Azure AD Last Log On Date?

jLight 201 Reputation points
2020-04-07T13:24:33.877+00:00

I remember seeing a feature request about AAD Last Log On Date similar to On-Prem AD attribute. It used to be available too but then got pulled back. Just curious if anyone has an idea of the status or how do you determine the last log on date for your users? We are currently using the one based on-prem (but that poses a problem for remote users who no longer needs to VPN).

Microsoft Entra ID
Microsoft Entra ID
A Microsoft Entra identity service that provides identity management and access control capabilities. Replaces Azure Active Directory.
19,519 questions
0 comments

3 answers

Sort by: Most helpful
Most helpful Newest Oldest
  1. AmanpreetSingh-MSFT 56,306 Reputation points
    2020-11-27T07:20:14.877+00:00

    Hello @jLight · You can use below calls for this purpose:

    Users by name: In this scenario, you search for a specific user by name, which enables you to evaluate the lastSignInDateTime: https://graph.microsoft.com/beta/users?$filter=startswith(displayName,'markvi')&$select=displayName,signInActivity

    Users by date: In this scenario, you request a list of users with a lastSignInDateTime before a specified date: https://graph.microsoft.com/beta/users?filter=signInActivity/lastSignInDateTime le 2019-06-01T00:00:00Z

    -----------------------------------------------------------------------------------------------------------

    Please "Accept the answer" if the information helped you. This will help us and others in the community as well.

    3 people found this answer helpful.
  2. Vasil Michev 95,581 Reputation points MVP
    2020-04-07T13:43:09.47+00:00

    There's no such attribute available in Azure AD. If you are using any of the Office 365 workloads, you can rely on the last activity date information gathered per workload as part of the User Activity report. Otherwise, you can crawl the Azure AD sign-in logs.

    2 people found this answer helpful.
  3. Madhusoodanan, Deepu 1 Reputation point
    2022-03-31T15:19:28.207+00:00

    Hello @AmanpreetSingh-MSFT

    Similar topic, I am trying to pull all inactive users with a lastSignInDateTime before a specified date. I get below error. I am using REST API.

    May I know what is the workaround for this issue? Please advise.

    URL - https://graph.microsoft.com/beta/users?$filter=signInActivity/lastSignInDateTime le 2022-03-10T00:00:00Z&$select=displayName,signInActivity

    {"error":{"code":"UnknownError","message":"This request is throttled. Please try again after the value specified in the Retry-After header. CorrelationId: 631fcbf3-4b34-4a69-afef-993f058950bc","innerError":{"date":"2022-03-31T14:57:39","request-id":"3883c2a2-42f6-43f3-bd49-8b6dc7dd5e84","client-request-id":"3883c2a2-42f6-43f3-bd49-8b6dc7dd5e84"}}}

    Also, I have referred https://learn.microsoft.com/en-us/graph/api/resources/signinactivity?view=graph-rest-beta&preserve-view=true

    NOTE: We have total 15 users on Azure Active directory and I made 2 REST API request.

    Thank you
    Deepu

    0 comments