I need to accurately interpret login activity to ensure account security and identify unauthorized access. The current ambiguity around what constitutes a "Login" event creates confusion and could lead to misinterpreting normal system behavior as a security breach.
I would like to clearly understand what actions constitute a "Login" in ArcGIS Online activity reports. Ideally, I should be able to:
- Generate an activity report and immediately differentiate between user-initiated logins and automated/system-generated interactions.
- View detailed classifications or tags next to each login-related entry (e.g., "manual login," "token refresh," "background app request"). - Use filters or report settings to isolate specific types of login events.
- Reference official documentation that lists and explains all request types contributing to the "Login" activity, enabling accurate interpretation of report data and better security auditing.
This clarity would empower administrators to quickly assess account usage, detect anomalies, and respond to potential security concerns more effectively.
I've logged ENH-000176385 and hope you'll consider this enhancement.
