EIDSCA.AF04 - Authentication Method - FIDO2 security key - Enforce key restrictions.
Overviewβ
Manages if registration of FIDO2 keys should be restricted.
Restrict usage of FIDO2 from unauthorized vendors or platforms
Test scriptβ
https://graph.microsoft.com/beta/policies/authenticationMethodsPolicy/authenticationMethodConfigurations('Fido2')
.keyRestrictions.isEnforced -eq 'true'
Related linksβ
- Open in Graph Explorer
- fido2AuthenticationMethodConfiguration resource type - Microsoft Graph v1.0 | Microsoft Learn
Test Metadataβ
| Field | Value |
|---|---|
| Test ID | EIDSCA.AF04 |
| Severity | High |
| Suite | Entra ID SCA |
| Category | General |
| PowerShell test | Test-MtEidscaAF04 |
| Tags | EIDSCA, EIDSCA.AF04 |
Sourceβ
- Pester test:
tests/EIDSCA/Test-EIDSCA.Generated.Tests.ps1 - PowerShell source:
powershell/internal/eidsca/Test-MtEidscaAF04.ps1