>]
[-CreatedDateTime <datetime>]
[-Id <string>]
[-IsUsable]
[-IsUsableOnce]
[-LifetimeInMinutes <int>]
[-MethodUsabilityReason <string>]
[-StartDateTime <datetime>]
[-TemporaryAccessPass <string>]
[-Break]
[-Headers <IDictionary>]
[-HttpPipelineAppend <SendAsyncStep[]>]
[-HttpPipelinePrepend <SendAsyncStep[]>]
[-Proxy <uri>]
[-ProxyCredential <pscredential>]
[-ProxyUseDefaultCredentials]
[-WhatIf]
[-Confirm]
[<CommonParameters>]
CreateViaIdentity
New-MgUserAuthenticationTemporaryAccessPassMethod
-InputObject <IIdentitySignInsIdentity>
-BodyParameter <IMicrosoftGraphTemporaryAccessPassAuthenticationMethod>
[-ResponseHeadersVariable <string>]
[-Break]
[-Headers <IDictionary>]
[-HttpPipelineAppend <SendAsyncStep[]>]
[-HttpPipelinePrepend <SendAsyncStep[]>]
[-Proxy <uri>]
[-ProxyCredential <pscredential>]
[-ProxyUseDefaultCredentials]
[-WhatIf]
[-Confirm]
[<CommonParameters>]
Description
Create a new temporaryAccessPassAuthenticationMethod object on a user. A user can only have one Temporary Access Pass that's usable within its specified lifetime. If the user requires a new Temporary Access Pass while the current Temporary Access Pass is valid, the admin can create a new Temporary Access Pass for the user, the previous Temporary Access Pass will be deleted, and a new Temporary Access Pass will be created.
Permissions
| Permission type | Permissions (from least to most privileged) |
|---|---|
| Delegated (work or school account) | UserAuthenticationMethod.ReadWrite.All, UserAuthMethod-TAP.ReadWrite.All, |
| Delegated (personal Microsoft account) | Not supported |
| Application | UserAuthenticationMethod.ReadWrite.All, UserAuthMethod-TAP.ReadWrite.All, |
Examples
Example 1: Code snippet
Import-Module Microsoft.Graph.Identity.SignIns
$params = @{
startDateTime = [System.DateTime]::Parse("2022-06-05T00:00:00.000Z")
lifetimeInMinutes = 60
isUsableOnce = $false
}
New-MgUserAuthenticationTemporaryAccessPassMethod -UserId $userId -BodyParameter $params
This example shows how to use the New-MgUserAuthenticationTemporaryAccessPassMethod Cmdlet.
Parameters
-AdditionalProperties
Additional Parameters
Parameter properties
| Type: | System.Collections.Hashtable |
| Supports wildcards: | False |
| DontShow: | False |
Parameter sets
-BodyParameter
temporaryAccessPassAuthenticationMethod To construct, see NOTES section for BODYPARAMETER properties and create a hash table.
Parameter properties
| Type: | Microsoft.Graph.PowerShell.Models.IMicrosoftGraphTemporaryAccessPassAuthenticationMethod |
| Supports wildcards: | False |
| DontShow: | False |
Parameter sets
-Break
Wait for .NET debugger to attach
Parameter properties
| Type: | System.Management.Automation.SwitchParameter |
| Default value: | False |
| Supports wildcards: | False |
| DontShow: | False |
Parameter sets
-Confirm
Prompts you for confirmation before running the cmdlet.
Parameter properties
| Type: | System.Management.Automation.SwitchParameter |
| Supports wildcards: | False |
| DontShow: | False |
| Aliases: | cf |
Parameter sets
-CreatedDateTime
The date and time when the Temporary Access Pass was created.
Parameter properties
| Type: | System.DateTime |
| Supports wildcards: | False |
| DontShow: | False |
Parameter sets
-Headers
Optional headers that will be added to the request.
Parameter properties
| Type: | System.Collections.IDictionary |
| Supports wildcards: | False |
| DontShow: | False |
Parameter sets
-HttpPipelineAppend
SendAsync Pipeline Steps to be appended to the front of the pipeline
Parameter properties
| Type: | Microsoft.Graph.PowerShell.Runtime.SendAsyncStep[] |
| Supports wildcards: | False |
| DontShow: | False |
Parameter sets
-HttpPipelinePrepend
SendAsync Pipeline Steps to be prepended to the front of the pipeline
Parameter properties
| Type: | Microsoft.Graph.PowerShell.Runtime.SendAsyncStep[] |
| Supports wildcards: | False |
| DontShow: | False |
Parameter sets
-Id
The unique identifier for an entity. Read-only.
Parameter properties
| Type: | System.String |
| Supports wildcards: | False |
| DontShow: | False |
Parameter sets
-InputObject
Identity Parameter To construct, see NOTES section for INPUTOBJECT properties and create a hash table.
Parameter properties
| Type: | Microsoft.Graph.PowerShell.Models.IIdentitySignInsIdentity |
| Supports wildcards: | False |
| DontShow: | False |
Parameter sets
-IsUsable
The state of the authentication method that indicates whether it's currently usable by the user.
Parameter properties
| Type: | System.Management.Automation.SwitchParameter |
| Default value: | False |
| Supports wildcards: | False |
| DontShow: | False |
Parameter sets
-IsUsableOnce
Determines whether the pass is limited to a one-time use. If true, the pass can be used once; if false, the pass can be used multiple times within the Temporary Access Pass lifetime.
Parameter properties
| Type: | System.Management.Automation.SwitchParameter |
| Default value: | False |
| Supports wildcards: | False |
| DontShow: | False |
Parameter sets
-LifetimeInMinutes
The lifetime of the Temporary Access Pass in minutes starting at startDateTime. Must be between 10 and 43200 inclusive (equivalent to 30 days).
Parameter properties
| Type: | System.Int32 |
| Default value: | 0 |
| Supports wildcards: | False |
| DontShow: | False |
Parameter sets
-MethodUsabilityReason
Details about the usability state (isUsable). Reasons can include: EnabledByPolicy, DisabledByPolicy, Expired, NotYetValid, OneTimeUsed.
Parameter properties
| Type: | System.String |
| Supports wildcards: | False |
| DontShow: | False |
Parameter sets
-Proxy
The URI for the proxy server to use
Parameter properties
| Type: | System.Uri |
| Supports wildcards: | False |
| DontShow: | False |
Parameter sets
-ProxyCredential
Credentials for a proxy server to use for the remote call
Parameter properties
| Type: | System.Management.Automation.PSCredential |
| Supports wildcards: | False |
| DontShow: | False |
Parameter sets
-ProxyUseDefaultCredentials
Use the default credentials for the proxy
Parameter properties
| Type: | System.Management.Automation.SwitchParameter |
| Default value: | False |
| Supports wildcards: | False |
| DontShow: | False |
Parameter sets
-ResponseHeadersVariable
Optional Response Headers Variable.
Parameter properties
| Type: | System.String |
| Supports wildcards: | False |
| DontShow: | False |
| Aliases: | RHV |
Parameter sets
-StartDateTime
The date and time when the Temporary Access Pass becomes available to use and when isUsable is true is enforced.
Parameter properties
| Type: | System.DateTime |
| Supports wildcards: | False |
| DontShow: | False |
Parameter sets
-TemporaryAccessPass
The Temporary Access Pass used to authenticate. Returned only on creation of a new temporaryAccessPassAuthenticationMethod object; Hidden in subsequent read operations and returned as null with GET.
Parameter properties
| Type: | System.String |
| Supports wildcards: | False |
| DontShow: | False |
Parameter sets
-UserId
The unique identifier of user
Parameter properties
| Type: | System.String |
| Supports wildcards: | False |
| DontShow: | False |
Parameter sets
-WhatIf
Runs the command in a mode that only reports what would happen without performing the actions.
Parameter properties
| Type: | System.Management.Automation.SwitchParameter |
| Supports wildcards: | False |
| DontShow: | False |
| Aliases: | wi |
Parameter sets
CommonParameters
This cmdlet supports the common parameters: -Debug, -ErrorAction, -ErrorVariable, -InformationAction, -InformationVariable, -OutBuffer, -OutVariable, -PipelineVariable, -ProgressAction, -Verbose, -WarningAction, and -WarningVariable. For more information, see about_CommonParameters.
Inputs
Microsoft.Graph.PowerShell.Models.IIdentitySignInsIdentity
{{ Fill in the Description }}
Microsoft.Graph.PowerShell.Models.IMicrosoftGraphTemporaryAccessPassAuthenticationMethod
{{ Fill in the Description }}
System.Collections.IDictionary
{{ Fill in the Description }}
Outputs
Microsoft.Graph.PowerShell.Models.IMicrosoftGraphTemporaryAccessPassAuthenticationMethod
{{ Fill in the Description }}
Notes
COMPLEX PARAMETER PROPERTIES
To create the parameters described below, construct a hash table containing the appropriate properties. For information on hash tables, run Get-Help about_Hash_Tables.
BODYPARAMETER <IMicrosoftGraphTemporaryAccessPassAuthenticationMethod>: temporaryAccessPassAuthenticationMethod
[(Any) <Object>]: This indicates any property can be added to this object.
[Id <String>]: The unique identifier for an entity.
Read-only.
[CreatedDateTime <DateTime?>]: The date and time when the Temporary Access Pass was created.
[IsUsable <Boolean?>]: The state of the authentication method that indicates whether it's currently usable by the user.
[IsUsableOnce <Boolean?>]: Determines whether the pass is limited to a one-time use.
If true, the pass can be used once; if false, the pass can be used multiple times within the Temporary Access Pass lifetime.
[LifetimeInMinutes <Int32?>]: The lifetime of the Temporary Access Pass in minutes starting at startDateTime.
Must be between 10 and 43200 inclusive (equivalent to 30 days).
[MethodUsabilityReason <String>]: Details about the usability state (isUsable).
Reasons can include: EnabledByPolicy, DisabledByPolicy, Expired, NotYetValid, OneTimeUsed.
[StartDateTime <DateTime?>]: The date and time when the Temporary Access Pass becomes available to use and when isUsable is true is enforced.
[TemporaryAccessPass <String>]: The Temporary Access Pass used to authenticate.
Returned only on creation of a new temporaryAccessPassAuthenticationMethod object; Hidden in subsequent read operations and returned as null with GET.
INPUTOBJECT <IIdentitySignInsIdentity>: Identity Parameter
[ActivityBasedTimeoutPolicyId <String>]: The unique identifier of activityBasedTimeoutPolicy
[AppManagementPolicyId <String>]: The unique identifier of appManagementPolicy
[AuthenticationCombinationConfigurationId <String>]: The unique identifier of authenticationCombinationConfiguration
[AuthenticationConditionApplicationAppId <String>]: The unique identifier of authenticationConditionApplication
[AuthenticationContextClassReferenceId <String>]: The unique identifier of authenticationContextClassReference
[AuthenticationEventListenerId <String>]: The unique identifier of authenticationEventListener
[AuthenticationEventsFlowId <String>]: The unique identifier of authenticationEventsFlow
[AuthenticationMethodConfigurationId <String>]: The unique identifier of authenticationMethodConfiguration
[AuthenticationMethodId <String>]: The unique identifier of authenticationMethod
[AuthenticationMethodModeDetailId <String>]: The unique identifier of authenticationMethodModeDetail
[AuthenticationStrengthPolicyId <String>]: The unique identifier of authenticationStrengthPolicy
[B2XIdentityUserFlowId <String>]: The unique identifier of b2xIdentityUserFlow
[BitlockerRecoveryKeyId <String>]: The unique identifier of bitlockerRecoveryKey
[CertificateBasedAuthConfigurationId <String>]: The unique identifier of certificateBasedAuthConfiguration
[ClaimsMappingPolicyId <String>]: The unique identifier of claimsMappingPolicy
[ConditionalAccessPolicyId <String>]: The unique identifier of conditionalAccessPolicy
[ConditionalAccessTemplateId <String>]: The unique identifier of conditionalAccessTemplate
[CrossTenantAccessPolicyConfigurationPartnerTenantId <String>]: The unique identifier of crossTenantAccessPolicyConfigurationPartner
[CustomAuthenticationExtensionId <String>]: The unique identifier of customAuthenticationExtension
[DataPolicyOperationId <String>]: The unique identifier of dataPolicyOperation
[DirectoryObjectId <String>]: The unique identifier of directoryObject
[EmailAuthenticationMethodId <String>]: The unique identifier of emailAuthenticationMethod
[FeatureRolloutPolicyId <String>]: The unique identifier of featureRolloutPolicy
[Fido2AuthenticationMethodId <String>]: The unique identifier of fido2AuthenticationMethod
[FraudProtectionProviderId <String>]: The unique identifier of fraudProtectionProvider
[HomeRealmDiscoveryPolicyId <String>]: The unique identifier of homeRealmDiscoveryPolicy
[IdentityApiConnectorId <String>]: The unique identifier of identityApiConnector
[IdentityProviderBaseId <String>]: The unique identifier of identityProviderBase
[IdentityProviderId <String>]: The unique identifier of identityProvider
[IdentityUserFlowAttributeAssignmentId <String>]: The unique identifier of identityUserFlowAttributeAssignment
[IdentityUserFlowAttributeId <String>]: The unique identifier of identityUserFlowAttribute
[LongRunningOperationId <String>]: The unique identifier of longRunningOperation
[MicrosoftAuthenticatorAuthenticationMethodId <String>]: The unique identifier of microsoftAuthenticatorAuthenticationMethod
[MultiTenantOrganizationMemberId <String>]: The unique identifier of multiTenantOrganizationMember
[NamedLocationId <String>]: The unique identifier of namedLocation
[OAuth2PermissionGrantId <String>]: The unique identifier of oAuth2PermissionGrant
[OrganizationId <String>]: The unique identifier of organization
[PasswordAuthenticationMethodId <String>]: The unique identifier of passwordAuthenticationMethod
[PermissionGrantConditionSetId <String>]: The unique identifier of permissionGrantConditionSet
[PermissionGrantPolicyId <String>]: The unique identifier of permissionGrantPolicy
[PhoneAuthenticationMethodId <String>]: The unique identifier of phoneAuthenticationMethod
[PlatformCredentialAuthenticationMethodId <String>]: The unique identifier of platformCredentialAuthenticationMethod
[RiskDetectionId <String>]: The unique identifier of riskDetection
[RiskyServicePrincipalHistoryItemId <String>]: The unique identifier of riskyServicePrincipalHistoryItem
[RiskyServicePrincipalId <String>]: The unique identifier of riskyServicePrincipal
[RiskyUserHistoryItemId <String>]: The unique identifier of riskyUserHistoryItem
[RiskyUserId <String>]: The unique identifier of riskyUser
[ServicePrincipalRiskDetectionId <String>]: The unique identifier of servicePrincipalRiskDetection
[SoftwareOathAuthenticationMethodId <String>]: The unique identifier of softwareOathAuthenticationMethod
[TemporaryAccessPassAuthenticationMethodId <String>]: The unique identifier of temporaryAccessPassAuthenticationMethod
[ThreatAssessmentRequestId <String>]: The unique identifier of threatAssessmentRequest
[ThreatAssessmentResultId <String>]: The unique identifier of threatAssessmentResult
[TokenIssuancePolicyId <String>]: The unique identifier of tokenIssuancePolicy
[TokenLifetimePolicyId <String>]: The unique identifier of tokenLifetimePolicy
[UnifiedRoleManagementPolicyAssignmentId <String>]: The unique identifier of unifiedRoleManagementPolicyAssignment
[UnifiedRoleManagementPolicyId <String>]: The unique identifier of unifiedRoleManagementPolicy
[UnifiedRoleManagementPolicyRuleId <String>]: The unique identifier of unifiedRoleManagementPolicyRule
[UserFlowLanguageConfigurationId <String>]: The unique identifier of userFlowLanguageConfiguration
[UserFlowLanguagePageId <String>]: The unique identifier of userFlowLanguagePage
[UserId <String>]: The unique identifier of user
[WebApplicationFirewallProviderId <String>]: The unique identifier of webApplicationFirewallProvider
[WebApplicationFirewallVerificationModelId <String>]: The unique identifier of webApplicationFirewallVerificationModel
[WindowsHelloForBusinessAuthenticationMethodId <String>]: The unique identifier of windowsHelloForBusinessAuthenticationMethod