Obtaining an Audit Log of All Requests Made to an Enterprise Application when accessing Graph API (Entreprise Application)

Cedric Vinci 0 Reputation points
2023-03-08T14:17:55.09+00:00

Hello everyone !

This is my first post on the forum and I have a question regarding the use of an Enterprise Application with the Microsoft Graph API. Specifically, I would like to know how I can obtain an audit log of all requests made to the Graph API when using an Enterprise Application.

My intention is to implement an Enterprise Application for security purposes and to comply with certain security policies that require logging of all requests made to the Graph API.

If my question is not clear enough, please let me know and I will provide further clarification.

Thank you in advance for your help.

Microsoft Graph
Microsoft Graph
A Microsoft programmability model that exposes REST APIs and client libraries to access data on Microsoft 365 services.
10,676 questions
Microsoft Entra ID
Microsoft Entra ID
A Microsoft Entra identity service that provides identity management and access control capabilities. Replaces Azure Active Directory.
19,598 questions

1 answer

Sort by: Most helpful
Most helpful Newest Oldest
  1. Vasil Michev 95,671 Reputation points MVP
    2023-03-08T18:01:08.61+00:00

    You cannot. Usage reporting for Graph API-based applications is something Microsoft is yet to deliver. Most "edit" operations should be visible in the Unified audit log, but there's no easy way to filter them out based on a given application ID. And for most workloads, "read only" operations are never logged, so you have no clue what the application is accessing.

    In addition, the App governance add-on for MDA offers some visibility, but that also leaves a lot to be desired.

    0 comments