View audit history for Azure AD roles in Privileged Identity Management

You can use the Privileged Identity Management (PIM) audit history to see all role assignments and activations within the past 30 days for all privileged roles. If you want to see the full audit history of activity in your Azure Active Directory (Azure AD) organization, including administrator, end user, and synchronization activity, you can use the Azure Active Directory security and activity reports.

Determine your version of PIM

Beginning in November 2019, the Azure AD roles portion of Privileged Identity Management is being updated to a new version that matches the experiences for Azure resource roles. This creates additional features as well as changes to the existing API. While the new version is being rolled out, which procedures that you follow in this article depend on version of Privileged Identity Management you currently have. Follow the steps in this section to determine which version of Privileged Identity Management you have. After you know your version of Privileged Identity Management, you can select the procedures in this article that match that version.

  1. Sign in to the Azure portal with a user who is in the Privileged role administrator role.

  2. Open Azure AD Privileged Identity Management. If you have a banner on the top of the overview page, follow the instructions in the New version tab of this article. Otherwise, follow the instructions in the Previous version tab.

    Azure AD roles new version

Follow these steps to view the audit history for Azure AD roles.

View resource audit history

Resource audit gives you a view of all activity associated with your Azure AD roles.

  1. Open Azure AD Privileged Identity Management.

  2. Select Azure AD roles.

  3. Select Resource audit.

  4. Filter the history using a predefined date or custom range.

    Resource audit list with filters

View my audit

My audit enables you to view your personal role activity.

  1. Open Azure AD Privileged Identity Management.

  2. Select Azure AD roles.

  3. Select the resource you want to view audit history for.

  4. Select My audit.

  5. Filter the history using a predefined date or custom range.

    Audit list for the current user

Next steps