Consent phishing impact assessment

Occasional Visitor

Is it possible to see which scopes an app has *actually used* in Office 365 and, even better, how? Thinking about how to fully understand the impact of "consent phishing”. E.g. app asks for - did it download the mailbox? Thanks!

1 Reply

The only way to get such information is by crawling the unified audit log... and depending on the workload you might not even be able to filter them based on the application id.