Test-MtCaDeviceCodeFlow
SYNOPSIS
Checks if the tenant has at least one conditional access policy that includes Authentication Flows - Device Code Flow as a condition.
SYNTAX
Test-MtCaDeviceCodeFlow [-ProgressAction <ActionPreference>] [<CommonParameters>]
DESCRIPTION
Organizations should block or limit device code flow because it can be exploited in phishing attacks, such as those conducted by the Storm-2372 group. Attackers leverage this authentication method to trick users into entering device codes on malicious websites, granting unauthorized access to accounts. Blocking or limiting this flow helps prevent exploitation by minimizing attack vectors, improving overall security posture, and safeguarding against compromised credentials through phishing techniques.
Learn more: https://learn.microsoft.com/en-us/entra/identity/conditional-access/policy-block-authentication-flows
EXAMPLES
EXAMPLE 1
Test-MtCaDeviceCodeFlow
PARAMETERS
-ProgressAction
{{ Fill ProgressAction Description }}
Type: ActionPreference
Parameter Sets: (All)
Aliases: proga
Required: False
Position: Named
Default value: None
Accept pipeline input: False
Accept wildcard characters: False
CommonParameters
This cmdlet supports the common parameters: -Debug, -ErrorAction, -ErrorVariable, -InformationAction, -InformationVariable, -OutVariable, -OutBuffer, -PipelineVariable, -Verbose, -WarningAction, and -WarningVariable. For more information, see about_CommonParameters.