🔍 Code Extractor

class PhoneAuthenticationMethod

Maturity: 64

Represents a phone authentication method registered to a user in Microsoft Graph API, managing phone-based authentication including SMS sign-in capabilities.

File:
/tf/active/vicechatdev/SPFCsync/venv/lib64/python3.11/site-packages/office365/directory/authentication/methods/phone.py
Lines:
5 - 49
Complexity:
moderate

Purpose

This class manages phone-based authentication methods for users in Microsoft Graph. It handles three phone types (mobile, alternate mobile, office) and provides functionality to enable/disable SMS sign-in for mobile phones. The class is used for multi-factor authentication (MFA) and self-service password reset (SSPR) scenarios. Mobile phones support both SMS and voice calls, while office phones only support voice calls. Users must have a mobile phone before adding an alternate mobile phone.

Source Code

class PhoneAuthenticationMethod(AuthenticationMethod):
    """
    Represents a phone number and type that's registered to a user, and whether it's configured for the user
    to sign in via SMS.

    A phone has one of three types: mobile, alternate mobile, or office. A user can have one number registered
    for each type, and must have a mobile phone before an alternate mobile phone is added. When using a phone for
    multi-factor authentication (MFA) or self-service password reset (SSPR), the mobile phone is the default and the
    alternate mobile phone is the backup.

    Mobile phones can be used for both SMS and voice calls, depending on the tenant settings.

    An office phone can only receive voice calls, not SMS messages.
    """

    def disable_sms_signin(self):
        """
        Disable SMS sign-in for an existing mobile phone number registered to a user.
        The number will no longer be available for SMS sign-in, which can prevent your user from signing in.
        """
        qry = ServiceOperationQuery(self, "disableSmsSignIn")
        self.context.add_query(qry)
        return self

    def enable_sms_signin(self):
        """
        Enable SMS sign-in for an existing mobile phone number registered to a user. To be successfully enabled:

        The phone must have "phoneType": "mobile".
        The phone must be unique in the SMS sign-in system (no one else can also be using that number).
        The user must be enabled for SMS sign-in in the authentication methods policy.
        """
        qry = ServiceOperationQuery(self, "enableSmsSignIn")
        self.context.add_query(qry)
        return self

    @property
    def phone_number(self):
        """
        The phone number to text or call for authentication.
        Phone numbers use the format +{country code} {number}x{extension}, with extension optional.
        For example, +1 5555551234 or +1 5555551234x123 are valid. Numbers are rejected when creating or updating
        if they do not match the required format.
        """
        return self.properties.get("phoneNumber", None)

Parameters

Name Type Default Kind
bases AuthenticationMethod -

Parameter Details

__init__: Inherits constructor from AuthenticationMethod base class. The exact parameters are not visible in this code snippet, but typically would include context and properties for the authentication method instance.

Return Value

The class instantiation returns a PhoneAuthenticationMethod object. The disable_sms_signin() and enable_sms_signin() methods return self for method chaining. The phone_number property returns a string in format '+{country code} {number}x{extension}' or None if not set.

Class Interface

Methods

disable_sms_signin() -> PhoneAuthenticationMethod

Purpose: Disables SMS sign-in for an existing mobile phone number, preventing the user from signing in via SMS with this number

Returns: Returns self (PhoneAuthenticationMethod instance) for method chaining

enable_sms_signin() -> PhoneAuthenticationMethod

Purpose: Enables SMS sign-in for an existing mobile phone number. Requires the phone to be of type 'mobile', unique in the system, and the user to be enabled for SMS sign-in in the authentication methods policy

Returns: Returns self (PhoneAuthenticationMethod instance) for method chaining

phone_number -> str | None property

Purpose: Gets the phone number registered for authentication in the format +{country code} {number}x{extension}

Returns: String containing the phone number in international format (e.g., '+1 5555551234' or '+1 5555551234x123'), or None if not set

Attributes

Name Type Description Scope
context ClientContext The Microsoft Graph API client context inherited from AuthenticationMethod, used to execute queries against the API instance
properties dict Dictionary containing the phone authentication method properties including phoneNumber, phoneType, and other metadata inherited from AuthenticationMethod instance

Dependencies

  • office365

Required Imports

from office365.directory.authentication.methods.method import AuthenticationMethod
from office365.runtime.queries.service_operation import ServiceOperationQuery

Usage Example

# Assuming you have a configured Microsoft Graph context
# Get a phone authentication method for a user
phone_auth = user.authentication.phone_methods.get_by_id('phone_method_id')

# Check the phone number
print(phone_auth.phone_number)  # Output: +1 5555551234

# Enable SMS sign-in for the phone
phone_auth.enable_sms_signin()
context.execute_query()

# Later, disable SMS sign-in if needed
phone_auth.disable_sms_signin()
context.execute_query()

# Method chaining is supported
phone_auth.enable_sms_signin().execute_query()

Best Practices

  • Always call context.execute_query() after enable_sms_signin() or disable_sms_signin() to commit changes to Microsoft Graph
  • Ensure the phone has phoneType set to 'mobile' before enabling SMS sign-in
  • Verify the phone number is unique in the system before enabling SMS sign-in
  • Add a mobile phone before attempting to add an alternate mobile phone
  • Use proper phone number format: +{country code} {number}x{extension} (extension optional)
  • Check tenant settings to confirm SMS authentication is allowed before enabling
  • Office phones cannot be used for SMS sign-in, only voice calls
  • The mobile phone is the default for MFA/SSPR, alternate mobile is the backup
  • Methods return self for fluent interface/method chaining support
  • Handle potential API errors when phone number doesn't meet requirements

Tags

authentication phone SMS MFA multi-factor-authentication SSPR password-reset microsoft-graph user-authentication mobile-phone voice-call

Similar Components

AI-powered semantic similarity - components with related functionality:

  • class AuthenticationMethodsPolicy 68.3% similar

    A class representing Azure Active Directory authentication methods policy that defines which authentication methods users can use for sign-in and multi-factor authentication (MFA).

    From: /tf/active/vicechatdev/SPFCsync/venv/lib64/python3.11/site-packages/office365/directory/policies/authentication_methods.py

  • class AuthenticationMethod 67.2% similar

    Represents an authentication method registered to a user in Azure Active Directory, providing functionality to manage authentication credentials such as passwords, phone numbers, and FIDO2 security keys.

    From: /tf/active/vicechatdev/SPFCsync/venv/lib64/python3.11/site-packages/office365/directory/authentication/methods/method.py

  • class PasswordAuthenticationMethod 63.2% similar

    A class representing a user's password authentication method in Microsoft 365/Office 365 directory services. This class provides a secure abstraction for password management without exposing the actual password value.

    From: /tf/active/vicechatdev/SPFCsync/venv/lib64/python3.11/site-packages/office365/directory/authentication/methods/password.py

  • class EmailAuthenticationMethod 58.5% similar

    Represents an email address registered to a user as an authentication method, specifically for self-service password reset (SSPR) functionality.

    From: /tf/active/vicechatdev/SPFCsync/venv/lib64/python3.11/site-packages/office365/directory/authentication/methods/email.py

  • class UserRegistrationDetails 55.5% similar

    A data class representing the authentication and security registration state of a user, including MFA, passwordless, and self-service password reset capabilities.

    From: /tf/active/vicechatdev/SPFCsync/venv/lib64/python3.11/site-packages/office365/directory/authentication/methods/details.py
← Back to Browse