How to get the last authentication method used by any user in my tenant?
I can't find such information in signing logs.
Getting last used authentication method for user
Please check this /beta API signinactivity, with below request you can lastSignInRequestId.
GET https://graph.microsoft.com/beta/users/{user-id or upn}?$select=signInActivity
Response:
{
"lastSignInDateTime": "String (timestamp)",
"lastSignInRequestId": "String",
"lastNonInteractiveSignInDateTime": "String (timestamp)",
"lastNonInteractiveSignInRequestId": "String"
}
With the signin-get GET /auditLogs/signIns/{lastSignInRequestId}, will give insights into users last SignIn.
Audit logs signIn is available in v1.0 & beta.
APIs under the /beta version in Microsoft Graph are subject to change. Use of these APIs in production applications is not supported.
Additional Resources: known-issues-
This error might also occur when retrieving the signInActivity property of the user resource; for example, https://graph.microsoft.com/beta/users?$select=signInActivity.
This error is due to intermittent license check failures, which we are working to fix. As a temporary workaround, add the Directory.Read.All permission. This temporary workaround will not be required when the issue is resolved.
Hope this helps.
If the answer is helpful, please click "Accept Answer" and kindly upvote it. If you have further questions about this answer, please click "Comment".
Thank you @SrinivasaRaoDarnaMSFT-7657 for the explained answer, I was able to test the beta version of this API: https://graph.microsoft.com/beta/users?$select=signInActivity
to get all users with signing activity data, for each user I need to get the value of lastSignInRequestId and use it in /auditLogs/signIns/{lastSignInRequestId} to get the authentication
used for that user, I trust its the latest!, Actually what is needed simply an update on the signing logs API Json object to has the last authentication method used if possible.
I will request a feature suggestion for that as described above.
This totally dosent answer the question, but to get authentication methods for the sign-in users you can use this
query: GET /users/{id | userPrincipalName}/authentication/methods
Please refer this DOC for reference.
This property is not available for the sign-in logs , https://docs.microsoft.com/en-us/graph/api/resources/signin?view=graph-rest-1.0#properties.
How or where to suggest a missing feature like this for MS Graph APIs?
Hi @saeedalhamed-5686 , If you want to raise a feature request for it you can raise it here Feature request
If the answer is helpful, please click "Accept Answer" and kindly upvote it. If you have extra questions about this answer, please click "Comment".
Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.
Thank you @MohammedMehtabSiddiqueMINDTREELIMI-9821 for the link where to suggest a feature.
Thank you @MohammedMehtabSiddiqueMINDTREELIMI-9821 for your justification about that, my question is specifically for
getting the last authentication method used of each user! and this should be in some way inside signing logs where you can
query the signing logs for today only or on a specific datetime range so to see what last authentication methods were used for each
log activity.
I am aware of the API you have sent where it list the auth methods available for a user, not the last used one!
I have suggested this idea since some customers need this, I hope to be considered soon.
Thanks again.
4 people are following this question.
