Reclaim unused Microsoft 365 licenses with Entra sign-in activity

Most organizations pay for more Microsoft 365 licenses than they use. Not out of carelessness, but because nobody looks at the gap between an assigned license and a used license. That gap lives in Entra ID, in a field most admins never open: signInActivity.

TL;DR

• An assigned license is not the same as a used license.
• Entra ID records each user's last sign-in in the signInActivity field.
• Use that date to find accounts that have not signed in for 90 days.
• A 90-day policy is a solid starting point: long enough to cover leave, short enough to save money.
• For 500 users with 12 percent unused E3 licenses, you are looking at around 25,000 euros per year.
• ServiceChanger reads the real sign-in activity and reports which licenses you can reclaim. Microsoft does the actual revocation.

The difference between assigned and used

In the Microsoft 365 admin center you can see how many licenses you bought and how many are assigned. What you cannot see there is whether those assigned licenses are actually being used.

An account can hold an E3 license and not have signed in for four months. The license still counts toward your consumption. You still pay for it. But nothing is happening with it.

Industry surveys of SaaS usage consistently put unused or underused licenses somewhere between a third and a half of seats, with some studies finding close to half of licenses unused for 90 days or more. Even if your number sits at the low end, there is a good chance you are paying for nothing on a meaningful slice of your seats.

What signInActivity actually is

Entra ID records when each user last signed in. That lives in the signInActivity property, available through Microsoft Graph. Three fields inside it matter:

Field	What it means
lastSignInDateTime	Last interactive sign-in (user types a password, MFA, and so on)
lastNonInteractiveSignInDateTime	Last sign-in on behalf of the user, for example a client refreshing a token
lastSuccessfulSignInDateTime	Last successful sign-in, regardless of whether the session completed further

For license cleanup you usually want the most recent of the three. An account that does not sign in interactively but is active non-interactively is probably still using a service (think of a mail client syncing in the background).

Two things to know up front

Before you build on this, two facts that often surprise people.

First: the signInActivity property requires a Microsoft Entra ID P1 license (or higher) in your tenant. Without P1, Graph will not return this field. P1 ships with many Microsoft 365 plans, but check before you start.

Second: the data is not real time. Microsoft documents a delay of up to roughly 24 hours before a sign-in shows up in this field. For a 90-day policy a single day makes no difference, but do not expect to see who logged in five minutes ago.

Setting up a 90-day policy

A fixed number of days makes the policy explainable and repeatable. 90 days works for most organizations:

• It covers extended leave, sick leave, and sabbaticals.
• It is short enough to save money within a quarter.
• It is a threshold you can explain to an auditor.

The steps:

1. Pull all users with a paid license through Graph, including signInActivity.
2. Filter for accounts whose last sign-in is older than 90 days.
3. Exclude service accounts and intentionally dormant accounts (put them on an exception list).
4. Review the remaining list with the team lead or HR contact.
5. Revoke the license for accounts that are genuinely no longer needed, or move them to a cheaper plan.

You do step 5 in Microsoft. ServiceChanger provides the list, the evidence, and the recommendation; the actual license change stays an action in the Microsoft admin surface.

The math

As a worked example, say you have 500 users, all on E3. A Microsoft 365 E3 license runs roughly 35 euros per user per month at current list pricing, so about 420 euros per year. The scenarios below are illustrative, not a guaranteed result.

Scenario	Unused	Licenses freed	Saving per year
Conservative	6 percent	30	12,600 euros
Realistic	12 percent	60	25,200 euros
High churn	20 percent	100	42,000 euros

Even the conservative scenario pays for itself many times over. And this is only the direct seat saving, before the time your service desk spends on manual license audits.

What to do with the freed licenses

A revoked license does not have to be cancelled right away. Three options:

• Reuse. Keep a central pool and assign freed licenses to new hires. You only buy more when the pool is empty.
• Downgrade. Someone who only uses mail and Teams does not need E5. Move them to E3 or Business Standard.
• Do not renew. At your next contract date you buy fewer seats. This is where the real structural saving lives.

FAQ

Does an old last sign-in always mean the license can go? No. Always verify manually or check with the manager. You do not want to cut access for an executive who was on a three-month sabbatical. The list is a starting point, not an automatic cancel button.

Do I really need P1? For the signInActivity property through Graph, yes. Many organizations already have P1 through their Microsoft 365 subscription without realizing it. Check your license overview before you write this off.

Does ServiceChanger revoke the licenses automatically? No. ServiceChanger reads the real sign-in activity, compares it against your assigned seats and your contracts, and reports what you can reclaim. The actual assignment and revocation of license SKUs happens in Microsoft. We measure and advise, you stay in control.

How often should I run this? Report monthly, clean up quarterly. That keeps you close to your real consumption without checking by hand every week.

Further reading

• Find inactive users in Entra for spotting quiet accounts through sign-in activity.
• Manage Microsoft 365 licenses for broader license management.

Next step

Want to know how many unused licenses sit in your tenant? The ServiceChanger license module reads the real sign-in activity from Entra ID and shows what you can reclaim. Book a demo or read the license docs.