ALERT: Some images may not load properly within the Knowledge Base Article. If you see a broken image, please right-click and select 'Open image in a new tab'. We apologize for this inconvenience.

How to generate report of the Last Successful Login time for all users in PAM


Article ID: 224361


Updated On:


CA Privileged Access Manager (PAM)


How to get the Last Successful Login time for all users?


Release : 3.4.x, 4.x



REST API can be utilized to get lastSuccessfulLoginTime (Last Successful Log-in) data.

1. Enable External REST API from Configuration > Security > Access page

2. Assign API Key for a user, e.g. 'super' user

3. Go to Credentials > Manage Targets > Accounts and find 'super' user API Key target account. Notice the account name and view the password and copy the password.

4. Go to Settings > API Doc page now and click "List Operation" link for "users" item. And click the "Get all users" link.

5. On the "fields" parameter add ", lastSuccessfulLoginTime" value at the end

6. Click the [Try it out!] button at the bottom part. Login dialog will appear, key in the target account name and the password you have copied at item 3 above.

7. You will get the result like below. The lastSuccessfulLoginTime value is in epoch time. You can convert the value to date/time using epoch converter, e.g.