One of the following permissions is required to call this API. To learn more, including how to choose permissions, see Permissions.
Permissions acting on self
Permission type
Least privileged permissions
Higher privileged permissions
Delegated (work or school account)
UserAuthenticationMethod.ReadWrite
UserAuthenticationMethod.ReadWrite.All
Delegated (personal Microsoft account)
Not supported.
Not supported.
Application
Not supported.
Not supported.
Permissions acting on other users
Permission type
Least privileged permissions
Higher privileged permissions
Delegated (work or school account)
UserAuthenticationMethod.ReadWrite.All
Not available.
Delegated (personal Microsoft account)
Not supported.
Not supported.
Application
UserAuthenticationMethod.ReadWrite.All
Not available.
Important
In delegated scenarios with work or school accounts where the signed-in user is acting on another user, they must be assigned a supported Microsoft Entra role or a custom role with a supported role permission. The following least privileged roles are supported for this operation.
Authentication Administrator
Privileged Authentication Administrator
HTTP request
Remove a software OATH token authentication method from your own account. For a signed-in user to update their own authentication method, they must have satisfied a multi-factor authentication requirement during sign in.
// Code snippets are only available for the latest version. Current version is 5.x
// To initialize your graphClient, see https://learn.microsoft.com/en-us/graph/sdks/create-client?from=snippets&tabs=csharp
await graphClient.Users["{user-id}"].Authentication.SoftwareOathMethods["{softwareOathAuthenticationMethod-id}"].DeleteAsync();
// Code snippets are only available for the latest major version. Current major version is $v1.*
// Dependencies
import (
"context"
msgraphsdk "github.com/microsoftgraph/msgraph-sdk-go"
//other-imports
)
// To initialize your graphClient, see https://learn.microsoft.com/en-us/graph/sdks/create-client?from=snippets&tabs=go
graphClient.Users().ByUserId("user-id").Authentication().SoftwareOathMethods().BySoftwareOathAuthenticationMethodId("softwareOathAuthenticationMethod-id").Delete(context.Background(), nil)
// Code snippets are only available for the latest version. Current version is 6.x
GraphServiceClient graphClient = new GraphServiceClient(requestAdapter);
graphClient.users().byUserId("{user-id}").authentication().softwareOathMethods().bySoftwareOathAuthenticationMethodId("{softwareOathAuthenticationMethod-id}").delete();
<?php
use Microsoft\Graph\GraphServiceClient;
$graphServiceClient = new GraphServiceClient($tokenRequestContext, $scopes);
$graphServiceClient->users()->byUserId('user-id')->authentication()->softwareOathMethods()->bySoftwareOathAuthenticationMethodId('softwareOathAuthenticationMethod-id')->delete()->wait();
# Code snippets are only available for the latest version. Current version is 1.x
from msgraph import GraphServiceClient
# To initialize your graph_client, see https://learn.microsoft.com/en-us/graph/sdks/create-client?from=snippets&tabs=python
await graph_client.users.by_user_id('user-id').authentication.software_oath_methods.by_software_oath_authentication_method_id('softwareOathAuthenticationMethod-id').delete()