🙏 Allow Conditional Access Authentication Strength

[SuryenduB]

Entra PowerShell Command New-EntraConditionalAccessPolicy does not allow including Authentication Strength in Conditional Access Policy.

Describe the feature

Using the following Json we can create conditional Access policy using the Graph Endpoint. However we cannot do the same using Entra Powershell.

{
  "displayName": "Policy with Auth strength",
  "state": "enabledForReportingButNotEnforced",
  "conditions": {
    "clientAppTypes": [
      "all"
    ],
    "applications": {
      "includeApplications": [
        "All"
      ]
    },
    "users": {
      "includeUsers": [
        "All"
      ]
    }
  },
  "grantControls": {
    "operator": "OR",
    "authenticationStrength": {
      "id": "00000000-0000-0000-0000-000000000002"
    }
  }
}

$controls = New-Object -TypeName Microsoft.Open.MSGraph.Model.ConditionalAccessGrantControls
$controls._Operator = 'OR'
$controls.BuiltInControls = @()
$controls.CustomAuthenticationFactors = @()
$controls.TermsOfUse = @()


# Create authentication strength object for phishing-resistant MFA
$authStrength = New-Object -TypeName Microsoft.Graph.PowerShell.Models.MicrosoftGraphAuthenticationStrengthPolicy
$authStrength.Id = '00000000-0000-0000-0000-000000000004' # Phishing-resistant MFA

$controls.authenticationStrength = $authStrength

Error : InvalidOperation: Line | 12 | $controls.authenticationStrength = $authStrength | ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ | The property 'authenticationStrength' cannot be found on this object. Verify that the property exists and can be set.