website/docs/endpoint-devices/device-compliance/device-reporting.md
Endpoint Devices registered with authentik via a connector, such as the authentik Agent connector, regularly check-in with authentik and report their device facts.
These facts are shown on the Devices page and are also accessible to policies and can be used to make policy decisions. See Device Compliance Policy for more details.
When a device registered with authentik reports its device facts, this is called a device check-in. These check-ins occur on a regular configurable schedule and can also be set to occur whenever a device is associated with an Endpoint stage.
Device facts are informational snippets about a device, such as its operating system, serial number, installed applications, running processes, and more. These facts are supplied to authentik flows via the authentik browser extension to be used in making policy decisions. For example, you can create a policy that only allows endpoint devices that are running a recent OS version to access an application.
JL: the facts are supplied either by ak-sysd or from other connectors, and the browser extension is only used to associate the device the user is using with the device in the authentik database
This feature is still in development and will be announced soon.
For an example of the facts provided for a Linux device, see here.
Authentication events involving endpoint devices are included in the event logs. For example:
To search for event logs matching a specific endpoint device:
context.device.name = "<device_name>"For more information on searching the events logs, see Logging events.