Supported editions for this feature: Education Plus. Compare your edition
As an administrator, you can give designated users access to Classroom analytics for direct visibility into student performance and engagement in their organization. Classroom analytics is useful for educational leaders and specialists to get better visibility into Classroom data, including if assignments are being completed, how grades are trending, and how Classroom is being adopted. These designated users will be able to view analytics at the organization or organizational unit level.
Note: Teachers will automatically have access to a view of student analytics for classes in which they are a teacher or co-teacher. Administrators do not need to take any action to enable the teacher view.
Set up access to Classroom analytics
Create an admin role with the View analytics data for users and their classes privilege and assign it to designated users or security groups. Also, you can restrict access to users and classes by organizational unit.
Google Admin Console: Designate users with analytics data access in Google Classroom
Step 1: Create a custom admin role
-
Sign in to your Google Admin console.
Sign in using your administrator account (does not end in @gmail.com).
-
In the Admin console, go to Menu AccountAdmin roles.
- Click Create new role.
- Enter a name and, optionally, a description for the role and click Continue.
- From the Privilege Name list, at Classroom, check the View analytics data for users and their classes box.
- Click Continue.
- Click Create role.
Note: You can add other privileges to this role. For example, if you have the same users assigned the Manage Classes privilege, you can add both privileges to one custom admin role.
Continue to Step 2 to assign the custom admin role to users or security groups.
Step 2: Assign the custom admin role to a user or security group
-
Sign in to your Google Admin console.
Sign in using your administrator account (does not end in @gmail.com).
-
In the Admin console, go to Menu AccountAdmin roles.
- Click the custom admin role you created AdminsAssign members.
- Enter the first few letters of the email address of the user or the security group and select the address from the list.
- (Optional) To limit access to an organizational unit, click Edit , select an organizational unit, and click Done.
Note: If you want to grant a user access to both student and class data, make sure to select organizational units for both students and the staff who are primary teachers in the classes.
- Click Assign role.
To grant access to more than one organizational unit, follow the steps in Assign or unassign the role for multiple organizational units on this page.
After you assign the custom admin role to a user or a security group, they can view Classroom analytics in Classroom. Note that data might take up to 24 hours to update in analytics dashboards.
What data do designated users see?
The data that appears in the analytics dashboards is limited to:
- Classes that are not archived
- Classes have activity in the past 365 days
- Students enrolled in classes that are not archived and have activity in the past 365 days.
If access is limited to an organizational unit, the data that designated users can see depends on which organizational units are selected. Designated users can see the following data for users in selected organizational units:
- Individual student data for users in the organizational unit that are students in a class (for example, a student’s assignment completion across all their classes)
- Data on classes whose primary teacher is a user in the organizational unit (for example, assignment completion for the class and individual student data in that class)
For users to access all analytics dashboards, both student and class-level, it’s recommended that both staff and student organizational units are selected.
If you want the designated admin to access | Recommended organization unit access |
---|---|
Both student and class data for specific organizational units (recommended) |
Select both:
|
Only class data, no individual student data | Select staff organizational unit |
Only student data, no class data | Select student organizational unit |
Assign or unassign the role for multiple organizational units
Repeat Step 2 above and select a different organizational unit each time to grant a user or security group access to more than one organizational unit.
In the Admins list, the user or security group name appears separately for each organizational unit they can access.
Or, you can follow these steps:
-
Sign in to your Google Admin console.
Sign in using your administrator account (does not end in @gmail.com).
-
In the Admin console, go to Menu DirectoryUsers.
- Click the user’s nameAdmin roles and privileges.
- At the custom admin role you created, under Scope of role, click Edit .
- Do one of the following:
- To select an organizational unit, check the box for the organizational unit.
- To unselect an organizational unit, uncheck the organizational unit box.
- Click Done.
- Click Save.
Manage the custom admin role using APIs
Instead of assigning the custom admin role to users and security groups manually in the Admin Console, you can designate access to Classroom analytics using APIs. To do so, review the developer guide on automating the process: Developer Guide - Access to Classroom analytics.
Manage sensitive information
You can control access to sensitive information and resources using security groups. You can create a new security group or update an existing group by adding the security setting. For details, go to Control access to sensitive data with security groups.
Remove Classroom analytics access permissions
-
Sign in to your Google Admin console.
Sign in using your administrator account (does not end in @gmail.com).
-
In the Admin console, go to Menu DirectoryUsers.
- Click the user’s or the group’s nameAdmin roles and privileges.
- At the custom admin role you created, under Assigned state, click Assigned .
- Click Save.
Note: If the role was assigned to a security group, removing users from the security group also removes their access permissions.