You would like to review 3rd-party application usage and data access requests.
As your organization's administrator, you can use the audit and investigation page to run searches related to OAuth log events. There, you can view a record of actions to review which users are using which third-party mobile or web applications in your domain. For example, when a user opens a Google Workspace Marketplace app, the log records the name of the app and the person using it.
- Sign in to the Admin console.
- Navigate to Reporting > Audit and investigation > OAuth log events.
- Click Add a filter, and then select an attribute.
- In the pop-up window, select an operator, select a value, click Apply.
- (Optional) To create multiple filters for your search:
- Click Add a filter and repeat step 3.
- (Optional) To add a search operator, above Add a filter, select AND or OR.
- Click Search.