Forward Client IPs through GraphAPI for Azure Sign-in /Audit logs?

Evan 0 Reputation points
2023-05-19T00:53:07.5566667+00:00

Hello, 

I am a developer and at my organization and we have a microservice that integrates with customer Azure instances with the Graph API. 

 

Problem is in the Sign-in/Audit logs, the Ip address listed is always from the datacenter where my service is being hosted. 

I want to forward my client's IP address in my queries so my customers can see in their logging the true IP

I have tried the standard headers known for this use case for LBs, but to no avail. 

"X-MS-Forwarded-Client-IP"
"X-Forwarded-Client-IP"
"X-Forwarded-For"

Is this possible? thanks

Microsoft Graph
Microsoft Graph
A Microsoft programmability model that exposes REST APIs and client libraries to access data on Microsoft 365 services.
10,716 questions
0 comments

1 answer

Sort by: Most helpful
Most helpful Newest Oldest
  1. Patchfox 3,786 Reputation points
    2023-05-20T16:13:44.8933333+00:00

    Hi Evan, I want to answer your question.

    If I understand your question correctly you want to see the IP of the Client not the Datacenter Outbound IP in the Azure AD Sing In logs. Unfortunately, that is not possible because of NATing and no control over the Entries in the log.

    I hope this will answer your question.

    If the reply was helpful, please don’t forget to upvote or accept it as an answer, thank you.

    0 comments