how to trigger function upon azure active directory changes

Question

I am creating an application and trying to understand as, how to trigger an azure function when a new user or role is added to azure active directory

Answer 1

I appreciate that this question is a bit old, but these you can use Graph subscriptions for this. Microsoft's Azure Graph APIs lets you get a web hook callback whenever various graph objects change. This lets you subscribe to changes of Entra (Azure AD) users or groups (either specific ones or any one).

See https://learn.microsoft.com/en-us/graph/api/subscription-post-subscriptions for more details.

Answer 2

First - this isn't going to be an exact 'how to' answer, sorry, but this is something similar to what I've been looking for recently as well.

What I have found thus far (from https://learn.microsoft.com/en-us/azure/azure-functions/functions-triggers-bindings) is that there does not appear to be a direct way to trigger or bind to Azure Active Directory from Azure Functions. However, in that link it does list Event Hubs as a option.

That led me to https://learn.microsoft.com/en-us/azure/active-directory/reports-monitoring/tutorial-azure-monitor-stream-logs-to-event-hub which gives a sample of how to stream Azure Active Directory logs to an Event Hub.

If you put the two together, it does seem possible, and I will be starting something similar myself in the next few weeks, so I would be interested in how this turns out for you.

Good luck!