Logs

Using the Auth0 Dashboard, you can pull log data on:

  • Actions performed by administrators using the Dashboard;
  • Authentications made by your users.

How to View Log Data

The Logs page of the Auth0 Dashboard displays all events that occur, including user authentication and administrative actions such as adding/updating Clients, Connections, and Rules.

Please note that administrative actions will show up in the logs as API Operation events.

Frequently Asked Questions

How long is log file data available?

The length of time for which your data is stored varies depending on your plan.

You can see how long data is kept for your existing plan using the Learn More banner.

How do I view or export log file data?

If you would like to store log data longer than the time period offered by your subscription plan, we recommend you use the Management API feature that allows you to retrieve the relevant data. Once you've retrieved your data, you can:

Retrieving Logs from the Management API

You can use the Management API v2 retrieve your logs. There are the two available endpoints, each providing slightly different quantities of information:

  • /api/v2/logs: Retrieves log entries that match the provided search criteria. If you do not provide any search criteria, you will get a list of all available entries;
  • /api/v2/logs/{id}: Retrieves the single log entry associated with the provided ID.

Log Data Event Listing

The following table lists the codes associated with the appropriate log events.

Event Code Event Event Description Additional Info
admin_update_launch Auth0 Update Launched
api_limit Rate Limit On API The maximum number of requests to the API in given time has reached. Rate Limit Policy
cls Code/Link Sent Passwordless login code/link has been sent Passwordless
cs Code Sent Passwordless login code has been sent Passwordless
coff Connector Offline AD/LDAP Connector is offline Active Directory/LDAP Connector
con Connector Online AD/LDAP Connector is online and working Active Directory/LDAP Connector
fc Failed by Connector Active Directory/LDAP Connector
du Deleted User User has been deleted. User Profile
f Failed Login
fapi Failed API Operation
fce Failed Change Email Failed to change user email User Profile
fco Failed by CORS Origin is not in the Allowed Origins list for the specified client Clients
fcp Failed Change Password Changing a User's Password
fcpn Failed Change Phone Number User Profile
fcpr Failed Change Password Request Changing a User's Password
fcpro Failed Connector Provisioning Failed to provision a AD/LDAP connector Active Directory/LDAP Connector
fcu Failed Change Username Failed to change username User Profile
fd Failed Delegation Failed to generate delegation token Delegation Tokens
fdu Failed User Deletion User Profile
sdu Success User Deletion User successfully deleted User Profile
feacft Failed Exchange Failed to exchange authorization code for Access Token Authorization Code Grant Flow
feccft Failed Exchange Failed exchange of Access Token for a Client Credentials Grant Asking for Access Tokens for a Client Credentials Grant
slo Success Logout User successfully logged out Logout
flo Failed Logout User logout failed Logout
fn Failed Sending Notification Failed to send email notification Emails
fp Failed Login (Incorrect Password)
fs Failed Signup
fu Failed Login (Invalid Email/Username)
fui Failed users import Failed to import users User Import/Export
sui Success users import Successfuly imported users User Import/Export
fv Failed Verification Email Failed to send verification email Verification Email
fvr Failed Verification Email Request Failed to process verification email request Verification Email
gd_auth_failed OTP Auth failed One-time password authentication failed. Multifactor Authentication
gd_auth_rejected OTP Auth rejected One-time password authentication rejected. Multifactor Authentication
gd_auth_succeed OTP Auth success One-time password authentication success. Multifactor Authentication
gd_module_switch Module switch
gd_otp_rate_limit_exceed Too many failures
gd_recovery_failed Recovery failed Multifactor recovery code failed. Multifactor Authentication
gd_recovery_rate_limit_exceed Too many failures Multifactor recovery code has failed too many times. Multifactor Authentication
gd_recovery_succeed Recovery success Multifactor recovery code succeeded authorization. Multifactor Authentication
gd_send_pn Push notification sent Push notification for MFA sent successfully sent with Guardian. Auth0 Guardian
gd_send_sms SMS Sent SMS for MFA sent successfully sent. Using SMS for MFA
gd_start_auth Second factor started Second factor authentication event started for MFA. Multifactor Authentication
gd_start_enroll Enroll started Multifactor authentication enroll has started. Multifactor Authentication
gd_tenant_update Guardian tenant update Auth0 Guardian
gd_unenroll Unenroll device account Device used for second factor authentication has been unenrolled. Multifactor Authentication
gd_update_device_account Update device account Device used for second factor authentication has been updated. Multifactor Authentication
gd_user_delete User delete Deleted multifactor user account. User Profile
limit_delegation Too Many Calls to /delegation Rate limit exceeded to /delegation endpoint API Rate Limit Policy
limit_mu Blocked IP Address An IP address is blocked with 10 failed login attempts into a single account from the same IP address. Anomaly Detection
limit_ui Too Many Calls to /userinfo Rate limit exceeded to /limit_ui endpoint API Rate Limit Policy
limit_wc Blocked Account Anomaly Detection
s Success Login Successful login event.
sapi Success API Operation
sce Success Change Email Emails in Auth0
scp Success Change Password
scpr Success Change Password Request
scpn Success Change Phone Number
scu Success Change Username
sd Success Delegation Delegation Tokens
seacft Success Exchange Successful exchange of authorization code for Access Token Authorization Code Grant Flow
seccft Success Exchange Successful exchange of Access Token for a Client Credentials Grant Asking for Access Tokens for a Client Credentials Grant
ss Success Signup
sv Success Verification Email
svr Success Verification Email Request
sys_os_update_end Auth0 OS Update Ended
sys_os_update_start Auth0 OS Update Started
sys_update_end Auth0 Update Ended
sys_update_start Auth0 Update Started
w Warnings During Login

Tools to Process Logs