Table of Contents
As a tenant admin, you probably have the question: How do I know who are using Basic Authentication in my tenant?
Microsoft has updated Entra ID sign-in report to include lists users and client applications that use basic authentication to connect Exchange Online.
Connect to Azure Active Directory
1. Visit https://aad.portal.azure.com/ then login using an administrative account.
2. In the left panel, select the Azure Active Directory blade.
3. Scroll down, under Monitoring section, select Sign-in logs.
Get the basic authentication sign-in report
1. The sign-in report shows sign-in activity in the tenant, date, time, user IP address, login location.
Add the Client app column to the report. Client app is not displayed by default, you can include it by click on the Columns option then select the Client app checkbox.
2. By default, the report includes Browser in the client app, but browsers using modern authentication method to authenticate to Exchange Online. We need filter the report results.
3. Click Add filters | Select Client app then click button.
4. Now, select all protocols under Legacy Authentication Clients section then click Apply.
5. The report was filtered, you can download the report with csv file format.
By default, the sign-in logs shows the authentication sessions in last 24 hours. You can change it to 1 month to get more logs.
