Currently, "Require re-register MFA" can only be set https://docs.microsoft.com/en-us/azure/active-directory/authentication/howto-mfa-userdevicesettings#manage-user-authentication-options, or via PowerShell using:
Set-MsolUser -UserPrincipalName username -StrongAuthenticationMethods @()
Please add support for this in the Microsoft Graph API.
34 Comments
Our organization, like many, has experienced considerable flux in our IT infrastructure these last couple of years. While it is possible that some change in vendors or licensing of products may remediate some of the utility that a change like this requested feature would provide; it is still absolutely a missing feature hindering efforts to stabilize our user management processes in the shifting landscape we find ourselves in. I have no practice with or even well defined lines of communication into developer communities, but I wanted to at least add my thought here, somewhere, anywhere, with my little squeak of consternation into the void.
Thank you for your consideration,
Robert
This is an absolute must! Since this is currently only possible in the v1 MSOnline module and since that module does not support authentication using an app registration, once basic auth goes away, this will no longer be possible to automate.
Need this feature in Graph API as well in order to make administration module services without user interaction in the Azure Portal or Powershell.
Need graph API to achieve non interactive logins to prevent possible brute force attack and basic authentication
