Use microsoft graph to authentication contact info to get the email

0
votes

How do you get the authentication contact info from azure ad b2c with the microsoft graph, I am looking to retrieve the email address.

I checked the documentation on Microsoft Graph API and could find no mention of how to get the Authentication Contact Info besides using PowerShell (docs.microsoft.com/en-za/azure/active-directory/authentication/…)

2
azureazure-active-directorymicrosoft-graph-apiazure-ad-b2cazure-ad-graph-api
If you search on "How do you get the authentication contact info from azure ad b2c with the microsoft graph" you will find lots of ways to get started. Basically, show your research and a minimal reproducible example.user1531971
stackoverflow.com/q/45808409/1531971 stackoverflow.com/q/45344259/1531971 and others are good starts, and then you can tell us why those don't apply.user1531971
I did do a search and none of the answers answered my question, I am looking to use Microsoft Graph API to get the Authentication Contact Info Email, not the normal mail tag.Teshvier Mathura
You should tell us what research you have done, and why those other answers do not apply so people don't duplicate your efforts. This is your question; take charge of it and proactively tell us what you want to do, what you have tried, and what results you get.user1531971
I checked the documentation on Microsoft Graph API and could find no mention of how to get the Authentication Contact Info besides using PowerShell (docs.microsoft.com/en-za/azure/active-directory/authentication/…)Teshvier Mathura

2 Answers

1
votes

Based on this article, there are still some gaps between the Microsoft Graph API and the older Azure AD Graph API, but seems neither will fully retrieve what's required.

As of now, the following with get the Alternate Email field only from the "Authentication contact info" section using the Azure AD Graph API;

Register the Application in Azure AD

In the Azure Active Directory instance;

  • Register a new application (client_id)
  • Grant "Read all users' full profiles" permissions to Windows Azure Active Directory
  • Create a private key (client_secret) for the application

Authentication Flow

Reference: Service to Service Calls Using Client Credentials

Retrieve an access token

Request

POST https://login.microsoftonline.com/<tenant id>/oauth2/token

Payload

{
  "client_id": "<client_id>",
  "client_secret": "<client_secret>",
  "resource": "https://graph.windows.net",
  "grant_type": "client_credentials"
}

User Authentication Contact Info

Reference: Basic operations on users

Get user

Request

GET https://graph.windows.net/<tenant_id>/users/<user_id>?api-version=1.6

Headers

{
  "Authorization": "Bearer <access_token>"
}

Response

{
    ...
    "otherMails": ["<Alternate Email>"],
    ...
}
0
votes

As you mentioned it seems that there is no microsoft Graph API could get the authentication Contact Info Email.

But we could get that information with following API, I capture it with browser. It seems a litte hack. 

Get https://main.iam.ad.ext.azure.com/api/UserDetails/{userId}

About how to get the access token, please refer to this blog.

Note: I don't find this API in the Azure official document. Please don't use it for product, you could use it for test.

enter image description here