List of users on MFA that have more than one device under their name

techrunner4eva · ‎Nov 08 2022

My first time posting anything on any forum tbh.

Is it possible to generate a report to see the list of users on MFA that have more than one device under their name?

I have scoured the internet but most of them are related to whether users have enabled their MFA or not, status of MFA etc.

Any suggestions, hints or even possibility would be helpful.

Thanks :)

Vasil Michev · ‎Nov 08 2022

Sure, take a look at the authentication methods Graph API endpoints: https://learn.microsoft.com/en-us/graph/api/resources/authenticationmethods-overview?view=graph-rest...
For each method, you can query the list of configured devices, where it makes sense. I.e. /authentication/phoneMethods will return the list of phone numbers registered, authentication/microsoftAuthenticatorMethods the list of devices on which Authenticator is configured, etc. Or you can do a /authentication/methods query to get them all.

techrunner4eva · ‎Nov 09 2022

Thanks for the quick update Vasil. I should have been more specific in relation to how I want the report generated.
Is there anyway to get this done using Powershell Scripts?

Vasil Michev · ‎Nov 09 2022

The Microsoft Graph SDK for PowerShell is practically a wrapper for Graph queries, so you can use the same method with it. For example, Get-MgUserAuthenticationMethod.

List of users on MFA that have more than one device under their name

List of users on MFA that have more than one device under their name

Re: List of users on MFA that have more than one device under their name

Re: List of users on MFA that have more than one device under their name

Re: List of users on MFA that have more than one device under their name

Products (50)

Special Topics (27)

Video Hub (462)

Most Active Hubs

Most Active Hubs

Video Hub

List of users on MFA that have more than one device under their name