Configure and Report on Default MFA Method

Brass Contributor

Up to now, I haven't found a way to list or set the default method of Authentication programmatically via PS or the Graph.


Although I can list/add/delete methods in batch, I can't seem to be able to find a way to set the default method.


For example a user has set two methods.

1. FIDO2 key

2. Microsoft Authenticator notification


The user has set teh MS Auth app as the default and the company policy is to always set the FIDO2 as the default method.


Also, reporting on this aspect is also important.

1 Reply