Note
Access to this page requires authorization. You can try signing in or changing directories.
Access to this page requires authorization. You can try changing directories.
Namespace: microsoft.graph
Enable SMS sign-in for an existing mobile phone number registered to a user. To be successfully enabled:
- The phone must have
"phoneType": "mobile". - The phone must be unique in the SMS sign-in system (no one else can also be using that number).
- The user must be enabled for SMS sign-in in the authentication methods policy.
This API is available in the following national cloud deployments.
| Global service | US Government L4 | US Government L5 (DOD) | China operated by 21Vianet |
|---|---|---|---|
| ✅ | ✅ | ✅ | ❌ |
Permissions
One of the following permissions is required to call this API. To learn more, including how to choose permissions, see Permissions.
Permissions acting on self
| Permission type | Least privileged permissions | Higher privileged permissions |
|---|---|---|
| Delegated (work or school account) | UserAuthenticationMethod.ReadWrite | UserAuthenticationMethod.ReadWrite.All |
| Delegated (personal Microsoft account) | Not supported. | Not supported. |
| Application | Not supported. | Not supported. |
Permissions acting on other users
| Permission type | Least privileged permissions | Higher privileged permissions |
|---|---|---|
| Delegated (work or school account) | UserAuthenticationMethod.ReadWrite.All | Not available. |
| Delegated (personal Microsoft account) | Not supported. | Not supported. |
| Application | UserAuthenticationMethod.ReadWrite.All | Not available. |
Important
In delegated scenarios with work or school accounts where the signed-in user is acting on another user, they must be assigned a supported Microsoft Entra role or a custom role with a supported role permission. The following least privileged roles are supported for this operation.
- Authentication Administrator
- Privileged Authentication Administrator
HTTP request
Enable SMS sign-in for your own mobile phone authentication method.
POST /me/authentication/phoneMethods/{mobilePhoneMethodId}/enableSmsSignIn
Note
Calling the /me endpoint requires a signed-in user and therefore a delegated permission. Application permissions aren't supported when using the /me endpoint.
Enable SMS sign-in for your own or another user's mobile phone authentication method.
POST /users/{id | userPrincipalName}/authentication/phoneMethods/{mobilePhoneMethodId}/enableSmsSignIn
The value of mobilePhoneMethodId for the mobile phoneType is 3179e48a-750b-4051-897c-87b9720928f7.
Request headers
| Name | Description |
|---|---|
| Authorization | Bearer {token}. Required. Learn more about authentication and authorization. |
Request body
Don't supply a request body for this method.
Response
If successful, this method returns a 204 No Content response code. It doesn't return anything in the response body.
Examples
The following example shows how to call this API.
Request
The following example shows a request.
POST https://graph.microsoft.com/v1.0/me/authentication/phoneMethods/3179e48a-750b-4051-897c-87b9720928f7/enableSmsSignIn
Response
The following example shows the response.
HTTP/1.1 204 No Content