3,295 questions
HI, try this:
https://office365itpros.com/2019/10/15/report-old-guest-accounts/
How to pull Guest accounts details with last login details
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(128, 8%, 22%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EA%3C/text%3E%3C/svg%3E)
Anonymous
Hi Team,
Am looking to Pull the Guest account details with users last Sign-In details so that we can find out which Guest user account is currently in-use actively and which are not.
Microsoft Security | Microsoft Entra | Microsoft Entra External ID
Microsoft Security | Microsoft Entra | Microsoft Entra ID
25,208 questions
2 answers
Sort by: Most helpful
-
Andy David - MVP 157.8K Reputation points2023-12-04T12:45:37.1166667+00:00 -
Anonymous
2023-12-04T13:02:28.01+00:00 Thanks for your response Andy.
Through this we can export the details of Old Guest Accounts (since when they created). But am looking to export guest user account with Last sign-in details so based on that we can do the clean up.
-
Anonymous
2023-12-07T11:20:09.7166667+00:00 Hi Community, Please help me to get these details.
Sign in to comment -
-
JamesTran-MSFT 36,911 Reputation points Microsoft Employee Moderator2024-01-04T19:13:09.2666667+00:00 Thank you for your post and I apologize for the delayed response!
To pull the Guest account details with users last Sign-In details, you should be able to leverage the Microsoft Graph API. To hopefully help point you in the right direction, I'll share the steps below.
How To: Manage inactive user accounts
Inactive accounts are user accounts that aren't required anymore by members of your organization to gain access to your resources. One key identifier for inactive accounts is that they haven't been used for a while to sign in to your environment. Because inactive accounts are tied to the sign-in activity, you can use the timestamp of the last time an account attempted to sign in to detect inactive accounts.
Prerequisites: To access the
lastSignInDateTimeproperty using Microsoft Graph:You need a Microsoft Entra ID P1 or P2 edition license.
- You need to grant the app the following Microsoft Graph permissions:
- AuditLog.Read.All
- User.Read.All
You can detect inactive accounts by evaluating the
lastSignInDateTimeproperty exposed by thesignInActivityresource type of the Microsoft Graph API. ThelastSignInDateTimeproperty shows the last time a user attempted to make an interactive sign-in attempt in Microsoft Entra ID. Using this property, you can implement a solution for the following scenarios:- Last sign-in date and time for all users: In this scenario, you need to generate a report of the last sign-in date of all users. You request a list of all users, and the last
lastSignInDateTimefor each respective user:-
https://graph.microsoft.com/v1.0/users?$select=displayName,signInActivity
-
Additional Links:
How to investigate a single user - Azure Portal
You can also view a user's latest sign-in details (interactive / non-interactive) within Microsoft Entra ID to determine if the user(s) has been active or not.
- Sign in to the Microsoft Entra admin center as at least a Reports Reader.
- Browse to Identity > Users > All users.
- Select Manage View > Edit Column.
- Select: Last interactive sign-in time & Last non-interactive sign-in time
Additional Link:
I hope this helps!
If you have any other questions, please let me know. Thank you for your time and patience throughout this issue.
If the information helped address your question, please Accept the answer. This will help us and also improve searchability for others in the community who might be researching similar information.