You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: articles/active-directory-b2c/active-directory-b2c-reference-audit-logs.md
+9-5Lines changed: 9 additions & 5 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -58,7 +58,10 @@ The activity details panel contains the following relevant information:
58
58
59
59
## View audit logs in the Azure portal
60
60
61
-
1. Sign in to the [Azure portal](https://portal.azure.com), switch to the directory that contains your Azure AD B2C tenant, and then browse to **Azure AD B2C**.
61
+
The Azure portal provides access to the audit log events in your Azure AD B2C tenant.
62
+
63
+
1. Sign in to the [Azure portal](https://portal.azure.com)
64
+
1. Switch to the directory that contains your Azure AD B2C tenant, and then browse to **Azure AD B2C**.
62
65
1. Under **Activities** in the left menu, select **Audit logs**.
63
66
64
67
A list of activity events logged over the last seven days is displayed.
@@ -72,20 +75,20 @@ Several filtering options are available, including:
72
75
73
76
If you select a row in the list, the activity details for the event are displayed.
74
77
75
-
To download the ist of activity events in a comma-separated values (CSV) file, select **Download**.
78
+
To download the list of activity events in a comma-separated values (CSV) file, select **Download**.
76
79
77
80
## Get audit logs with the Azure AD reporting API
78
81
79
82
Audit logs are published to the same pipeline as other activities for Azure Active Directory, so they can be accessed through the [Azure Active Directory reporting API](https://docs.microsoft.com/graph/api/directoryaudit-list). For more information, see [Get started with the Azure Active Directory reporting API](../active-directory/reports-monitoring/concept-reporting-api.md).
80
83
81
84
### Enable reporting API access
82
85
83
-
To authenticate to the Azure AD reporting API, you need an Azure Active Directory application registered in your Azure AD B2C tenant with the following API permissions:
86
+
To allow script- or application-based access to the Azure AD reporting API, you need an Azure Active Directory application registered in your Azure AD B2C tenant with the following API permissions:
84
87
85
88
* Microsoft Graph
86
89
* Application: Read all audit log data
87
90
88
-
You can use an existing application registration, or create a new one specifically for use with audit log automation.
91
+
You can enable these permissions on an existing application registration within your B2C tenant, or create a new one specifically for use with audit log automation.
89
92
90
93
To create a new application, assign the required API permissions, and create a client secret, perform the following steps:
91
94
@@ -128,7 +131,8 @@ The following PowerShell script shows an example of how to query the Azure AD re
128
131
You can try this script in the [Azure Cloud Shell](../cloud-shell/overview.md). Be sure to update it with your application ID, key, and the name of your Azure AD B2C tenant.
129
132
130
133
```powershell
131
-
# This script requires the registration of a Web Application in Azure Active Directory (see https://docs.microsoft.com/azure/active-directory/reports-monitoring/concept-reporting-api)
134
+
# This script requires the registration of a Web Application in Azure Active Directory:
0 commit comments