Azure AD 审核活动参考Azure AD audit activity reference

通过 Azure Active Directory (Azure AD) 报告,可以获取确定环境运行状况所需的信息。With Azure Active Directory (Azure AD) reports, you can get the information you need to determine how your environment is doing.

Azure AD 中的报告体系结构由以下部分组成:The reporting architecture in Azure AD consists of the following components:

  • 活动报告Activity reports
    • 登录 - 提供有关托管应用程序的使用情况和用户登录活动的信息Sign-ins - Provides information about the usage of managed applications and user sign-in activities
    • 审核日志 - 通过日志为 Azure AD 中的各种功能所做的所有更改提供可跟踪性。Audit logs - Provides traceability through logs for all changes done by various features within Azure AD.

本文列出了可以在审核日志中记录的审核活动。This articles lists the audit activities that can be logged in your audit logs.

访问评审Access reviews

审核类别Audit Category 活动Activity
访问评审Access Reviews 访问评审结束Access review ended
访问评审Access Reviews 向请求审核添加审核者Add approver to request approval
访问评审Access Reviews 向访问评审添加评审者Add reviewer to access review
访问评审Access Reviews 应用访问评审Apply access review
访问评审Access Reviews 创建访问评审Create access review
访问评审Access Reviews 创建程序Create program
访问评审Access Reviews 创建请求审核Create request approval
访问评审Access Reviews 删除访问评审Delete access review
访问评审Access Reviews 删除程序Delete program
访问评审Access Reviews 链接程序控件Link program control
访问评审Access Reviews 载入到 Azure AD 访问评审Onboard to Azure AD Access Reviews
访问评审Access Reviews 从访问评审删除评审者Remove reviewer from access review
访问评审Access Reviews 请求停止评审Request Stop Review
访问评审Access Reviews 请求应用评审结果Request apply review result
访问评审Access Reviews 评审 Rbac 角色成员身份Review Rbac Role membership
访问评审Access Reviews 评审应用分配Review app assignment
访问评审Access Reviews 评审组成员身份Review group membership
访问评审Access Reviews 评审请求审核请求Review request approval request
访问评审Access Reviews 取消链接程序控件Unlink program control
访问评审Access Reviews 更新访问评审Update Access Review
访问评审Access Reviews 更新 Azure AD 访问评审加入状态Update Azure AD Access Reviews Onboarding status
访问评审Access Reviews 更新访问评审邮件通知设置Update access review mail notification settings
访问评审Access Reviews 更新访问评审再评计数设置Update access review recurrence count setting
访问评审Access Reviews 更新以天为单位的访问评审再评持续时间设置Update access review recurrence duration in days setting
访问评审Access Reviews 更新访问评审再评结束类型设置Update access review recurrence end type setting
访问评审Access Reviews 更新访问评审再评类型设置Update access review recurrence type setting
访问评审Access Reviews 更新访问评审提醒设置Update access review reminder settings
访问评审Access Reviews 更新程序Update program
访问评审Access Reviews 更新请求审核Update request approval
访问评审Access Reviews 用户已禁用User disabled

帐户预配Account provisioning

审核类别Audit Category 活动Activity
应用程序管理Application Management 检索 V2 应用程序授权Retrieve V2 application permissions grants
应用程序管理Application Management 检索当前租户中的 V2 应用程序服务主体Retrieve V2 application service principals in the current tenant
应用程序管理Application Management 更新 V1 应用程序Update V1 application
应用程序管理Application Management 更新 V2 应用程序Update V2 application
应用程序管理Application Management 更新 V2 应用程序授权Update V2 application permission grant
应用程序管理Application Management 添加 OAuth2PermissionGrantAdd OAuth2PermissionGrant
应用程序管理Application Management 向服务主体添加应用角色分配Add app role assignment to service principal

自动密码滚动更新Automated password rollover

审核类别Audit Category 活动Activity
应用程序管理Application Management 删除服务主体凭据Remove service principal credentials

B2CB2C

审核类别Audit Category 活动Activity
应用程序管理Application Management 还原应用程序Restore application
应用程序管理Application Management 吊销许可Revoke consent
应用程序管理Application Management 更新应用程序Update application
应用程序管理Application Management 更新外部机密Update external secrets
应用程序管理Application Management 更新服务主体Update service principal
应用程序管理Application Management 向应用程序颁发访问令牌Issue an access token to the application
应用程序管理Application Management 向应用程序颁发授权代码Issue an authorization code to the application
应用程序管理Application Management 向应用程序颁发 id_tokenIssue an id_token to the application
应用程序管理Application Management 验证本地帐户凭据Validate local account credentials
应用程序管理Application Management 验证用户身份验证Validate user authentication
应用程序管理Application Management 添加 V2 应用程序权限Add V2 application permissions
应用程序管理Application Management 将基于 ASCII 机密的密钥添加到 CPIM 密钥容器Add a key based on ASCII secret to a CPIM key container
应用程序管理Application Management 将密钥添加到 CPIM 密钥容器Add a key to a CPIM key container
应用程序管理Application Management AdminPolicyDatas-SetResourcesAdminPolicyDatas-SetResources
应用程序管理Application Management AdminUserJourneys-GetResourcesAdminUserJourneys-GetResources
应用程序管理Application Management AdminUserJourneys-RemoveResourcesAdminUserJourneys-RemoveResources
身份验证Authentication AdminUserJourneys-SetResourcesAdminUserJourneys-SetResources
身份验证Authentication 创建 IdentityProviderCreate IdentityProvider
身份验证Authentication 创建 V1 应用程序Create V1 application
身份验证Authentication 创建 V2 应用程序Create V2 application
身份验证Authentication 在租户中创建自定义域Create a custom domains in the tenant
授权Authorization 创建新的 AdminUserJourneyCreate a new AdminUserJourney
授权Authorization 创建本地化资源 jsonCreate localized resource json
授权Authorization 创建新的自定义 IDPCreate new Custom IDP
授权Authorization 创建新的 IDPCreate new IDP
授权Authorization 创建或更新 B2C 目录资源Create or update a B2C directory resource
授权Authorization 创建策略Create policy
授权Authorization 创建 trustFramework 策略Create trustFramework policy
授权Authorization 创建前缀可配置的 trustFramework 策略Create trustFramework policy with configurable prefix
授权Authorization 创建用户属性Create user attribute
授权Authorization CreateTrustFrameworkPolicyCreateTrustFrameworkPolicy
授权Authorization 创建或更新新的 AdminUserJourneyCreates or Update an new AdminUserJourney
授权Authorization 删除 IDPDelete IDP
授权Authorization 删除 IdentityProviderDelete IdentityProvider
授权Authorization 删除 V1 应用程序Delete V1 application
授权Authorization 删除 V2 应用程序Delete V2 application
授权Authorization 删除 V2 应用程序授权Delete V2 application permission grant
授权Authorization 删除 B2C 目录资源Delete a B2C directory resource
授权Authorization 删除 CPIM 密钥容器Delete a CPIM key container
授权Authorization 删除 trustFramework 策略Delete trustFramework policy
授权Authorization 删除用户属性Delete user attribute
授权Authorization 启用 B2C 功能Enable B2C feature
授权Authorization 获取订阅中的 B2C 目录资源Get B2C directory resources in a subscription
授权Authorization 获取自定义 IDPGet Custom IDP
授权Authorization 获取 IDPGet IDP
授权Authorization 获取 V1 和 V2 应用程序Get V1 and V2 applications
授权Authorization 获取 V1 应用程序Get V1 application
授权Authorization 获取 V1 应用程序Get V1 applications
授权Authorization 获取 V2 应用程序Get V2 application
授权Authorization 获取 V2 应用程序Get V2 applications
授权Authorization 获取 B2C 目录资源Get a B2C directory resource
授权Authorization 获取租户中自定义域的列表Get a list of custom domains in the tenant
授权Authorization 获取用户旅程Get a user journey
授权Authorization 获取用户旅程允许的应用程序声明Get allowed application claims for user journey
授权Authorization 获取用户旅程允许的自断言声明Get allowed self-asserted claims for user journey
授权Authorization 获取允许的自断言策略声明Get allowed self-asserted claims of policy
授权Authorization 获取可用的输出声明列表Get available output claims list
授权Authorization 获取用户旅程的内容定义Get content definitions for user journey
授权Authorization 获取特定管理流的 IDPGet idps for a specific admin flow
授权Authorization 获取 JWK 格式的密钥容器活动密钥元数据Get key container active key metadata in JWK
授权Authorization 获取所有管理流的列表Get list of all admin flows
授权Authorization 获取所有用户的所有管理流的标记列表Get list of tags for all admin flows for all users
授权Authorization 获取用户的租户列表Get list of tenants for a user
授权Authorization 获取本地帐户的自断言声明Get local accounts' self-asserted claims
授权Authorization 获取本地化资源 jsonGet localized resource json
授权Authorization 获取 Microsoft.AzureActiveDirectory 资源提供程序的操作Get operations of Microsoft.AzureActiveDirectory resource provider
授权Authorization 获取策略Get policies
授权Authorization 获取策略Get policy
授权Authorization 获取租户的资源属性Get resource properties of a tenant
授权Authorization 获取受支持的 IDP 列表Get supported IDP list
授权Authorization 获取用户旅程的受支持的 IDP 列表Get supported IDP list of the user journey
授权Authorization 获取租户信息Get tenant Info
授权Authorization 获取租户允许的功能Get tenant allowed features
授权Authorization 获取租户定义的自定义 IDP 列表Get tenant defined Custom IDP list
授权Authorization 获取租户定义的 IDP 列表Get tenant defined IDP list
授权Authorization 获取租户定义的本地 IDP 列表Get tenant defined local IDP list
授权Authorization 获取用户的租户详细信息,以便创建资源Get tenant details for a user for resource creation
授权Authorization 获取租户列表Get tenant list
授权Authorization 获取 tenantDomainsGet tenantDomains
授权Authorization 获取默认的 CPIM 支持的区域性Get the default supported culture for CPIM
授权Authorization 获取管理流的详细信息Get the details of an admin flow
授权Authorization 获取此租户的 UserJourneys 的列表Get the list of UserJourneys for this tenant
授权Authorization 获取 CPIM 支持的可用区域性的集合Get the set of available supported cultures for CPIM
授权Authorization 获取 trustFramework 策略Get trustFramework policy
授权Authorization 获取 XML 格式的 trustFramework 策略Get trustFramework policy as xml
授权Authorization 获取用户属性Get user attribute
授权Authorization 获取用户属性Get user attributes
授权Authorization 获取用户旅程列表Get user journey list
授权Authorization GetIEFPoliciesGetIEFPolicies
授权Authorization GetIdentityProvidersGetIdentityProviders
授权Authorization GetTrustFrameworkPolicyGetTrustFrameworkPolicy
授权Authorization 获取 jwk 格式的 CPIM 密钥容器Gets a CPIM key container in jwk format
授权Authorization 获取租户中密钥容器的列表Gets list of key containers in the tenant
授权Authorization 获取租户的类型Gets the type of tenant
授权Authorization MigrateTenantMetadataMigrateTenantMetadata
授权Authorization 修补 IdentityProviderPatch IdentityProvider
授权Authorization PutTrustFrameworkPolicyPutTrustFrameworkPolicy
授权Authorization PutTrustFrameworkpolicyPutTrustFrameworkpolicy
授权Authorization 删除用户旅程Remove a user journey
授权Authorization 还原 CPIM 密钥容器备份Restore a CPIM key container backup
授权Authorization 检索 V2 应用程序授权Retrieve V2 application permissions grants
授权Authorization 检索当前租户中的 V2 应用程序服务主体Retrieve V2 application service principals in the current tenant
授权Authorization 更新自定义 IDPUpdate Custom IDP
授权Authorization 更新 IDPUpdate IDP
授权Authorization 更新本地 IDPUpdate Local IDP
授权Authorization 更新 V1 应用程序Update V1 application
授权Authorization 更新 V2 应用程序Update V2 application
授权Authorization 更新 V2 应用程序授权Update V2 application permission grant
授权Authorization 更新策略Update policy
授权Authorization 更新用户属性Update user attribute
授权Authorization 上传 CPIM 加密密钥Upload a CPIM encrypted key
授权Authorization 用户授权:针对租户功能集禁用了 APIUser Authorization: API is disabled for tenant featureset
授权Authorization 用户授权:为用户授予了“租户管理员”访问权限User Authorization: User granted access as 'Tenant Admin'
授权Authorization 用户授权:为用户授予了“已验证用户”访问权限User Authorization: User was granted 'Authenticated Users' access rights
授权Authorization 验证是否已启用 B2C 功能Verify if B2C feature is enabled
授权Authorization 验证是否已启用功能Verify if feature is enabled
授权Authorization 创建程序Create program
授权Authorization 删除程序Delete program
授权Authorization 链接程序控件Link program control
授权Authorization 载入到 Azure AD 访问评审Onboard to Azure AD Access Reviews
授权Authorization 取消链接程序控件Unlink program control
授权Authorization 更新程序Update program
授权Authorization 禁用桌面 SSODisable Desktop Sso
授权Authorization 禁用特定域的桌面 SSODisable Desktop Sso for a specific domain
授权Authorization 禁用应用程序代理Disable application proxy
授权Authorization 禁用直通身份验证Disable passthrough authentication
授权Authorization 启用桌面 SSOEnable Desktop Sso
目录管理Directory Management 启用特定域的桌面 SSOEnable Desktop Sso for a specific domain
目录管理Directory Management 启用应用程序代理Enable application proxy
目录管理Directory Management 启用直通身份验证Enable passthrough authentication
目录管理Directory Management 在租户中创建自定义域Create a custom domains in the tenant
目录管理Directory Management 启用 B2C 功能Enable B2C feature
目录管理Directory Management 获取租户中自定义域的列表Get a list of custom domains in the tenant
目录管理Directory Management 获取租户的资源属性Get resource properties of a tenant
目录管理Directory Management 获取租户信息Get tenant Info
目录管理Directory Management 获取租户允许的功能Get tenant allowed features
目录管理Directory Management 获取 tenantDomainsGet tenantDomains
Key 获取租户的类型Gets the type of tenant
Key 验证是否已启用 B2C 功能Verify if B2C feature is enabled
Key 验证是否已启用功能Verify if feature is enabled
Key 将合作伙伴添加到公司Add partner to company
Key 添加未验证的域Add unverified domain
Key 添加已验证的域Add verified domain
Key 创建公司Create company
Key 创建公司设置Create company settings
Key 删除公司设置Delete company settings
Key 降级合作伙伴Demote partner
Key 目录已删除Directory deleted
其他Other 目录已永久删除Directory deleted permanently
其他Other 目录已计划删除Directory scheduled for deletion
资源Resource 将公司提升为合作伙伴Promote company to partner
资源Resource 清除 Rights Management 属性Purge rights management properties
资源Resource 从公司中删除合作伙伴Remove partner from company
资源Resource 删除未验证的域Remove unverified domain
资源Resource 删除已验证的域Remove verified domain
资源Resource 设置公司信息Set Company Information
资源Resource 设置 DirSync 功能Set DirSync feature
资源Resource 设置 DirSyncEnabled 标志Set DirSyncEnabled flag
资源Resource 设置合作关系Set Partnership
资源Resource 设置意外删除阈值Set accidental deletion threshold
资源Resource 设置公司允许的数据位置Set company allowed data location
资源Resource 设置公司跨国功能已启用Set company multinational feature enabled
资源Resource 在租户上设置目录功能Set directory feature on tenant
资源Resource 设置域身份验证Set domain authentication
资源Resource 在域中设置联合设置Set federation settings on domain
资源Resource 设置密码策略Set password policy
资源Resource 设置 Rights Management 属性Set rights management properties
资源Resource 更新公司Update company
资源Resource 更新公司设置Update company settings
资源Resource 更新域Update domain
资源Resource 验证域Verify domain
资源Resource 验证电子邮件验证域Verify email verified domain
资源Resource 登记Onboarding
资源Resource 更新警报设置Update alert settings
资源Resource 更新每周摘要设置Update weekly digest settings
资源Resource 对目录禁用密码写回Disable password writeback for directory
资源Resource 对目录启用密码写回Enable password writeback for directory
资源Resource 向组添加应用角色分配Add app role assignment to group
资源Resource 添加组Add group
资源Resource 将成员添加到组Add member to group
资源Resource 将所有者添加到组Add owner to group
资源Resource 创建组设置Create group settings
资源Resource 删除组Delete group
资源Resource 删除组设置Delete group settings
资源Resource 完成向用户应用基于组的许可证Finish applying group based license to users
资源Resource 硬删除组Hard Delete group
资源Resource 从组删除应用角色分配Remove app role assignment from group
资源Resource 从组中删除成员Remove member from group
资源Resource 从组中删除所有者Remove owner from group
资源Resource 还原组Restore Group
资源Resource 设置组许可证Set group license
资源Resource 已设置要由用户管理的组Set group to be managed by user
资源Resource 开始向用户应用基于组的许可证Start applying group based license to users
资源Resource 触发组许可证重新计算Trigger group license recalculation
资源Resource 更新组Update group
资源Resource 更新组设置Update group settings
资源Resource 添加成员Add Member
资源Resource 创建组Create Group
资源Resource 删除组Delete Group
资源Resource 删除成员Remove Member
资源Resource 更新组Update Group
资源Resource 批准要求加入组的挂起请求Approve a pending request to join a group
资源Resource 取消要求加入组的挂起请求Cancel a pending request to join a group
资源Resource 创建生命周期管理策略Create lifecycle management policy
资源Resource 删除要求加入组的挂起请求Delete a pending request to join a group
资源Resource 拒绝要求加入组的挂起请求Reject a pending request to join a group
资源Resource 续订组Renew group
资源Resource 请求加入组Request to join a group
资源Resource 更新生命周期管理策略Update lifecycle management policy
资源Resource 将基于 ASCII 机密的密钥添加到 CPIM 密钥容器Add a key based on ASCII secret to a CPIM key container
资源Resource 将密钥添加到 CPIM 密钥容器Add a key to a CPIM key container
资源Resource 删除 CPIM 密钥容器Delete a CPIM key container
资源Resource 删除密钥容器Delete key container
资源Resource 获取 JWK 格式的密钥容器活动密钥元数据Get key container active key metadata in JWK
资源Resource 获取密钥容器元数据Get key container metadata
资源Resource 获取 jwk 格式的 CPIM 密钥容器Gets a CPIM key container in jwk format
资源Resource 获取租户中密钥容器的列表Gets list of key containers in the tenant
资源Resource 还原 CPIM 密钥容器备份Restore a CPIM key container backup
资源Resource 保存密钥容器Save key container
资源Resource 上传 CPIM 加密密钥Upload a CPIM encrypted key
资源Resource 向应用程序颁发授权代码Issue an authorization code to the application
资源Resource 向应用程序颁发 id_tokenIssue an id_token to the application

核心目录Core directory

审核类别Audit Category 活动Activity
管理单元管理Administrative Unit Management 下载单个风险检测类型Download a single risk detection type
管理单元管理Administrative Unit Management 下载选择加入的每周摘要的管理和状态Download admins and status of weekly digest opt-in
管理单元管理Administrative Unit Management 下载所有风险检测类型Download all risk detection types
管理单元管理Administrative Unit Management 下载免费的用户风险检测Download free user risk detections
管理单元管理Administrative Unit Management 下载已标记为存在风险的用户Download users flagged for risk
应用程序管理Application Management 已处理批量邀请Batch invites processed
应用程序管理Application Management 已上传批量邀请Batch invites uploaded
应用程序管理Application Management 将所有者添加到策略Add owner to policy
应用程序管理Application Management 添加策略Add policy
应用程序管理Application Management 删除策略Delete policy
应用程序管理Application Management 删除策略凭据Remove policy credentials
应用程序管理Application Management 更新策略Update policy
应用程序管理Application Management 设置 MFA 注册策略Set MFA registration policy
应用程序管理Application Management 设置登录风险策略Set sign-in risk policy
应用程序管理Application Management 设置用户风险策略Set user risk policy
应用程序管理Application Management 接受使用条款Accept Terms Of Use
应用程序管理Application Management 创建使用条款Create Terms Of Use
应用程序管理Application Management 拒绝使用条款Decline Terms Of Use
应用程序管理Application Management 删除使用条款Delete Terms Of Use
应用程序管理Application Management 编辑使用条款Edit Terms Of Use
应用程序管理Application Management 发布使用条款Publish Terms Of Use
应用程序管理Application Management 取消发布使用条款Unpublish Terms Of Use
应用程序管理Application Management 添加应用程序 TLS/SSL 证书Add application TLS/SSL certificate
应用程序管理Application Management 删除 TLS 绑定Delete TLS binding
应用程序管理Application Management 注册连接器Register connector
应用程序管理Application Management AdminPolicyDatas-RemoveResourcesAdminPolicyDatas-RemoveResources
应用程序管理Application Management AdminPolicyDatas-SetResourcesAdminPolicyDatas-SetResources
应用程序管理Application Management AdminUserJourneys-GetResourcesAdminUserJourneys-GetResources
目录管理Directory Management AdminUserJourneys-RemoveResourcesAdminUserJourneys-RemoveResources
目录管理Directory Management AdminUserJourneys-SetResourcesAdminUserJourneys-SetResources
目录管理Directory Management 创建 IdentityProviderCreate IdentityProvider
目录管理Directory Management 创建新的 AdminUserJourneyCreate a new AdminUserJourney
目录管理Directory Management 创建本地化资源 jsonCreate localized resource json
目录管理Directory Management 创建新的自定义 IDPCreate new Custom IDP
目录管理Directory Management 创建新的 IDPCreate new IDP
目录管理Directory Management 创建或更新 B2C 目录资源Create or update a B2C directory resource
目录管理Directory Management 创建策略Create policy
目录管理Directory Management 创建 trustFramework 策略Create trustFramework policy
目录管理Directory Management 创建前缀可配置的 trustFramework 策略Create trustFramework policy with configurable prefix
目录管理Directory Management 创建用户属性Create user attribute
目录管理Directory Management CreateTrustFrameworkPolicyCreateTrustFrameworkPolicy
目录管理Directory Management 删除 IDPDelete IDP
目录管理Directory Management 删除 IdentityProviderDelete IdentityProvider
目录管理Directory Management 删除 B2C 目录资源Delete a B2C directory resource
目录管理Directory Management 删除 trustFramework 策略Delete trustFramework policy
目录管理Directory Management 删除用户属性Delete user attribute
目录管理Directory Management 获取资源组中的 B2C 目录资源Get B2C directory resources in a resource group
目录管理Directory Management 获取订阅中的 B2C 目录资源Get B2C directory resources in a subscription
目录管理Directory Management 获取自定义 IDPGet Custom IDP
目录管理Directory Management 获取 IDPGet IDP
目录管理Directory Management 获取 B2C 目录资源Get a B2C directory resource
目录管理Directory Management 获取用户旅程Get a user journey
目录管理Directory Management 获取用户旅程允许的应用程序声明Get allowed application claims for user journey
目录管理Directory Management 获取用户旅程允许的自断言声明Get allowed self-asserted claims for user journey
目录管理Directory Management 获取允许的自断言策略声明Get allowed self-asserted claims of policy
目录管理Directory Management 获取可用的输出声明列表Get available output claims list
目录管理Directory Management 获取用户旅程的内容定义Get content definitions for user journey
目录管理Directory Management 获取特定管理流的 IDPGet idps for a specific admin flow
目录管理Directory Management 获取所有管理流的列表Get list of all admin flows
目录管理Directory Management 获取所有用户的所有管理流的标记列表Get list of tags for all admin flows for all users
组管理Group Management 批量下载组成员 - 已启动Bulk Download group members - started
组管理Group Management 批量下载组成员 - 已完成Bulk Download group members - finished
组管理Group Management 批量导入组成员 - 已启动Bulk import group members - started
组管理Group Management 批量导入组成员 - 已完成Bulk import group members - finished
组管理Group Management 批量删除组成员 - 已启动Bulk remove group members - started
组管理Group Management 批量删除组成员 - 已完成Bulk remove group members - finished
组管理Group Management 批量下载组 - 已启动Bulk download groups - started
组管理Group Management 批量下载组 - 已完成Bulk download groups - finished
组管理Group Management 获取用户的租户列表Get list of tenants for a user
组管理Group Management 获取本地帐户的自断言声明Get local accounts' self-asserted claims
组管理Group Management 获取本地化资源 jsonGet localized resource json
组管理Group Management 获取 Microsoft.AzureActiveDirectory 资源提供程序的操作Get operations of Microsoft.AzureActiveDirectory resource provider
组管理Group Management 获取策略Get policies
组管理Group Management 获取策略Get policy
组管理Group Management 获取受支持的 IDP 列表Get supported IDP list
组管理Group Management 获取用户旅程的受支持的 IDP 列表Get supported IDP list of the user journey
组管理Group Management 获取租户定义的自定义 IDP 列表Get tenant defined Custom IDP list
组管理Group Management 获取租户定义的 IDP 列表Get tenant defined IDP list
组管理Group Management 获取租户定义的本地 IDP 列表Get tenant defined local IDP list
组管理Group Management 获取用户的租户详细信息,以便创建资源Get tenant details for a user for resource creation
组管理Group Management 获取默认的 CPIM 支持的区域性Get the default supported culture for CPIM
组管理Group Management 获取管理流的详细信息Get the details of an admin flow
组管理Group Management 获取此租户的 UserJourneys 的列表Get the list of UserJourneys for this tenant
组管理Group Management 获取 CPIM 支持的可用区域性的集合Get the set of available supported cultures for CPIM
组管理Group Management 获取 trustFramework 策略Get trustFramework policy
组管理Group Management 获取 XML 格式的 trustFramework 策略Get trustFramework policy as xml
组管理Group Management 获取用户属性Get user attribute
策略管理Policy Management 获取用户属性Get user attributes
策略管理Policy Management 获取用户旅程列表Get user journey list
策略管理Policy Management GetIEFPoliciesGetIEFPolicies
策略管理Policy Management GetIdentityProvidersGetIdentityProviders
策略管理Policy Management GetTrustFrameworkPolicyGetTrustFrameworkPolicy
资源Resource MigrateTenantMetadataMigrateTenantMetadata
资源Resource 移动资源Move resources
资源Resource 修补 IdentityProviderPatch IdentityProvider
资源Resource PutTrustFrameworkPolicyPutTrustFrameworkPolicy
资源Resource PutTrustFrameworkpolicyPutTrustFrameworkpolicy
资源Resource 删除用户旅程Remove a user journey
资源Resource 更新自定义 IDPUpdate Custom IDP
资源Resource 更新 IDPUpdate IDP
资源Resource 更新本地 IDPUpdate Local IDP
资源Resource 更新 B2C 目录资源Update a B2C directory resource
资源Resource 更新策略Update policy
资源Resource 更新订阅状态Update subscription status
角色管理Role Management 更新用户属性Update user attribute
角色管理Role Management 验证移动资源Validate move resources
角色管理Role Management 添加设备Add device
角色管理Role Management 添加设备配置Add device configuration
角色管理Role Management 将注册的所有者添加到设备Add registered owner to device
角色管理Role Management 将注册的用户添加到设备Add registered users to device
角色管理Role Management 删除设备Delete device
角色管理Role Management 删除设备配置Delete device configuration
角色管理Role Management 设备不再合规Device no longer compliant
角色管理Role Management 设备不再托管Device no longer managed
用户管理User Management AccessReview_ReviewAccessReview_Review
用户管理User Management AccessReview_UpdateAccessReview_Update
用户管理User Management ActivationAbortedActivationAborted
用户管理User Management ActivationApprovedActivationApproved
用户管理User Management ActivationCanceledActivationCanceled
用户管理User Management ActivationRequestedActivationRequested
用户管理User Management 将符合条件的成员添加到角色Add eligible member to role
用户管理User Management 将成员添加到角色Add member to role
用户管理User Management 将角色分配添加到角色定义Add role assignment to role definition
用户管理User Management 从模板添加角色Add role from template
用户管理User Management 将带有范围的成员添加到角色Add scoped member to role
用户管理User Management 已添加Added
用户管理User Management 分配Assign
用户管理User Management 批量创建用户 - 已启动Bulk create users - started
用户管理User Management 批量创建用户 - 已完成Bulk create users - finished
用户管理User Management 批量删除用户 - 已启动Bulk delete users - started
用户管理User Management 批量删除用户 - 已完成Bulk delete users - finished
用户管理User Management 批量下载用户 - 已启动Bulk download users - started
用户管理User Management 批量下载用户 - 已完成Bulk download users - finished
用户管理User Management 批量还原已删除的用户 - 已启动Bulk restore deleted users - started
用户管理User Management 批量还原已删除的用户 - 已完成Bulk restore deleted users - finished
用户管理User Management 批量邀请用户 - 已启动Bulk invite users - started
用户管理User Management 批量邀请用户 - 已完成Bulk invite users - finished
用户管理User Management 从设备中删除注册的所有者Remove registered owner from device
用户管理User Management 从设备中删除注册的用户Remove registered users from device
用户管理User Management 从角色中删除符合条件的成员Remove eligible member from role
用户管理User Management 从角色中删除成员Remove member from role
用户管理User Management 从角色定义中删除角色分配Remove role assignment from role definition
用户管理User Management 从角色中删除带有范围的成员Remove scoped member from role
用户管理User Management 更新设备Update device
用户管理User Management 更新设备配置Update device configuration
用户管理User Management 更新角色Update role

受邀用户Invited users

审核类别Audit Category 活动Activity
其他Other 创建请求审核Create request approval
其他Other 删除访问评审Delete access review
用户管理User Management 从访问评审删除评审者Remove reviewer from access review
用户管理User Management 请求应用评审结果Request apply review result
用户管理User Management 请求停止评审Request Stop Review
用户管理User Management 评审应用分配Review app assignment
用户管理User Management 评审组成员身份Review group membership
用户管理User Management 评审 Rbac 角色成员身份Review Rbac Role membership

Microsoft Identity Manager (MIM)Microsoft Identity Manager (MIM)

审核类别Audit Category 活动Activity
组管理Group Management 评审请求审核请求Review request approval request
组管理Group Management 更新访问评审Update Access Review
组管理Group Management 更新访问评审邮件通知设置Update access review mail notification settings
组管理Group Management 更新访问评审再评计数设置Update access review recurrence count setting
组管理Group Management 更新以天为单位的访问评审再评持续时间设置Update access review recurrence duration in days setting
用户管理User Management 更新访问评审再评结束类型设置Update access review recurrence end type setting
用户管理User Management 更新访问评审再评类型设置Update access review recurrence type setting

Privileged Identity ManagementPrivileged Identity Management

审核类别Audit Category 活动Activity
PIMPIM ActivationAbortedActivationAborted
PIMPIM ActivationApprovedActivationApproved
PIMPIM ActivationCanceledActivationCanceled
PIMPIM ActivationDeniedActivationDenied
PIMPIM ActivationRequestedActivationRequested
PIMPIM 已添加Added
PIMPIM AddedOutsidePIMAddedOutsidePIM
PIMPIM 分配Assign
PIMPIM DismissAlertDismissAlert
PIMPIM 提升Elevate
PIMPIM ReactivateAlertReactivateAlert
PIMPIM 已删除Removed
PIMPIM RemovedOutsidePIMRemovedOutsidePIM
PIMPIM 请求停止评审Request Stop Review
PIMPIM 角色设置更改Role Setting changes
PIMPIM ScanAlertsNowScanAlertsNow
PIMPIM 注册Signup
PIMPIM 取消分配Unassign
PIMPIM 停用Unelevate
PIMPIM UpdateAlertSettingsUpdateAlertSettings
PIMPIM UpdateCurrentStateUpdateCurrentState

自助组管理Self-service group management

审核类别Audit Category 活动Activity
组管理Group Management 重置用户密码Reset user password
组管理Group Management 还原用户Restore user
组管理Group Management 设置强制更改用户密码Set force change user password
组管理Group Management 设置用户管理器Set user manager
组管理Group Management 设置用户 oath 令牌元数据功能已启用Set users oath token metadata enabled
组管理Group Management 更新 StsRefreshTokenValidFrom 时间戳Update StsRefreshTokenValidFrom Timestamp
组管理Group Management 更新外部机密Update external secrets
组管理Group Management 更新用户Update user
组管理Group Management 管理员生成临时密码Admin generates a temporary password

自助服务密码管理Self-service password management

审核类别Audit Category 活动Activity
目录管理Directory Management 管理员要求用户重置其密码Admins requires the user to reset their password
目录管理Directory Management 将外部用户分配到应用程序Assign external user to application
用户管理User Management 电子邮件未发送,用户已取消订阅Email not sent, user unsubscribed
用户管理User Management 邀请外部用户Invite external user
用户管理User Management 兑换外部用户邀请Redeem external user invite
用户管理User Management 创建病毒性租户Viral tenant creation
用户管理User Management 创建病毒性用户Viral user creation
用户管理User Management 用户密码注册User Password Registration
用户管理User Management 用户密码重置User Password Reset
用户管理User Management 被阻止进行自助密码重置Blocked from self-service password reset

使用条款Terms of use

审核类别Audit Category 活动Activity
使用条款Terms Of Use 接受使用条款Accept Terms Of Use
使用条款Terms Of Use 创建使用条款Create Terms Of Use
使用条款Terms Of Use 拒绝使用条款Decline Terms Of Use
使用条款Terms Of Use 删除许可Delete Consent
使用条款Terms Of Use 删除使用条款Delete Terms Of Use
使用条款Terms Of Use 编辑使用条款Edit Terms Of Use
使用条款Terms Of Use 到期使用条款Expire Terms Of Use
使用条款Terms Of Use 硬删除使用条款Hard Delete Terms Of Use
使用条款Terms Of Use 发布使用条款Publish Terms Of Use
使用条款Terms Of Use 取消发布使用条款Unpublish Terms Of Use

后续步骤Next steps