Skip to main content
GET
/
users
/
{id}
/
authentication-methods
TypeScript
import { ManagementClient } from "auth0";

async function main() {
    const client = new ManagementClient({
        token: "<token>",
    });
    await client.users.authenticationMethods.list("id", {
        page: 1,
        perPage: 1,
        includeTotals: true,
    });
}
main();
[
  {
    "id": "<string>",
    "type": "recovery-code",
    "created_at": "2023-11-07T05:31:56Z",
    "confirmed": true,
    "name": "<string>",
    "authentication_methods": [
      {
        "type": "totp",
        "id": "<string>"
      }
    ],
    "preferred_authentication_method": "voice",
    "link_id": "<string>",
    "phone_number": "<string>",
    "email": "<string>",
    "key_id": "<string>",
    "public_key": "<string>",
    "enrolled_at": "2023-11-07T05:31:56Z",
    "last_auth_at": "2023-11-07T05:31:56Z",
    "credential_device_type": "<string>",
    "credential_backed_up": true,
    "identity_user_id": "<string>",
    "user_agent": "<string>",
    "aaguid": "<string>",
    "relying_party_identifier": "<string>"
  }
]

Authorizations

Authorization
string
header
required

Bearer authentication header of the form Bearer <token>, where <token> is your auth token.

Path Parameters

id
string
required

The ID of the user in question.

Query Parameters

page
integer

Page index of the results to return. First page is 0. Default is 0.

Required range: x >= 0
per_page
integer

Number of results per page. Default is 50.

Required range: 0 <= x <= 100
include_totals
boolean

Return results inside an object that contains the total result count (true) or as a direct array of results (false, default).

Response

The authentication methods for the user were retrieved.

id
string
required

The ID of the authentication method (auto generated)

type
enum<string>
required
Available options:
recovery-code,
totp,
push,
phone,
email,
email-verification,
webauthn-roaming,
webauthn-platform,
guardian,
passkey,
password
created_at
string<date-time>
required

Authenticator creation date

confirmed
boolean

The authentication method status

name
string

A human-readable label to identify the authentication method

Maximum string length: 20
authentication_methods
object[]
preferred_authentication_method
enum<string>

Applies to phone authentication methods only. The preferred communication method.

Available options:
voice,
sms
link_id
string

The ID of a linked authentication method. Linked authentication methods will be deleted together.

phone_number
string

Applies to phone authentication methods only. The destination phone number used to send verification codes via text and voice.

email
string

Applies to email and email-verification authentication methods only. The email address used to send verification messages.

key_id
string

Applies to webauthn authentication methods only. The ID of the generated credential.

public_key
string

Applies to webauthn authentication methods only. The public key.

enrolled_at
string<date-time>

Enrollment date

last_auth_at
string<date-time>

Last authentication

credential_device_type
string

Applies to passkeys only. The kind of device the credential is stored on as defined by backup eligibility. "single_device" credentials cannot be backed up and synced to another device, "multi_device" credentials can be backed up if enabled by the end-user.

credential_backed_up
boolean

Applies to passkeys only. Whether the credential was backed up.

identity_user_id
string

Applies to passkeys only. The ID of the user identity linked with the authentication method.

user_agent
string

Applies to passkeys only. The user-agent of the browser used to create the passkey.

aaguid
string

Applies to passkey authentication methods only. Authenticator Attestation Globally Unique Identifier.

relying_party_identifier
string

Applies to webauthn/passkey authentication methods only. The credential's relying party identifier.