aktualisieren authenticationMethodsPolicy
Artikel
07/18/2022
3 Minuten Lesedauer
3 Mitwirkende
In diesem Artikel
Namespace: microsoft.graph
Dient zum Aktualisieren der Eigenschaften eines authenticationMethodsPolicy-Objekts.
Berechtigungen
Eine der nachfolgenden Berechtigungen ist erforderlich, um diese API aufrufen zu können. Weitere Informationen, unter anderem zur Auswahl von Berechtigungen, finden Sie im Artikel zum Thema Berechtigungen .
Berechtigungstyp
Berechtigungen (von der Berechtigung mit den wenigsten Rechten zu der mit den meisten Rechten)
Delegiert (Geschäfts-, Schul- oder Unikonto)
Policy.ReadWrite.AuthenticationMethod
Delegiert (persönliches Microsoft-Konto)
Nicht unterstützt
Anwendung
Policy.ReadWrite.AuthenticationMethod
Für delegierte Szenarien benötigt der Administrator eine der folgenden Azure AD Rollen:
Authentifizierungsrichtlinienadministrator
Globaler Administrator
HTTP-Anforderung
PATCH /policies/authenticationMethodsPolicy
Name
Beschreibung
Authorization
Bearer {token}. Erforderlich.
Content-Type
application/json. Erforderlich.
Anforderungstext
Geben Sie im Anforderungstext eine JSON-Darstellung des AuthenticationMethodConfigurations-Objekts an, um benutzerorientierte Authentifizierungsmethoden einzurichten.
Antwort
Wenn die Methode erfolgreich verläuft, wird der Antwortcode 204 No Content zurückgegeben.
Beispiele
Anforderung
PATCH https://graph.microsoft.com/v1.0/policies/authenticationMethodsPolicy
Content-Type: application/json
{
"@odata.context": "https://graph.microsoft.com/v1.0/$metadata#authenticationMethodsPolicy",
"registrationEnforcement": {
"authenticationMethodsRegistrationCampaign": {
"snoozeDurationInDays": 1,
"state": "enabled",
"excludeTargets": [],
"includeTargets": [
{
"id": "3ee3a9de-0a86-4e12-a287-9769accf1ba2",
"targetType": "group",
"targetedAuthenticationMethod": "microsoftAuthenticator"
}
]
}
},
"authenticationMethodConfigurations": [
{
"@odata.type": "#microsoft.graph.fido2AuthenticationMethodConfiguration",
"id": "Fido2",
"state": "disabled",
"isSelfServiceRegistrationAllowed": false,
"isAttestationEnforced": false,
"keyRestrictions": {
"isEnforced": false,
"enforcementType": "block",
"aaGuids": []
}
}
]
}
const options = {
authProvider,
};
const client = Client.init(options);
const authenticationMethodsPolicy = {
'@odata.context': 'https://graph.microsoft.com/v1.0/$metadata#authenticationMethodsPolicy',
registrationEnforcement: {
authenticationMethodsRegistrationCampaign: {
snoozeDurationInDays: 1,
state: 'enabled',
excludeTargets: [],
includeTargets: [
{
id: '3ee3a9de-0a86-4e12-a287-9769accf1ba2',
targetType: 'group',
targetedAuthenticationMethod: 'microsoftAuthenticator'
}
]
}
},
authenticationMethodConfigurations: [
{
'@odata.type': '#microsoft.graph.fido2AuthenticationMethodConfiguration',
id: 'Fido2',
state: 'disabled',
isSelfServiceRegistrationAllowed: false,
isAttestationEnforced: false,
keyRestrictions: {
isEnforced: false,
enforcementType: 'block',
aaGuids: []
}
}
]
};
await client.api('/policies/authenticationMethodsPolicy')
.update(authenticationMethodsPolicy);
Ausführliche Informationen zum Hinzufügen des SDK zu Ihrem Projekt und zum Erstellen einer authProvider-Instanz finden Sie in der SDK-Dokumentation .
MSHTTPClient *httpClient = [MSClientFactory createHTTPClientWithAuthenticationProvider:authenticationProvider];
NSString *MSGraphBaseURL = @"https://graph.microsoft.com/v1.0/";
NSMutableURLRequest *urlRequest = [NSMutableURLRequest requestWithURL:[NSURL URLWithString:[MSGraphBaseURL stringByAppendingString:@"/policies/authenticationMethodsPolicy"]]];
[urlRequest setHTTPMethod:@"PATCH"];
[urlRequest setValue:@"application/json" forHTTPHeaderField:@"Content-Type"];
MSGraphAuthenticationMethodsPolicy *authenticationMethodsPolicy = [[MSGraphAuthenticationMethodsPolicy alloc] init];
MSGraphRegistrationEnforcement *registrationEnforcement = [[MSGraphRegistrationEnforcement alloc] init];
MSGraphAuthenticationMethodsRegistrationCampaign *authenticationMethodsRegistrationCampaign = [[MSGraphAuthenticationMethodsRegistrationCampaign alloc] init];
[authenticationMethodsRegistrationCampaign setSnoozeDurationInDays: 1];
[authenticationMethodsRegistrationCampaign setState: [MSGraphAdvancedConfigState enabled]];
NSMutableArray *excludeTargetsList = [[NSMutableArray alloc] init];
[authenticationMethodsRegistrationCampaign setExcludeTargets:excludeTargetsList];
NSMutableArray *includeTargetsList = [[NSMutableArray alloc] init];
MSGraphAuthenticationMethodsRegistrationCampaignIncludeTarget *includeTargets = [[MSGraphAuthenticationMethodsRegistrationCampaignIncludeTarget alloc] init];
[includeTargets setId:@"3ee3a9de-0a86-4e12-a287-9769accf1ba2"];
[includeTargets setTargetType: [MSGraphAuthenticationMethodTargetType group]];
[includeTargets setTargetedAuthenticationMethod:@"microsoftAuthenticator"];
[includeTargetsList addObject: includeTargets];
[authenticationMethodsRegistrationCampaign setIncludeTargets:includeTargetsList];
[registrationEnforcement setAuthenticationMethodsRegistrationCampaign:authenticationMethodsRegistrationCampaign];
[authenticationMethodsPolicy setRegistrationEnforcement:registrationEnforcement];
NSMutableArray *authenticationMethodConfigurationsList = [[NSMutableArray alloc] init];
MSGraphAuthenticationMethodConfiguration *authenticationMethodConfigurations = [[MSGraphAuthenticationMethodConfiguration alloc] init];
[authenticationMethodConfigurations setId:@"Fido2"];
[authenticationMethodConfigurations setState: [MSGraphAuthenticationMethodState disabled]];
[authenticationMethodConfigurations setIsSelfServiceRegistrationAllowed: false];
[authenticationMethodConfigurations setIsAttestationEnforced: false];
MSGraphFido2KeyRestrictions *keyRestrictions = [[MSGraphFido2KeyRestrictions alloc] init];
[keyRestrictions setIsEnforced: false];
[keyRestrictions setEnforcementType: [MSGraphFido2RestrictionEnforcementType block]];
NSMutableArray *aaGuidsList = [[NSMutableArray alloc] init];
[keyRestrictions setAaGuids:aaGuidsList];
[authenticationMethodConfigurations setKeyRestrictions:keyRestrictions];
[authenticationMethodConfigurationsList addObject: authenticationMethodConfigurations];
[authenticationMethodsPolicy setAuthenticationMethodConfigurations:authenticationMethodConfigurationsList];
NSError *error;
NSData *authenticationMethodsPolicyData = [authenticationMethodsPolicy getSerializedDataWithError:&error];
[urlRequest setHTTPBody:authenticationMethodsPolicyData];
MSURLSessionDataTask *meDataTask = [httpClient dataTaskWithRequest:urlRequest
completionHandler: ^(NSData *data, NSURLResponse *response, NSError *nserror) {
//Request Completed
}];
[meDataTask execute];
Ausführliche Informationen zum Hinzufügen des SDK zu Ihrem Projekt und zum Erstellen einer authProvider-Instanz finden Sie in der SDK-Dokumentation .
GraphServiceClient graphClient = GraphServiceClient.builder().authenticationProvider( authProvider ).buildClient();
AuthenticationMethodsPolicy authenticationMethodsPolicy = new AuthenticationMethodsPolicy();
authenticationMethodsPolicy.additionalDataManager().put("@odata.context", new JsonPrimitive("https://graph.microsoft.com/v1.0/$metadata#authenticationMethodsPolicy"));
RegistrationEnforcement registrationEnforcement = new RegistrationEnforcement();
AuthenticationMethodsRegistrationCampaign authenticationMethodsRegistrationCampaign = new AuthenticationMethodsRegistrationCampaign();
authenticationMethodsRegistrationCampaign.snoozeDurationInDays = 1;
authenticationMethodsRegistrationCampaign.state = AdvancedConfigState.ENABLED;
LinkedList<ExcludeTarget> excludeTargetsList = new LinkedList<ExcludeTarget>();
authenticationMethodsRegistrationCampaign.excludeTargets = excludeTargetsList;
LinkedList<AuthenticationMethodsRegistrationCampaignIncludeTarget> includeTargetsList = new LinkedList<AuthenticationMethodsRegistrationCampaignIncludeTarget>();
AuthenticationMethodsRegistrationCampaignIncludeTarget includeTargets = new AuthenticationMethodsRegistrationCampaignIncludeTarget();
includeTargets.id = "3ee3a9de-0a86-4e12-a287-9769accf1ba2";
includeTargets.targetType = AuthenticationMethodTargetType.GROUP;
includeTargets.targetedAuthenticationMethod = "microsoftAuthenticator";
includeTargetsList.add(includeTargets);
authenticationMethodsRegistrationCampaign.includeTargets = includeTargetsList;
registrationEnforcement.authenticationMethodsRegistrationCampaign = authenticationMethodsRegistrationCampaign;
authenticationMethodsPolicy.registrationEnforcement = registrationEnforcement;
LinkedList<AuthenticationMethodConfiguration> authenticationMethodConfigurationsList = new LinkedList<AuthenticationMethodConfiguration>();
Fido2AuthenticationMethodConfiguration authenticationMethodConfigurations = new Fido2AuthenticationMethodConfiguration();
authenticationMethodConfigurations.id = "Fido2";
authenticationMethodConfigurations.state = AuthenticationMethodState.DISABLED;
authenticationMethodConfigurations.isSelfServiceRegistrationAllowed = false;
authenticationMethodConfigurations.isAttestationEnforced = false;
Fido2KeyRestrictions keyRestrictions = new Fido2KeyRestrictions();
keyRestrictions.isEnforced = false;
keyRestrictions.enforcementType = Fido2RestrictionEnforcementType.BLOCK;
LinkedList<String> aaGuidsList = new LinkedList<String>();
keyRestrictions.aaGuids = aaGuidsList;
authenticationMethodConfigurations.keyRestrictions = keyRestrictions;
authenticationMethodConfigurationsList.add(authenticationMethodConfigurations);
AuthenticationMethodConfigurationCollectionResponse authenticationMethodConfigurationCollectionResponse = new AuthenticationMethodConfigurationCollectionResponse();
authenticationMethodConfigurationCollectionResponse.value = authenticationMethodConfigurationsList;
AuthenticationMethodConfigurationCollectionPage authenticationMethodConfigurationCollectionPage = new AuthenticationMethodConfigurationCollectionPage(authenticationMethodConfigurationCollectionResponse, null);
authenticationMethodsPolicy.authenticationMethodConfigurations = authenticationMethodConfigurationCollectionPage;
graphClient.policies().authenticationMethodsPolicy()
.buildRequest()
.patch(authenticationMethodsPolicy);
Ausführliche Informationen zum Hinzufügen des SDK zu Ihrem Projekt und zum Erstellen einer authProvider-Instanz finden Sie in der SDK-Dokumentation .
//THE GO SDK IS IN PREVIEW. NON-PRODUCTION USE ONLY
graphClient := msgraphsdk.NewGraphServiceClient(requestAdapter)
requestBody := msgraphsdk.NewAuthenticationMethodsPolicy()
registrationEnforcement := msgraphsdk.NewRegistrationEnforcement()
requestBody.SetRegistrationEnforcement(registrationEnforcement)
authenticationMethodsRegistrationCampaign := msgraphsdk.NewAuthenticationMethodsRegistrationCampaign()
registrationEnforcement.SetAuthenticationMethodsRegistrationCampaign(authenticationMethodsRegistrationCampaign)
snoozeDurationInDays := int32(1)
authenticationMethodsRegistrationCampaign.SetSnoozeDurationInDays(&snoozeDurationInDays)
state := "enabled"
authenticationMethodsRegistrationCampaign.SetState(&state)
authenticationMethodsRegistrationCampaign.SetExcludeTargets( []ExcludeTarget {
}
authenticationMethodsRegistrationCampaign.SetIncludeTargets( []AuthenticationMethodsRegistrationCampaignIncludeTarget {
msgraphsdk.NewAuthenticationMethodsRegistrationCampaignIncludeTarget(),
SetAdditionalData(map[string]interface{}{
"id": "3ee3a9de-0a86-4e12-a287-9769accf1ba2",
"targetType": "group",
"targetedAuthenticationMethod": "microsoftAuthenticator",
}
}
requestBody.SetAuthenticationMethodConfigurations( []AuthenticationMethodConfiguration {
msgraphsdk.NewAuthenticationMethodConfiguration(),
id := "Fido2"
SetId(&id)
state := "disabled"
SetState(&state)
SetAdditionalData(map[string]interface{}{
"@odata.type": "#microsoft.graph.fido2AuthenticationMethodConfiguration",
"isSelfServiceRegistrationAllowed": false,
"isAttestationEnforced": false,
}
}
requestBody.SetAdditionalData(map[string]interface{}{
"@odata.context": "https://graph.microsoft.com/v1.0/$metadata#authenticationMethodsPolicy",
}
graphClient.Policies().AuthenticationMethodsPolicy().Patch(requestBody)
Ausführliche Informationen zum Hinzufügen des SDK zu Ihrem Projekt und zum Erstellen einer authProvider-Instanz finden Sie in der SDK-Dokumentation .
Import-Module Microsoft.Graph.Identity.SignIns
$params = @{
"@odata.context" = "https://graph.microsoft.com/v1.0/$metadata#authenticationMethodsPolicy"
RegistrationEnforcement = @{
AuthenticationMethodsRegistrationCampaign = @{
SnoozeDurationInDays = 1
State = "enabled"
ExcludeTargets = @(
)
IncludeTargets = @(
@{
Id = "3ee3a9de-0a86-4e12-a287-9769accf1ba2"
TargetType = "group"
TargetedAuthenticationMethod = "microsoftAuthenticator"
}
)
}
}
AuthenticationMethodConfigurations = @(
@{
"@odata.type" = "#microsoft.graph.fido2AuthenticationMethodConfiguration"
Id = "Fido2"
State = "disabled"
IsSelfServiceRegistrationAllowed = $false
IsAttestationEnforced = $false
}
)
}
Update-MgPolicyAuthenticationMethodPolicy -BodyParameter $params
Ausführliche Informationen zum Hinzufügen des SDK zu Ihrem Projekt und zum Erstellen einer authProvider-Instanz finden Sie in der SDK-Dokumentation .
Antwort
HTTP/1.1 204 No Content