Azure B2C - user flow signup - there is no way to process the phone number attribute of the user in Azure B2C API connector

Question

Hi Microsoft,

user flows in Azure B2C are recommended by Microsoft but there is no currently a way to self-assert phone number of the user during sign-up.

I am using "Sign up and sign in (Recommended)" user flow for only "Local accounts".

1, there is no built-in user attribute for phone number (would be perfect with validation the same way as an email currently is).

2, however, there is a way how to prompt user for phone number with validation -> to enable on the "user flow" the SMS multifactor authentication and user is prompted at second step, after self-assertion page, to verify phone number. Unfortunately, this phone number is not saved in to the azure b2c directory, thus it is not possible to use Azure B2C API connector to enrich the claim bag by this phone number.

This phone number is for me in weird state -> When you go to Azure B2C, over user which has already signed-up, in "Authentication methods" section, is phone attribute visible with phone properly filled in -> even though there is phone number visible in UI, I am unable to query it through graph api GET /users/{id | userPrincipalName}/authentication/phoneMethods (https://learn.microsoft.com/en-us/graph/api/resources/phoneauthenticationmethod?view=graph-rest-1.0).

Even more, there in Azure B2C UI is the information "This phone number can be used as a username to sign in. A text message will be sent for verification during sign-in. Enable."

Once, I click enable, the phone number is saved (POST) into the directory in a way that I am able to query it via graph api  GET /users/{id | userPrincipalName}/authentication/phoneMethods (https://learn.microsoft.com/en-us/graph/api/resources/phoneauthenticationmethod?view=graph-rest-1.0).

Why there is this manual intervention required?

Why there is no way how to query the phone number of already signed-up user ?

Summary - In current state there is not a way how to work in Azure B2C API connector.

 with phone number of the user who already sign-up using mfa.

 

Peter

Answer 1

Hi @Peter Weiss , yes, Azure AD B2C does not have a built-in user attribute for phone number, and there is no way to self-assert phone number of the user during sign-up. However, you can prompt the user for phone number with validation by enabling SMS multifactor authentication in the user flow.

Regarding the issue with the phone number not being saved in the Azure AD B2C directory, it seems that this is a known issue with the Graph API. The phone number is visible in the Azure AD B2C UI, but it cannot be queried through the Graph API until it is enabled for sign-in. Once you enable the phone number for sign-in, it is saved in the directory and can be queried through the Graph API.

In the meantime, you may need to find a workaround or use a third-party solution to handle phone number validation and storage.

Please let me know if you have any questions and I can help you further.

If this answer helps you please mark "Accept Answer" so other users can reference it.

Thank you,

James