Even when Azure AD Identity Protection is not available for the Azure AD tenant, admins can still review Users flagged for risk and Risk events. To access the basic information available on these topics in every Azure AD tenant by default, perform these steps:
- Navigate your browser to https://portal.azure.com.
- Sign in with an account in Azure Active Directory that has the Global administrator role assigned.
- Perform multi-factor authentication when prompted.
- In the left-hand navigation pane, click Azure Active Directory.
- In the Azure Active Directory pane, click Users flagged for risk.
- Review users flagged for risk in the last 90 days in the Users flagged for risk main pane.
- In the Azure Active Directory pane, click Risk events ...