Use the Policy Insights Dashboard

Early Access release. See Enable self-service features.

The Policy Insights Dashboard allows you to view statistics about user sign-in events and authentication attempts in your org. This helps you understand the impact of your authentication policies on users and resolve issues with authenticating and signing in. The Policy Insights Dashboard displays metrics and data visualizations for individual policies.

View the Policy Insights Dashboard

  1. In the Admin Console, go to Security > Authentication Policies.

  2. Click App sign-in.

  3. On the App sign-in policies page, select the policy that you want to view insights for.

  4. Click the Dashboard tab.

  5. From the Timeframe dropdown menu, select the time period you want to view statistics for.

  6. View the graphs and tables. Hover over the lines to view the statistics for the lines. Each graph is described in the following sections.

Timeframe

Use the Timeframe menu to select the time period that you want to view data from. You can view data from the past 7, 14, 21, or 28 days.

The Policy Insights Dashboard converts the start and end dates to Coordinated Universal Time (UTC). When you specify a time period, the results of the report may differ depending on your local time zone.

The data displayed in the Policy Insights Dashboard is intended to help identify trends and aggregate information. The dashboard data isn't in real time. There's a delay of at most four hours between when an event occurs and when it's displayed on the dashboard.

Use the legend

Each graph on the Policy Insights Dashboard has a legend that displays the color of the lines and the data that each line represents. Dots indicate when a policy was updated. Click the items in the legend to display or hide the data.

Sign-in activities

The Sign-in activities graph shows the number of requests for each of the following request types:

  • All sign-in requests

  • Successful sign-ins

  • Failed sign-ins

    Failed sign-ins include all user-initiated sign-in attempts that failed authentication and weren't denied. For example: the user failed their password attempts or abandoned their sign-in session.

  • Access denied events (when users were denied access without being challenged)

Unique users

The Unique users graph shows the total number of unique users attempting to sign in.

Phishing resistant authentication

The Phishing resistant authentication graph shows the percentage of sign-in attempts that used phishing-resistant methods, calculated against the total number of successful authentications.

Prompt during authentication

This graph shows the percentage of sign-in attempts that were prompted for one of these types of authentication:

  • Prompts for enrollment

  • Prompts for challenge

Average time spent on sign-in

This metric tracks the average time (in seconds) spent completing a successful sign-in. Time to sign-in is measured as the duration between the access request and when access was granted.

Policy rules

Below the graphs, the Policy rules section displays the rules that are executed and enforced when there's a sign-in request. It displays the following information about each rule:

  • Priority

  • Rule name

  • Status (Enabled, Disabled, or Deleted)

  • Number of matches

  • Successful Sign-in (percentage)

  • Date of last match

Data is displayed on pages. Use the Rows per page field to change the number or rows displayed on each page. To view a page, use the navigation arrows to move between pages.

The Policy rules section displays rules that were matched at least once during the selected timeframe, regardless of status. This means that you may see inactive or deleted rules if the rule was active at some point during the timeframe.