question

AristotelisPapantonis-7934 avatar image
0 Votes"
AristotelisPapantonis-7934 asked DavidRussell-3005 commented

Authentication methods not available at Graph API and UI

I have an issue with authentication methods on a B2C tenant and more specific with mobile.

While there is an entry on the mobile at the current Azure Portal UI of authentication methods, this entry is not available from GraphAPI (v.1 or beta) (I have available all the right permissions) and the new authentication experience and is not available to take.


140986-old.png




141059-new.png



Now the only way to have it available at GraphAPI (and new experience ) is to enable manually the indicator ( shown in the screenshot) to use the phone as a sign-in method which I do not want anyway because I want it only as MFA.

The more strange are although is beside I tried to turn it on the phone sign in the issue persists.

Also If I create the entry from Graph API also is available as it should be.

Can anyone know if I miss a configuration or is a bug?


azure-ad-b2cazure-ad-multi-factor-authenticationazure-ad-authentication
old.png (33.1 KiB)
new.png (20.2 KiB)
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

amanpreetsingh-msft avatar image
0 Votes"
amanpreetsingh-msft answered

Hi @AristotelisPapantonis-7934 • Thank you for reaching out.

This is a known issue with B2C. When you register for MFA via B2C user flow/custom policy, the strong authentication phone doesn't contain a space between country code and the actual phone number. If you add a space manually after the country code, graph call will return the expected result. The B2C Product group is already aware of this issue and working on it. However, there is no ETA as of now for the resolution.

This is documented here:

Please "Accept the answer" if the information helped you. This will help us and others in the community as well.

5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

DavidRussell-3005 avatar image
0 Votes"
DavidRussell-3005 answered DavidRussell-3005 commented

Is there an API method to fetch strong authentication phonenumber?

The portal calls "users()?api-version=1.6-internal" which is inaccessible.

If not, then I don't see a way to migrate users from one B2C server to another automatically.

(We are migrating because our B2C server located in Australia is taking up to 9 seconds to respond to requests from Europe - far too slow. We're moving it to USA).

229784-image.png



image.png (31.0 KiB)
· 2
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

Thanks.

The documentation for the Get action says it's not available:

"This method is available only for standard Azure AD and B2B users, but not B2C users."

In the end I manually copied from Azure portal, and imported to new B2C server with powershell.


0 Votes 0 ·