How to fetch authentication methods or MFA phone number of azure ad b2c users using MS graph API
We are working on a use case in Azure AD B2C space, where we need to access the user’s MFA phone number (as shown in image below) entered while registering through the signup user flow or policy.
We tried exploring the graph endpoint https://learn.microsoft.com/en-us/graph/api/phoneauthenticationmethod-get?view=graph-rest-1.0&tabs=http#http-request to read this information, however, noticed that it doesn’t work well and the documentation also confirms that it should not be used for azure ad b2c.
We attempted to raise a support case with Microsoft and were told that it is by design and currently nothing the support team could do in this regard.
We also came across a few similar posts that goes several years back such as Azure AD B2C, get MFA verified phone number programmatically and surprisingly even after many years later, the issue still exists and remains unsolved.
Out of curiosity, we found that even Azure ad b2c portal makes use of the legacy graph.windows.net API to fetch and display this information on the user interface!
We would appreciate if anyone is aware of a potential workaround for this? Many thanks in advance!
After attempting multiple ways and contacting Microsoft Azure support, we had to stop because currently MS graph api cannot access the mfa phone numbers of the users that are stored either using the default user flows or using the custom policies in azure ad b2c.
Though this is a known issue that is hopefully on the product group's roadmap, however, the timeframe for the fix is not available at this point.
- How to take max value and replace it in drived column in data factory
- Synapse/ ADF - How to Truncate table if dynamic config column is True in pre-copy script
- Azure Cost Management - track costs associated with Databricks job
- Error: "OrganizationFromTenantGuidNotFound" (even with Microsoft 365 subscription)
- How to check Debug.Writeline() output in VS code?
- C# API - Provide download of files from Azure Blobstorage
- localhost:300/api is not working : "This page isn’t working"
- Creating an Azure Linux VM with Ubuntu 20.04 with Terraform
- Failed to deploy path that does not exist
- Using Azure WAF for my server(not in Azure)
- How and where to define an environment variable on Azure
- Azure Data Factory - Unable to preview data
- Azure yaml trigger pipeline every 14 days on a Saturday
- Diagnostic setting not included in Azure Portal ARM template export
- How do I read the original pdf file in set indexer datasource in a custom WebApiSkill after enabling "Allow Skillset to read file data"
- How do I store vectors generated by AzureOpenAIEmbeddingSkill in indexer given my current setup
- Authenticating using the Azure CLI is only supported as a User (not a Service Principal)
- Azure Function App - frequent hang and deadlocks
- Sign Tool for Azure Trusted Service Account Error information: "Error: SignerSign() failed." (-2147467259/0x80004005)
- How to convert the premium file share to premium block blob storage account or standard general purpose v2 storage account?
- How to generate an azure blob url with SAS signature in nodejs sdk v12?
- How to Assign Role to New User with Graph API
- Directory disappears from azure cloud shell (home)
- Application Insights Logging Exceptions as Trace
- Issue with Azure key vault and Azure storage account deployment
- AddDataProtection().PersistKeysToAzureBlobStorage().ProtectKeysWithAzureKeyVault() getting httpVerb Error while accessing the blob storage
- temporary_name_for_rotation must be specified when changing any of the following properties: pod_subnet_id
- Native Node.js Metrics in Application Insights
- Azure Key Vault Disabled public access, how to access it through the portal via internet
- Using Google.Cloud.BigQuery.V2 API in Azure Functions