|
1 | 1 | --- |
2 | 2 | title: Use Microsoft Entra ID with the Azure mobile app |
3 | 3 | description: Use the Azure mobile app to manage users and groups with Microsoft Entra ID. |
4 | | -ms.date: 03/08/2024 |
| 4 | +ms.date: 04/04/2024 |
5 | 5 | ms.topic: conceptual |
6 | 6 | --- |
7 | 7 |
|
@@ -54,6 +54,30 @@ To [manage authentication methods](/entra/identity/authentication/concept-authen |
54 | 54 | > [!NOTE] |
55 | 55 | > You won't see the **Authentication methods** card if you don't have the appropriate permissions to manage authentication methods and/or password changes for a user. |
56 | 56 |
|
| 57 | +## Investigate risky users and sign-ins |
| 58 | + |
| 59 | +[Microsoft Entra ID Protection](/entra/id-protection/overview-identity-protection) provides organizations with reporting they can use to [investigate identity risks in their environment](/entra/id-protection/howto-identity-protection-investigate-risk). |
| 60 | + |
| 61 | +If you have the [necessary permissions](/entra/id-protection/overview-identity-protection), you'll see details in the **Risky users** and **Risky sign-ins** sections within **Microsoft Entra ID**. You can open these sections to view more information and perform some management tasks. |
| 62 | + |
| 63 | +### Manage risky users |
| 64 | + |
| 65 | +1. In **Microsoft Entra ID**, scroll down to the **Security** card and then select **Risky users**. |
| 66 | +1. Search or scroll to find and select a specific risky user. |
| 67 | +1. Review basic information for this user, a list of their risky sign-ins, and their risk history. |
| 68 | +1. Select the three dots near the top of the screen to [take action on the user](/entra/id-protection/howto-identity-protection-investigate-risk). You can: |
| 69 | + |
| 70 | + * Reset the user's password |
| 71 | + * Confirm user compromise |
| 72 | + * Dismiss user risk |
| 73 | + * Block the user from signing in (or unblock, if previously blocked) |
| 74 | + |
| 75 | +## Monitor risky sign-ins |
| 76 | + |
| 77 | +1. In **Microsoft Entra ID**, scroll down to the **Security** card and then select **Risky sign-ins**. It may take a minute or two for the list of all risky sign-ins to load. |
| 78 | +1. Search or scroll to find and select a specific risky sign-in. |
| 79 | +1. Select the risky sign-in to view more details about the sign-in. To perform actions such as blocking the user, follow the steps in the previous section. |
| 80 | + |
57 | 81 | ## Activate Privileged Identity Management (PIM) roles |
58 | 82 |
|
59 | 83 | If you have been made eligible for an administrative role through Microsoft Entra Privileged Identity Management (PIM), you must activate the role assignment when you need to perform privileged actions. This activation can be done from within the Azure mobile app. |
|
0 commit comments