如需检索网域所有服务的所有登录信息,请使用以下 GET HTTP 请求,并添加授权文档中所述的授权令牌。
如需详细了解请求查询字符串和响应属性,请参阅 API 参考文档。为了便于阅读,以下示例使用回车断行:
GET https://admin.googleapis.com/admin/reports/v1/activity/users/all
/applications/login?endTime=end date&startTime=start date
&maxResults=maximum number of events returned on a response page
GET https://admin.googleapis.com/admin/reports/v1/activity/users/all/applications/login?customerId=C03az79cb
按事件名称检索 Google Workspace 登录事件
在某些情况下,您可能需要检索特定事件,例如可疑的成功登录。为此,请使用以下格式的 GET HTTP 请求:
GET https://admin.googleapis.com/admin/reports/v1/activity/users/all
/applications/login?maxResults=maximum number of events returned on a response page
&eventName=name of the login event
&filters=event parameterrelational operatorparameter value
以下示例展示了如何检索网域的所有可疑成功登录:
GET https://admin.googleapis.com/admin/reports/v1/activity/users/all/applications/login?eventName=login_success&filters=is_suspicious==true&maxResults=25
[null,null,["最后更新时间 (UTC):2025-08-29。"],[],[],null,["# Reports API: Login Activity Report\n\nThe login activity report returns information on the login activities of all of\nyour account's users. Each report uses the basic report endpoint request with\nreport-specific parameters such as a user's email. The\nmaximum time period for each report is the last 180 days.\n| **Note:** The login activity report only audits explicit password and SAML-based single sign-on (SSO) logins.\n\nThe login activity report may be used only for lawful purposes in accordance with your Customer Agreement.\n\nRetrieve Google Workspace login events for a domain\n---------------------------------------------------\n\nTo retrieve all logins for all of your domain's services, use the following\n`GET` HTTP request and include the authorization token described in the\n[authorization documentation](https://developers.google.com/workspace/admin/reports/v1/guides/authorizing.html).\nFor more information about the request query strings and response properties,\nsee the [API Reference](/workspace/admin/reports/v1/reference/activity-ref-appendix-a/login-event-names).\nFor readability purposes, the following example is formatted with line returns: \n\n```\nGET https://admin.googleapis.com/admin/reports/v1/activity/users/all\n/applications/login?endTime=end date&startTime=start date\n&maxResults=maximum number of events returned on a response page\n```\n\nThe following example gets a report on all of your account's login events for\nthe past 180 days. The `maxResults` query parameter has this report return\n25 results per page. \n\n```\nGET https://admin.googleapis.com/admin/reports/v1/activity/users/all/applications/login?maxResults=25\n```\n\nThe following example gets a report on all of a customer's login events for\nthe past 180 days. The `customerId` specifies which customer the report is\nto be retrieved for. \n\n```\nGET https://admin.googleapis.com/admin/reports/v1/activity/users/all/applications/login?customerId=C03az79cb\n```\n\nRetrieve Google Workspace login events by event name\n----------------------------------------------------\n\nIn some instances, you may want to retrieve specific\n[events](/workspace/admin/reports/v1/reference/activity-ref-appendix-a/login-event-names),\nsuch as suspicious successful logins. To do this, use a `GET` HTTP request of\nthe following form: \n\n```\nGET https://admin.googleapis.com/admin/reports/v1/activity/users/all\n/applications/login?maxResults=maximum number of events returned on a response page\n&eventName=name of the login event\n&filters=event parameter relational operator parameter value\n```\n\nThe following example shows how to retrieve all suspicious successful logins\nfor a domain: \n\n```\nGET https://admin.googleapis.com/admin/reports/v1/activity/users/all/applications/login?eventName=login_success&filters=is_suspicious==true&maxResults=25\n```"]]