EIDSCA.AF05 - Authentication Method - FIDO2 security key - Restricted.
Overview
You can work with your Security key provider to determine the AAGuids of their devices for allowing or blocking usage.
Test script
https://graph.microsoft.com/beta/policies/authenticationMethodsPolicy/authenticationMethodConfigurations('Fido2')
.keyRestrictions.aaGuids -notcontains $null -eq 'true'
Related links
- Open in Graph Explorer
- fido2AuthenticationMethodConfiguration resource type - Microsoft Graph v1.0 | Microsoft Learn
Test Metadata
| Field | Value |
|---|---|
| Test ID | EIDSCA.AF05 |
| Severity | High |
| Suite | Entra ID SCA |
| Category | General |
| PowerShell test | Test-MtEidscaAF05 |
| Tags | EIDSCA, EIDSCA.AF05 |
Source
- Pester test:
tests/EIDSCA/Test-EIDSCA.Generated.Tests.ps1 - PowerShell source:
powershell/internal/eidsca/Test-MtEidscaAF05.ps1