Azure ad sign in activity. Nov 18, 2025 · Which of my Azure resources were accessed by managed identities and service principals? You can also describe the activity associated with a sign-in request by identifying the following details: Who – The identity (User) performing the sign-in. 5 days ago · Summary Azure AD B2C: PKCE &amp; invalid_request errors during sign‑in with OIDC (Microsoft Entra ID) identity provider in User Flow B2C_1_NONMFA. This analytic was written to be used with the azure:monitor:aad sourcetype leveraging the Signin log category. We are using Azure AD** B2C** for user management. I using CustomAccountFactory to add custom claims to my idenitity. Auditing of user sign-ins through Azure apps and services is enabled by default and is available in all Azure subscriptions. As an IT administrator, you need to know what the values in the sign-in logs mean, so that you can interpret the log values correctly. GraphServiceClient. Step-by-step guide to monitor sign-ins, export logs, and enhance security using Azure AD and audit logging. azure-ad-b2c I am trying to configure my own html and CSS for Azure AD B2C sign-up and sign-in policy by following this link. But that surface view fails in common scenarios: Non-interactive activity continues. Request(). A user might stop logging in interactively, but 🔐 Security Issue: Unauthorized Access Detected in Azure AD 📋 ALERT: Unusual sign-in activity detected from impossible travel location 🔍 INCIDENT INVESTIGATION: 1️⃣ Review Sign-In Logs Strengthen identity security with Microsoft Entra ID, a cloud identity and access (IAM) solution that prevents identity attacks and supports SSO and Zero Trust. cs file looks: 3 days ago · Hello, I am unable to sign in to my Azure account. Id]. Connect to your Azure tenant using Microsoft Graph API. Global Administrator Security Admin Security Reader Global Reader Reports Reader The sign-in activity report in the AAD admin center is available in all the editions of Azure AD. Users[b2cUser. Filter as needed. If the delta between now and the value of the activity timestamp exceeds the timeframe you've defined for active devices, a device is considered to be stale. Here is how the program. Azure AD) user sign-in logs provide information on user activity (successful and failed logins), applications used, locations, operating systems used, and user browsers. 2 days ago · What “stale” really means in entra id Most teams start with: “last interactive sign-in time older than N days → stale. Problem Description We are experiencing authentication failures when users attempt to sign in to our… User b2cUser = await this. Jan 7, 2026 · Microsoft Entra ID Protection can provide a broad range of risk detections that can be used to identify suspicious activity in your organization. May 2, 2025 · You must be ingesting Azure Active Directory events into your Splunk environment through an EventHub. How – The client (Application) used for the sign-in. The user has the following domain:… 2 days ago · Free ingestion for Microsoft 365 audit logs, Azure Activity logs, and Azure AD sign-in logs (through the free data sources benefit) Microsoft Defender data ingestion is included if you use the Microsoft 365 Defender integration 90 days of interactive data retention included, with up to 12 years of archival retention at reduced rates Cost risks: I am using Azure AD authentication for authentication. ” That’s a reasonable first pass because Entra’s user list can show Last interactive sign-in time and lets you sort/filter quickly. Dec 23, 2023 · Entra ID (ex. Jul 2, 2025 · Microsoft Entra logs all sign-ins into an Azure tenant for compliance purposes. GetOurUser(userId); var additionalData = new Dictionary<string, object>(); additionalData["extension_id-of-extensions-app-here_Foo"] = "Ice Cream Cone"; var updatedB2cUser = new User { AdditionalData = additionalData }; await this. If you see errors on this page, refer to Diagnosing errors with the Azure Active Directory Connected Service 4) On the Single-Sign On page, select a domain from the Domain drop-down list. Instead, Microsoft Authenticator is generating 8‑digit TOTP codes, which prevents successful… 5 days ago · 2) On the Connected Services page, select Authentication with Azure Active Directory 3) On the Introduction page, select Next. Jun 27, 2025 · In Microsoft Entra ID, this property is called ApproximateLastSignInDateTime or activity timestamp. The tables included in this article summarize the list of sign-in and user risk detections, including the license requirements or if the detection happens in real-time or offline. Oct 20, 2022 · Prerequisites to View Azure Sign-in logs To access the sign-in logs, admins should be assigned with any one of the following roles. . When attempting to log in, I do not receive push notifications or the expected 6‑digit verification code. Learn how to check login activity in Microsoft 365. These values provide valuable information for Additional resources To learn more about user activity reports in Office 365, see Find activity reports in the Azure portal. Learn about the sign-in logs Customize and filter the sign-in logs This article explains the values found in the sign-in logs. Known False Positives Multiple Failed MFA requests may also be a sign of authentication or application issues. Mar 15, 2024 · How to Get User Login History in Azure AD Using Microsoft Graph API? Let’s try to get user sign-in logs using Microsoft Graph API. UpdateAsync(updatedB2cUser); In practice, we include additional props such as Identities 4 days ago · Hello, We are currently experiencing an issue with an user who is trying to sign in to our B2C tenant application but is not receiving the email verification code. Administrators can view sign-in logs from the Azure Portal Web UI and using PowerShell. qdd bad wxy ekp zmx vmn fvp wnf wkj jhx ojg pmz jvb khi yiw