Azure AD sign-in activity log should record and show sign-ins from service principal
Currently, Azure AD sign-in activity log only shows user activities. Sign-ins from service principal (certificate or client id/key) is not recorded. So it is difficult for customers to know if service principal is maliciously used by certificate or key leak.
Need this feature
Luke Kraehenbuehl commented
How is this not a feature?
I want to be able to audit the usage of an SP/App registraion
Scott Heath commented
I was looking into this as well today as I want to clean up old and unused service principal and app registrations. Being able to see login information would be super helpful.
Amit Henry commented
is there any update on this issue , are there plans to make sing-ins logs from SP available in near future ?