Being able to set user-preferred authentication methods for Azure AD multi-factor authentication hasn’t been possible up to now. New Graph APIs make it possible to get and set authentication methods for Azure AD accounts. It’s just another small step along the line to migrate away from the MSOL and Azure AD modules.
With the upcoming deprecation of the Azure AD and Microsoft Online Services (MSOL) PowerShell modules, it’s time to upgrade scripts which depend on the cmdlets from these modules. In this example, we use the Microsoft Graph SDK for PowerShell to create a report for Azure AD accounts showing the authentication methods each account uses. The idea is to highlight accounts not protected by strong authentication so that administrators can help users to upgrade their protection against attack.