Microsoft Security | Microsoft Graph
An API that connects multiple Microsoft services, enabling data access and automation across platforms
Microsoft Graph Reports API returning 404 for valid date and period parameters
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(208, 84%, 30%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EKH%3C/text%3E%3C/svg%3E)
Khalid Hasan
0
Reputation points
Several Microsoft Graph Reports API endpoints that previously worked are now consistently returning 404 errors when using valid date or period parameters, despite unchanged payloads and permissions. The same endpoints correctly return validation errors when an invalid date is supplied, suggesting partial parameter parsing but failed execution for valid values.
Affected Endpoints
The following endpoints are affected:
reportRoot/getOneDriveActivityUserDetail
reportRoot/getTeamsUserActivityUserDetail
reportRoot/getSharePointActivityUserDetail
Documentation references:
Expected Behavior
When using:
A valid date (within the supported 30-day window), or
A valid period value (e.g., D7, D30),
The API should return a CSV response with user activity data, as documented and as it did earlier this week.
Actual Behavior
All requests using valid date or period parameters now return a 404 error with the following response body:
{
"error": {
"code": "Unknown",
"message": "Invalid parameters."
}
}
This occurs across all three endpoints listed above.
Additional Observations
If we intentionally use a date older than 30 days, the API responds with the expected validation error indicating the date is outside the allowed range.
This suggests:
The API is parsing the parameters
But fails when valid values are supplied
The payload, permissions, and request format have **not changed** on our end.
These same requests were working earlier this week using identical payloads.
```---
### Permissions Used
The application is configured with the required **Microsoft Graph Reports permissions**, including:
`Reports.Read.All`
(Admin consent granted)
---
### Sample Request
```yaml
GET https://graph.microsoft.com/v1.0/reports/getSharePointActivityUserDetail(date=2026-01-15)
Authorization: Bearer {token}
(Equivalent behavior observed with period=D7, period=D30, etc.)
Impact
This issue blocks our ability to:
Generate activity-based billing reports
Perform operational analytics across Teams, OneDrive, and SharePoint usage
Maintain parity with previously functioning automated workflows
Question
Can you confirm:
Whether there was a recent backend change to these Reports endpoints?
If the date and period parameters are still supported as documented?
Whether this is a known issue or service regression?
Environment
Microsoft Graph API: v1.0
Authentication: Application permissions
Region: Canada (tenant-based)
- Issue started: January 30, 2026
Microsoft Security | Microsoft Graph
Sign in to answer