Authentication logs provide comprehensive tracking of all authentication requests and user verification attempts within your organization. These logs help you monitor security, identify suspicious activity, and maintain compliance with access control policies.

What Are Authentication Logs?

Authentication logs capture every authentication transaction that occurs in your system. Unlike other audit logs that track administrative changes, authentication logs focus specifically on user verification attempts and their outcomes.

Each authentication event represents a transaction - a request for a user to verify their identity using their passkey.

Viewing Authentication Logs

Organization-Wide Authentication Logs

1. Navigate to Auth Logs in the main navigation
2. View all authentication transactions across your organization
3. See details including:
   • Subject - The user who was asked to authenticate
   • Requestor - Who requested the authentication
   • State - Current status of the authentication request
   • Created At - When the authentication request was initiated
   • Completed At - When the authentication was completed (if applicable)

Individual User Authentication History

For user-specific authentication history:

1. Go to Users in the navigation
2. Click on a specific user
3. View the Authentication Transactions section

This shows all authentication requests that have been sent to that particular user.

Understanding Authentication Requests

Request Information

Each authentication log entry contains:

• Transaction ID - Unique identifier for the authentication request
• Subject - The user being asked to authenticate
• Requestor - The entity (application, service, or person) requesting authentication
• Context - Where the authentication request originated from
• Message - Any custom message included with the request
• Timestamps - When the request was created and completed

Geographic Information

When users respond to authentication requests, the system captures:

• IP address of the authentication attempt
• Geographic location (city, region, country)
• This information helps detect unusual access patterns

Security Monitoring

Authentication logs are essential for security monitoring and can help identify:

Suspicious Activity

• Authentication requests from unusual locations
• Patterns of denied authentication requests
• Unexpected authentication requests

Access Patterns

• Normal vs. abnormal authentication frequency
• Geographic distribution of authentication attempts
• Time-based patterns in authentication requests

Transaction Details

Clicking on Authentication Entries

• Click on any transaction to view detailed history
• See the complete timeline of the authentication request
• View any error messages or additional context
• Access QR codes or direct links for pending authentications

Real-time Updates

• Authentication logs update in real-time as users respond to requests
• States change automatically as transactions progress
• Completed transactions show final timestamps and outcomes

Compliance and Reporting

Authentication logs provide valuable data for:

Security Audits

• Complete record of all authentication attempts
• Timestamps and outcomes for compliance reporting
• Geographic data for risk assessment
• User behavior patterns for security analysis

Access Control Verification

• Proof of user identity verification
• Documentation of authentication methods used
• Evidence of proper access control procedures
• Audit trail for sensitive operations