How can I check status ( active or account lock or inactive status) of a user in Azure AD?
I am not sure if there any way to verify users status. Can Someone please help.
There are different ways to check whether a user account is active. One method of detecting inactive accounts is by evaluating the lastSignInDateTime property exposed by the signInActivity resource type of the Microsoft Graph API. There are two ways to do this:
If you search for a specific user by name, you can evaluate the lastSignInDateTime:
You can request a list of users with a lastSignInDateTime before a specified date:
https://graph.microsoft.com/beta/users?filter=signInActivity/lastSignInDateTime le 2019-06-01T00:00:00Z
Reference: How to manage inactive user accounts
You can also check if the user is Enabled using Graph API:
PATCH https://graph.microsoft.com/v1.0/users/username.msftonlinerepro.com
{ "accountEnabled": true }
To check if the user is in a blocked sign-in state, you can use the beta endpoint of the Graph API:
https://graph.microsoft.com/beta/users/{userPrincipalName}