Problem statement
We need to obtain a list of our users with their corresponding MFA enrollments.
Solution
We recommend using the Management API GET /api/v2/users/{id}/enrollments endpoint to retrieve the user’s first confirmed multi-factor authentication enrollment.
With this approach, you will need to loop through all user_ids to get the first factor the user is enrolled in.
By default, the Management API will obfuscate the phone numbers retrieved from the /api/v2/users/{id}/enrollments endpoint.
If you require seeing the phone numbers, then you can update your tenant settings to set the disable_management_api_sms_obfuscation flag to true.
{
"flags": {
"disable_management_api_sms_obfuscation": true
}
}
This will cause Management API to show you the user’s phone numbers in the response.