Atualizar autenticaçãoMethodsPolicy
Artigo
07/18/2022
3 minutos para o fim da leitura
3 colaboradores
Neste artigo
Namespace: microsoft.graph
Atualize as propriedades de um objeto authenticationMethodsPolicy.
Permissões
Uma das seguintes permissões é obrigatória para chamar esta API. Para saber mais, incluindo como escolher permissões, confira Permissões .
Tipo de permissão
Permissões (da com menos para a com mais privilégios)
Delegada (conta corporativa ou de estudante)
Policy.ReadWrite.AuthenticationMethod
Delegado (conta pessoal da Microsoft)
Sem suporte.
Aplicativo
Policy.ReadWrite.AuthenticationMethod
Para cenários delegados, o administrador precisa de uma das seguintes funções do Azure AD:
Administrador de Política de Autenticação
Administrador Global
Solicitação HTTP
PATCH /policies/authenticationMethodsPolicy
Nome
Descrição
Autorização
{token} de portador. Obrigatório.
Content-Type
application/json. Obrigatório.
Corpo da solicitação
No corpo da solicitação, fornece uma representação JSON do objeto authenticationMethodConfigurations para solicitar que os usuários configurarem métodos de autenticação direcionados.
Resposta
Se tiver êxito, este método retornará um código de resposta 204 No Content.
Exemplos
Solicitação
PATCH https://graph.microsoft.com/v1.0/policies/authenticationMethodsPolicy
Content-Type: application/json
{
"@odata.context": "https://graph.microsoft.com/v1.0/$metadata#authenticationMethodsPolicy",
"registrationEnforcement": {
"authenticationMethodsRegistrationCampaign": {
"snoozeDurationInDays": 1,
"state": "enabled",
"excludeTargets": [],
"includeTargets": [
{
"id": "3ee3a9de-0a86-4e12-a287-9769accf1ba2",
"targetType": "group",
"targetedAuthenticationMethod": "microsoftAuthenticator"
}
]
}
},
"authenticationMethodConfigurations": [
{
"@odata.type": "#microsoft.graph.fido2AuthenticationMethodConfiguration",
"id": "Fido2",
"state": "disabled",
"isSelfServiceRegistrationAllowed": false,
"isAttestationEnforced": false,
"keyRestrictions": {
"isEnforced": false,
"enforcementType": "block",
"aaGuids": []
}
}
]
}
const options = {
authProvider,
};
const client = Client.init(options);
const authenticationMethodsPolicy = {
'@odata.context': 'https://graph.microsoft.com/v1.0/$metadata#authenticationMethodsPolicy',
registrationEnforcement: {
authenticationMethodsRegistrationCampaign: {
snoozeDurationInDays: 1,
state: 'enabled',
excludeTargets: [],
includeTargets: [
{
id: '3ee3a9de-0a86-4e12-a287-9769accf1ba2',
targetType: 'group',
targetedAuthenticationMethod: 'microsoftAuthenticator'
}
]
}
},
authenticationMethodConfigurations: [
{
'@odata.type': '#microsoft.graph.fido2AuthenticationMethodConfiguration',
id: 'Fido2',
state: 'disabled',
isSelfServiceRegistrationAllowed: false,
isAttestationEnforced: false,
keyRestrictions: {
isEnforced: false,
enforcementType: 'block',
aaGuids: []
}
}
]
};
await client.api('/policies/authenticationMethodsPolicy')
.update(authenticationMethodsPolicy);
Para obter detalhes sobre como adicionar o SDK ao seu projeto e criar uma instância authProvider , consulte a documentação do SDK .
MSHTTPClient *httpClient = [MSClientFactory createHTTPClientWithAuthenticationProvider:authenticationProvider];
NSString *MSGraphBaseURL = @"https://graph.microsoft.com/v1.0/";
NSMutableURLRequest *urlRequest = [NSMutableURLRequest requestWithURL:[NSURL URLWithString:[MSGraphBaseURL stringByAppendingString:@"/policies/authenticationMethodsPolicy"]]];
[urlRequest setHTTPMethod:@"PATCH"];
[urlRequest setValue:@"application/json" forHTTPHeaderField:@"Content-Type"];
MSGraphAuthenticationMethodsPolicy *authenticationMethodsPolicy = [[MSGraphAuthenticationMethodsPolicy alloc] init];
MSGraphRegistrationEnforcement *registrationEnforcement = [[MSGraphRegistrationEnforcement alloc] init];
MSGraphAuthenticationMethodsRegistrationCampaign *authenticationMethodsRegistrationCampaign = [[MSGraphAuthenticationMethodsRegistrationCampaign alloc] init];
[authenticationMethodsRegistrationCampaign setSnoozeDurationInDays: 1];
[authenticationMethodsRegistrationCampaign setState: [MSGraphAdvancedConfigState enabled]];
NSMutableArray *excludeTargetsList = [[NSMutableArray alloc] init];
[authenticationMethodsRegistrationCampaign setExcludeTargets:excludeTargetsList];
NSMutableArray *includeTargetsList = [[NSMutableArray alloc] init];
MSGraphAuthenticationMethodsRegistrationCampaignIncludeTarget *includeTargets = [[MSGraphAuthenticationMethodsRegistrationCampaignIncludeTarget alloc] init];
[includeTargets setId:@"3ee3a9de-0a86-4e12-a287-9769accf1ba2"];
[includeTargets setTargetType: [MSGraphAuthenticationMethodTargetType group]];
[includeTargets setTargetedAuthenticationMethod:@"microsoftAuthenticator"];
[includeTargetsList addObject: includeTargets];
[authenticationMethodsRegistrationCampaign setIncludeTargets:includeTargetsList];
[registrationEnforcement setAuthenticationMethodsRegistrationCampaign:authenticationMethodsRegistrationCampaign];
[authenticationMethodsPolicy setRegistrationEnforcement:registrationEnforcement];
NSMutableArray *authenticationMethodConfigurationsList = [[NSMutableArray alloc] init];
MSGraphAuthenticationMethodConfiguration *authenticationMethodConfigurations = [[MSGraphAuthenticationMethodConfiguration alloc] init];
[authenticationMethodConfigurations setId:@"Fido2"];
[authenticationMethodConfigurations setState: [MSGraphAuthenticationMethodState disabled]];
[authenticationMethodConfigurations setIsSelfServiceRegistrationAllowed: false];
[authenticationMethodConfigurations setIsAttestationEnforced: false];
MSGraphFido2KeyRestrictions *keyRestrictions = [[MSGraphFido2KeyRestrictions alloc] init];
[keyRestrictions setIsEnforced: false];
[keyRestrictions setEnforcementType: [MSGraphFido2RestrictionEnforcementType block]];
NSMutableArray *aaGuidsList = [[NSMutableArray alloc] init];
[keyRestrictions setAaGuids:aaGuidsList];
[authenticationMethodConfigurations setKeyRestrictions:keyRestrictions];
[authenticationMethodConfigurationsList addObject: authenticationMethodConfigurations];
[authenticationMethodsPolicy setAuthenticationMethodConfigurations:authenticationMethodConfigurationsList];
NSError *error;
NSData *authenticationMethodsPolicyData = [authenticationMethodsPolicy getSerializedDataWithError:&error];
[urlRequest setHTTPBody:authenticationMethodsPolicyData];
MSURLSessionDataTask *meDataTask = [httpClient dataTaskWithRequest:urlRequest
completionHandler: ^(NSData *data, NSURLResponse *response, NSError *nserror) {
//Request Completed
}];
[meDataTask execute];
Para obter detalhes sobre como adicionar o SDK ao seu projeto e criar uma instância authProvider , consulte a documentação do SDK .
GraphServiceClient graphClient = GraphServiceClient.builder().authenticationProvider( authProvider ).buildClient();
AuthenticationMethodsPolicy authenticationMethodsPolicy = new AuthenticationMethodsPolicy();
authenticationMethodsPolicy.additionalDataManager().put("@odata.context", new JsonPrimitive("https://graph.microsoft.com/v1.0/$metadata#authenticationMethodsPolicy"));
RegistrationEnforcement registrationEnforcement = new RegistrationEnforcement();
AuthenticationMethodsRegistrationCampaign authenticationMethodsRegistrationCampaign = new AuthenticationMethodsRegistrationCampaign();
authenticationMethodsRegistrationCampaign.snoozeDurationInDays = 1;
authenticationMethodsRegistrationCampaign.state = AdvancedConfigState.ENABLED;
LinkedList<ExcludeTarget> excludeTargetsList = new LinkedList<ExcludeTarget>();
authenticationMethodsRegistrationCampaign.excludeTargets = excludeTargetsList;
LinkedList<AuthenticationMethodsRegistrationCampaignIncludeTarget> includeTargetsList = new LinkedList<AuthenticationMethodsRegistrationCampaignIncludeTarget>();
AuthenticationMethodsRegistrationCampaignIncludeTarget includeTargets = new AuthenticationMethodsRegistrationCampaignIncludeTarget();
includeTargets.id = "3ee3a9de-0a86-4e12-a287-9769accf1ba2";
includeTargets.targetType = AuthenticationMethodTargetType.GROUP;
includeTargets.targetedAuthenticationMethod = "microsoftAuthenticator";
includeTargetsList.add(includeTargets);
authenticationMethodsRegistrationCampaign.includeTargets = includeTargetsList;
registrationEnforcement.authenticationMethodsRegistrationCampaign = authenticationMethodsRegistrationCampaign;
authenticationMethodsPolicy.registrationEnforcement = registrationEnforcement;
LinkedList<AuthenticationMethodConfiguration> authenticationMethodConfigurationsList = new LinkedList<AuthenticationMethodConfiguration>();
Fido2AuthenticationMethodConfiguration authenticationMethodConfigurations = new Fido2AuthenticationMethodConfiguration();
authenticationMethodConfigurations.id = "Fido2";
authenticationMethodConfigurations.state = AuthenticationMethodState.DISABLED;
authenticationMethodConfigurations.isSelfServiceRegistrationAllowed = false;
authenticationMethodConfigurations.isAttestationEnforced = false;
Fido2KeyRestrictions keyRestrictions = new Fido2KeyRestrictions();
keyRestrictions.isEnforced = false;
keyRestrictions.enforcementType = Fido2RestrictionEnforcementType.BLOCK;
LinkedList<String> aaGuidsList = new LinkedList<String>();
keyRestrictions.aaGuids = aaGuidsList;
authenticationMethodConfigurations.keyRestrictions = keyRestrictions;
authenticationMethodConfigurationsList.add(authenticationMethodConfigurations);
AuthenticationMethodConfigurationCollectionResponse authenticationMethodConfigurationCollectionResponse = new AuthenticationMethodConfigurationCollectionResponse();
authenticationMethodConfigurationCollectionResponse.value = authenticationMethodConfigurationsList;
AuthenticationMethodConfigurationCollectionPage authenticationMethodConfigurationCollectionPage = new AuthenticationMethodConfigurationCollectionPage(authenticationMethodConfigurationCollectionResponse, null);
authenticationMethodsPolicy.authenticationMethodConfigurations = authenticationMethodConfigurationCollectionPage;
graphClient.policies().authenticationMethodsPolicy()
.buildRequest()
.patch(authenticationMethodsPolicy);
Para obter detalhes sobre como adicionar o SDK ao seu projeto e criar uma instância authProvider , consulte a documentação do SDK .
//THE GO SDK IS IN PREVIEW. NON-PRODUCTION USE ONLY
graphClient := msgraphsdk.NewGraphServiceClient(requestAdapter)
requestBody := msgraphsdk.NewAuthenticationMethodsPolicy()
registrationEnforcement := msgraphsdk.NewRegistrationEnforcement()
requestBody.SetRegistrationEnforcement(registrationEnforcement)
authenticationMethodsRegistrationCampaign := msgraphsdk.NewAuthenticationMethodsRegistrationCampaign()
registrationEnforcement.SetAuthenticationMethodsRegistrationCampaign(authenticationMethodsRegistrationCampaign)
snoozeDurationInDays := int32(1)
authenticationMethodsRegistrationCampaign.SetSnoozeDurationInDays(&snoozeDurationInDays)
state := "enabled"
authenticationMethodsRegistrationCampaign.SetState(&state)
authenticationMethodsRegistrationCampaign.SetExcludeTargets( []ExcludeTarget {
}
authenticationMethodsRegistrationCampaign.SetIncludeTargets( []AuthenticationMethodsRegistrationCampaignIncludeTarget {
msgraphsdk.NewAuthenticationMethodsRegistrationCampaignIncludeTarget(),
SetAdditionalData(map[string]interface{}{
"id": "3ee3a9de-0a86-4e12-a287-9769accf1ba2",
"targetType": "group",
"targetedAuthenticationMethod": "microsoftAuthenticator",
}
}
requestBody.SetAuthenticationMethodConfigurations( []AuthenticationMethodConfiguration {
msgraphsdk.NewAuthenticationMethodConfiguration(),
id := "Fido2"
SetId(&id)
state := "disabled"
SetState(&state)
SetAdditionalData(map[string]interface{}{
"@odata.type": "#microsoft.graph.fido2AuthenticationMethodConfiguration",
"isSelfServiceRegistrationAllowed": false,
"isAttestationEnforced": false,
}
}
requestBody.SetAdditionalData(map[string]interface{}{
"@odata.context": "https://graph.microsoft.com/v1.0/$metadata#authenticationMethodsPolicy",
}
graphClient.Policies().AuthenticationMethodsPolicy().Patch(requestBody)
Para obter detalhes sobre como adicionar o SDK ao seu projeto e criar uma instância authProvider , consulte a documentação do SDK .
Import-Module Microsoft.Graph.Identity.SignIns
$params = @{
"@odata.context" = "https://graph.microsoft.com/v1.0/$metadata#authenticationMethodsPolicy"
RegistrationEnforcement = @{
AuthenticationMethodsRegistrationCampaign = @{
SnoozeDurationInDays = 1
State = "enabled"
ExcludeTargets = @(
)
IncludeTargets = @(
@{
Id = "3ee3a9de-0a86-4e12-a287-9769accf1ba2"
TargetType = "group"
TargetedAuthenticationMethod = "microsoftAuthenticator"
}
)
}
}
AuthenticationMethodConfigurations = @(
@{
"@odata.type" = "#microsoft.graph.fido2AuthenticationMethodConfiguration"
Id = "Fido2"
State = "disabled"
IsSelfServiceRegistrationAllowed = $false
IsAttestationEnforced = $false
}
)
}
Update-MgPolicyAuthenticationMethodPolicy -BodyParameter $params
Para obter detalhes sobre como adicionar o SDK ao seu projeto e criar uma instância authProvider , consulte a documentação do SDK .
Resposta
HTTP/1.1 204 No Content