Azure AD reporting API provides different ways to report activity from tenant. You can browse reports from graphical user interface or from reporting API with Graph API and Powershell, here is how to do latter one.
1.First of all you need to create an application to your tenant which can access to Graph API.
- Navigate to the Azure classic portal, into your Azure AD tenant and applications tab
- Click “Add an application my organization is developing”
- Name: Any name is fine. Something like “Reporting API Application” is recommended
- Type: Select “Web application and/or Web API”
- Click the arrow to move to the next page
- Sign-on URL: http://localhost
- App ID URI: http://localhost
2.Secondly you need to grant your application permission to read directory data
- Navigate to the Applications tab and to your newly created application
- Click the Configure tab
- In the “Permissions to Other Applications” section:
- In the Azure Active Directory > Application Permissions, select Read directory data
- Click Save on the bottom bar
3. Get your application “Client ID” and “Client secret”. You’ll need these when connecting to API
Client ID
- Navigate to the Applications tab and to your newly created application
- Navigate to the Configure tab
- Your application’s client ID is listed on the Client ID field
Application Secret
- Navigate to the Applications tab and to your newly created application
- Navigate to the Configure tab
- Generate a new secret key for your application by selecting a duration in the “Keys” section
- The key will be displayed upon saving. Make sure to copy it and paste it into a safe location, because there is no way to retrieve it later
4. Get Powershell reporting script from Microsoft Script Center, download it from here
5. Open Powershell and run the script, I used Azure AD Powershell
- UserID: Client ID
- Password: Application secret
And when script has executed you can see report from your password reset registration activity.
Sam, the reporting script link is broken. Am very interested in using the Graph API (and maybe others) to collect data from Azure and O365. Would like to see what your script is doing. Thanks!
Hi John,
Thanks for feedback. I found out same than you that link has been removed from Script Center. I tested tool I have created earlier and the problem is that API it uses has been deprecated as part of old azure classic portal. Only option is to create new solution which uses new API. Good place to start is in here https://docs.microsoft.com/en-us/azure/active-directory/active-directory-reporting-api-getting-started-azure-portal.
Thanks again for the information, I need to update this blog.