Graph API - find user in AAD based on telephone number registered in MFA

Vitezslav Stribrny 20 Reputation points

Using MS Graph API, how do I find the user based on phone number registered in user's MFA settings? I know I can query based on telephone/mobile number present in User object, but this number is not always accurate. Thanks

Microsoft Graph
Microsoft Graph
A Microsoft programmability model that exposes REST APIs and client libraries to access data on Microsoft 365 services.
10,544 questions
Microsoft Entra ID
Microsoft Entra ID
A Microsoft Entra identity service that provides identity management and access control capabilities. Replaces Azure Active Directory.
19,425 questions
{count} votes

Accepted answer
  1. CarlZhao-MSFT 36,891 Reputation points

    Hi @Vitezslav Stribrny

    This seems like a good idea. We can compare a given phone number with the phone numbers registered in the phone authentication to list the users with the given phone number.

    However, currently we cannot retrieve matching users with a simple API call, which requires some logic calculations. I spent some time writing an execution program using the graph SDK and it worked fine for me, I hope it helps you too.

    Please refer to the sample code snippet:

    var userIds = await graphClient.Users.GetAsync((requestConfiguration) =>
        requestConfiguration.QueryParameters.Select = new string[] { "id" };
    foreach (var userId in userIds.Value)
        var phoneMethods = await graphClient.Users[userId.Id].Authentication.PhoneMethods.GetAsync();
        foreach (var phoneMethod in phoneMethods.Value)
            if (phoneMethod.PhoneNumber is "xxx xxxxxxxxxx")

    Hope this helps.

    If the reply is helpful, please click Accept Answer and kindly upvote it. If you have additional questions about this answer, please click Comment.

    3 people found this answer helpful.
    0 comments No comments

0 additional answers

Sort by: Most helpful