Hi @Uzzaman, Hasan , to extract the sign-in logs for all members of a particular Azure AD group, you can use the Microsoft Graph API. Here's a step-by-step process:
- First, you need to obtain an access token for the Microsoft Graph API. Follow the instructions in the Microsoft Graph documentation to register an application and grant the necessary permissions.
- Next, query the group members using the Microsoft Graph API. Replace
YOUR_GROUP_ID
with the actual group ID:GET https://graph.microsoft.com/v1.0/groups/YOUR_GROUP_ID/members
- Parse the response to extract the user principal names (UPNs) or object IDs of the group members.
- For each user, query the sign-in logs using the Microsoft Graph API. Replace
USER_UPN_OR_OBJECT_ID
with the actual UPN or object ID of the user:GET https://graph.microsoft.com/beta/auditLogs/signIns?filter=userPrincipalName eq 'USER_UPN_OR_OBJECT_ID'
Alternatively, you can filter by date range or other criteria as needed. - Combine the sign-in logs for all users as required. Please note that you might need to handle pagination in the API responses if the number of group members or sign-in logs is large. Refer to the Microsoft Graph documentation for more information on handling pagination. Keep in mind that accessing sign-in logs requires an Azure Active Directory P1 or P2 license. Please let me know if you have any questions and I can help you further. If this answer helps you please mark it as "Verified" so other users can reference it. Thank you, James