Forum Discussion

ThomasBirk's avatar
ThomasBirk
Copper Contributor
Mar 08, 2021

Permissions to extract SignInActivity from MS Graph

Hi,

 

I'm trying to extract SignInActivity from MS Graph but am receiving an error.

Query:
https://graph.microsoft.com/beta/users?$select=UserType,UserPrincipalName,DisplayName,SignInActivity

Generates error:
{
"error": {
"code": "Authentication_RequestFromUnsupportedUserRole",
"message": "User is not in the allowed roles",
"innerError": {
"date": "2021-03-08T15:00:42",
"request-id": "[hidden]",
"client-request-id": "[hidden]"
}
}
}

BTW, this works (excluding SignInActivity)
https://graph.microsoft.com/beta/users?$select=UserType,UserPrincipalName,DisplayName

Permissions consented (among others):
AuditLog.Read.All
Directory.AccessAsUser.All
Directory.Read.All
Organization.Read.All
User.Read
User.Read.All
User.ReadBasic.All
User.ReadWrite
User.ReadWrite.All

Which permission/role is missing?

Thanks,
Thomas

Resources