Merge pull request #25577 from microsoftgraph/luc-hw-oath-refresh

Luc hw oath refresh

Author: FaithOmbongi

api-reference/beta/api/authentication-delete-hardwareoathmethods.md

@@ -0,0 +1,104 @@
+---
+title: "Delete hardwareOathAuthenticationMethod"
+description: "Unassign a hardware token from a user. The token remains in the directory."
+author: "luc-msft"
+ms.localizationpriority: medium
+ms.subservice: "entra-sign-in"
+doc_type: apiPageType
+ms.date: 12/06/2024
+---
+
+# Delete hardwareOathAuthenticationMethod
+
+Namespace: microsoft.graph
+
+[!INCLUDE [beta-disclaimer](../../includes/beta-disclaimer.md)]
+
+Unassign a [hardware token](../resources/hardwareoathauthenticationmethod.md) from a user. The token remains in the directory and its details can be retrieved by [List hardwareOathDevices](authenticationmethoddevice-list-hardwareoathdevices.md) API.
+
+## Permissions
+
+Choose the permission or permissions marked as least privileged for this API. Use a higher privileged permission or permissions [only if your app requires it](/graph/permissions-overview#best-practices-for-using-microsoft-graph-permissions). For details about delegated and application permissions, see [Permission types](/graph/permissions-overview#permission-types). To learn more about these permissions, see the [permissions reference](/graph/permissions-reference).
+
+### Permissions acting on self
+<!-- {
+  "blockType": "permissions",
+  "name": "authentication-delete-hardwareoathmethods-permissions"
+}
+-->
+<!-- {
+  "blockType": "permissions",
+  "name": "authentication-delete-hardwareoathmethods-permissions"
+}
+-->
+[!INCLUDE [permissions-table](../includes/permissions/authentication-delete-hardwareoathmethods-permissions.md)]
+
+## Permissions acting on other users
+<!-- {
+  "blockType": "permissions",
+  "name": "authentication-delete-hardwareoathmethods-2-permissions"
+}
+-->
+[!INCLUDE [permissions-table](../includes/permissions/authentication-delete-hardwareoathmethods-2-permissions.md)]
+
+## HTTP request
+
+Unassign yourself a hardware OATH authentication method.
+<!-- {
+  "blockType": "ignored"
+}
+-->
+``` http
+DELETE /me/authentication/hardwareOathMethods/{hardwareOathAuthenticationMethodId}
+```
+
+Unassign another user their hardware OATH authentication method.
+<!-- {
+  "blockType": "ignored"
+}
+-->
+``` http
+DELETE /users/{usersId}/authentication/hardwareOathMethods/{hardwareOathAuthenticationMethodId}
+```
+
+## Request headers
+
+|Name|Description|
+|:---|:---|
+|Authorization|Bearer {token}. Required. Learn more about [authentication and authorization](/graph/auth/auth-concepts).|
+
+## Request body
+
+Don't supply a request body for this method.
+
+## Response
+
+If successful, this method returns a `204 No Content` response code.
+
+## Examples
+
+### Request
+
+The following example shows a request.
+<!-- {
+  "blockType": "request",
+  "name": "delete_hardwareoathauthenticationmethod"
+}
+-->
+``` http
+DELETE https://graph.microsoft.com/beta/me/authentication/hardwareOathMethods/{hardwareOathAuthenticationMethodId}
+```
+
+
+### Response
+
+The following example shows the response.
+<!-- {
+  "blockType": "response",
+  "truncated": true
+}
+-->
+``` http
+HTTP/1.1 204 No Content
+```
+

api-reference/beta/api/authentication-list-hardwareoathmethods.md

@@ -0,0 +1,148 @@
+---
+title: "List hardwareOathAuthenticationMethod objects"
+description: "List all hardware tokens assigned to a user"
+author: "luc-msft"
+ms.localizationpriority: medium
+ms.subservice: "entra-sign-in"
+doc_type: apiPageType
+ms.date: 12/06/2024
+---
+
+# List hardwareOathAuthenticationMethod objects
+
+Namespace: microsoft.graph
+
+[!INCLUDE [beta-disclaimer](../../includes/beta-disclaimer.md)]
+
+Get a list of the [hardware tokens](../resources/hardwareoathauthenticationmethod.md) assigned to a [user](../resources/user.md).
+
+## Permissions
+
+Choose the permission or permissions marked as least privileged for this API. Use a higher privileged permission or permissions [only if your app requires it](/graph/permissions-overview#best-practices-for-using-microsoft-graph-permissions). For details about delegated and application permissions, see [Permission types](/graph/permissions-overview#permission-types). To learn more about these permissions, see the [permissions reference](/graph/permissions-reference).
+
+### Permissions acting on self
+<!-- {
+  "blockType": "permissions",
+  "name": "authentication-list-hardwareoathmethods-permissions"
+}
+-->
+[!INCLUDE [permissions-table](../includes/permissions/authentication-list-hardwareoathmethods-permissions.md)]
+
+### Permissions acting on other users
+<!-- {
+  "blockType": "permissions",
+  "name": "authentication-list-hardwareoathmethods-2-permissions"
+}
+-->
+[!INCLUDE [permissions-table](../includes/permissions/authentication-list-hardwareoathmethods-2-permissions.md)]
+
+## HTTP request
+Get details of your own hardware OATH methods.
+<!-- {
+  "blockType": "ignored"
+}
+-->
+``` http
+GET /me/authentication/hardwareOathMethods
+```
+
+Get details of another user's hardware OATH methods.
+<!-- {
+  "blockType": "ignored"
+}
+-->
+``` http
+GET /users/{usersId}/authentication/hardwareOathMethods
+```
+
+## Optional query parameters
+
+This method supports the `$select`, `$filter` and `$top` OData query parameters to help customize the response. For general information, see [OData query parameters](/graph/query-parameters).
+
+## Request headers
+
+|Name|Description|
+|:---|:---|
+|Authorization|Bearer {token}. Required. Learn more about [authentication and authorization](/graph/auth/auth-concepts).|
+
+## Request body
+
+Don't supply a request body for this method.
+
+## Response
+
+If successful, this method returns a `200 OK` response code and a collection of [hardwareOathAuthenticationMethod](../resources/hardwareoathauthenticationmethod.md) objects in the response body.
+
+## Examples
+
+### Request
+
+The following example shows a request to retrieve the hardware tokens for the signed-in user.
+<!-- {
+  "blockType": "request",
+  "name": "list_hardwareoathauthenticationmethod"
+}
+-->
+``` http
+GET https://graph.microsoft.com/beta/me/authentication/hardwareOathMethods
+```
+
+
+### Response
+
+The following example shows the response.
+>**Note:** The response object shown here might be shortened for readability.
+<!-- {
+  "blockType": "response",
+  "truncated": true,
+  "@odata.type": "microsoft.graph.hardwareOathAuthenticationMethod"
+}
+-->
+``` http
+HTTP/1.1 200 OK
+Content-Type: application/json
+
+{
+  "value": [
+    {
+      "@odata.type": "#microsoft.graph.hardwareOathAuthenticationMethod",
+      "id": "aad49556-####-####-####-############",
+      "device": {
+        "id": "aad49556-####-####-####-############",
+        "displayName": "Amy Masters Token 1",
+        "serialNumber": "TOTP123456",
+        "manufacturer": "Contoso",
+        "model": "Hardware Token 1000",
+        "secretKey": null,
+        "timeIntervalInSeconds": 30,
+        "status": "activated",
+        "hashFunction": "hmacsha1",
+        "assignedTo": {
+            "id": "0cadbf92-####-####-####-############",
+            "displayName": "Amy Masters"
+        }
+      }
+    },
+    {
+      "@odata.type": "#microsoft.graph.hardwareOathAuthenticationMethod",
+      "id": "3dee0e53-####-####-####-############",
+      "device": {
+        "id": "3dee0e53-####-####-####-############",
+        "displayName": "Amy Masters Token 2",
+        "serialNumber": "TOTP654321",
+        "manufacturer": "Contoso",
+        "model": "Hardware Token 1000",
+        "secretKey": null,
+        "timeIntervalInSeconds": 30,
+        "status": "activated",
+        "hashFunction": "hmacsha1",
+        "assignedTo": {
+            "id": "0cadbf92-####-####-####-############",
+            "displayName": "Amy Masters"
+        }
+      }
+    }
+  ]
+}
+```
+

api-reference/beta/api/authentication-post-hardwareoathmethods.md

@@ -0,0 +1,121 @@
+---
+title: "Create hardwareOathAuthenticationMethod"
+description: "Assign a hardware token to a user without activation."
+author: "luc-msft"
+ms.localizationpriority: medium
+ms.subservice: "entra-sign-in"
+doc_type: apiPageType
+ms.date: 12/06/2024
+---
+
+# Create hardwareOathAuthenticationMethod
+
+Namespace: microsoft.graph
+
+[!INCLUDE [beta-disclaimer](../../includes/beta-disclaimer.md)]
+
+Assign a [hardware token](../resources/hardwareoathauthenticationmethod.md) to a user without activation. To activate, use the [activation](hardwareoathauthenticationmethod-activate.md) API operation.
+
+## Permissions
+
+Choose the permission or permissions marked as least privileged for this API. Use a higher privileged permission or permissions [only if your app requires it](/graph/permissions-overview#best-practices-for-using-microsoft-graph-permissions). For details about delegated and application permissions, see [Permission types](/graph/permissions-overview#permission-types). To learn more about these permissions, see the [permissions reference](/graph/permissions-reference).
+
+## Permissions acting on self
+<!-- {
+  "blockType": "permissions",
+  "name": "authentication-post-hardwareoathmethods-permissions"
+}
+-->
+[!INCLUDE [permissions-table](../includes/permissions/authentication-post-hardwareoathmethods-permissions.md)]
+
+## Permissions acting on other users
+<!-- {
+  "blockType": "permissions",
+  "name": "authentication-post-hardwareoathmethods-2-permissions"
+}
+-->
+[!INCLUDE [permissions-table](../includes/permissions/authentication-post-hardwareoathmethods-2-permissions.md)]
+
+## HTTP request
+Assign a hardware OATH authentication method to yourself.
+<!-- {
+  "blockType": "ignored"
+}
+-->
+``` http
+POST /me/authentication/hardwareOathMethods
+```
+
+Assign a hardware OATH authentication method to another user.
+<!-- {
+  "blockType": "ignored"
+}
+-->
+``` http
+POST /users/{usersId}/authentication/hardwareOathMethods
+```
+
+## Request headers
+
+|Name|Description|
+|:---|:---|
+|Authorization|Bearer {token}. Required. Learn more about [authentication and authorization](/graph/auth/auth-concepts).|
+|Content-Type|application/json. Required.|
+
+## Request body
+
+In the request body, supply a JSON representation of the [hardwareOathAuthenticationMethod](../resources/hardwareoathauthenticationmethod.md) object.
+
+You can specify the following properties when creating a **hardwareOathAuthenticationMethod**.
+
+|Property|Type|Description|
+|:---|:---|:---|
+|id|String|ID of the hardware token that is to be assigned to the user and activated.|
+
+## Response
+
+If successful, this method returns a `201 Created` response code and a [hardwareOathAuthenticationMethod](../resources/hardwareoathauthenticationmethod.md) object in the response body.
+
+## Examples
+
+### Request
+
+The following example shows a request.
+<!-- {
+  "blockType": "request",
+  "name": "create_hardwareoathauthenticationmethod_from_"
+}
+-->
+``` http
+POST https://graph.microsoft.com/beta/me/authentication/hardwareOathMethods
+Content-Type: application/json
+
+{
+  "device": {
+        "id": "aad49556-####-####-####-############"
+    },
+}
+```
+
+
+### Response
+
+The following example shows the response.
+>**Note:** The response object shown here might be shortened for readability.
+<!-- {
+  "blockType": "response",
+  "truncated": true,
+  "@odata.type": "microsoft.graph.hardwareOathAuthenticationMethod"
+}
+-->
+``` http
+HTTP/1.1 201 Created
+Content-Type: application/json
+
+{
+  "@odata.type": "#microsoft.graph.hardwareOathAuthenticationMethod",
+  "id": "658d0bfe-3cb9-d4d3-5296-147bc3b1f130",
+  "createdDateTime": "String (timestamp)"
+}
+```
+