How to fetch authentication methods or MFA phone number of azure ad b2c users using MS graph API
Question
We are working on a use case in Azure AD B2C space, where we need to access the user's MFA phone number (as shown in image below) entered while registering through the signup user flow or policy.
We tried exploring the graph endpoint https://learn.microsoft.com/en-us/graph/api/phoneauthenticationmethod-get?view=graph-rest-1.0&tabs=http#http-request to read this information, however, noticed that it doesn't work well and the documentation also confirms that it should not be used for azure ad b2c.
We attempted to raise a support case with Microsoft and were told that it is by design and currently nothing the support team could do in this regard.
We also came across a few similar posts that goes several years back such as Azure AD B2C, get MFA verified phone number programmatically and surprisingly even after many years later, the issue still exists and remains unsolved.
Out of curiosity, we found that even Azure ad b2c portal makes use of the legacy graph.windows.net API to fetch and display this information on the user interface!
We would appreciate if anyone is aware of a potential workaround for this? Many thanks in advance!
1 answers
solution1
0 2023-01-31 11:39:03
I tried to reproduce the same in my environment and got the results like below:
I created an Azure AD B2C user and enabled MFA:
Now, I added Authentication method for the B2C user like below:
To fetch the authentication methods or MFA phone number of Azure AD b2c user using MS graph API use the below query:
GET https://graph.microsoft.com/v1.0/users/ObjectID/authentication/methods
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.