question

FerencSzab-4432 avatar image
0 Votes"
FerencSzab-4432 asked amanpreetsingh-msft answered

AD B2C: Keep Me Signed In - Audit Logs

This is an AD B2C specific question, but I think it also applies to Azure AD as well. My question is, can we see anywhere in the Audit Logs (https://docs.microsoft.com/en-us/azure/active-directory-b2c/view-audit-logs) when a user "logged in" with a persistent KMSI cookie?

azure-ad-b2c
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

1 Answer

amanpreetsingh-msft avatar image
0 Votes"
amanpreetsingh-msft answered

Hi @FerencSzab-4432 · Thank you for reaching out.

As of now, sign-ins via KMSI persistent cookies are not logged. Currently, sign-in Activity logs capture either interactive sign-ins or non-interactive sign-ins, which doesn't include sign-in via KMSI cookie. Some examples of non-interactive sign-ins are:

  • A client app uses an OAuth 2.0 refresh token to get an access token.

  • A client uses an OAuth 2.0 authorization code to get an access token and refresh token.

  • A user performs single sign-on (SSO) to a web or Windows app on an Azure AD joined PC.

  • A user signs in to a second Microsoft Office app while they have a session on a mobile device using FOCI (Family of Client IDs).


Please "Accept the answer" if the information helped you. This will help us and others in the community as well.

5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.