Dans les scénarios délégués avec des comptes professionnels ou scolaires, l’utilisateur connecté doit se voir attribuer un rôle Microsoft Entra pris en charge ou un rôle personnalisé avec une autorisation de rôle prise en charge. Les rôles les moins privilégiés suivants sont pris en charge pour cette opération.
Vous pouvez spécifier les propriétés suivantes lors de la création d’une authenticationStrengthPolicy.
Propriété
Type
Description
displayName
String
Nom complet de la stratégie à créer. Obligatoire.
description
String
Description de la stratégie à créer. Optional.
allowedCombinations
collection authenticationMethodModes
Combinaisons de méthodes d’authentification autorisées par cette stratégie de force d’authentification. Les valeurs possibles de cette énumération avec indicateur sont : password, voice, hardwareOath, softwareOath, sms, fido2deviceBasedPushwindowsHelloForBusinessmicrosoftAuthenticatorPushtemporaryAccessPassOneTime, temporaryAccessPassMultiUse, , . emailx509CertificateSingleFactorx509CertificateMultiFactorfederatedSingleFactorfederatedMultiFactorunknownFutureValue Pour obtenir la liste des combinaisons autorisées, appelez l’API List authenticationMethodModes . Obligatoire.
Réponse
Si elle réussit, cette méthode renvoie un 201 Created code de réponse et un objet authenticationStrengthPolicy dans le corps de la réponse.
// Code snippets are only available for the latest version. Current version is 5.x
// Dependencies
using Microsoft.Graph.Models;
var requestBody = new AuthenticationStrengthPolicy
{
DisplayName = "Example",
RequirementsSatisfied = AuthenticationStrengthRequirements.Mfa,
AllowedCombinations = new List<AuthenticationMethodModes?>
{
AuthenticationMethodModes.Fido2,
},
CombinationConfigurations = new List<AuthenticationCombinationConfiguration>
{
new Fido2CombinationConfiguration
{
OdataType = "#microsoft.graph.fido2CombinationConfiguration",
Id = "42235320-c8db-4d8c-9344-8f1ce87f734b",
AppliesToCombinations = new List<AuthenticationMethodModes?>
{
AuthenticationMethodModes.Fido2,
},
AllowedAAGUIDs = new List<string>
{
"de1e552d-db1d-4423-a619-566b625cdc84",
"90a3ccdf-635c-4729-a248-9b709135078f",
},
},
},
AdditionalData = new Dictionary<string, object>
{
{
"combinationConfigurations@odata.context" , "https://graph.microsoft.com/v1.0/$metadata#policies/authenticationStrengthPolicies('5790842a-5bab-44c2-9cf1-b38d675b70ea')/combinationConfigurations"
},
},
};
// To initialize your graphClient, see https://video2.skills-academy.com/en-us/graph/sdks/create-client?from=snippets&tabs=csharp
var result = await graphClient.Policies.AuthenticationStrengthPolicies.PostAsync(requestBody);
// Code snippets are only available for the latest version. Current version is 6.x
GraphServiceClient graphClient = new GraphServiceClient(requestAdapter);
AuthenticationStrengthPolicy authenticationStrengthPolicy = new AuthenticationStrengthPolicy();
authenticationStrengthPolicy.setDisplayName("Example");
authenticationStrengthPolicy.setRequirementsSatisfied(EnumSet.of(AuthenticationStrengthRequirements.Mfa));
LinkedList<AuthenticationMethodModes> allowedCombinations = new LinkedList<AuthenticationMethodModes>();
allowedCombinations.add(AuthenticationMethodModes.Fido2);
authenticationStrengthPolicy.setAllowedCombinations(allowedCombinations);
LinkedList<AuthenticationCombinationConfiguration> combinationConfigurations = new LinkedList<AuthenticationCombinationConfiguration>();
Fido2CombinationConfiguration authenticationCombinationConfiguration = new Fido2CombinationConfiguration();
authenticationCombinationConfiguration.setOdataType("#microsoft.graph.fido2CombinationConfiguration");
authenticationCombinationConfiguration.setId("42235320-c8db-4d8c-9344-8f1ce87f734b");
LinkedList<AuthenticationMethodModes> appliesToCombinations = new LinkedList<AuthenticationMethodModes>();
appliesToCombinations.add(AuthenticationMethodModes.Fido2);
authenticationCombinationConfiguration.setAppliesToCombinations(appliesToCombinations);
LinkedList<String> allowedAAGUIDs = new LinkedList<String>();
allowedAAGUIDs.add("de1e552d-db1d-4423-a619-566b625cdc84");
allowedAAGUIDs.add("90a3ccdf-635c-4729-a248-9b709135078f");
authenticationCombinationConfiguration.setAllowedAAGUIDs(allowedAAGUIDs);
combinationConfigurations.add(authenticationCombinationConfiguration);
authenticationStrengthPolicy.setCombinationConfigurations(combinationConfigurations);
HashMap<String, Object> additionalData = new HashMap<String, Object>();
additionalData.put("combinationConfigurations@odata.context", "https://graph.microsoft.com/v1.0/$metadata#policies/authenticationStrengthPolicies('5790842a-5bab-44c2-9cf1-b38d675b70ea')/combinationConfigurations");
authenticationStrengthPolicy.setAdditionalData(additionalData);
AuthenticationStrengthPolicy result = graphClient.policies().authenticationStrengthPolicies().post(authenticationStrengthPolicy);
# Code snippets are only available for the latest version. Current version is 1.x
from msgraph import GraphServiceClient
from msgraph.generated.models.authentication_strength_policy import AuthenticationStrengthPolicy
from msgraph.generated.models.authentication_strength_requirements import AuthenticationStrengthRequirements
from msgraph.generated.models.authentication_method_modes import AuthenticationMethodModes
from msgraph.generated.models.authentication_combination_configuration import AuthenticationCombinationConfiguration
from msgraph.generated.models.fido2_combination_configuration import Fido2CombinationConfiguration
# To initialize your graph_client, see https://video2.skills-academy.com/en-us/graph/sdks/create-client?from=snippets&tabs=python
request_body = AuthenticationStrengthPolicy(
display_name = "Example",
requirements_satisfied = AuthenticationStrengthRequirements.Mfa,
allowed_combinations = [
AuthenticationMethodModes.Fido2,
],
combination_configurations = [
Fido2CombinationConfiguration(
odata_type = "#microsoft.graph.fido2CombinationConfiguration",
id = "42235320-c8db-4d8c-9344-8f1ce87f734b",
applies_to_combinations = [
AuthenticationMethodModes.Fido2,
],
allowed_a_a_g_u_i_ds = [
"de1e552d-db1d-4423-a619-566b625cdc84",
"90a3ccdf-635c-4729-a248-9b709135078f",
],
),
],
additional_data = {
"combination_configurations@odata_context" : "https://graph.microsoft.com/v1.0/$metadata#policies/authenticationStrengthPolicies('5790842a-5bab-44c2-9cf1-b38d675b70ea')/combinationConfigurations",
}
)
result = await graph_client.policies.authentication_strength_policies.post(request_body)