Azure AD B2C Create/Update/Delete 2FA Phone Authentication contact info with Microsoft Graph API

Will Godwin 6 Reputation points
2022-11-22T01:27:32.62+00:00

Hi,

I am currently trying to update or delete a Azure AD B2C users Phone Authentication field (see example below) with the Microsoft Graph API.

262765-image.png

I am using the following methods in C# from the Graph API SDK to update and delete the authentication phone number respectively.
262835-image.png

262794-image.png

When I call these methods the phone number does not change. All my other MS Graph API methods work perfectly and I have a method to Update and Delete thee "SoftwareOathMethods" (Authenticator App) that is working fine. Is there something I am missing or is what I am trying to achieve not possible?

Kind Regards,
Will

Microsoft Graph
Microsoft Graph
A Microsoft programmability model that exposes REST APIs and client libraries to access data on Microsoft 365 services.
10,569 questions
Microsoft Entra External ID
Microsoft Entra External ID
A modern identity solution for securing access to customer, citizen and partner-facing apps and services. It is the converged platform of Azure AD External Identities B2B and B2C. Replaces Azure Active Directory External Identities.
2,639 questions
Microsoft Entra ID
Microsoft Entra ID
A Microsoft Entra identity service that provides identity management and access control capabilities. Replaces Azure Active Directory.
19,455 questions
0 comments

2 answers

Sort by: Most helpful
Most helpful Newest Oldest
  1. Shweta Mathur 27,381 Reputation points Microsoft Employee
    2022-11-29T09:52:01.857+00:00

    Hi @Will Godwin ,

    Thanks for reaching out.

    I understand you are trying to update and delete phone authentication method for B2C users or consumers and unable to do so.

    Unfortunatey, Phone authentication method is not supported for B2C users or consumers signed up by different identity providers using Graph API as of now.

    Only for those users which are created within the organization in B2C can be updated phone authentication method using Graph API.
    265154-image.png

    I would suggest you post this idea at the Azure Feedback Portal, which is monitored by the product team for feature enhancements.
    Thank you for your time and patience throughout this issue.

    Hope this will help.

    Thanks,
    Shweta

    ---------------------------

    Please remember to "Accept Answer" if answer helped you.

    1 person found this answer helpful.
  2. HarmeetSingh7172 4,811 Reputation points
    2022-11-22T05:20:30.57+00:00

    Hello @Will Godwin

    Thanks for reaching out!

    You need to add phone authentication for your users before you can update phone numbers.

    Adding phone authentication first: For adding phone authentication for other users, we can use Postman with UserAuthenticationMethod.ReadWrite.All application permissions granted to your app. Please note that if your user already has a phone number you cannot add it again.

    Below are the sample endpoint details- 

    POST /users/{id | userPrincipalName}/authentication/phoneMethods  
  
{  
  "phoneNumber": "+1 2065555555",  
  "phoneType": "mobile"  
}

    262894-createphoneauth11.png

    Updating Phone Auth:

    Sample endpoint details: Refer this documentation for PhoneAuthID 

    PATCH https://graph.microsoft.com/v1.0/users/{user-id}/authentication/phoneMethods/3179e48a-750b-4051-897c-87b9720928f7  
  
{  
  "phoneNumber": "+1 2065555554",  
  "phoneType": "mobile",  
}

    262865-updatephoneauth11.png

    Deleting Phone Auth:

    Endpoint Details: 

    DELETE https://graph.microsoft.com/v1.0/users/{user-id}/authentication/phoneMethods/3179e48a-750b-4051-897c-87b9720928f7

    262914-deletephoneauth10.png

    ----------

    Hope this helps.

    If the answer is helpful, please click Accept Answer and kindly upvote. If you have any further questions about this answer, please click Comment.