is the signInActivity and lastpasswordChangeTime no longer available in graph beta or am I doing it wrong?

asked 2021-04-16T13:31:19.34+00:00
Joe Whited 1 Reputation point

Forgive me, graph is new to me.
I've cobbled together the following script to pull data from graph beta using the select method. I do not get an error, but the result is pointedly missing anything in the resulting signInActivity and lastPasswordChangeDateTime fields. I think the registered app has the appropriate permissions or else it would have an error, right?
I followed some info I found here (and a couple other similar): https://www.michev.info/Blog/Post/2968/reporting-on-users-last-logged-in-date-in-office-365
Anyway, here's the script (with the domain, secret, and clientID randomized for safety, 'natch)

$clientID     = "this-is-where-clientID-would-go"  
$clientSecret = "this-is-where-secret-would-go-even-though-that's-not-good-form"  
$tenantDomain = "my-domain-name-here.onmicrosoft.com"  
   
$loginURL     = "https://login.microsoft.com"  
$resource     = "https://graph.microsoft.com"  
$body         = @{grant_type="client_credentials";resource=$resource;client_id=$ClientID;client_secret=$ClientSecret}  
$oauth        = Invoke-RestMethod -Method Post -Uri $loginURL/$tenantdomain/oauth2/token?api-version=1.0 -Body $body  
$uri		  = "https://graph.microsoft.com/beta/users?$select=accountenabled,signInActivity,createdDateTime,lastPasswordChangeDateTime"  
$ReportData = @()  
$HeaderParams = @{  
            'Content-Type'  = "application\json"  
            'Authorization' = "$($OAuth.token_type) $($OAuth.access_token)"  
			}  
  
do {  
            $Results = Invoke-RestMethod -Headers $HeaderParams -Uri $Uri -UseBasicParsing -Method "GET" -ContentType "application/json"  
            if ($Results.value) {  
                $ReportData += $Results.value  
            }  
            else {  
                $ReportData += $Results  
            }  
            $uri = $Results.'@odata.nextlink'  
    } until (!($uri))  
  
#this line would export to csv  
#$ReportData | Select-object -property userPrincipalName,accountenabled,signInActivity,createdDateTime,lastPasswordChangeDateTime |  Export-Csv .\AZ-Report-AzureUserAgingAndUse.csv  
  
#This line will show to screen  
$ReportData | Select-object -property userPrincipalName,accountenabled,signInActivity,createdDateTime,lastPasswordChangeDateTime | Out-GridView  

Here's a sample of what I get:
88548-2021-04-16-09-14-32-reportdata-select-object-prope.png

Any ideas?

Microsoft Graph Users API
Microsoft Graph Users API
A Microsoft API that allows you to build compelling app experiences based on users, their relationships with other users and groups, and the resources they access for example their mails, calendars, files, administrative roles, group memberships.
545 questions
No comments
{count} votes

1 answer

Sort by: Most helpful
  1. answered 2021-04-16T13:49:03.763+00:00
    Vasil Michev 61,461 Reputation points Microsoft MVP

    No need to use /beta, that's already available in /v1.0. Both endpoints work fine for me, but you can expect null values for users that have never logged in. Other than that, check the scopes in your access token.