Control access to apps based on user and device context

Context-Aware Access audit log

Use data to troubleshoot users’ access to apps

As your organization's administrator, you can use the Context-Aware Access audit log to troubleshoot when a user is denied access to an app. Entries usually appear within an hour of when the user’s access is denied.

Open the Context-Aware Access audit log

  1. Sign in to your Google Admin console.

    Sign in using your administrator account (does not end in

  2. From the Admin console Home page, go to Reports.
  3. On the left, click Auditand then Context-Aware Access.
  4. (Optional) To customize what you review, on the right, click Manage columns "", select the columns that you want to see or hide, and click Save.

Data you can view

Data type Description
Event description The action that was logged, such as a user being denied access to an app.
Device ID Device ID as shown in Device Management > Endpoint verification
Application App the user was denied access to.
Access Level Applied Access levels that are assigned to the app the user tried to access.
IP address IP address of the user.
Date Date and time of the event (displayed in your browser's default time zone).

For more information, go to Context-aware access.

When and how long is data available?

Go to Data retention and lag times.

Related topics

Was this helpful?
How can we improve it?