Over the past year Microsoft have released Sites.Selected permissions for both Microsoft Graph & SharePoint which can be given to an Azure AD App (App Registration). When created the app by default with Sites.Selected permissions does not have access to any SharePoint sites and has to be explicitly added added using Microsoft Graph or PnP PowerShell (Grant-PnPAzureADAppSitePermission) to the site(s) to be administered. Both processes only give the access Read or Write permissions to the site and not Full Control.
In this blog I will show you how to retrieve M365 audit logs with Azure Logic Apps & Power Automate including the logic to handle Pagination for very large tenants (number of results returned limited to prevent response timeouts). I provide instructions and templates for both Azure Logic Apps and Power Automate so you can install in your tenant today.
Testing out the new Microsoft Graph permission level Sites.Selected which allow an app access to just specific SharePoint site collections rather than all.