To see sign in activity data in LicenceOne, you need to have successfully added Google Workspace as a data source in your LicenceOne account.
How does LicenceOne get activity data?
Every time someone that's part of your Google Workspace directory signs into an application with the "Sign in with Google" button, LicenceOne recuperates this information.
What if I can't sign in with Google on an application?
Unfortunately, LicenceOne won't be able to detect the login activity for your employees for those applications...yet 😉
We are, however, investigating other methods of getting this information. You can help us prioritise our roadmap for this by voting and commenting on the methods that you prefer, or suggesting a new way to do it that we haven't already considered.
Currently under consideration:
Already considered, but technically unfeasible:
Detect login activity by direct integrations with applications
My activity indicator isn't accurate
This is likely due to how that application handles its "Sign in with Google" integration and session length.
To explain in a bit more detail, we need to get a little technical and into some detail (sorry!).
When an employee clicks on the "Sign in with Google" button on an application's sign-in page, the application generates what is known as an "authentification token"; which allows them to verify that you are logged into Google and you are who you say you are.
To have a great user experience, most applications (LicenceOne included) don't want to sign you out every 10 minutes (known as a "session"). To do this, they store this "authentification token" for a period of time (known as a "session length").
Security best practices recommend that these "sessions" last no longer than several hours, or at the very most 30 days; and that an application should periodically terminate these "sessions" and request the user prove their identity again by generating a new "authentification token".
Among other reasons, this is so that if an employee uses their computer or leaves it unlocked, a bad actor can't easily get access to their applications.
Some applications decide that the risk factor isn't high enough to justify impacting the user experience for this, and therefore do not terminate sessions for longer periods nor generate new authentification tokens often.
As LicenceOne detects login activity from the last time an authentification token was generated, this impacts the accuracy of the sign-in activity that we can display for users.