如要擷取網域所有服務的所有登入資訊,請使用下列 GET HTTP 要求,並附上「授權文件」中所述的授權權杖。如要進一步瞭解要求查詢字串和回應屬性,請參閱 API 參考資料。為了方便閱讀,以下範例會換行顯示:
GET https://admin.googleapis.com/admin/reports/v1/activity/users/all
/applications/login?endTime=end date&startTime=start date
&maxResults=maximum number of events returned on a response page
GET https://admin.googleapis.com/admin/reports/v1/activity/users/all/applications/login?customerId=C03az79cb
依事件名稱擷取 Google Workspace 登入事件
在某些情況下,您可能想擷取特定事件,例如可疑的登入成功事件。如要執行這項操作,請使用下列形式的 GET HTTP 要求:
GET https://admin.googleapis.com/admin/reports/v1/activity/users/all
/applications/login?maxResults=maximum number of events returned on a response page
&eventName=name of the login event
&filters=event parameterrelational operatorparameter value
以下範例說明如何擷取網域中所有可疑的成功登入:
GET https://admin.googleapis.com/admin/reports/v1/activity/users/all/applications/login?eventName=login_success&filters=is_suspicious==true&maxResults=25
[null,null,["上次更新時間:2025-08-29 (世界標準時間)。"],[],[],null,["# Reports API: Login Activity Report\n\nThe login activity report returns information on the login activities of all of\nyour account's users. Each report uses the basic report endpoint request with\nreport-specific parameters such as a user's email. The\nmaximum time period for each report is the last 180 days.\n| **Note:** The login activity report only audits explicit password and SAML-based single sign-on (SSO) logins.\n\nThe login activity report may be used only for lawful purposes in accordance with your Customer Agreement.\n\nRetrieve Google Workspace login events for a domain\n---------------------------------------------------\n\nTo retrieve all logins for all of your domain's services, use the following\n`GET` HTTP request and include the authorization token described in the\n[authorization documentation](https://developers.google.com/workspace/admin/reports/v1/guides/authorizing.html).\nFor more information about the request query strings and response properties,\nsee the [API Reference](/workspace/admin/reports/v1/reference/activity-ref-appendix-a/login-event-names).\nFor readability purposes, the following example is formatted with line returns: \n\n```\nGET https://admin.googleapis.com/admin/reports/v1/activity/users/all\n/applications/login?endTime=end date&startTime=start date\n&maxResults=maximum number of events returned on a response page\n```\n\nThe following example gets a report on all of your account's login events for\nthe past 180 days. The `maxResults` query parameter has this report return\n25 results per page. \n\n```\nGET https://admin.googleapis.com/admin/reports/v1/activity/users/all/applications/login?maxResults=25\n```\n\nThe following example gets a report on all of a customer's login events for\nthe past 180 days. The `customerId` specifies which customer the report is\nto be retrieved for. \n\n```\nGET https://admin.googleapis.com/admin/reports/v1/activity/users/all/applications/login?customerId=C03az79cb\n```\n\nRetrieve Google Workspace login events by event name\n----------------------------------------------------\n\nIn some instances, you may want to retrieve specific\n[events](/workspace/admin/reports/v1/reference/activity-ref-appendix-a/login-event-names),\nsuch as suspicious successful logins. To do this, use a `GET` HTTP request of\nthe following form: \n\n```\nGET https://admin.googleapis.com/admin/reports/v1/activity/users/all\n/applications/login?maxResults=maximum number of events returned on a response page\n&eventName=name of the login event\n&filters=event parameter relational operator parameter value\n```\n\nThe following example shows how to retrieve all suspicious successful logins\nfor a domain: \n\n```\nGET https://admin.googleapis.com/admin/reports/v1/activity/users/all/applications/login?eventName=login_success&filters=is_suspicious==true&maxResults=25\n```"]]
