What’s changing

We’ve added a new event to the OAuth Token Audit Activity Events in the Reports API and Reports section of the Admin console. This new event is called “Activity,” and it shows how second- and third-party apps are using the G Suite OAuth API tokens they’ve been granted. This event is in addition to the previously available Authorize and Revoke events.

We’ve also added a new parameter—called “Scope_data”—to both the Authorize and Revoke events, which allows you to filter logs based on which OAuth scope and product bucket was granted.

Who’s impacted

Admins only

Why you’d use it

The new Activity event allows you to see which methods are being called by second- and third-party apps on behalf of users via OAuth grants, removing some of the guesswork that previously existed around OAuth exposure. The Scope_data parameter allows you to filter Authorize and Revoke activity based on the specific scope that was granted.

How to get started

Additional details

The “Activity” event is triggered when a second- or third-party application calls a Google Product API using the OAuth protocol on behalf of one of your users. If your organization uses multiple second- or third-party apps, you may see a large increase in event traffic.

Helpful links

Developers Guide: OAuth Token Audit Activity Events
Help Center: OAuth Token audit log


Rollout details

  • Rapid Release domains: This feature is available now.
  • Scheduled Release domains: This feature is available now.

G Suite editions

  • Available to G Suite Enterprise, G Suite Enterprise for Education, Drive Enterprise, and Cloud Identity Premium
  • Not available to G Suite Basic, G Suite Business, G Suite for Education, and G Suite for Nonprofits 

On/off by default?

  • This feature will be ON by default.

Stay up to date with G Suite launches