Logs

Using the Auth0 Dashboard, you can pull log data on:

  • Actions performed by administrators using the Dashboard;
  • Authentications made by your users.

How to View Log Data

The Logs page of the Auth0 Dashboard displays all events that occur, including user authentication and administrative actions such as adding/updating Clients, Connections, and Rules.

Please note that administrative actions will show up in the logs as API Operation events.

Frequently Asked Questions

How long is log file data available?

The length of time log data is stored varies depending on your plan.

Plan Log Retention
Developer 2 Days
Developer Pro 10 Days
Enterprise 30 Days

How do I view or export log file data?

If you would like to store log data longer than the time period offered by your subscription plan, we recommend you use the Management API feature that allows you to retrieve the relevant data. Once you've retrieved your data, you can:

Retrieving Logs from the Management API

You can use the Management API v2 retrieve your logs. There are the two available endpoints, each providing slightly different quantities of information:

  • /api/v2/logs: Retrieves log entries that match the provided search criteria. If you do not provide any search criteria, you will get a list of all available entries;
  • /api/v2/logs/{id}: Retrieves the single log entry associated with the provided ID.

Log Data Event Listing

The following table lists the codes associated with the appropriate log events.

Event Code Event Event Description Additional Info
admin_update_launch Auth0 Update Launched
api_limit Rate Limit On API The maximum number of requests to the API in given time has reached. Rate Limit Policy
cls Code/Link Sent Passwordless login code/link has been sent Passwordless
coff Connector Offline AD/LDAP Connector is offline Active Directory/LDAP Connector
con Connector Online AD/LDAP Connector is online and working Active Directory/LDAP Connector
cs Code Sent Passwordless login code has been sent Passwordless
du Deleted User User has been deleted. User Profile
f Failed Login
fapi Failed API Operation
fc Failed by Connector Active Directory/LDAP Connector
fce Failed Change Email Failed to change user email User Profile
fco Failed by CORS Origin is not in the Allowed Origins list for the specified client Clients
fcoa Failed cross origin authentication
fcp Failed Change Password Changing a User's Password
fcph Failed Post Change Password Hook
fcpn Failed Change Phone Number User Profile
fcpr Failed Change Password Request Changing a User's Password
fcpro Failed Connector Provisioning Failed to provision a AD/LDAP connector Active Directory/LDAP Connector
fcu Failed Change Username Failed to change username User Profile
fd Failed Delegation Failed to generate delegation token Delegation Tokens
fdu Failed User Deletion User Profile
feacft Failed Exchange Failed to exchange authorization code for Access Token Authorization Code Grant Flow
feccft Failed Exchange Failed exchange of Access Token for a Client Credentials Grant Asking for Access Tokens for a Client Credentials Grant
feoobft Failed Exchange Failed exchange of Password and OOB Challenge for Access Token
feotpft Failed Exchange Failed exchange of Password and OTP Challenge for Access Token
fepft Failed Exchange Failed exchange of Password for Access Token
fercft Failed Exchange Failed Exchange of Password and MFA Recovery code for Access Token
fertft Failed Exchange Failed Exchange of Refresh Token for Access Token
flo Failed Logout User logout failed Logout
fn Failed Sending Notification Failed to send email notification Emails
fp Failed Login (Incorrect Password)
fs Failed Signup
fsa Failed Silent Auth
fu Failed Login (Invalid Email/Username)
fui Failed users import Failed to import users User Import/Export
fv Failed Verification Email Failed to send verification email Verification Email
fvr Failed Verification Email Request Failed to process verification email request Verification Email
gd_auth_failed OTP Auth failed One-time password authentication failed. Multifactor Authentication
gd_auth_rejected OTP Auth rejected One-time password authentication rejected. Multifactor Authentication
gd_auth_succeed OTP Auth success One-time password authentication success. Multifactor Authentication
gd_enrollment_complete Guardian enrollment complete
gd_module_switch Module switch
gd_otp_rate_limit_exceed Too many failures
gd_recovery_failed Recovery failed Multifactor recovery code failed. Multifactor Authentication
gd_recovery_rate_limit_exceed Too many failures Multifactor recovery code has failed too many times. Multifactor Authentication
gd_recovery_succeed Recovery success Multifactor recovery code succeeded authorization. Multifactor Authentication
gd_send_pn Push notification sent Push notification for MFA sent successfully sent with Guardian. Auth0 Guardian
gd_send_sms SMS Sent SMS for MFA sent successfully sent. Using SMS for MFA
gd_start_auth Second factor started Second factor authentication event started for MFA. Multifactor Authentication
gd_start_enroll Enroll started Multifactor authentication enroll has started. Multifactor Authentication
gd_tenant_update Guardian tenant update Auth0 Guardian
gd_unenroll Unenroll device account Device used for second factor authentication has been unenrolled. Multifactor Authentication
gd_update_device_account Update device account Device used for second factor authentication has been updated. Multifactor Authentication
gd_user_delete User delete Deleted multifactor user account. User Profile
limit_delegation Too Many Calls to /delegation Rate limit exceeded to /delegation endpoint API Rate Limit Policy
limit_mu Blocked IP Address An IP address is blocked with 10 failed login attempts into a single account from the same IP address. Anomaly Detection
limit_ui Too Many Calls to /userinfo Rate limit exceeded to /limit_ui endpoint API Rate Limit Policy
limit_wc Blocked Account Anomaly Detection
pwd_leak Breached password
s Success Login Successful login event.
sapi Success API Operation
sce Success Change Email Emails in Auth0
scp Success Change Password
scph Success Post Change Password Hook
scpn Success Change Phone Number
scpr Success Change Password Request
scu Success Change Username
sd Success Delegation Delegation Tokens
sdu Success User Deletion User successfully deleted User Profile
seacft Success Exchange Successful exchange of authorization code for Access Token Authorization Code Grant Flow
seccft Success Exchange Successful exchange of Access Token for a Client Credentials Grant Asking for Access Tokens for a Client Credentials Grant
seoobft Success Exchange Successful exchange of Password and OOB Challenge for Access Token
seotpft Success Exchange Successful exchange of Password and OTP Challenge for Access Token
sepft Success Exchange Successful exchange of Password for Access Token
sercft Success Exchange Successful exchange of Password and MFA Recovery code for Access Token
sertft Success Exchange Successful exchange of Refresh Token for Access Token
slo Success Logout User successfully logged out Logout
ss Success Signup
ssa Success Silent Auth
sui Success users import Successfuly imported users User Import/Export
sv Success Verification Email
svr Success Verification Email Request
sys_os_update_end Auth0 OS Update Ended
sys_os_update_start Auth0 OS Update Started
sys_update_end Auth0 Update Ended
sys_update_start Auth0 Update Started
ublkdu User login block released User block setup by anomaly detection has been released
w Warnings During Login

Tools to Process Logs