Identity and access reports API overview
Important
APIs under the /beta version in Microsoft Graph are subject to change. Use of these APIs in production applications is not supported. To determine whether an API is available in v1.0, use the Version selector.
With Microsoft Graph, you can programmatically accesss identity and access reports to monitor and troubleshoot all activities in your tenant. In addition, you can analyze these logs with Azure Monitor logs and Log Analytics, or stream to third-party SIEM tools for further investigations.
The availability of all Microsoft Entra identity and access reports is governed by the Microsoft Entra data retention policies.
Available reports
Application activity reports
AD FS application activity
The AD FS application activity report provides information about how a relying party is configured with Active Directory Federation Services (AD FS), its aggregated usage, and whether the relying party configuration can be migrated to Microsoft Entra ID. For more information, see the relyingPartyDetailedSummary resource.
Authentication methods registration and usage activity
Authentication methods activity reports provides information on the registration and usage of authentication methods in your tenant. For example, how many users are registered for an authentication method, how any are capable for MFA or SSPR, and so on. You can determine which authentication methods are more successful for your organization, what types of errors end users are running into, and what campaign you need to run to help your end users adopt the use of SSPR and MFA.
For more information, see authentication method usage APIs.
Microsoft Entra audit logs
Audit logs are available for sign-ins, activities in the directory, and provisioning. For more information, see Microsoft Entra audit logs.
Related content
- For more information about these reports, see Microsoft Entra monitoring and health