We are using Azure Active Directory B2C for managing users. We have defined "Sign up and sign in" user flow which uses Local accounts - Phone Signup as an Identity Provider. We also turned ON the "Enable recovery email prompt for phone number signup and sign in (Preview)" option. So the flow collects and store the Phone Recovery Email somewhere deep in the guts of AAD B2C. And I can even use the "Change Phone Number" flow - it asks me to confirm recovery email that I entered previously - all works pretty nice!
However, now I have to migrate all our users to another instance of AAD B2C. Using Graph API I can easily write a script to export / import users with all their properties except this Phone Recovery Email. I simply cannot find it neither in AAD B2C console, nor with Graph API.
Maybe somebody knows how to extract it? or knows how to make a migration keeping that kind of user information, or just can confirm that this is not possible at the moment and I will accept the inevitable :). Please share your thoughts.
I tried the following:
To get the recovery email addresses, call the following Graph API endpoint:
https://graph.microsoft.com/v1.0/users/{UserObjectId}/authentication/emailMethods
In order to call this endpoint you must have the permission UserAuthenticationMethod.Read.All for reads from your existing B2C tenant and UserAuthenticationMethod.ReadWrite.All for writing the information to your new B2C tenant.