Cloud

Azure Active Directory Reporting APIs Now Available

Microsoft - The Essential Guide to Microsoft Teams End-User Engagement
The Essential Guide to Microsoft Teams End-User Engagement

We take you through 10 best practices, considerations, and suggestions that can enrich your Microsoft Teams deployment and ensure both end-user adoption and engagement.

Get the Guide

shutterstock_100605349 (2)One of the most common things we hear from our clients is their need to automatically access security related reports from Azure AD. With last week’s announcement from Microsoft about AAD Reporting APIs Public Preview, we now have that capability.
Azure AD already has a robust set of activity, security and audit reports, with some of the most useful provided within Azure AD Premium, and they can all easily be viewed within the Azure portal. With the new APIs, we can now programmatically access that data via “any tool or programming language which supports REST APIs with OAuth” and integrate it into a custom dashboard, Power BI/Excel, or your favorite SIEM solution.
The following reports can be accessed via the API:

  • AuditEvents
  • AccountProvisioningEvents
  • SignInsFromUnknownSourcesEvents
  • SignInsFromIPAddressesWithSuspiciousActivityEvents
  • SignInsFromMultipleGeographiesEvents
  • signInsAfterMultipleFailuresEvents
  • signInsFromPossiblyInfectedDevicesEvents (AAD Premium)
  • IrregularSignInActivityEvents (AAD Premium)
  • allUsersWithAnomalousSignInActivityEvents (AAD Premium)
  • CompromisedCredentialsEvent (AAD Premium)

Ready to get started? Check out this guide to Get Started with the Azure AD Reporting API.

About the Author

More from this Author

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Subscribe to the Weekly Blog Digest:

Sign Up
Categories