KQL Sign-Ins: Temporary access Pass

KQL for SigninLogs showing Temporary Access Pass usage.

SigninLogs
| where TimeGenerated > ago(300d)
| where ResultType == 0
| mv-expand todynamic(AuthenticationDetails)
| extend ['Authentication Method'] = tostring(AuthenticationDetails.authenticationMethod)
| where ['Authentication Method'] == 'Temporary Access Pass'
| summarize
    ['SigninCount']=dcount(Id)
    by UserPrincipalName
| sort by UserPrincipalName asc

// UserPrincipalName         | SigninCount
// |-------------------------|--------------|
// john.smith@domain.com     | 1
// admin@domain.com          | 2