Forum Discussion
New Blog Post | Keeping track of object deletions in Microsoft Entra ID
Like any other service, Microsoft Entra ID is not immune to human errors, accidental deletions, or malicious attacks that could result in the loss of important data. Therefore, it is essential to have a Microsoft Entra ID recovery strategy, especially for the objects that are hard deleted when removed from the service.
Hard deletion means the object is permanently erased and cannot be restored by any means. The good news is that many objects support soft deletion, which means the object is marked as deleted in the service and moved to the recycle bin but not actually removed. The advantage of soft deletion is that the object can be recovered with its original configuration and dependencies, such as membership, assignments, and permissions, within 30 days. Therefore, it’s important to monitor and manage the soft-deleted objects in Microsoft Entra ID and decide whether to restore or permanently delete them.
Keep in mind:
- Users, Microsoft 365 Groups, (not security or distribution groups), and application registrations support soft deletion and can be restored using both the Microsoft Entra admin center and Microsoft Graph API.
- Service principals and administrative units can also be restored from the recycle bin but only via the Microsoft Graph API.
It’s important to note that while synchronized user objects also support soft deletion, they should be backed up and restored at the source (Active Directory). Re-synchronization will automatically trigger the restoration of soft-deleted objects from the recycle bin.
Read the full story here: Keeping track of object deletions in Microsoft Entra ID - Microsoft Community Hub