Get MFA authentication methods

Showing results for 
Show  only  | Search instead for 
Did you mean: 

Get MFA authentication methods

L1 Bithead

Hello community!


I was wondering if there's any integration that would allow me to get the defined authentication methods for a given user. The use case is to know if someone who has entered credentials in a phishing portal has MFA enabled or not and take actions in consequence.


I have been looking in Microsoft Graph User integration but there is no command for this although I'm sure the information could be gathered from there. 




L2 Linker

Perhaps look at The Graph API interface   Based on  You can test  this request GET<userid>/authentication/methods and test to see if this give s you the data you want in 

Got these results when I tried it in my lab  using  The Cortex XSOAR Azure App for authentication and setting scope to UserAuthenticationMethod.Read.All

!msgraph-api-request resource="/users/" api_version=beta

|@odata.type|id|isUsable|methodUsabilityReason|phoneNumber|phoneType|smsSignInState| |—|---|—|---|—|---|—| | #microsoft.graph.phoneAuthenticationMethod | <string>-<string>-<string>-<string>-<string> | true | EnabledByPolicy | 867-5309 | mobile | notAllowedByPolicy | |

#microsoft.graph.passwordAuthenticationMethod | <string>-<string>-<string>-<string>-<string> | true | EnabledByPolicy | | | | | #microsoft.graph.microsoftAuthenticatorAuthenticationMethod | <string>-<string>-<string>-<string>-<string>| true | EnabledByPolicy | | | |

Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!