This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(48, 8%, 14%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EMK%3C/text%3E%3C/svg%3E)
The user profile get modified. We have know details like when it is modified & what time.
How to know what data is modified?
Hi,
You can check the AAD Audit logs via the Portal - Sign in to the Azure portal and go to Azure AD and select Audit log from the Monitoring section.
For this you should have access or roles assigned -
Reports Reader
Security Reader
Security Administrator
Global Reader
Global Administrator
Hope this helps.
JS
==
Please Accept the answer if the information helped you. This will help us and others in the community as well.
Hi,
Any other way, if we don't have this roles assigned?
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(214.4, 81%, 30%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EMT%3C/text%3E%3C/svg%3E)
Hi @Mahima Kankriya ,
To view the audit activity report and access the audit logs, you need to have at least one of the roles mentioned by @JimmySalian-2011 . This requirement is detailed in the Audit logs documentation. There isn't an out-of-the-box way to query specifically for information about when the profiles were last modified though, as there is no lastModifiedDateTime property.
For RBAC changes, you can view the data in the RBAC change history report. https://learn.microsoft.com/en-us/azure/role-based-access-control/change-history-report
Graph delta queries can also give you information about recently updated users. https://learn.microsoft.com/en-us/graph/delta-query-users?tabs=http
Since there is no "lastModifiedDateTime" property for user object types, you can alternatively query the createdDateTime to get Azure AD users created since a specific date.
Azure CLI commands:
az ad user list --filter "createdDateTime ge datetime'yyyy-MM-ddTHH:mm:ssZ'"
Graph API command:
https://graph.microsoft.com/beta/users?$filter=createdDateTime ge yyyy-MM-ddTHH:mm:ssZ &$select=displayName,createdDateTime,id
You need one of the permissions from this list to get the users.
You can also use the lastSignInDateTime to query sign-in details and get the list of last signed-in users within a specific time range. This requires a Premium P1 or P2 license and AuditLog.Read.All permissions.
GET https://graph.microsoft.com/beta/usersselect=signInActivity,displayName
Note that activity log data is only available for 90 days and audit events are retained for 30 day by default.
Let me know if this helps and if you have further questions.
Resources:
How to get list of recently created AD users based on lastModified
Extract last modified uses
Audit logs in Azure Active Directory
Show initiator of change
-
If the information helped you, please Accept the answer. This will help us and also improve discoverability for others in the community who might be researching similar information.