Mantenha tudo organizado com as coleções
Salve e categorize o conteúdo com base nas suas preferências.
Registros de atividade
Neste documento, descrevemos como usar o Cloud Logging para geração de registros de atividades com o
Identity Platform.
Como ativar a geração de registros de atividades
O registro de atividades é desativado por padrão. É possível ativar a geração de registros de atividades
no console do Google Cloud ou usando a API REST:
Como ativar o registro de atividades para projetos de locatário
O registro de atividades para projetos de locatário é desativado por padrão. É possível ativar
a geração de registros de atividades para projetos de locatário usando a API REST executando o seguinte comando:
Selecione Identity Toolkit Project ou Identity Toolkit Tenant na lista suspensa de recursos. Se você estiver usando a multilocação, poderá mostrar todos os locatários ou filtrar a um específico.
Operações registradas
A tabela a seguir lista as operações de API que podem produzir registros de atividades:
O Logging fornece ferramentas para desativar o processamento de registros ou excluir as entradas de registro que você não quer. Para saber mais informações sobre como
excluir determinados registros, consulte Exclusões de registros.
O exemplo a seguir mostra como excluir registros para os métodos somente leitura GetAccountInfo() e GetProjectConfig():
[[["Fácil de entender","easyToUnderstand","thumb-up"],["Meu problema foi resolvido","solvedMyProblem","thumb-up"],["Outro","otherUp","thumb-up"]],[["Difícil de entender","hardToUnderstand","thumb-down"],["Informações incorretas ou exemplo de código","incorrectInformationOrSampleCode","thumb-down"],["Não contém as informações/amostras de que eu preciso","missingTheInformationSamplesINeed","thumb-down"],["Problema na tradução","translationIssue","thumb-down"],["Outro","otherDown","thumb-down"]],["Última atualização 2025-08-11 UTC."],[[["\u003cp\u003eActivity logging, which tracks user requests like registration and sign-in, is disabled by default and can be enabled via the Google Cloud console or REST API.\u003c/p\u003e\n"],["\u003cp\u003eEnabling activity logging for both main and tenant projects is possible, but it can impact billing, so consulting Google Cloud Observability pricing is recommended.\u003c/p\u003e\n"],["\u003cp\u003eActivity logs can be viewed through the Logs Explorer in the Google Cloud console by selecting either "Identity Toolkit Project" or "Identity Toolkit Tenant" in the resource dropdown.\u003c/p\u003e\n"],["\u003cp\u003eEach log entry includes details such as the log name, resource, service name, and the logged request or response (\u003ccode\u003eprotoPayload\u003c/code\u003e).\u003c/p\u003e\n"],["\u003cp\u003eCertain log entries can be excluded from ingestion, for example, logs for the read-only methods \u003ccode\u003eGetAccountInfo()\u003c/code\u003e and \u003ccode\u003eGetProjectConfig()\u003c/code\u003e.\u003c/p\u003e\n"]]],[],null,["# Activity logging\n================\n\nThis document describes how to use Cloud Logging for activity logging with\nIdentity Platform.\n| **Note:** *Activity logging* refers to requests made by your app's users, such as registration or sign-in requests. To log requests made by administrators, see [Audit logging](/identity-platform/docs/audit-logging).\n\nEnabling activity logging\n-------------------------\n\nActivity logging is disabled by default. You can enable activity logging\nthrough the Google Cloud console or by using the REST API: \n\n### Console\n\n1. Go to the **Settings** page in the Google Cloud console. \n\n [Go to Settings](https://console.cloud.google.com/customer-identity/settings) \n\n2. Under **User activity logging** , select **Enable**.\n\n3. Click **Save**.\n\n### REST\n\n```bash\ncurl -d \"{'monitoring':{'requestLogging':{'enabled':true}}}\" \\\n -H \"Authorization: Bearer $(gcloud auth print-access-token)\" \\\n -X PATCH -H 'Content-Type: application/json' \\\n https://identitytoolkit.googleapis.com/admin/v2/projects/PROJECT_ID/config?updateMask=monitoring.requestLogging.enabled\n```\n\nReplace \u003cvar translate=\"no\"\u003ePROJECT_ID\u003c/var\u003e with the project ID.\n\nEnabling activity logging can affect your billing. See\n[Google Cloud Observability pricing](/stackdriver/pricing) to learn more.\n\nEnabling activity logging for tenant projects\n---------------------------------------------\n\nActivity logging for tenant projects is disabled by default. You can enable\nactivity logging for tenant projects, using the REST API, by executing the following command: \n\n```bash\ncurl -d \"{'monitoring':{'requestLogging':{'enabled':true}}}\" \\\n -H \"Authorization: Bearer $(gcloud auth print-access-token)\" \\\n -X PATCH -H 'Content-Type: application/json' \\\n https://identitytoolkit.googleapis.com/v2/projects/PROJECT_ID/tenants/TENANT_ID?updateMask=monitoring.requestLogging.enabled\n```\n\nReplace the following:\n\n- \u003cvar translate=\"no\"\u003ePROJECT_ID\u003c/var\u003e: the project ID.\n- \u003cvar translate=\"no\"\u003eTENANT_ID\u003c/var\u003e: the tenant ID.\n\nEnabling activity logging can affect your billing. See\n[Pricing for Google Cloud Observability](/stackdriver/pricing) to learn more.\n\nViewing activity logs\n---------------------\n\nWhen Logging is enabled, a log entry is generated for each\nuser request. Each log entry includes the following fields:\n\nYou can see your project or tenant's activity logs using the\n[Logs Explorer](/logging/docs/view/logs-explorer-interface). To view logs:\n\n1. In the Google Cloud console, go to the **Logs Explorer** page.\n\n [Go to the Logs Explorer page](https://console.cloud.google.com/logs)\n2. Select **Identity Toolkit Project** or **Identity Toolkit Tenant** from the\n resources dropdown. If you're using [multi-tenancy](/identity-platform/docs/multi-tenancy),\n you can show all tenants, or filter to a specific one.\n\nLogged operations\n-----------------\n\nThe follow table lists the API operations that can produce activity logs:\n\n### Excluding operations\n\nLogging gives you tools to disable log ingestion or exclude log\nentries you don't want. For more information about how to exclude certain logs,\nsee [Logs Exclusions](/logging/docs/exclusions).\n\nThe following example shows how to exclude logs for the read-only\n`GetAccountInfo()` and `GetProjectConfig()` methods: \n\n resource.type=\"identitytoolkit_project\"\n (\n jsonPayload.methodName=\"google.cloud.identitytoolkit.v1.AccountManagementService.GetAccountInfo\"\n OR\n jsonPayload.methodName=\"google.cloud.identitytoolkit.v1.ProjectConfigService.GetProjectConfig\"\n )"]]
