using System;

using Microsoft.Graph;

using Azure.Identity;

using System.Threading;

public class Program

{

    public static void Main()

    {

        ListMultiFactorMethods("SOME_USER@DOMAIN.COM");

        //DeleteMultiFactorMethods("SOME_USER@DOMAIN.COM");

        DisposeClient();

    }

    #region Properties

    // Variables

    private static ClientSecretCredential _Credential = null;

    private static GraphServiceClient _Client = null;

    private static bool Initialized = false;

    private static bool Initializing = false;

    private const string TENANT_ID = "YOUR_TENANT_ID";

    private const string CLIENT_ID = "YOUR_CLIENT_ID";

    private const string CLIENT_SECRET = "YOUR_CLIENT_SECRET";

    private const string GRAPH_ENDPOINT = "https://graph.microsoft.com/.default";

    private static GraphServiceClient Client => GetClient();

#endregion Properties

#region Get Azure Client

    public static void Init()

    {

        if (_Credential == null)

        {

            _Credential = new ClientSecretCredential(TENANT_ID, CLIENT_ID, CLIENT_SECRET);

        }

​

        if (_Client == null)

        {

            _Client = new GraphServiceClient(_Credential, new[]{GRAPH_ENDPOINT});

        }

​

        Initialized = true;

    }

​

    private static GraphServiceClient GetClient()

    {

        // To prevent multiple initializations of the GraphClient connection

        if (!Initialized && Initializing)

        {

            Thread.Sleep(100);

        }

        else if (Initialized == false)

        {

            Init();

        }

​

        return _Client;

    }

​

    public static void DisposeClient()

    {

        if (_Client != null)

        {

            _Client = null;

        }

    }

​

#endregion Get Azure Client

#region List Multi Factor Methods

    /// <summary>

    /// Lists all of the Multi Factor Authentication Methods for a user

    /// </summary>

    /// <param name = "UPN">Universal Principal Name for the user</param>

    public static void ListMultiFactorMethods(string UPN)

    {

        // All Methods only gives the Type and Id

        var AllMethods = Client.Users[UPN].Authentication.Methods.Request().GetAsync().Result;

        foreach (var Method in AllMethods)

        {

            Console.WriteLine($"{Method.ODataType} - {Method.Id} - {Method.AdditionalData}");

        }

​

        Console.WriteLine();

        var EmailMethods = Client.Users[UPN].Authentication.EmailMethods.Request().GetAsync().Result;

        foreach (var Method in EmailMethods)

        {

            Console.WriteLine($"Email: {Method.EmailAddress}");

        }

​

        var PhoneMethods = Client.Users[UPN].Authentication.PhoneMethods.Request().GetAsync().Result;

        foreach (var Method in PhoneMethods)

        {

            Console.WriteLine($"phone: {Method.PhoneNumber}");

        }

​

        var MSAuthMethods = Client.Users[UPN].Authentication.MicrosoftAuthenticatorMethods.Request().GetAsync().Result;

        foreach (var Method in MSAuthMethods)

        {

            Console.WriteLine($"MS Auth: {Method.DisplayName}");

        }

​

        var FidoMethods = Client.Users[UPN].Authentication.Fido2Methods.Request().GetAsync().Result;

        foreach (var Method in FidoMethods)

        {

            Console.WriteLine($"Fido: {Method.DisplayName}");

        }

​

        var OathMethods = Client.Users[UPN].Authentication.SoftwareOathMethods.Request().GetAsync().Result;

        foreach (var Method in OathMethods)

        {

            Console.WriteLine($"Software Oath: {Method.Id}");

        }

​

        return;

    }

​

#endregion List Multi Factor Methods

#region Delete All Multi Factor Methods

    /// <summary>

    /// Deletes all of the Multi Factor Authentication Methods for a user

    /// </summary>

    /// <param name = "UPN">Universal Principal Name for the user</param>

    public static async void DeleteMultiFactorMethods(string UPN)

    {

        var Methods = Client.Users[UPN].Authentication.Methods.Request().GetAsync().Result;

        // Alternatively you could make five different calls to each Method type and then loop through them 

        // to delete as in the List method above

        foreach (var Method in Methods.Where(e => e.ODataType == "#microsoft.graph.emailAuthenticationMethod"))

        {

            await Client.Users[UPN].Authentication.EmailMethods[Method.Id].Request().DeleteAsync();

        }

​

        foreach (var Method in Methods.Where(e => e.ODataType == "#microsoft.graph.phoneAuthenticationMethod"))

        {

            await Client.Users[UPN].Authentication.PhoneMethods[Method.Id].Request().DeleteAsync();

        }

​

        foreach (var Method in Methods.Where(e => e.ODataType == "#microsoft.graph.microsoftAuthenticatorAuthenticationMethod"))

        {

            await Client.Users[UPN].Authentication.MicrosoftAuthenticatorMethods[Method.Id].Request().DeleteAsync();

        }

​

        foreach (var Method in Methods.Where(e => e.ODataType == "#microsoft.graph.fido2AuthenticationMethod"))

        {

            await Client.Users[UPN].Authentication.Fido2Methods[Method.Id].Request().DeleteAsync();

        }

​

        foreach (var Method in Methods.Where(e => e.ODataType == "#microsoft.graph.softwareOathAuthenticationMethod"))

        {

            await Client.Users[UPN].Authentication.SoftwareOathMethods[Method.Id].Request().DeleteAsync();

        }

    }

#endregion Delete All Multi Factor Methods

}