List of users with MFA enrollments

Problem statement

We need to obtain a list of our users with their corresponding MFA enrollments.

Solution

We recommend using the Management API GET /api/v2/users/{id}/enrollments endpoint to retrieve the user’s first confirmed multi-factor authentication enrollment.

With this approach, you will need to loop through all user_ids to get the first factor the user is enrolled in.

By default, the Management API will obfuscate the phone numbers retrieved from the /api/v2/users/{id}/enrollments endpoint.

If you require seeing the phone numbers, then you can update your tenant settings to set the disable_management_api_sms_obfuscation flag to true.

{
  "flags": {
    "disable_management_api_sms_obfuscation": true
  }
}

This will cause Management API to show you the user’s phone numbers in the response.

2 Likes