Passwordless event logs in Azure AD

Leo Becerra 21 Reputation points
2021-01-15T18:30:16.637+00:00

Hi, as we move forward with enabling passwordless authentication for our users in Azure AD. I'm trying to figure out if there is a way to report on the number of users that are currently using Passwordless authentication in our tenant. This will help us determine adoption rate and track our progress. I have done some research but have not been able to find an answer yet.

Thanks,
Leo

Microsoft Entra ID
Microsoft Entra ID
A Microsoft Entra identity service that provides identity management and access control capabilities. Replaces Azure Active Directory.
19,909 questions
0 comments No comments
{count} votes

Accepted answer
  1. James Hamil 22,431 Reputation points Microsoft Employee
    2021-01-15T22:27:42.487+00:00

    Hi @Leo Becerra , unfortunately it looks like this feature does not yet exist. A lot of people have been asking for greater capabilities for event logs so hopefully it is added in the future. I would submit a feature request here, and maybe it will help speed things up a bit. I'm going to research a bit more with custom metrics to see if something similar can be accomplished, but for now it does not look likely. I will let you know what I find!

    Best,
    James

    0 comments No comments

2 additional answers

Sort by: Most helpful
  1. Leo Becerra 21 Reputation points
    2021-01-19T16:23:24.113+00:00

    Thanks @James Hamil , I voted for this one.

    0 comments No comments

  2. Sarthak Sahoo 1 Reputation point
    2022-10-05T03:21:59.15+00:00

    @Leo Becerra You can check for users using Passwordless authentication method if you have Log analytics workspace enabled in your tenant and you send AAD logs to it .

    A simple KQL query like this would work , if you wanna go fancy you can create workbooks out of it and display it in a map or chart .

    Workbook vizualization - https://learn.microsoft.com/en-us/azure/azure-monitor/visualize/workbooks-visualizations

    SigninLogs
    | where parse_json(AuthenticationDetails)[0].authenticationMethod == "FIDO2 security key" or parse_json(AuthenticationDetails)[0].authenticationMethod == "Passwordless phone sign-in"

    To get total count add

    | summarize TotalCount = count()

    To get count by location add

    | summarize Count = count() by tostring(LocationDetails.countryOrRegion)

    247642-image.png

    247643-image.png

    0 comments No comments