question

MMadmin-8891 avatar image
0 Votes"
MMadmin-8891 asked MMadmin-8891 answered

Has anything changed in auditLogs or identityRiskEvents endpoints recently?

1) Endpoint: https://graph.microsoft.com/beta/auditLogs/signIns

New users of our app that are verified to have P1 Azure AD license applied to their tenant are giving us the following api response (note: we have not changed our code for making these requests in a very long time),

 "Neither tenant is B2C or tenant doesn't have premium license"

I've done the following

My main goal is to exhaust all resources to verify that we are not making these requests incorrectly and get details on any changes to the way these endpoint are to be used. We have advised these customers to contact Microsoft support to ensure there is no issue with their licensing.

2) Endpoint: https://graph.microsoft.com/beta/identityRiskEvents?$top=999


We have been receiving HTTP response code: 400 for these requests on many existing customers, there have been no code changes made on our application.

Want to verify if any changes have been made to this endpoint or the way requests should be formed.


If any additional information is needed please let me know.

Thank you






azure-active-directoryazure-ad-graph
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

michev avatar image
0 Votes"
michev answered

It looks like Microsoft is more aggressively enforcing licensing terms across multiple Graph endpoints nowadays, here's a reply given on a similar issue for the credentialUserRegistrationDetails endpoint:

In general, our licensing team requires that programmatic export of Azure AD data requires P1 or above

5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

MMadmin-8891 avatar image
0 Votes"
MMadmin-8891 answered michev commented

Thanks for the quick reply @michev

We have verified on each customer that is causing this error response, that they do indeed have Azure AD license level P1 or above. We are able to pull their licenses via API and I have seen on a screen share in their Azure admin portal that it is applied to their tenant.

· 1
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

If that's the case, best open a support ticket and report this.

0 Votes 0 ·