{"body":{"time": "2022-07-14T15:50:40.6262986Z", "resourceId": "/tenants/2e325cc5-c689-4e1a-b0a4-a7a4b0f05635/providers/Microsoft.aadiam", "operationName": "Sign-in activity", "operationVersion": "1.0", "category": "SignInLogs", "tenantId": "2e325cc5-c689-4e1a-b0a4-a7a4b0f05635", "resultType": "500121", "resultSignature": "None", "resultDescription": "Authentication failed during strong authentication request.", "durationMs": 0, "callerIpAddress": "65.22.122.122", "correlationId": "481e31aa-b580-4a05-b221-15fea010d15c", "identity": "azureadmin", "Level": 4, "location": "US", "properties": {"id": "544eeb8d-b031-4224-83c6-e27575f11c01", "createdDateTime": "2022-07-14T15:50:40.6262986+00:00", "userDisplayName": "azureadmin", "userPrincipalName": "azureadmin@contoso.onmicrosoft.com", "userId": "db2cc61b-9805-4bdd-ab26-f27db9b22f95", "appId": "c44b4083-3bb0-49c1-b47d-974e53cbdf3c", "appDisplayName": "Azure Portal", "ipAddress": "65.22.122.122", "status": {"errorCode": 500121, "failureReason": "Authentication failed during strong authentication request.", "additionalDetails": "MFA denied; user did not respond to mobile app notification"}, "clientAppUsed": "Browser", "userAgent": "Mozilla/5.0 (iPhone; CPU iPhone OS 15_3_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/15.3 Mobile/15E148 Safari/604.1", "deviceDetail": {"deviceId": "", "operatingSystem": "iOS 15", "browser": "Mobile Safari 15.3"}, "location": {"city": "Oregon", "state": "Oregon", "countryOrRegion": "US", "geoCoordinates": {"latitude": 45.83599853515625, "longitude": -73.99726867675781}}, "mfaDetail": {"authMethod": "Mobile app notification"}, "correlationId": "481e31aa-b580-4a05-b221-15fea010d15c", "conditionalAccessStatus": "notApplied", "appliedConditionalAccessPolicies": [{"id": "SecurityDefaults", "displayName": "Security Defaults", "enforcedGrantControls": ["Mfa"], "enforcedSessionControls": [], "result": "failure", "conditionsSatisfied": 3, "conditionsNotSatisfied": 0}], "authenticationContextClassReferences": [], "originalRequestId": "544eeb8d-b031-4224-83c6-e27575f11c01", "isInteractive": true, "tokenIssuerName": "", "tokenIssuerType": "AzureAD", "authenticationProcessingDetails": [{"key": "Legacy TLS (TLS 1.0, 1.1, 3DES)", "value": "False"}, {"key": "Is CAE Token", "value": "False"}], "networkLocationDetails": [], "clientCredentialType": "none", "processingTimeInMilliseconds": 340, "riskDetail": "none", "riskLevelAggregated": "none", "riskLevelDuringSignIn": "none", "riskState": "none", "riskEventTypes": [], "riskEventTypes_v2": [], "resourceDisplayName": "Windows Azure Service Management API", "resourceId": "797f4846-ba00-4fd7-ba43-dac1f8f63013", "resourceTenantId": "2e325cc5-c689-4e1a-b0a4-a7a4b0f05635", "homeTenantId": "2e325cc5-c689-4e1a-b0a4-a7a4b0f05635", "authenticationDetails": [{"authenticationStepDateTime": "2022-07-14T15:50:40.6262986+00:00", "authenticationMethod": "Password", "authenticationMethodDetail": "Password in the cloud", "succeeded": false, "authenticationStepResultDetail": "Authentication failed during strong authentication request.", "authenticationStepRequirement": "Primary authentication", "StatusSequence": 0, "RequestSequence": 1}, {"authenticationStepDateTime": "2022-07-14T15:51:37+00:00", "authenticationMethod": "Mobile app notification", "succeeded": false, "authenticationStepResultDetail": "MFA denied; user did not respond to mobile app notification", "authenticationStepRequirement": "SecurityDefaults", "StatusSequence": 1657813897741, "RequestSequence": 1657813841079}], "authenticationRequirementPolicies": [{"requirementProvider": "securityDefaults", "detail": "Security Defaults"}], "authenticationRequirement": "multiFactorAuthentication", "alternateSignInName": "azureadmin@contoso.onmicrosoft.com", "signInIdentifier": "azureadmin@contoso.onmicrosoft.com", "servicePrincipalId": "", "userType": "Member", "flaggedForReview": false, "isTenantRestricted": false, "autonomousSystemNumber": 12271, "crossTenantAccessType": "none", "privateLinkDetails": {}, "ssoExtensionVersion": "", "uniqueTokenIdentifier": "NTQ0ZWViOGQtYjAzMS00MjI0LTgzYzYtZTI3NTc1ZjExYzAx", "incomingTokenType": "none", "authenticationProtocol": "none", "appServicePrincipalId": null, "resourceServicePrincipalId": "86da2310-fd8c-4e8a-a0a6-aaf24a521a9a", "rngcStatus": 0}},"x-opt-sequence-number":553,"x-opt-offset":"4295693720","x-opt-enqueued-time":1657814529066}
{"body":{"time": "2022-07-14T15:50:40.6262986Z", "resourceId": "/tenants/2e325cc5-c689-4e1a-b0a4-a7a4b0f05635/providers/Microsoft.aadiam", "operationName": "Sign-in activity", "operationVersion": "1.0", "category": "SignInLogs", "tenantId": "2e325cc5-c689-4e1a-b0a4-a7a4b0f05635", "resultType": "500121", "resultSignature": "None", "resultDescription": "Authentication failed during strong authentication request.", "durationMs": 0, "callerIpAddress": "65.22.122.122", "correlationId": "481e31aa-b580-4a05-b221-15fea010d15c", "identity": "azureadmin", "Level": 4, "location": "US", "properties": {"id": "544eeb8d-b031-4224-83c6-e27575f11c01", "createdDateTime": "2022-07-14T15:50:40.6262986+00:00", "userDisplayName": "azureadmin", "userPrincipalName": "azureadmin@contoso.onmicrosoft.com", "userId": "db2cc61b-9805-4bdd-ab26-f27db9b22f95", "appId": "c44b4083-3bb0-49c1-b47d-974e53cbdf3c", "appDisplayName": "Azure Portal", "ipAddress": "65.22.122.122", "status": {"errorCode": 500121, "failureReason": "Authentication failed during strong authentication request.", "additionalDetails": "MFA denied; user did not respond to mobile app notification"}, "clientAppUsed": "Browser", "userAgent": "Mozilla/5.0 (iPhone; CPU iPhone OS 15_3_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/15.3 Mobile/15E148 Safari/604.1", "deviceDetail": {"deviceId": "", "operatingSystem": "iOS 15", "browser": "Mobile Safari 15.3"}, "location": {"city": "Oregon", "state": "Oregon", "countryOrRegion": "US", "geoCoordinates": {"latitude": 45.83599853515625, "longitude": -73.99726867675781}}, "mfaDetail": {"authMethod": "Mobile app notification"}, "correlationId": "481e31aa-b580-4a05-b221-15fea010d15c", "conditionalAccessStatus": "notApplied", "appliedConditionalAccessPolicies": [{"id": "SecurityDefaults", "displayName": "Security Defaults", "enforcedGrantControls": ["Mfa"], "enforcedSessionControls": [], "result": "failure", "conditionsSatisfied": 3, "conditionsNotSatisfied": 0}], "authenticationContextClassReferences": [], "originalRequestId": "544eeb8d-b031-4224-83c6-e27575f11c01", "isInteractive": true, "tokenIssuerName": "", "tokenIssuerType": "AzureAD", "authenticationProcessingDetails": [{"key": "Legacy TLS (TLS 1.0, 1.1, 3DES)", "value": "False"}, {"key": "Is CAE Token", "value": "False"}], "networkLocationDetails": [], "clientCredentialType": "none", "processingTimeInMilliseconds": 340, "riskDetail": "none", "riskLevelAggregated": "none", "riskLevelDuringSignIn": "none", "riskState": "none", "riskEventTypes": [], "riskEventTypes_v2": [], "resourceDisplayName": "Windows Azure Service Management API", "resourceId": "797f4846-ba00-4fd7-ba43-dac1f8f63013", "resourceTenantId": "2e325cc5-c689-4e1a-b0a4-a7a4b0f05635", "homeTenantId": "2e325cc5-c689-4e1a-b0a4-a7a4b0f05635", "authenticationDetails": [{"authenticationStepDateTime": "2022-07-14T15:50:40.6262986+00:00", "authenticationMethod": "Password", "authenticationMethodDetail": "Password in the cloud", "succeeded": false, "authenticationStepResultDetail": "Authentication failed during strong authentication request.", "authenticationStepRequirement": "Primary authentication", "StatusSequence": 0, "RequestSequence": 1}, {"authenticationStepDateTime": "2022-07-14T15:50:42+00:00", "authenticationMethod": "Mobile app notification", "succeeded": false, "authenticationStepResultDetail": "Authentication in progress", "authenticationStepRequirement": "SecurityDefaults", "StatusSequence": 0, "RequestSequence": 1657813841079}], "authenticationRequirementPolicies": [{"requirementProvider": "securityDefaults", "detail": "Security Defaults"}], "authenticationRequirement": "multiFactorAuthentication", "alternateSignInName": "azureadmin@contoso.onmicrosoft.com", "signInIdentifier": "azureadmin@contoso.onmicrosoft.com", "servicePrincipalId": "", "userType": "Member", "flaggedForReview": false, "isTenantRestricted": false, "autonomousSystemNumber": 12271, "crossTenantAccessType": "none", "privateLinkDetails": {}, "ssoExtensionVersion": "", "uniqueTokenIdentifier": "NTQ0ZWViOGQtYjAzMS00MjI0LTgzYzYtZTI3NTc1ZjExYzAx", "incomingTokenType": "none", "authenticationProtocol": "none", "appServicePrincipalId": null, "resourceServicePrincipalId": "86da2310-fd8c-4e8a-a0a6-aaf24a521a9a", "rngcStatus": 0}},"x-opt-sequence-number":552,"x-opt-offset":"4295689520","x-opt-enqueued-time":1657814202991}
{"body":{"time": "2022-07-14T16:00:05.7323223Z", "resourceId": "/tenants/2e325cc5-c689-4e1a-b0a4-a7a4b0f05635/providers/Microsoft.aadiam", "operationName": "Sign-in activity", "operationVersion": "1.0", "category": "SignInLogs", "tenantId": "2e325cc5-c689-4e1a-b0a4-a7a4b0f05635", "resultType": "500121", "resultSignature": "None", "resultDescription": "Authentication failed during strong authentication request.", "durationMs": 0, "callerIpAddress": "65.22.122.122", "correlationId": "56516ed0-3780-40b9-a9dc-4889f93b0413", "identity": "azureadmin", "Level": 4, "location": "US", "properties": {"id": "9f054db5-74ff-4c16-8a13-9c823d484801", "createdDateTime": "2022-07-14T16:00:05.7323223+00:00", "userDisplayName": "azureadmin", "userPrincipalName": "azureadmin@contoso.onmicrosoft.com", "userId": "db2cc61b-9805-4bdd-ab26-f27db9b22f95", "appId": "c44b4083-3bb0-49c1-b47d-974e53cbdf3c", "appDisplayName": "Azure Portal", "ipAddress": "65.22.122.122", "status": {"errorCode": 500121, "failureReason": "Authentication failed during strong authentication request.", "additionalDetails": "MFA denied; user declined the authentication"}, "clientAppUsed": "Browser", "userAgent": "Mozilla/5.0 (iPhone; CPU iPhone OS 15_3_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/15.3 Mobile/15E148 Safari/604.1", "deviceDetail": {"deviceId": "", "operatingSystem": "iOS 15", "browser": "Mobile Safari 15.3"}, "location": {"city": "Oregon", "state": "Oregon", "countryOrRegion": "US", "geoCoordinates": {"latitude": 45.83599853515625, "longitude": -73.99726867675781}}, "mfaDetail": {"authMethod": "Mobile app notification"}, "correlationId": "56516ed0-3780-40b9-a9dc-4889f93b0413", "conditionalAccessStatus": "notApplied", "appliedConditionalAccessPolicies": [{"id": "SecurityDefaults", "displayName": "Security Defaults", "enforcedGrantControls": ["Mfa"], "enforcedSessionControls": [], "result": "failure", "conditionsSatisfied": 3, "conditionsNotSatisfied": 0}], "authenticationContextClassReferences": [], "originalRequestId": "9f054db5-74ff-4c16-8a13-9c823d484801", "isInteractive": true, "tokenIssuerName": "", "tokenIssuerType": "AzureAD", "authenticationProcessingDetails": [{"key": "Legacy TLS (TLS 1.0, 1.1, 3DES)", "value": "False"}, {"key": "Is CAE Token", "value": "False"}], "networkLocationDetails": [], "clientCredentialType": "none", "processingTimeInMilliseconds": 296, "riskDetail": "none", "riskLevelAggregated": "none", "riskLevelDuringSignIn": "none", "riskState": "none", "riskEventTypes": [], "riskEventTypes_v2": [], "resourceDisplayName": "Windows Azure Service Management API", "resourceId": "797f4846-ba00-4fd7-ba43-dac1f8f63013", "resourceTenantId": "2e325cc5-c689-4e1a-b0a4-a7a4b0f05635", "homeTenantId": "2e325cc5-c689-4e1a-b0a4-a7a4b0f05635", "authenticationDetails": [{"authenticationStepDateTime": "2022-07-14T16:00:05.7323223+00:00", "authenticationMethod": "Password", "authenticationMethodDetail": "Password in the cloud", "succeeded": false, "authenticationStepResultDetail": "Authentication failed during strong authentication request.", "authenticationStepRequirement": "Primary authentication", "StatusSequence": 0, "RequestSequence": 1}, {"authenticationStepDateTime": "2022-07-14T16:00:05.7323223+00:00", "authenticationMethod": "Mobile app notification", "succeeded": false, "authenticationStepResultDetail": "MFA denied; user declined the authentication", "authenticationStepRequirement": "Multi-factor authentication"}], "authenticationRequirementPolicies": [{"requirementProvider": "securityDefaults", "detail": "Security Defaults"}], "authenticationRequirement": "multiFactorAuthentication", "alternateSignInName": "azureadmin@contoso.onmicrosoft.com", "signInIdentifier": "azureadmin@contoso.onmicrosoft.com", "servicePrincipalId": "", "userType": "Member", "flaggedForReview": false, "isTenantRestricted": false, "autonomousSystemNumber": 12271, "crossTenantAccessType": "none", "privateLinkDetails": {}, "ssoExtensionVersion": "", "uniqueTokenIdentifier": "OWYwNTRkYjUtNzRmZi00YzE2LThhMTMtOWM4MjNkNDg0ODAx", "incomingTokenType": "none", "authenticationProtocol": "none", "appServicePrincipalId": null, "resourceServicePrincipalId": "86da2310-fd8c-4e8a-a0a6-aaf24a521a9a", "rngcStatus": 0}},"x-opt-sequence-number":555,"x-opt-offset":"4295705880","x-opt-enqueued-time":1657814739994}