fido2AuthenticationMethodConfiguration を更新する

PATCH https://graph.microsoft.com/beta/policies/authenticationMethodsPolicy/authenticationMethodConfigurations/fido2
Content-Type: application/json

{
    "@odata.type": "#microsoft.graph.fido2AuthenticationMethodConfiguration",
    "id": "Fido2",
    "state": "disabled",
    "isSelfServiceRegistrationAllowed": true,
    "isAttestationEnforced": true,
    "keyRestrictions": {
        "isEnforced": false,
        "enforcementType": "block",
        "aaGuids": []
    },
    "includeTargets": [
        {
            "targetType": "group",
            "id": "all_users",
            "isRegistrationRequired": false,
            "allowedPasskeyProfiles": [
                "00000000-0000-0000-0000-000000000001"
            ]
        }
    ],
    "excludeTargets": [],
    "passkeyProfiles": [
        {
            "id": "00000000-0000-0000-0000-000000000001",
            "name": "Default passkey profile",
            "passkeyTypes": "deviceBound,synced",
            "attestationEnforcement": "disabled",
            "keyRestrictions": {
                "isEnforced": false,
                "enforcementType": "allow",
                "aaGuids": [
                ]
            }
        }
    ]
}

// Code snippets are only available for the latest version. Current version is 5.x

// Dependencies
using Microsoft.Graph.Beta.Models;

var requestBody = new Fido2AuthenticationMethodConfiguration
{
	OdataType = "#microsoft.graph.fido2AuthenticationMethodConfiguration",
	Id = "Fido2",
	State = AuthenticationMethodState.Disabled,
	IsSelfServiceRegistrationAllowed = true,
	IsAttestationEnforced = true,
	KeyRestrictions = new Fido2KeyRestrictions
	{
		IsEnforced = false,
		EnforcementType = Fido2RestrictionEnforcementType.Block,
		AaGuids = new List<string>
		{
		},
	},
	IncludeTargets = new List<PasskeyAuthenticationMethodTarget>
	{
		new PasskeyAuthenticationMethodTarget
		{
			TargetType = AuthenticationMethodTargetType.Group,
			Id = "all_users",
			IsRegistrationRequired = false,
			AllowedPasskeyProfiles = new List<Guid?>
			{
				Guid.Parse("00000000-0000-0000-0000-000000000001"),
			},
		},
	},
	ExcludeTargets = new List<ExcludeTarget>
	{
	},
	PasskeyProfiles = new List<PasskeyProfile>
	{
		new PasskeyProfile
		{
			Id = "00000000-0000-0000-0000-000000000001",
			Name = "Default passkey profile",
			PasskeyTypes = PasskeyTypes.DeviceBound | PasskeyTypes.Synced,
			AttestationEnforcement = AttestationEnforcement.Disabled,
			KeyRestrictions = new Fido2KeyRestrictions
			{
				IsEnforced = false,
				EnforcementType = Fido2RestrictionEnforcementType.Allow,
				AaGuids = new List<string>
				{
				},
			},
		},
	},
};

// To initialize your graphClient, see https://learn.microsoft.com/en-us/graph/sdks/create-client?from=snippets&tabs=csharp
var result = await graphClient.Policies.AuthenticationMethodsPolicy.AuthenticationMethodConfigurations["{authenticationMethodConfiguration-id}"].PatchAsync(requestBody);

// Code snippets are only available for the latest major version. Current major version is $v0.*

// Dependencies
import (
	  "context"
	  msgraphsdk "github.com/microsoftgraph/msgraph-beta-sdk-go"
	  graphmodels "github.com/microsoftgraph/msgraph-beta-sdk-go/models"
	  //other-imports
)

requestBody := graphmodels.NewAuthenticationMethodConfiguration()
id := "Fido2"
requestBody.SetId(&id) 
state := graphmodels.DISABLED_AUTHENTICATIONMETHODSTATE 
requestBody.SetState(&state) 
isSelfServiceRegistrationAllowed := true
requestBody.SetIsSelfServiceRegistrationAllowed(&isSelfServiceRegistrationAllowed) 
isAttestationEnforced := true
requestBody.SetIsAttestationEnforced(&isAttestationEnforced) 
keyRestrictions := graphmodels.NewFido2KeyRestrictions()
isEnforced := false
keyRestrictions.SetIsEnforced(&isEnforced) 
enforcementType := graphmodels.BLOCK_FIDO2RESTRICTIONENFORCEMENTTYPE 
keyRestrictions.SetEnforcementType(&enforcementType) 
aaGuids := []string {

}
keyRestrictions.SetAaGuids(aaGuids)
requestBody.SetKeyRestrictions(keyRestrictions)


passkeyAuthenticationMethodTarget := graphmodels.NewPasskeyAuthenticationMethodTarget()
targetType := graphmodels.GROUP_AUTHENTICATIONMETHODTARGETTYPE 
passkeyAuthenticationMethodTarget.SetTargetType(&targetType) 
id := "all_users"
passkeyAuthenticationMethodTarget.SetId(&id) 
isRegistrationRequired := false
passkeyAuthenticationMethodTarget.SetIsRegistrationRequired(&isRegistrationRequired) 
allowedPasskeyProfiles := []uuid.UUID {
	uuid.MustParse("00000000-0000-0000-0000-000000000001"),
}
passkeyAuthenticationMethodTarget.SetAllowedPasskeyProfiles(allowedPasskeyProfiles)

includeTargets := []graphmodels.PasskeyAuthenticationMethodTargetable {
	passkeyAuthenticationMethodTarget,
}
requestBody.SetIncludeTargets(includeTargets)
excludeTargets := []graphmodels.ExcludeTargetable {

}
requestBody.SetExcludeTargets(excludeTargets)


passkeyProfile := graphmodels.NewPasskeyProfile()
id := "00000000-0000-0000-0000-000000000001"
passkeyProfile.SetId(&id) 
name := "Default passkey profile"
passkeyProfile.SetName(&name) 
passkeyTypes := graphmodels.DEVICEBOUND,SYNCED_PASSKEYTYPES 
passkeyProfile.SetPasskeyTypes(&passkeyTypes) 
attestationEnforcement := graphmodels.DISABLED_ATTESTATIONENFORCEMENT 
passkeyProfile.SetAttestationEnforcement(&attestationEnforcement) 
keyRestrictions := graphmodels.NewFido2KeyRestrictions()
isEnforced := false
keyRestrictions.SetIsEnforced(&isEnforced) 
enforcementType := graphmodels.ALLOW_FIDO2RESTRICTIONENFORCEMENTTYPE 
keyRestrictions.SetEnforcementType(&enforcementType) 
aaGuids := []string {

}
keyRestrictions.SetAaGuids(aaGuids)
passkeyProfile.SetKeyRestrictions(keyRestrictions)

passkeyProfiles := []graphmodels.PasskeyProfileable {
	passkeyProfile,
}
requestBody.SetPasskeyProfiles(passkeyProfiles)

// To initialize your graphClient, see https://learn.microsoft.com/en-us/graph/sdks/create-client?from=snippets&tabs=go
authenticationMethodConfigurations, err := graphClient.Policies().AuthenticationMethodsPolicy().AuthenticationMethodConfigurations().ByAuthenticationMethodConfigurationId("authenticationMethodConfiguration-id").Patch(context.Background(), requestBody, nil)

// Code snippets are only available for the latest version. Current version is 6.x

GraphServiceClient graphClient = new GraphServiceClient(requestAdapter);

Fido2AuthenticationMethodConfiguration authenticationMethodConfiguration = new Fido2AuthenticationMethodConfiguration();
authenticationMethodConfiguration.setOdataType("#microsoft.graph.fido2AuthenticationMethodConfiguration");
authenticationMethodConfiguration.setId("Fido2");
authenticationMethodConfiguration.setState(AuthenticationMethodState.Disabled);
authenticationMethodConfiguration.setIsSelfServiceRegistrationAllowed(true);
authenticationMethodConfiguration.setIsAttestationEnforced(true);
Fido2KeyRestrictions keyRestrictions = new Fido2KeyRestrictions();
keyRestrictions.setIsEnforced(false);
keyRestrictions.setEnforcementType(Fido2RestrictionEnforcementType.Block);
LinkedList<String> aaGuids = new LinkedList<String>();
keyRestrictions.setAaGuids(aaGuids);
authenticationMethodConfiguration.setKeyRestrictions(keyRestrictions);
LinkedList<PasskeyAuthenticationMethodTarget> includeTargets = new LinkedList<PasskeyAuthenticationMethodTarget>();
PasskeyAuthenticationMethodTarget passkeyAuthenticationMethodTarget = new PasskeyAuthenticationMethodTarget();
passkeyAuthenticationMethodTarget.setTargetType(AuthenticationMethodTargetType.Group);
passkeyAuthenticationMethodTarget.setId("all_users");
passkeyAuthenticationMethodTarget.setIsRegistrationRequired(false);
LinkedList<UUID> allowedPasskeyProfiles = new LinkedList<UUID>();
allowedPasskeyProfiles.add(UUID.fromString("00000000-0000-0000-0000-000000000001"));
passkeyAuthenticationMethodTarget.setAllowedPasskeyProfiles(allowedPasskeyProfiles);
includeTargets.add(passkeyAuthenticationMethodTarget);
authenticationMethodConfiguration.setIncludeTargets(includeTargets);
LinkedList<ExcludeTarget> excludeTargets = new LinkedList<ExcludeTarget>();
authenticationMethodConfiguration.setExcludeTargets(excludeTargets);
LinkedList<PasskeyProfile> passkeyProfiles = new LinkedList<PasskeyProfile>();
PasskeyProfile passkeyProfile = new PasskeyProfile();
passkeyProfile.setId("00000000-0000-0000-0000-000000000001");
passkeyProfile.setName("Default passkey profile");
passkeyProfile.setPasskeyTypes(EnumSet.of(PasskeyTypes.DeviceBound, PasskeyTypes.Synced));
passkeyProfile.setAttestationEnforcement(AttestationEnforcement.Disabled);
Fido2KeyRestrictions keyRestrictions1 = new Fido2KeyRestrictions();
keyRestrictions1.setIsEnforced(false);
keyRestrictions1.setEnforcementType(Fido2RestrictionEnforcementType.Allow);
LinkedList<String> aaGuids1 = new LinkedList<String>();
keyRestrictions1.setAaGuids(aaGuids1);
passkeyProfile.setKeyRestrictions(keyRestrictions1);
passkeyProfiles.add(passkeyProfile);
authenticationMethodConfiguration.setPasskeyProfiles(passkeyProfiles);
AuthenticationMethodConfiguration result = graphClient.policies().authenticationMethodsPolicy().authenticationMethodConfigurations().byAuthenticationMethodConfigurationId("{authenticationMethodConfiguration-id}").patch(authenticationMethodConfiguration);

const options = {
	authProvider,
};

const client = Client.init(options);

const authenticationMethodConfiguration = {
    '@odata.type': '#microsoft.graph.fido2AuthenticationMethodConfiguration',
    id: 'Fido2',
    state: 'disabled',
    isSelfServiceRegistrationAllowed: true,
    isAttestationEnforced: true,
    keyRestrictions: {
        isEnforced: false,
        enforcementType: 'block',
        aaGuids: []
    },
    includeTargets: [
        {
            targetType: 'group',
            id: 'all_users',
            isRegistrationRequired: false,
            allowedPasskeyProfiles: [
                '00000000-0000-0000-0000-000000000001'
            ]
        }
    ],
    excludeTargets: [],
    passkeyProfiles: [
        {
            id: '00000000-0000-0000-0000-000000000001',
            name: 'Default passkey profile',
            passkeyTypes: 'deviceBound,synced',
            attestationEnforcement: 'disabled',
            keyRestrictions: {
                isEnforced: false,
                enforcementType: 'allow',
                aaGuids: [
                ]
            }
        }
    ]
};

await client.api('/policies/authenticationMethodsPolicy/authenticationMethodConfigurations/fido2')
	.version('beta')
	.update(authenticationMethodConfiguration);

<?php
use Microsoft\Graph\Beta\GraphServiceClient;
use Microsoft\Graph\Beta\Generated\Models\Fido2AuthenticationMethodConfiguration;
use Microsoft\Graph\Beta\Generated\Models\AuthenticationMethodState;
use Microsoft\Graph\Beta\Generated\Models\Fido2KeyRestrictions;
use Microsoft\Graph\Beta\Generated\Models\Fido2RestrictionEnforcementType;
use Microsoft\Graph\Beta\Generated\Models\PasskeyAuthenticationMethodTarget;
use Microsoft\Graph\Beta\Generated\Models\AuthenticationMethodTargetType;
use Microsoft\Graph\Beta\Generated\Models\ExcludeTarget;
use Microsoft\Graph\Beta\Generated\Models\PasskeyProfile;
use Microsoft\Graph\Beta\Generated\Models\PasskeyTypes;
use Microsoft\Graph\Beta\Generated\Models\AttestationEnforcement;


$graphServiceClient = new GraphServiceClient($tokenRequestContext, $scopes);

$requestBody = new Fido2AuthenticationMethodConfiguration();
$requestBody->setOdataType('#microsoft.graph.fido2AuthenticationMethodConfiguration');
$requestBody->setId('Fido2');
$requestBody->setState(new AuthenticationMethodState('disabled'));
$requestBody->setIsSelfServiceRegistrationAllowed(true);
$requestBody->setIsAttestationEnforced(true);
$keyRestrictions = new Fido2KeyRestrictions();
$keyRestrictions->setIsEnforced(false);
$keyRestrictions->setEnforcementType(new Fido2RestrictionEnforcementType('block'));
$keyRestrictions->setAaGuids([	]);
$requestBody->setKeyRestrictions($keyRestrictions);
$includeTargetsPasskeyAuthenticationMethodTarget1 = new PasskeyAuthenticationMethodTarget();
$includeTargetsPasskeyAuthenticationMethodTarget1->setTargetType(new AuthenticationMethodTargetType('group'));
$includeTargetsPasskeyAuthenticationMethodTarget1->setId('all_users');
$includeTargetsPasskeyAuthenticationMethodTarget1->setIsRegistrationRequired(false);
$includeTargetsPasskeyAuthenticationMethodTarget1->setAllowedPasskeyProfiles(['00000000-0000-0000-0000-000000000001', 	]);
$includeTargetsArray []= $includeTargetsPasskeyAuthenticationMethodTarget1;
$requestBody->setIncludeTargets($includeTargetsArray);

$requestBody->setExcludeTargets([]);
$passkeyProfilesPasskeyProfile1 = new PasskeyProfile();
$passkeyProfilesPasskeyProfile1->setId('00000000-0000-0000-0000-000000000001');
$passkeyProfilesPasskeyProfile1->setName('Default passkey profile');
$passkeyProfilesPasskeyProfile1->setPasskeyTypes(new PasskeyTypes('deviceBound,synced'));
$passkeyProfilesPasskeyProfile1->setAttestationEnforcement(new AttestationEnforcement('disabled'));
$passkeyProfilesPasskeyProfile1KeyRestrictions = new Fido2KeyRestrictions();
$passkeyProfilesPasskeyProfile1KeyRestrictions->setIsEnforced(false);
$passkeyProfilesPasskeyProfile1KeyRestrictions->setEnforcementType(new Fido2RestrictionEnforcementType('allow'));
$passkeyProfilesPasskeyProfile1KeyRestrictions->setAaGuids([]);
$passkeyProfilesPasskeyProfile1->setKeyRestrictions($passkeyProfilesPasskeyProfile1KeyRestrictions);
$passkeyProfilesArray []= $passkeyProfilesPasskeyProfile1;
$requestBody->setPasskeyProfiles($passkeyProfilesArray);


$result = $graphServiceClient->policies()->authenticationMethodsPolicy()->authenticationMethodConfigurations()->byAuthenticationMethodConfigurationId('authenticationMethodConfiguration-id')->patch($requestBody)->wait();

Import-Module Microsoft.Graph.Beta.Identity.SignIns

$params = @{
	"@odata.type" = "#microsoft.graph.fido2AuthenticationMethodConfiguration"
	id = "Fido2"
	state = "disabled"
	isSelfServiceRegistrationAllowed = $true
	isAttestationEnforced = $true
	keyRestrictions = @{
		isEnforced = $false
		enforcementType = "block"
		aaGuids = @(
		)
	}
	includeTargets = @(
		@{
			targetType = "group"
			id = "all_users"
			isRegistrationRequired = $false
			allowedPasskeyProfiles = @(
			"00000000-0000-0000-0000-000000000001"
		)
	}
)
excludeTargets = @(
)
passkeyProfiles = @(
	@{
		id = "00000000-0000-0000-0000-000000000001"
		name = "Default passkey profile"
		passkeyTypes = "deviceBound,synced"
		attestationEnforcement = "disabled"
		keyRestrictions = @{
			isEnforced = $false
			enforcementType = "allow"
			aaGuids = @(
			)
		}
	}
)
}

Update-MgBetaPolicyAuthenticationMethodPolicyAuthenticationMethodConfiguration -AuthenticationMethodConfigurationId $authenticationMethodConfigurationId -BodyParameter $params

# Code snippets are only available for the latest version. Current version is 1.x
from msgraph_beta import GraphServiceClient
from msgraph_beta.generated.models.fido2_authentication_method_configuration import Fido2AuthenticationMethodConfiguration
from msgraph_beta.generated.models.authentication_method_state import AuthenticationMethodState
from msgraph_beta.generated.models.fido2_key_restrictions import Fido2KeyRestrictions
from msgraph_beta.generated.models.fido2_restriction_enforcement_type import Fido2RestrictionEnforcementType
from msgraph_beta.generated.models.passkey_authentication_method_target import PasskeyAuthenticationMethodTarget
from msgraph_beta.generated.models.authentication_method_target_type import AuthenticationMethodTargetType
from msgraph_beta.generated.models.exclude_target import ExcludeTarget
from msgraph_beta.generated.models.passkey_profile import PasskeyProfile
from msgraph_beta.generated.models.passkey_types import PasskeyTypes
from msgraph_beta.generated.models.attestation_enforcement import AttestationEnforcement
# To initialize your graph_client, see https://learn.microsoft.com/en-us/graph/sdks/create-client?from=snippets&tabs=python
request_body = Fido2AuthenticationMethodConfiguration(
	odata_type = "#microsoft.graph.fido2AuthenticationMethodConfiguration",
	id = "Fido2",
	state = AuthenticationMethodState.Disabled,
	is_self_service_registration_allowed = True,
	is_attestation_enforced = True,
	key_restrictions = Fido2KeyRestrictions(
		is_enforced = False,
		enforcement_type = Fido2RestrictionEnforcementType.Block,
		aa_guids = [
		],
	),
	include_targets = [
		PasskeyAuthenticationMethodTarget(
			target_type = AuthenticationMethodTargetType.Group,
			id = "all_users",
			is_registration_required = False,
			allowed_passkey_profiles = [
				UUID("00000000-0000-0000-0000-000000000001"),
			],
		),
	],
	exclude_targets = [
	],
	passkey_profiles = [
		PasskeyProfile(
			id = "00000000-0000-0000-0000-000000000001",
			name = "Default passkey profile",
			passkey_types = PasskeyTypes.DeviceBound | PasskeyTypes.Synced,
			attestation_enforcement = AttestationEnforcement.Disabled,
			key_restrictions = Fido2KeyRestrictions(
				is_enforced = False,
				enforcement_type = Fido2RestrictionEnforcementType.Allow,
				aa_guids = [
				],
			),
		),
	],
)

result = await graph_client.policies.authentication_methods_policy.authentication_method_configurations.by_authentication_method_configuration_id('authenticationMethodConfiguration-id').patch(request_body)