Last Login for Accounts

The Microsoft Entra ID connector can retrieve the last login date and time for individual users. This information can enable governance workflows to certify access and remove long-standing access if it's no longer needed.

The connector uses the MS Graph API to retrieve the last login account data.

This feature retrieves the following login information:

Interactive authentication method – Enable the lastSignInDateTime attribute to retrieve the last time a user logged into the directory with an interactive authentication method.
Non-interactive authentication method – Enable the lastNonInteractiveSignInDateTime attribute to retrieve the last time a client signed in to the directory on behalf of a user.

The connector retrieves last log in information during the following connector operations:

Account aggregation
Get account

Prerequisite

You must have an Microsoft Entra ID P1/P2 license to use this feature.

Administrator Permissions

To retrieve the last login account data, the MS Graphs API requires you to assign it the AuditLog.Read.All API permission.

Feedback is provided as an informational resource only and does not form part of SailPoint's official product documentation. SailPoint does not warrant or make any guarantees about the feedback (including without limitation as to its accuracy, relevance, or reliability). All feedback is subject to the terms set forth at https://developer.sailpoint.com/discuss/tos.


	You are here:

Last Login for Accounts

Prerequisite

Administrator Permissions

Documentation Feedback