Stay organized with collections
Save and categorize content based on your preferences.
This document lists the events and parameters for
various types of
SAML Audit activity events. You can retrieve these events by
calling Activities.list()
with applicationName=saml.
Saml login
Login event type.
Events of this type are returned with type=login.
Failed login
Failed saml login.
Event details
Event name
login_failure
Parameters
application_name
string
Saml SP application name.
device_id
string
Saml Device ID.
failure_type
string
Login failure type.
Possible values:
failure_app_not_configured_for_user Whether the login failed because of app not configured for user.
failure_app_not_enabled_for_user Whether the login failed because of app not enabled for user.
failure_invalid_sp_id Whether the login failed because of invalid SP id.
failure_invalid_user_id_mapping Whether the login failed because of invalid userid mapping requested.
failure_malformed_request Whether the login failed because of malformed request.
failure_no_passive Whether the login failed because of failing to authenticate user passively.
failure_request_denied Whether the login failed because of request denied.
failure_unknown Whether the login failed because of unknown reason.
failure_user_id_mapping_unavailable Whether the login failed because of userid mapping unavailable.
initiated_by
string
Requester of saml authentication.
Possible values:
idp Saml authentication initiated by IdP.
sp Saml authentication initiated by SP.
orgunit_path
string
User orgunit.
saml_second_level_status_code
string
Response second level status.
saml_status_code
string
Response status.
Sample request
GET https://admin.googleapis.com/admin/reports/v1/activity/users/all/applications/saml?eventName=login_failure&maxResults=10&access_token=YOUR_ACCESS_TOKEN
Admin Console message format
{actor} failed to login because of the following error: {failure_type}
Successful login
Successful saml login.
Event details
Event name
login_success
Parameters
application_name
string
Saml SP application name.
device_id
string
Saml Device ID.
initiated_by
string
Requester of saml authentication.
Possible values:
idp Saml authentication initiated by IdP.
sp Saml authentication initiated by SP.
orgunit_path
string
User orgunit.
saml_status_code
string
Response status.
Sample request
GET https://admin.googleapis.com/admin/reports/v1/activity/users/all/applications/saml?eventName=login_success&maxResults=10&access_token=YOUR_ACCESS_TOKEN
[[["Easy to understand","easyToUnderstand","thumb-up"],["Solved my problem","solvedMyProblem","thumb-up"],["Other","otherUp","thumb-up"]],[["Missing the information I need","missingTheInformationINeed","thumb-down"],["Too complicated / too many steps","tooComplicatedTooManySteps","thumb-down"],["Out of date","outOfDate","thumb-down"],["Samples / code issue","samplesCodeIssue","thumb-down"],["Other","otherDown","thumb-down"]],["Last updated 2024-08-21 UTC."],[[["This document outlines SAML Audit activity events, accessible via the Activities.list() method with applicationName=saml."],["It details the parameters and event types for both successful (login_success) and failed (login_failure) SAML login attempts."],["For failed logins, the failure_type parameter provides specific reasons for authentication failures."],["Successful and failed login events both include application name, device ID, initiator (IdP or SP), org unit, and SAML status codes."]]],[]]