Microsoft Entra ID Can Now Record Timestamp for Last Successful User Sign-ins

Cloud Computing

Key Takeaways:

  • Microsoft has announced that Entra ID can now record the last successful sign-in activity for user accounts.
  • The new lastSuccessfulSignInDateTime property is accessible through the Graph beta endpoint.
  • The feature requires customers to have Microsoft Entra ID P1 licenses.

Microsoft has announced that Entra ID customers can now track the last successful sign-in activity for user accounts. This new feature streamlines user account management and provides a solution to reduce the frustrations previously associated with relying solely on sign-in logs.

The signInActivity resource is a component of the Microsoft Graph API that allows Entra ID customers to retrieve information about the last sign-in attempts made by a specific user. This resource provides details about both interactive and non-interactive sign-in attempts, making it easier to manage inactive user accounts.

Previously, the signInActivity resource type supported the LastSignInDateTime property for reviewing user account activity. Microsoft Entra ID customers had to go through sign-in logs to find the last successful sign-in of a user within their Microsoft 365 tenants. Moreover, this process required IT administrators to filter out failed sign-in attempts to identify successful ones, leading to frustration.

Microsoft explained that the lastSuccessfulSignInDateTime property captures data of the most recent successful interactive sign-in activity for each user account. It stores this data in the user object and is not subject to the 30-day limit imposed by sign-in logs.

LastSuccessfulSignInDateTime Limitations

Microsoft notes that organizations need to have a Microsoft Entra ID P1 license to access sign-in reports through the Graph. Currently, the LastSuccessfulSignInDateTime property is only available through the beta endpoint. Unfortunately, there is no ETA on when it will be available via the V1.0 API endpoint.

Furthermore, Microsoft Entra ID only records the timestamp for user accounts who sign in after December 1, 2023. This means that customers won’t have access to data before this date, and you can find more details on this support page.