DSCResources/MSFT_AADAuthenticationMethodPolicyAuthenticator/MSFT_AADAuthenticationMethodPolicyAuthenticator.schema.mof

[ClassVersion("1.0.0")]
class MSFT_MicrosoftGraphMicrosoftAuthenticatorFeatureSettings
{
    [Write, Description("Determines whether users will be able to approve push notifications on other Microsoft applications such as Outlook Mobile."), EmbeddedInstance("MSFT_MicrosoftGraphAuthenticationMethodFeatureConfiguration")] String CompanionAppAllowedState;
    [Write, Description("Determines whether the user's Authenticator app will show them the client app they are signing into."), EmbeddedInstance("MSFT_MicrosoftGraphAuthenticationMethodFeatureConfiguration")] String DisplayAppInformationRequiredState;
    [Write, Description("Determines whether the user's Authenticator app will show them the geographic location of where the authentication request originated from."), EmbeddedInstance("MSFT_MicrosoftGraphAuthenticationMethodFeatureConfiguration")] String DisplayLocationInformationRequiredState;
    [Write, Description("Specifies whether the user needs to enter a number in the Authenticator app from the login screen to complete their login. Value is ignored for phone sign-in notifications."), EmbeddedInstance("MSFT_MicrosoftGraphAuthenticationMethodFeatureConfiguration")] String NumberMatchingRequiredState;
};
[ClassVersion("1.0.0")]
class MSFT_MicrosoftGraphAuthenticationMethodFeatureConfiguration
{
    [Write, Description("A single entity that's excluded from using this feature."), EmbeddedInstance("MSFT_AADAuthenticationMethodPolicyAuthenticatorFeatureTarget")] String ExcludeTarget;
    [Write, Description("A single entity that's allowed to use this feature."), EmbeddedInstance("MSFT_AADAuthenticationMethodPolicyAuthenticatorFeatureTarget")] String IncludeTarget;
    [Write, Description("Enable or disable the feature. Possible values are: default, enabled, disabled, unknownFutureValue. The default value is used when the configuration hasn't been explicitly set and uses the default behavior of Azure AD for the setting. The default value is disabled."), ValueMap{"default","enabled","disabled","unknownFutureValue"}, Values{"default","enabled","disabled","unknownFutureValue"}] String State;
};
[ClassVersion("1.0.0")]
class MSFT_AADAuthenticationMethodPolicyAuthenticatorFeatureTarget
{
    [Write, Description("The ID of the entity that's targeted in the include or exclude rule or all_users to target all users.")] String Id;
    [Write, Description("The kind of entity that's targeted. The possible values are: group, administrativeUnit, role, unknownFutureValue."), ValueMap{"group","administrativeUnit","role","unknownFutureValue"}, Values{"group","administrativeUnit","role","unknownFutureValue"}] String TargetType;
};
[ClassVersion("1.0.0")]
class MSFT_AADAuthenticationMethodPolicyAuthenticatorExcludeTarget
{
    [Write, Description("The object identifier of an Azure AD group.")] String Id;
    [Write, Description("The type of the authentication method target. Possible values are: group and unknownFutureValue."), ValueMap{"user","group","unknownFutureValue"}, Values{"user","group","unknownFutureValue"}] String TargetType;
};
[ClassVersion("1.0.0")]
class MSFT_AADAuthenticationMethodPolicyAuthenticatorIncludeTarget
{
    [Write, Description("The object identifier of an Azure AD group.")] String Id;
    [Write, Description("The type of the authentication method target. Possible values are: group and unknownFutureValue."), ValueMap{"user","group","unknownFutureValue"}, Values{"user","group","unknownFutureValue"}] String TargetType;
};
 
[ClassVersion("1.0.0.0"), FriendlyName("AADAuthenticationMethodPolicyAuthenticator")]
class MSFT_AADAuthenticationMethodPolicyAuthenticator : OMI_BaseResource
{
    [Write, Description("A collection of Microsoft Authenticator settings such as number matching and location context, and whether they are enabled for all users or specific users only."), EmbeddedInstance("MSFT_MicrosoftGraphmicrosoftAuthenticatorFeatureSettings")] String FeatureSettings;
    [Write, Description("true if users can use the OTP code generated by the Microsoft Authenticator app, false otherwise.")] Boolean IsSoftwareOathEnabled;
    [Write, Description("Displayname of the groups of users that are excluded from a policy."), EmbeddedInstance("MSFT_AADAuthenticationMethodPolicyAuthenticatorExcludeTarget")] String ExcludeTargets[];
    [Write, Description("Displayname of the groups of users that are included from a policy."), EmbeddedInstance("MSFT_AADAuthenticationMethodPolicyAuthenticatorIncludeTarget")] String IncludeTargets[];
    [Write, Description("The state of the policy. Possible values are: enabled, disabled."), ValueMap{"enabled","disabled"}, Values{"enabled","disabled"}] String State;
    [Key, Description("The unique identifier for an entity. Read-only.")] String Id;
    [Write, Description("Present ensures the policy exists, absent ensures it is removed."), ValueMap{"Present","Absent"}, Values{"Present","Absent"}] string Ensure;
    [Write, Description("Credentials of the Admin"), EmbeddedInstance("MSFT_Credential")] string Credential;
    [Write, Description("Id of the Azure Active Directory application to authenticate with.")] String ApplicationId;
    [Write, Description("Id of the Azure Active Directory tenant used for authentication.")] String TenantId;
    [Write, Description("Secret of the Azure Active Directory tenant used for authentication."), EmbeddedInstance("MSFT_Credential")] String ApplicationSecret;
    [Write, Description("Thumbprint of the Azure Active Directory application's authentication certificate to use for authentication.")] String CertificateThumbprint;
    [Write, Description("Managed ID being used for authentication.")] Boolean ManagedIdentity;
};