Kenneth Butler

My feedback

  1. 807 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    We’re really pleased to let you know that we’ve released the first authentication method APIs to public preview:

    https://docs.microsoft.com/graph/api/resources/authenticationmethods-overview

    So far there are APIs for managing phone numbers and password resets. When phone numbers are set with the API, the user can use that number for MFA and SSPR (as allowed by your tenant’s policy).

    The team is hard at work at building out APIs for all of the other authentication methods, and we’ll update the response here as they’re released.

    Kenneth Butler supported this idea  · 
    An error occurred while saving the comment
    Kenneth Butler commented  · 

    Edit from my previous comment: this does work but not when you set state to "Disabled"

    Also this feature is seemingly broken now in MSOnline PowerShell module, made the call exactly as shown in the documentation with a Global Admin on the directory logged in and got the following error...

    Set-MsolUser : Invalid value for parameter. Parameter Name: StrongAuthenticationRequirements.

    Commands per usage instructions in the documentation:
    $st = New-Object -TypeName Microsoft.Online.Administration.StrongAuthenticationRequirement
    $st.RelyingParty = "*"
    $st.State = “Enabled”
    $sta = @($st)
    Set-MsolUser -UserPrincipalName bsimon@contoso.com -StrongAuthenticationRequirements $sta

Feedback and Knowledge Base