Get phoneAuthenticationMethod
Namespace: microsoft.graph
Retrieve a single phoneAuthenticationMethod object for a user. This method is available only for standard Microsoft Entra ID and B2B users, but not B2C users.
This API is available in the following national cloud deployments.
Global service | US Government L4 | US Government L5 (DOD) | China operated by 21Vianet |
---|---|---|---|
✅ | ✅ | ✅ | ❌ |
Permissions
One of the following permissions is required to call this API. To learn more, including how to choose permissions, see Permissions.
Permissions acting on self
Permission type | Least privileged permissions | Higher privileged permissions |
---|---|---|
Delegated (work or school account) | UserAuthenticationMethod.Read | UserAuthenticationMethod.ReadWrite, UserAuthenticationMethod.Read.All, UserAuthenticationMethod.ReadWrite.All |
Delegated (personal Microsoft account) | Not supported. | Not supported. |
Application | Not supported. | Not supported. |
Permissions acting on other users
Permission type | Least privileged permissions | Higher privileged permissions |
---|---|---|
Delegated (work or school account) | UserAuthenticationMethod.Read.All | UserAuthenticationMethod.ReadWrite.All |
Delegated (personal Microsoft account) | Not supported. | Not supported. |
Application | UserAuthenticationMethod.Read.All | UserAuthenticationMethod.ReadWrite.All |
Important
In delegated scenarios with work or school accounts where the signed-in user is acting on another user, they must be assigned a supported Microsoft Entra role or a custom role with a supported role permission. The following least privileged roles are supported for this operation.
- Global Reader
- Authentication Administrator
- Privileged Authentication Administrator
Note
The authentication administrator only sees masked phone numbers.
HTTP request
Retrieve details of your own phone authentication method.
GET /me/authentication/phoneMethods/{phoneMethodId}
Retrieve details of your own or another user's phone authentication method.
GET /users/{userId | userPrincipalName}/authentication/phoneMethods/{phoneMethodId}
The value of phoneMethodId
corresponding to the phoneType is one of the following:
b6332ec1-7057-4abe-9331-3d72feddfe41
to retrieve thealternateMobile
phoneType.e37fc753-ff3b-4958-9484-eaa9425c82bc
to retrieve theoffice
phoneType.3179e48a-750b-4051-897c-87b9720928f7
to retrieve themobile
phoneType.
Optional query parameters
This method does not support optional query parameters to customize the response.
Request headers
Name | Description |
---|---|
Authorization | Bearer {token}. Required. Learn more about authentication and authorization. |
Request body
Don't supply a request body for this method.
Response
If successful, this method returns a 200 OK
response code and the requested phoneAuthenticationMethod object in the response body.
Examples
Request
The following example shows a request.
GET https://graph.microsoft.com/v1.0/me/authentication/phoneMethods/3179e48a-750b-4051-897c-87b9720928f7
Response
The following example shows the response.
Note: The response object shown here might be shortened for readability.
HTTP/1.1 200 OK
Content-type: application/json
{
"phoneNumber": "+1 2065555555",
"phoneType": "mobile",
"smsSignInState": "ready",
"id": "3179e48a-750b-4051-897c-87b9720928f7"
}