Dashboard insights
As an administrator, when you first log into the SecureAuth® Identity Platform, an intelligence dashboard provides real time visibility to key metrics. The dashboard contains deployment data associated with your Identity Platform tenant.
The dashboard data metrics reports all browser workflow transactions. You can include API transactions if you use the /authenticated
endpoint and add the request ID to the transactions.
Dashboard metrics are also available for SecureAuth® RADIUS Server and Login for Endpoints transactions. These metrics include login information for VPNs, remote server access, and endpoint desktop access to Windows and Mac.
The dashboard divides metrics into four tabs:
Login Data – Explore data related to logins by system, applications, or users.
User Profile Data – Explore cloud profile data associated with each user name.
Authentication Types – Explore data on enrolled mobile and authenticator devices, and view push notifications blocked by users.
Deployment Data – View product versions for services deployed with your Identity Platform tenant.
The data refreshes every 3 hours. To get updated data, you can refresh the page.
Note
Until you get the Identity Platform up and running and in production, you might get a 404 error and have no or limited incoming data.
Login Data tab
Select the Login Data tab to view data related to user logins. Login data is organized into the following tabs:
Company dashboard (At a glance) – General overview of all login data in time frames from the past 24 hours to the past year
Hourly report (past 24 hours) – Login data for the past 24 hours.
Company logins – Login data by User ID.
OS statistics – Login data by operating system, browser, and IP address.
Application/Realm number – Login data by application or Realm number.
Authentication method – Login data by MFA method.
Continue reading below to learn more about some of the categories displayed on the Company dashboard (At a glance) tab of the dashboard.
Tip
Use the following tips to optimize your dashboard experience and maximize the effectiveness of the Login Data tab.
Some tabs have the option for you to set a date range or sort data by a specific category. Click the gray Controls bar beneath each tab to view filter options.
Bar graphs in the dashboard allow users to drill down into specific data points up to 3 months from the current date. Click on individual bars to see the drill through options.
Hover over any point in a graph to see a basic summary of that data point.
Hover over any graph and click the three dots to see Menu options. You can View summary data or Export to CSV.
Number of logins to the Identity Platform
System overview of total logins, both successful and failed, processed by the Identity Platform.
View the number of total logins from the past 24 hours, 7 days, 30 days, and year from today's date. The login count includes transactions that are both logged as successful and failed.
Successful vs. Failed logins view
Bar graph displays the number of successful vs. failed logins processed by the Identity Platform.
Hover the mouse over a specific time period to view the number of successful logins and the number of failed logins.
Click a specific bar to drill through data.
Logins by OS (operating system) view
Get insights into the number of logins on specific operating systems processed by the Identity Platform. For example, a user login to a resource occurred on Windows 10, Mac OS X, or Android mobile device.
The list includes API logins (displayed as "API" in the view) when the transaction is from an API workflow. If "Other" shows up on the list, it can mean an unrecognizable operating system.
Note
To add API transactions into dashboard reporting, it requires the Identity Platform 20.06 or later and the new /authenticated
endpoint.
The list displays the top five commonly used operating systems for logins in a given date range.
To see more detailed data about logins by OS, select the OS statistics tab.
Logins by Application view
Get insights into the number of logins for each application (shown by its realm name). For example, Office 365, Salesforce, and Zoom.
Hover the mouse over a specific bar to see the total number of login attempts for the Realm.
To see more detailed data about logins by application, select the Application/Realm number tab.
Logins by Authentication method view
Get insights into the MFA options selected by end users to authenticate their access to applications. For example, FIDO2 authenticators, Email (OTP), SMS (Link-to-Accept), and so on.
For documentation purposes, the following table lists all the available MFA Methods in the Identity Platform. On the dashboard, it only displays the MFA methods actively used by end users.
MFA Method name | Authentication type |
---|---|
BIOMETRIC2ACCEPT | Biometric identification via Authenticate App |
One-time passcode (OTP) | |
EMAILLINK | Link-to-Accept |
FIDO2 | Registered FIDO2 authenticator |
HELP | Help Desk OTP |
KBA | Knowledge-based answer |
NONE | No MFA method used |
OATH | Time-based one-time passcode (OATH-TOTP and OATH-HOTP) |
<OTHER> | Placeholder for custom integration |
<Empty or invalid value> | Empty or not valid MFA method NoteIf the |
PHONE | Voice OTP |
PIN | Personal identification number |
PUSHACCEPT | Push-to-Accept |
PUSHNOTIFICATION | Push OTP |
SMS | OTP |
SMSLINK | Link-to-Accept |
SYMBOL2ACCEPT | Symbol-to-Accept |
VIPCREDENTIAL | Symantec VIP |
YUBIKEY | Non-FIDO2 YubiKey |
Hover the mouse over a specific bar to see the total number of login attempts for the authentication method.
To see more detailed data about MFA logins, select the Authentication method tab.
User Profile Data tab
Select the User Profile Data tab to get insights into cloud profile data associated with each unique username. The list displays the total number of usernames with cloud profiles.
Note
For hybrid deployments, data only displays if you have a Microsoft Entra ID data store integrated in the Identity Platform.
To see the entire list, click View all. The list can be sorted by User, Access History, Digital Fingerprints, Push Tokens, and OATH Tokens.
Authentication Types tab
Select the Authentication Types tab to view the total number of enrolled mobile devices, enrolled authenticator devices, and push notifications blocked the user.
Enrolled Mobile Devices
Get insights into the number of mobile devices end users have enrolled to authenticate their access to applications. For example, an end user's smartphone or tablet.
You can change the view to past 24 hours, 7 days, 30 days, or year from today's date.
The list displays enrolled devices categorized by whether they are enabled for push notifications or time-based one-time password only. You can change the view to the total number of mobile devices per category or the percentage of mobile devices per category.
To see the entire list, click View all. The list can be sorted by Device Name, Device Type,User, Creation Date, Access Date, and Access Type in a given date range.
Click Export all enrollment data to CSV to download all saved enrollment data.
Enrolled Authenticator Devices
Get insights into the number of authenticator devices end users have enrolled to authenticate their access to applications. For example, an end user's YubiKey or FIDO device.
You can change the view to past 24 hours, 7 days, 30 days, or year from today's date.
The list displays the total number of authenticator devices enrolled and the total number of users with enrolled devices.
To see details and usage history for each enrolled authenticator device, click View all. The list can be sorted by Device Name, User, Auth Type, Creation Date, and Access Date in a given date range.
Click Export all auth devices data to CSV to download all saved data for enrolled authenticator devices.
Push Notifications Blocked by User
Provides data on the number of user-initiated block actions coming from specific IP addresses. A block action occurs when the end user chooses to block unknown login requests to their Authenticate app.
Block actions initiated by users for certain IP addresses are auto-unblocked after 24 hours.
Note
To see this data, you must enable the block feature in Multi-Factor Method settings.
For more information, see this KB article: How to block and unblock login requests in Authenticate.
To see the entire list, click View all. The list displays who initiated the block for a specific IP address. If you have one user that blocks more than one IP address, you can identify this user by their unique user ID and each source IP address will be unique.
To unblock and resume login requests coming from a specific IP address, click the trash can icon in the Unblock column.
Deployment Data tab
Select the Deployment Data tab to see the Platform Product Versions deployed with your Identity Platform tenant. The following are descriptions for each product service.
- Mobile Service
Maintains user mobile device and all other TOTP device enrollments and handles the authentication through those devices.
- Configuration Service
Maintains encrypted administrative settings of the Identity Platform. All features look to this service for their configuration settings.
- FIDO Service
Maintains user FIDO device enrollments and handles the authentication through those devices.
- Password Service
Maintains password deny lists and password restriction rules during a Self-service Password reset.
- IWA Service
Provides Single Sign-On (SSO) access to multiple applications or services via Windows credentials.
- Data Transport Service
Responsible for transporting user requests from the Identity Platform to either the SecureAuth Connector or the Cloud Provider Service depending on the data connection type. Also maintains user data related to Identity Platform features.
- Cloud Provider Service
Provides connection support to various cloud platforms including the Microsoft Entra ID (formerly Azure AD) data store and SCIM services. Does not have direct connection to the Identity Platform, requests are routed from the Data Transport Service.