Aug 21 2020 03:00 AM
Is it possible to see which scopes an app has *actually used* in Office 365 and, even better, how? Thinking about how to fully understand the impact of "consent phishing”. E.g. app asks for mail.read - did it download the mailbox? Thanks!
Aug 21 2020 08:31 AM
The only way to get such information is by crawling the unified audit log... and depending on the workload you might not even be able to filter them based on the application id.