View update and sign-in activities for Managed identities

This article will explain how to view updates carried out to managed identities, and sign-in attempts made by managed identities.

Prerequisites

View updates made to user-assigned managed identities

This procedure demonstrates how to view updates carried out to user-assigned managed identities

  1. In the Azure portal, browse to Activity Log.

Browse to the activity log in the Azure portal

  1. Select the Add Filter search pill and select Operation from the list.

Start building the search filter

  1. In the Operation dropdown list, enter these operation names: "Delete User Assigned Identity" and "Write UserAssignedIdentities".

Add operations to the search filter

  1. When matching operations are displayed, select one to view the summary.

View summary of the operation

  1. Select the JSON tab to view more detailed information about the operation, and scroll to the properties node to view information about the identity that was modified.

View detail of the operation

View role assignments added and removed for managed identities

Note

You will need to search by the object (principal) ID of the managed identity you want to view role assignment changes for

  1. Locate the managed identity you wish to view the role assignment changes for. If you're looking for a system-assigned managed identity, the object ID will be displayed in the Identity screen under the resource. If you're looking for a user-assigned identity, the object ID will be displayed in the Overview page of the managed identity.

User-assigned identity:

Get object ID of user-assigned identity

System-assigned identity:

Get object ID of system-assigned identity

  1. Copy the object ID.
  2. Browse to the Activity log.

Browse to the activity log in the Azure portal

  1. Select the Add Filter search pill and select Operation from the list.

Start building the search filter

  1. In the Operation dropdown list, enter these operation names: "Create role assignment" and "Delete role assignment".

Add role assignment operations to the search filter

  1. Paste the object ID in the search box; the results will be filtered automatically.

Search by object ID

  1. When matching operations are displayed, select one to view the summary.

Summary of role assignment for managed identity

View authentication attempts by managed identities

  1. Browse to Azure Active Directory.

Browse to active directory

  1. Select Sign-in logs from the Monitoring section.

Select sign-in logs

  1. Select the Managed identity sign-ins tab.

managed identity sign-in

  1. The sign-in events will now be filtered by managed identities.

managed identity sign-in events

  1. To view the identity's Enterprise application in Azure Active Directory, select the “Managed Identity ID” column.
  2. To view the Azure resource or user-assigned managed identity, search by name in the search bar of the Azure portal.

Next steps