Access to the Sign-Ins report to review MFA events

Occasional Contributor

I work on the MFA Team at our company and we are a small group of people within the larger organization and we need to have granular access to specifically see the MFA events in Azure AD. At my old business I used to be a GA but at the new one we are very particular about who has access to what (which makes sense). 


I found this article:


It notes that you need to be a GA in order to access the Sign-Ins report in order to view MFA events. Is this true? Is there another security role that can be assigned to get access to this?

3 Replies

Not sure if that's necessarily true, roles such as Global Reader/Reports Reader should also be able to access sign-in logs and all the details... but too lazy to test it now :)

An alternative approach would be to get them events via the Graph API.

@Vasil Michev That is my feeling as well. But I do already both Global Reader and Reports Reader myself and I am still not able to access this. 


The Graph API might be a possibility but I was hoping it would be easier than that. 

best response confirmed by Obliquity (Occasional Contributor)

@Vasil Michev I have this figured out. It appears you need the Security Reader role.