Table of contents
Google Logins
Google login events give WorkSights a reliable signal of when a user actively authenticates with their Google account. These events come directly from Google Workspace's audit logs and reflect real user-driven authentication, not background system activity.
For connection steps, see Connecting Google Workspace.
What WorkSights Receives
WorkSights ingests login audit events from Google Workspace. These appear when a user is prompted to authenticate because of session expiry, a new browser, an OAuth grant, or an elevated-permission action. Each login entry includes a timestamp, user identity, and metadata Google provides such as IP address and location. Passwords, tokens, and sensitive credential data are never received.
How Login Activity Appears
Login events appear as short one-minute entries on the user's timeline. They help clarify when a user started their working session, when an action required re-authentication, and whether work was performed across multiple devices or locations. Login events use WorkSights's green activity color for fast visual recognition.
Data Notes
Google does not expose session duration or active presence, so WorkSights reflects logins as discrete authentication moments rather than ongoing sessions. Login visibility cannot be disabled for specific users. Activity appears only for mapped users.
Troubleshooting
If login activity is not appearing as expected:
- Confirm the Google Workspace domain is connected and the affected user is mapped in WorkSights.
- Login events reflect user-driven authentication only. Background system activity does not generate entries.
- If a user logs in via SSO or a third-party identity provider, events may not be passed through Google's audit logs and will not appear in WorkSights.
- For persistent issues, contact support via the in-app chat.