CODEWITHSUNDEEP
azureazure-active-directoryazure-ad-b2c
Frank Houweling
Frank Houweling

Reputation: 605

Azure AD B2C Graph API retrieve if user has MFA

I'd like to use the Azure Graph API to retrieve for a given user if that user has MFA setup. I can't find this information in the API docs, but it would seem like something you want to retrieve.

Would anyone of you know if this is possible, and if so, how?

Upvotes: 1

Views: 1247

Answers (1)

Sri Hari Krishna Yalamanchili
Sri Hari Krishna Yalamanchili

Reputation: 2445

This is possible with MS Graph API,

To Get information of users registered with MFA and hasn't, we can use isMfaRegistered property in credentialUserRegistrationDetails .

credentialUserRegistrationDetails help us to get the details of the usage of self-service password reset and multi-factor authentication (MFA) for all registered users. Details include user information, status of registration, and the authentication method used. This is possible programmatically with MS Graph where you will get a JSON reports an can be plugged into other reports or can be represented programmatically itself

Example:

GET https://graph.microsoft.com/beta/reports/credentialUserRegistrationDetails

sample output:

{
            "id": "****************************",
            "userPrincipalName": "[email protected]",
            "userDisplayName": "Nishant Singh",
            "isRegistered": false,
            "isEnabled": true,
            "isCapable": false,
            "isMfaRegistered": true,
            "authMethods": [
                "mobilePhone"
            ]
        }

Sample code written in C#,

 GraphServiceClient graphClient = new GraphServiceClient( authProvider );

 var credentialUserRegistrationDetails = await 
     graphClient.Reports.CredentialUserRegistrationDetails
    .Request()
    .GetAsync();

Upvotes: 1

Related Questions