EIDSCA.AG03 - Authentication Method - General Settings - Report suspicious activity - Included users/groups.
Overview
Object Id or scope of users which will be included to report suspicious activities if they receive an authentication request that they did not initiate.
Apply this feature to all users.
Test script
https://graph.microsoft.com/beta/policies/authenticationMethodsPolicy
.reportSuspiciousActivitySettings.includeTarget.id -eq 'all_users'
Related links
- Open in Graph Explorer
- Get authenticationMethodsPolicy - Microsoft Graph v1.0 | Microsoft Learn
- View in Microsoft Entra admin center
Test Metadata
| Field | Value |
|---|---|
| Test ID | EIDSCA.AG03 |
| Severity | Medium |
| Suite | Entra ID SCA |
| Category | General |
| PowerShell test | Test-MtEidscaAG03 |
| Tags | EIDSCA, EIDSCA.AG03 |
Source
- Pester test:
tests/EIDSCA/Test-EIDSCA.Generated.Tests.ps1 - PowerShell source:
powershell/internal/eidsca/Test-MtEidscaAG03.ps1