Although there are many MS Graph/AAD Graph API gaps that Microsoft does not document, I am trying to figure out if the Identity Protection Policy APIs is one of them.
The Azure Portal uses this AAD endpoint to manage identity protection policies (requiring MFA, risky user sign-in, etc.)
https://graph.windows.net/{tenantId}/policies?api-version=1.6-internal
I cannot find any analogous API endpoint in the MS Graph API documentation (beta or 1.0).
Is there any way to configure these policies programmatically using supported methods (not just query) (since the AAD Graph API is officially deprecated)?
Unfortunately, it's not supported to configure Identity Protection policies programmatically with Microsoft Graph API.
Currently Microsoft Graph only supports querying these policies.
See details from identityProtectionRoot resource type (V1.0) and Use the Azure AD identity protection API (Beta).
A similar post here for your reference.