Make SPN (non-interactive) login events logged and available
Currently in Azure AD when using SPN (non-interactive) logins via code (.Net, Powershell, etc.) for automated processes (server to server communication/API) that interact with Azure, there is no event in Azure AD logs to show that this login has occurred. Please make this exposed in the logs in the same fashion that an interactive user login is logged. This is not only beneficial for troubleshooting, but more importantly from a security, compliance, and risk audit trail standpoint.
Steven Grinker
shared this idea
We are working on this but we don’t have a public ETA to share at this time. We will keep you updated as we get closer.
8 comments
-
Jon Webster
commented
Vendor claims their product didn't make changes to our environment, but we have evidence the enterprise application used only by them made the change. There is no way to prove what happened without this capability.
-
Steven Grinker
commented
Any updates since Dec 1, 2017 on this? Shouldn't this have been marked as "Under Review" based on that comment?
-
eddy
commented
Any news from Microsoft on this request?
-
Walsh. Stephen (Enterprise Services)
commented
This would be very useful for troubleshooting and auditing
-
Dhanyah Krishnamoorthy
commented
Hi All,
We are looking to add this feature into our Sign-ins Activity logs in the near future. We will keep you posted.
-
Edmund C Soyza
commented
Hello, was just wondering if there has been any new developments on this? I actually opened a case with Microsoft to inquire how to get this info myself before I found this page.
-
JH
commented
Any update on this? Having no login information is especially problematic for SPN logins since no conditional access can be applied to them.
-
Hi,
We have received this feedback and looking to add this information in our Sign ins report. I will let you know as soon as I have an update
