UserAuthMethod-QR.Read

Allows the app to read the signed-in user's QR authentication methods. This does not allow the app to see secret information like passwords, or to sign-in or otherwise use the authentication methods.

Merill's Note

For an app to access data in Microsoft Graph, the user or administrator must grant it the permissions it needs. This article lists all the Microsoft Graph APIs and your tenant data that can be accessed by the application (vendor/developer) if you consent to the UserAuthMethod-QR.Read permission.

If you need to create an audit report of the permissions granted to all the apps in your tenant, you can run the Export-MsIdAppConsentGrantReport command. See How To: Run a quick OAuth app audit of your tenant

Category	Application	Delegated
Identifier	-	d6893c31-9187-405c-8dfc-f700c8fc161a
DisplayText	-	Read the signed-in user's QR authentication methods
Description	-	Allows the app to read the signed-in user's QR authentication methods. This does not allow the app to see secret information like passwords, or to sign-in or otherwise use the authentication methods.
AdminConsentRequired	Yes	Yes

Graph Methods

→ API supports delegated access (access on behalf of a user)
→ API supports app-only access (access without a user)

	Methods
	GET /me/authentication/qrCodePinMethod/standardQRCode
	GET /me/authentication/qrCodePinMethod/temporaryQRCode
	GET /users/{id \| userPrincipalName}/authentication/qrCodePinMethod

→ API supports delegated access (access on behalf of a user)
→ API supports app-only access (access without a user)

	Methods
	GET /me/authentication/qrCodePinMethod
	GET /me/authentication/qrCodePinMethod/standardQRCode
	GET /me/authentication/qrCodePinMethod/temporaryQRCode

→ Command supports delegated access (access on behalf of a user)
→ Command supports app-only access (access without a user)

	Commands
	Get-MgBetaUserAuthenticationQrCodePinMethod
	Get-MgBetaUserAuthenticationQrCodePinMethodStandardQrCode

Resources

Granting this permission allows the calling application to access (and/or update) the following information in your tenant.

qrCode
qrCodePinAuthenticationMethod

Graph reference: qrCode

Property	Type	Description
createdDateTime	DateTimeOffset	The date and time when the QR code was created. Read-only.
expireDateTime	DateTimeOffset	The date and time when the QR code expires. For standard QR codes, the lifetime is in days with a maximum of 395 days (13 months) and a default of 365 days. For temporary QR codes, the lifetime must be between 1-12 hours. The expireDateTime can be edited for standard QR codes but not for temporary QR codes.
id	String	The unique identifier (GUID) of the QR code. Inherited from entity. Read-only.
image	qrCodeImageDetails	The QR code image data. This property is only returned at the time of creating or resetting the QR code because the private key isn't stored on the server.
lastUsedDateTime	DateTimeOffset	The date and time when the QR code was last successfully used for authentication. Read-only.
startDateTime	DateTimeOffset	The date and time when the QR code becomes available for use.

Graph reference: qrCodePinAuthenticationMethod

Property	Type	Description
createdDateTime	DateTimeOffset	The date and time when this authentication method was created. Inherited from authenticationMethod. Read-only.
id	String	The unique identifier for this authentication method. Inherited from entity. Read-only.

Table of Contents

UserAuthMethod-QR.Read

Graph Methods

Resources