phoneAuthenticationMethod: enableSmsSignIn

Namespace: microsoft.graph

Important

APIs under the /beta version in Microsoft Graph are subject to change. Use of these APIs in production applications is not supported. To determine whether an API is available in v1.0, use the Version selector.

Enable SMS sign-in for an existing mobile phone number. To be successfully enabled:

The phone must have "phoneType": "mobile".
The phone must be unique in the SMS sign-in system (no one else can also be using that number).
The user must be enabled for SMS sign-in in the authentication methods policy.

Permissions

Choose the permission or permissions marked as least privileged for this API. Use a higher privileged permission or permissions only if your app requires it. For details about delegated and application permissions, see Permission types. To learn more about these permissions, see the permissions reference.

Permission type	Least privileged permissions	Higher privileged permissions
Delegated (work or school account)	UserAuthMethod-Phone.ReadWrite	UserAuthenticationMethod.ReadWrite, UserAuthenticationMethod.ReadWrite.All, UserAuthMethod-Phone.ReadWrite.All
Delegated (personal Microsoft account)	Not supported.	Not supported.
Application	UserAuthMethod-Phone.ReadWrite.All	UserAuthenticationMethod.ReadWrite.All

Important

In delegated scenarios with work or school accounts where the signed-in user is acting on another user, they must be assigned a supported Microsoft Entra role or a custom role with a supported role permission. The following least privileged roles are supported for this operation.

Authentication Administrator
Privileged Authentication Administrator

HTTP request

Enable SMS sign-in for your own mobile phone authentication method.

Note

Calling the /me endpoint requires a signed-in user and therefore a delegated permission. Application permissions aren't supported when using the /me endpoint.

POST /me/authentication/phoneMethods/{id}/enableSmsSignIn

Enable SMS sign-in for your own or another user's mobile phone authentication method.

Note

When calling the /users/{id} endpoint with {id} representing the signed-in user, the least privileged delegated permissions are UserAuthenticationMethod.Read for read operations and UserAuthenticationMethod.ReadWrite for write operations.

POST /users/{id | userPrincipalName}/authentication/phoneMethods/{id}/enableSmsSignIn

The value of id for the mobile phoneType is 3179e48a-750b-4051-897c-87b9720928f7.

Request headers

Name	Description
Authorization	Bearer {token}. Required. Learn more about authentication and authorization.

Request body

Don't supply a request body for this method.

Response

If successful, this method returns a 200 OK response code. It doesn't return anything in the response body.

Examples

The following example shows how to call this API.

Request

The following example shows a request.

HTTP
JavaScript

POST https://graph.microsoft.com/beta/me/authentication/phoneMethods/3179e48a-750b-4051-897c-87b9720928f7/enableSmsSignIn


const options = {
	authProvider,
};

const client = Client.init(options);

await client.api('/me/authentication/phoneMethods/3179e48a-750b-4051-897c-87b9720928f7/enableSmsSignIn')
	.version('beta')
	.post();

Important

Microsoft Graph SDKs use the v1.0 version of the API by default, and do not support all the types, properties, and APIs available in the beta version. For details about accessing the beta API with the SDK, see Use the Microsoft Graph SDKs with the beta API.

For details about how to add the SDK to your project and create an authProvider instance, see the SDK documentation.

Response

The following example shows the response.

HTTP/1.1 200 OK

Feedback

Was this page helpful?

Last updated on 2025-08-02

Share via

phoneAuthenticationMethod: enableSmsSignIn

Permissions

HTTP request

Request headers

Request body

Response

Examples

Request

Response

Feedback

Additional resources