Hi @n1dy4t ,
Per my test, I agree with your opinion. It won't return who created external sharing link. Thanks for letting us know your user experience.
When I received the case, I searched a lot of documents did a lot of researches. And I feel regretful to inform you that it turns out to be a by-design one.
And I noticed that some end users have also proposed the same request, it is highly recommended that you can raise a feedback here. Many features of our current products are designed and upgraded based on customers’ feedback. With requirements like this increase, the problem may well be released in the future. Thanks for your understanding.
If the answer is helpful, please click "Accept Answer" and kindly upvote it. If you have extra questions about this answer, please click "Comment".
Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.
Thank you for your post!
Based off the Graph API call you're making you should be getting a list of audit logs generated by Azure Active Directory. You can also look into the Microsoft 365 usage reports in Microsoft Graph, specifically referring to the SharePoint activity reports, to get the activity of every user licensed to use SharePoint by looking at their interaction with files.
Since you're trying to find out
who shared files on your SharePoint Online tenant, I've added the office-sharepoint-server-development tag to this thread so their community can take a closer look into this.
Thank you for your time and patience throughout this issue.
Hello @JamesTran-MSFT ,
thanks for your time. I'll look into the usage reports over graph.