As organizations aim for heightened security measures, Microsoft's approach towards modern authentication and security practices becomes increasingly vital. Passkeys, as introduced in Microsoft Entra and supported by Microsoft Graph PowerShell, provide a seamless way for administrators to oversee and manage user access and authentication methods.
By enabling the audit of Passkeys and Associated Aggregate Account GUIDs (AAGUIDs) across a tenant, IT admins are equipped with the necessary tools to govern, restrict, and ensure compatibility of devices used within their organization. This process not only aids in preemptive security measures but also in compliance with evolving digital security architectures.
List all Passkeys and Associated Device Models in Microsoft Entra using PowerShell. This guide explains how to generate a report of all Passkeys and their AAGUIDs currently in use within your organization using Microsoft Graph PowerShell.
Auditing Passkeys helps you understand which AAGUIDS are necessary for setting restrictions and governs the types of Passkeys users can configure. It's also beneficial to identify the types and models in use, especially if a third-party vendor announces an End Of Life for specific models.
This tutorial will guide you through using Microsoft Graph PowerShell to audit Passkeys in your tenant and export the AAGUIDs. Ensure you have the latest Microsoft Graph PowerShell module and access to a Global Administrator account to execute this script.
The script displays a popup grid view of all Passkeys assigned to users. To export this data as a CSV file, you have to modify the output path in the script accordingly. This script requires specifying scopes and making the appropriate calls to retrieve Passkey users and their details.
Enhancing security with Passkeys in the Microsoft Authenticator App adds a phishing-resistant layer to your security protocol at no extra cost. Users can leverage the technology in their smartphones to secure and manage Passkeys within the app.
Microsoft Entra PowerShell, List Passkeys PowerShell, Find AAGUIDs PowerShell, Manage Passkeys AAGUIDs, PowerShell Entra Passkeys, Extract AAGUIDs PowerShell, PowerShell Script Passkeys, Entra PowerShell AAGUID Management