[Feature Request]: Standards - Enable Microsoft OTP in Auth methods

[kris6673]

Description of the new feature - must be an in-depth explanation of the feature you want, reasoning why, and the added benefits for MSPs as a whole.

Many of our customers are using the MS NPS extension for VPN authendication and after number matching has become mandatory, now rely on the OTP code from the Authendicator app instead of getting a push notification. The current CIPP standard "Enable Passwordless with Location information and Number Matching" changes this to Disabled everytime standards run.

Having a dropdown to chose if it should be enabled or disabled like with "Set Authenticator Lite state" would be nice.
Default set to "No" for backwards compatability.

Since the feature is locked behind registering the Authendicator app and this is just an add-on, it should not decrease security. At least to my knowledge.

PowerShell commands you would normally use to achieve above request

This is your own code, only part modified is: "isSoftwareOathEnabled" being set to true instead of false

try {
    $body = @"
{"@odata.type":"#microsoft.graph.microsoftAuthenticatorAuthenticationMethodConfiguration","id":"MicrosoftAuthenticator","includeTargets":[{"id":"all_users","isRegistrationRequired":false,"targetType":"group","authenticationMode":"any"}],"excludeTargets":[],"state":"enabled","isSoftwareOathEnabled":true,"featureSettings":{"displayLocationInformationRequiredState":{"state":"enabled","includeTarget":{"id":"all_users","targetType":"group","displayName":"All users"}},"displayAppInformationRequiredState":{"state":"enabled","includeTarget":{"id":"all_users","targetType":"group","displayName":"All users"}},"companionAppAllowedState":{"state":"default","includeTarget":{"id":"all_users","targetType":"group","displayName":"All users"}}}}
"@
    (New-GraphPostRequest -tenantid $tenant -Uri "https://graph.microsoft.com/beta/policies/authenticationMethodsPolicy/authenticationMethodConfigurations/microsoftAuthenticator" -Type patch -Body $body -ContentType "application/json")

    Write-LogMessage  -API "Standards" -tenant $tenant -message "Enabled passwordless with Information and Number Matching." -sev Info
}
catch {
    Write-LogMessage  -API "Standards" -tenant $tenant -message "Failed to enable passwordless with Information and Number Matching. Error: $($_.exception.message)" -sev "Error"
}

[github-actions]

Thank you for creating a feature request!
Your current priority is set to "No Priority". No Priority Feature requests automatically get closed in two days if a contributor does not accept the FR.

If you are a sponsor you can request an upgrade of priority. To upgrade the priority type "I would like to upgrade the priority".
If you want this feature to be integrated you can always do this yourself by checking out our contributions guide at https://cipp.app/docs/dev/. Contributors to the CIPP project reserve the right to close feature requests at will.
If you'd like this feature request to be assigned to you, please comment "I would like to work on this please!".

[KelvinTegelaar]

only sponsors can create FRs,

[KelvinTegelaar]

Added in dev; we no longer send that in the patch at all, so users can decide themselves if to enable/not.

[kris6673]

Added in dev; we no longer send that in the patch at all, so users can decide themselves if to enable/not.

Awesome thanks!