Share via

MS Graph API restrict auditlog access to just password reset logs

Wayne Hoy 20 Reputation points
2023-03-16T15:58:50.35+00:00

We are looking to pull data from Azure auditlogs into ServiceNow so we can generate survey records on password resets. We are looking at using MS Graph to pull the data but I can only see permissions in MS Graph to auditlogs as a whole, and not for a subset of records (AuditLog.Read.All;Directory.Read.All) . Is there a way to restrict the access given to ServiceNow in the enterprise app to only be able to see password resets and not all auditlogs ?

Thanks

Microsoft Graph
Microsoft Graph
A Microsoft programmability model that exposes REST APIs and client libraries to access data on Microsoft 365 services.
13,580 questions
0 comments
Accepted answer
  1. Vasil Michev 117.9K Reputation points MVP Moderator
    2023-03-16T16:15:44.3633333+00:00

    Nope, the Graph model is based on those "wide" scopes, and especially in the application permissions model there's nothing you can do to restrict them. You can of course filter any unwanted events in code, or export to an external system and enforce controls therein.

    0 comments

0 additional answers

Sort by: Most helpful
Most helpful Newest Oldest

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.