Share via

How to monitor SPO, EXO, ODB and Teams access requests in M365 tenant and make sure there are no any unauthorized access requests? Any PowerShell or GUI, Graph script for this?

Vinod Survase 4,781 Reputation points
2023-08-28T10:07:30.1733333+00:00

How to monitor SPO, EXO, ODB and Teams access requests in M365 tenant and make sure there are no any unauthorized access requests? Any PowerShell or GUI, Graph script for this?

Exchange Online
Exchange Online
A Microsoft email and calendaring hosted service.
6,188 questions
Microsoft 365 and Office | Install, redeem, activate | For business | Windows
Microsoft 365 and Office | SharePoint | For business | Windows
Microsoft Teams | Microsoft Teams for business | Other

2 answers

Sort by: Most helpful
Most helpful Newest Oldest
  1. Muhammad Binyameen 395 Reputation points
    2023-08-28T13:53:53.93+00:00

    To monitor and ensure there are no unauthorized access requests in your M365 tenant for SPO (SharePoint Online), EXO (Exchange Online), ODB (OneDrive for Business), and Teams, you can utilize a combination of PowerShell scripts and the Microsoft Graph API. Here are the steps you can follow:

    1. For SharePoint Online (SPO) access requests:
    • You can use the SharePoint Online Management Shell to manage access requests. You can write PowerShell scripts to get access requests, approve or decline them, and monitor any unauthorized access requests.
    1. For Exchange Online (EXO) access requests:
    • You can use PowerShell and the Exchange Online PowerShell module to manage mailbox permissions and access requests. You can write PowerShell scripts to get access requests, approve or decline them, and monitor any unauthorized access requests.
    1. For OneDrive for Business (ODB) access requests:
    • You can use the SharePoint Online Management Shell or the Microsoft 365 admin center to manage access requests for OneDrive for Business. Again, you can write PowerShell scripts to get access requests, approve or decline them, and monitor any unauthorized access requests.
    1. For Microsoft Teams access requests:
    • Currently, there is no specific PowerShell or Graph API support for managing access requests in Microsoft Teams. However, you can monitor and manage access requests through the Teams admin center in the Microsoft 365 admin center.

    It's important to note that monitoring and managing access requests in M365 requires administrative privileges. Ensure that appropriate security measures are in place, such as enabling Multi-Factor Authentication (MFA) for admins and following least privilege principles.

    Please note that the provided options involve technical configurations, and it's recommended to work with a qualified IT professional or refer to official Microsoft documentation for detailed instructions and best practices.

    Is there anything else I can help you with?

    0 comments
  2. Yuki Sun-MSFT 41,376 Reputation points Moderator
    2023-08-29T02:13:29.6833333+00:00

    Hi @Vinod Survase ,

    How to monitor SPO, EXO, ODB and Teams access requests in M365 tenant and make sure there are no any unauthorized access requests? Any PowerShell or GUI, Graph script for this?

    You can review and analyze the sign-in logs via Microsoft Entra admin center (Azure portal). Filter out the failed sign-in attempts to see if there are any suspicious unauthorized access requests.
    User's image

    For more information about Sign-in logs, hopefully you can find the document below helpful
    What are Azure Active Directory sign-in logs?

    If the answer is helpful, please click "Accept Answer" and kindly upvote it. If you have extra questions about this answer, please click "Comment".

    Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.