Get the complete phone numbers for MFA SMS enrollment

Problem statement

We can see just the last 4 digits when using the following Management API endpoint:

 GET {{base_url}}api/v2/users/{{user_id}}/authenticators 

 "guardian_authenticators": [
        {
            "id": "sms|<ID>",
            "type": "sms",
            "confirmed": true,
            "name": "XXXXXXXX1234",
            "created_at": "2022-11-03T16:55:57.000Z",
            "last_auth_at": "2022-11-15T10:06:49.000Z"
        },

But we want to view the complete phone number used for enrolling MFA SMS.

Solution

Please update the flag disable_management_api_sms_obfuscation to true with the below request:

PATCH /api/v2/tenants/settings

{ "flags": { "disable_management_api_sms_obfuscation": true } }

After doing this, the next time you hit the get all authenticators endpoint, You should be able to see the whole phone number.