Report Azure AD user IDs last logon timestamp using Microsoft Graph API

It’s been a while since I’ve updated my blog so here we go!

This is a step-instruction guide on how to generate Azure AD reports listing all users’ last logon time. This is particularly handy as is not possible to generate any such report using AzureAD or AzureADPreview PowerShell modules.


  • Azure Active Directory
  • Web browser
  • Microsoft Graph API delegate permissions
    • User.Read.All
    • Directory.Read.All
    • Directory.AccessAsUser.All


  1. Launch your web browser and navigate to
  2. Click Sign in to Graph Explorer and login using your Azure AD tenant credentials.
  1. Once you have successfully signed in, run the following query$top=999&$select=displayName,userPrincipalName,signInActivity.
  1. When successful, our output will be produced in JSON format within the bottom pane, response preview tab per below.
  1. Select all (CTRL + A) within the bottom response preview tab and copy (CTRL + C).
  2. Go to and convert your JSON output to CSV.
  3. Open your CSV file using Microsoft Excel, filter and sort last login column from A-Z (which also sorts out in date order).
  1. Congratulations! You have successfully generated an Azure AD report detailing last logon timestamps for your organisation using Microsoft Graph API.