MS Graph API restrict auditlog access to just password reset logs

Wayne Hoy 20 Reputation points

We are looking to pull data from Azure auditlogs into ServiceNow so we can generate survey records on password resets. We are looking at using MS Graph to pull the data but I can only see permissions in MS Graph to auditlogs as a whole, and not for a subset of records (AuditLog.Read.All;Directory.Read.All) . Is there a way to restrict the access given to ServiceNow in the enterprise app to only be able to see password resets and not all auditlogs ?


Microsoft Graph
Microsoft Graph
A Microsoft programmability model that exposes REST APIs and client libraries to access data on Microsoft 365 services.
10,521 questions
0 comments No comments
{count} votes

Accepted answer
  1. Vasil Michev 94,911 Reputation points MVP

    Nope, the Graph model is based on those "wide" scopes, and especially in the application permissions model there's nothing you can do to restrict them. You can of course filter any unwanted events in code, or export to an external system and enforce controls therein.

    0 comments No comments

0 additional answers

Sort by: Most helpful