Google Admin SDK Reports API Activity OAuth Token Audit Events

0
votes

The problem: I get an empty result when accessing the activity audit oauth token with eventName=activity in google-admin-sdk.

What I've tried: GET https://www.googleapis.com/admin/reports/v1/activity/users/all/applications/token?eventName=activity

If I filter the event with eventName=authorize I see all the expected results. I'm accessing the api with an oauth token that was issued by an admin and has scope=https://www.googleapis.com/auth/admin.reports.audit.readonly

The output should not be empty since I have used many google oauth tokens in third party apps that access my data in google

Some help on this matter? Thanks! :)

1
google-admin-sdk

1 Answers

0
votes

Your request is correct, however I am not sure either third party apps will be listed in the results.

  • Try (or the admin should try) to perform an activity that can be expected for sure to be listed
  • For example, perform a request with the Try this API
  • The response for
curl \
  'https://admin.googleapis.com/admin/reports/v1/activity/users/all/applications/token?eventName=activity&key=[YOUR_API_KEY]' \
  --header 'Authorization: Bearer [YOUR_ACCESS_TOKEN]' \
  --header 'Accept: application/json' \
  --compressed

is in my case

{
  "kind": "admin#reports#activities",
  "etag": "XXX",
  "nextPageToken": "A:1606425471182618:8574055294017871466:151219070090:C01bs255h",
  "items": [
    {
      "kind": "admin#reports#activity",
      "id": {
        "time": "2020-12-01T09:24:24.330Z",
        "uniqueQualifier": "2270403000344494958",
        "applicationName": "token",
        "customerId": "YYY"
      },
      "etag": "ZZZ",
      "actor": {
        "email": "AAA,
        "profileId": "BBB"
      },
      "ipAddress": "31.4.243.197",
      "events": [
        {
          "type": "auth",
          "name": "activity",
          "parameters": [
            {
              "name": "api_name",
              "value": "admin"
            },
            {
              "name": "method_name",
              "value": "reports.activities.list"
            },
...