Access Evaluation Audit Activity Events
Stay organized with collections
Save and categorize content based on your preferences.
This document lists the events and parameters for
various types of
Access Evaluation Audit activity events. You can retrieve these events by
calling Activities.list
with applicationName=access_evaluation.
Access Token Evaluation
An access token evaluation was performed.
Events of this type are returned with type=access_token_evaluation.
Access Token Request
An access token request was evaluated successfully to allow access.
| Event details |
| Event name |
allow_token_request |
| Parameters |
client_type |
string
Client Type of the client ID.
Possible values:
CONNECTED_DEVICE
A connected device client.NATIVE_ANDROID
An Android application.NATIVE_APPLICATION
A native application.NATIVE_CHROME_EXTENSION
A Chrome application.NATIVE_DEVICE
A native device application.NATIVE_IOS
An iOS application.NATIVE_SONY
A native Sony application.TYPE_UNSPECIFIED
An unspecified client type.WEB
A web application.
|
configuration_source |
string
The Configuration Source.
Possible values:
APP_ACCESS_CONTROL
Admin has set a policy in API Controls.CONFIGURATION_SOURCE_UNSPECIFIED
Admin has not set any policy that blocks access for this application.DOMAIN_WIDE_DELEGATION
Admin has domain wide delegated the application.GOOGLE_WORKSPACE_MARKETPLACE
Admin has installed the application in Google Workspace Marketplace.MOBILE_DEVICE_MANAGEMENT
Admin has set a policy in Google Endpoint Management.
|
device_id |
string
The Device ID.
|
scope_data |
message
The Scope Data.
|
scopes_requested |
string
Scopes for which the access was requested.
|
|
| Sample request |
GET https://admin.googleapis.com/admin/reports/v1/activity/users/all/applications/access_evaluation?eventName=allow_token_request&maxResults=10&access_token=YOUR_ACCESS_TOKEN
|
| Admin Console message format |
{actor} token request from {APPLICATION_NAME_IDENTIFIER} was allowed due to {configuration_source}
|
Allow Token Impersonation
A Token impersonation was evaluated successfully to allow access.
| Event details |
| Event name |
allow_token_impersonation |
| Parameters |
client_type |
string
Client Type of the client ID.
Possible values:
CONNECTED_DEVICE
A connected device client.NATIVE_ANDROID
An Android application.NATIVE_APPLICATION
A native application.NATIVE_CHROME_EXTENSION
A Chrome application.NATIVE_DEVICE
A native device application.NATIVE_IOS
An iOS application.NATIVE_SONY
A native Sony application.TYPE_UNSPECIFIED
An unspecified client type.WEB
A web application.
|
configuration_source |
string
The Configuration Source.
Possible values:
APP_ACCESS_CONTROL
Admin has set a policy in API Controls.CONFIGURATION_SOURCE_UNSPECIFIED
Admin has not set any policy that blocks access for this application.DOMAIN_WIDE_DELEGATION
Admin has domain wide delegated the application.GOOGLE_WORKSPACE_MARKETPLACE
Admin has installed the application in Google Workspace Marketplace.MOBILE_DEVICE_MANAGEMENT
Admin has set a policy in Google Endpoint Management.
|
device_id |
string
The Device ID.
|
scope_data |
message
The Scope Data.
|
scopes_requested |
string
Scopes for which the access was requested.
|
service_account |
string
The Service Account.
|
|
| Sample request |
GET https://admin.googleapis.com/admin/reports/v1/activity/users/all/applications/access_evaluation?eventName=allow_token_impersonation&maxResults=10&access_token=YOUR_ACCESS_TOKEN
|
| Admin Console message format |
{service_account} impersonation access for {actor} was allowed due to {configuration_source}
|
Credential Validation
An end user credential was validated against security policies.
Events of this type are returned with type=credential_validation.
Allow Credential Validation Request
An end user credential was validated successfully against security policies to allow access.
| Event details |
| Event name |
allow_credential_validation_request |
| Parameters |
scopes_requested |
string
Scopes for which the access was requested.
|
|
| Sample request |
GET https://admin.googleapis.com/admin/reports/v1/activity/users/all/applications/access_evaluation?eventName=allow_credential_validation_request&maxResults=10&access_token=YOUR_ACCESS_TOKEN
|
| Admin Console message format |
{actor} credential validation request from {APPLICATION_NAME_IDENTIFIER} was allowed due to security policy configuration
|
Except as otherwise noted, the content of this page is licensed under the Creative Commons Attribution 4.0 License, and code samples are licensed under the Apache 2.0 License. For details, see the Google Developers Site Policies. Java is a registered trademark of Oracle and/or its affiliates.
Last updated 2025-11-27 UTC.
[null,null,["Last updated 2025-11-27 UTC."],[],[]]
