question

venkatachalashashankamallapragada-0606 avatar image
0 Votes"
venkatachalashashankamallapragada-0606 asked ·

appid in adb2c logs using graph api

@VaibhavChaudhari ,

My requirement is using Graph API, get Azure ADB2C SignIn Logs and DirectoryAudit logs with a token (already in place). The token is generated using ClientID (Registered one) in ADB2C.

With the help of Graph API documentation, we are able to get the above said logs in Json format. Our expectation is the AppId that we see in the logs response should be same as the AppId we provided while getting the token. Just wanted to know is my assumption correct ?
If yes, how can we achieve it using Graph API

azure-ad-b2c
10 |1000 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

1 Answer

amanpreetsingh-msft avatar image
0 Votes"
amanpreetsingh-msft answered ·

@venkatachalashashankamallapragada-0606 If I understood your question correctly, you acquired a token in application context by using client credentials flow and used that token in order to fetch the sign-in logs. Now you do not see a sign-in event logged for the authentication performed via client credentials flow.

If this is the case, it is by design. We log sign-in events only for interactive logons performed via user accounts. If the authentication is non-interactive, which means it is either done by submitting refresh token or by using client credentials, sign-in event logs will not be logged.


Please "accept as answer" or "vote as helpful" wherever the information provided helps you to help others in the community.

· 2 · Share
10 |1000 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

Thanks @amanpreetsingh-msft for the reply. Can you please tell me if there is any other way to get logs that can be filtered on AppId.

0 Votes 0 · ·
amanpreetsingh-msft avatar image amanpreetsingh-msft venkatachalashashankamallapragada-0606 ·

This is currently not possible. Our Product Group have already started working on it. You can track updates by Product Managers here: https://feedback.azure.com/forums/169401-azure-active-directory/suggestions/31991029-make-spn-non-interactive-login-events-logged-and

0 Votes 0 · ·