Azure Tenant Activity

  • Published on Nov 4, 2025
  • 3 minute(s) read
Prev Next

Azure Tenant Activity Logs provide a comprehensive record of actions, capturing operations that impact resources, such as creating, updating, or deleting resources at tenant level.  For details, refer to Microsoft’s official documentation.

Integration Method: API

Tables: Entity Management (3004)

This integration supports the following events.

Event

Description

Tenant Activity

Gets the Activity Logs for the Tenant.

This integration supports the following versions.

Azure Tenant Activity API version

2015-04-01

Note:

Azure Activity is a continuously updated cloud service. As for this document preparation, the latest release was in July 2025.

Prerequisites

  • The user should have access to the Azure portal with an account that has the Global Administrator privileges.   

  • The user should have access to the DataBee console.

Configuration Overview

  1. Create an application with required permissions to fetch the data

  2. Add the Azure Tenant Activity data feed in the DataBee console with the below parameters.

    DataBee Parameter

    Azure Parameter

    Client Key 

    Application (client ID)

    Client Secret 

    Client secret

    Token URL(<tenant_id>) 

    Directory (Tenant) ID

Azure Configuration

Create an application

  1. Log on to Azure portal with an account that has the Global Administrator role.  

  2. In the search bar, search for App registrations and select it. 


    Picture 1860176046, Picture 

  3. On the “Register an application” window:

    1. Under Name, enter your Application Name then click on Register to create the application.

     Picture 612821350, Picture   

  4. On the app Overview page, copy the Application (client) ID and Directory (tenant) ID for later use.

      

  5. Login on to Azure portal with an account that has the Global Administrator role. In the search bar check for subscriptions and select it.

    Picture 259221383, Picture

     

  6. Select the Subscription name as shown below. 
     Picture 1190632405, Picture

  7. On the Overview page, copy the Subscription ID for later use. 

    Picture 751417398, Picture

Add Endpoint Access

Once the application is created, three permissions should be provided to fetch data. The appropriate permissions for the application are needed to access these endpoints. The following section details how to configure and add permissions to the required endpoints.    

Add Permissions

Open Azure CLI and run below command to assign root level permission the application created from previous step to fetch tenant logs.

az role assignment create --assignee <client-id> --role Reader --scope "/"

Verify if the clientId is assigned with root permission by referring following steps. From the Azure Active Directory portal:    

  1. Search for Management groups and select it.
     A screenshot of a computer AI-generated content may be incorrect.

  2. Select Tenant Root Group.
     A screenshot of a computer AI-generated content may be incorrect.

  3. Select Access Control (IAM) from left menu and you should be seeing client added with root level scope.
     A screenshot of a computer AI-generated content may be incorrect.

Create the Client Secret  

The final step in accessing the APIs is creating a Client Secret. To create it from the Azure Portal:    

  1. Select the application created above.

  2. Under Manage, Click Certificates & secrets, and then Client secrets.   
     Picture 1545205779, Picture 

  3. Click New client secret. Then “Add a client secret” window appears.   
     Picture 1476844340, Picture 

  4. On “Add a client secret” window:

    1. Enter a ‘Description’ for this client secret and select the desired expiry period from the ‘Expires’ drop-list.

    2. Then click on Add to create the client secret. 

     Picture 85534202, Picture

    Note:

    The user needs to re-create the client secret when it expires.  

  5. Copy the Value fields for later use.  
     Picture 1710568377, Picture 

    This completes the setup for Azure Activity API integration. 

DataBee Configuration

  1. Login to the DataBee UI, navigate to Data > Data Feeds and click the Add New Data Feed button.
     

  2. Search for the Azure Tenant Activity and click it as shown below.
     A screenshot of a computer AI-generated content may be incorrect.

  3. Click on the API Ingest option for collection method.
     

  4. Enter feed contact information and click Next.
     A screenshot of a computer AI-generated content may be incorrect.

  5. In the configuration page, confirm the following:

    • API Base URL: This is the base URL that DataBee will interact with

    • Client Key: Paste the Application (Client) ID generated previously 

    • Client Secret: Paste the Client Secret generated previously 

    • Token URL: Replace <tenant_id> placeholder with your Directory (Tenant) ID 

    • Event Types: Preselected for all the event types that integration pulls

     A screenshot of a computer AI-generated content may be incorrect.

  6. Click Submit.

Troubleshooting Tips

  • If you are facing an invalid client or unauthorized client error this might be possibly due to incorrect credentials. Ensure the client key, client secret and Tenant ID are pasted correctly. Since you cannot view the client secret after the 1st time, re-create it, paste it on a text editor to ensure no spaces or unexpected characters are included and reconfigure the DataBee feed.  

  • If you are facing response code - 403 this might be possibly due to missing permissions. Ensure that all the required permissions are granted correctly as per the above-mentioned steps.