You are here: Okta-docs > Reports

Reports

The Reports page displays report data that details how your end usersIn Okta literature, we refer to "end users" as the people who have their own Okta home page (My Applications), using chiclets to authenticate into all of their apps. End users do not have any administrative control. When we refer to "users" we are generally referring to the individual(s) who have administrative control. leverage their Okta accounts. Data includes information such as appAn abbreviation of application. Essentially, it is a web-based site used to perform any number of specific tasks, and requires authentication from end users by signing in. usage and access, deprovisioning details, and the exposure of suspicious activity, including OpenID Connect events.

In addition to the generated reports, there are several System Log queries available.

Running Reports

To run any report, click the report name, enter the parameters at the top of the screen, and finally click Run Report. After running a report, click the Download CSV link to obtain a cvs version.

Available Reports

The following reports are available from this page.

Okta Usage

The Okta Usage report contains data about who has signed into Okta during a specified time range.

Okta Password Health

The Okta Password Health report produces a CSV-formatted file that shows the user, login, status, activation date, authentication source, last login, and last password change. The authentication source can be Okta, AD, or LDAP. To create the file, click the Okta Password Health link.

You can user this report to monitor the progress of a password change request that you issue to your Okta end usersIn Okta literature, we generally refer to "users" as the people who serve as Okta administrators. When we refer to "end users" we are generally referring to the people who the administrators serve. That is, those who use Okta chiclets to access their apps, but have no administrative control.. For more information, see Password Reset for Okta Mastered Users.

Application Usage

The Application Usage report contains data about how much an application is being used by user/group over a specified time range. To run the report, click the report name.

This section provides reporting on which applications each user had access to during a specified time period. It differs from Application Usage in that "Usage" shows how much an application is being used during a given period of time. This report now includes the last sign in and last password change information.

Note: In a SWAAn acronym for Secure Web Authentication. SWA is a SSO system developed by Okta to provide single sign-on for apps that don't support proprietary federated sign-on methods or SAML. Users can enter their credentials for these apps on their homepage. These credentials are stored such that users can access their apps without entering their credentials each time. When users first sign-in to a SWA app from their homepage, they see a pop-up message asking if they were able to sign-in successfully. app in which the user sets the username and password, the last login time and last app password reset are not captured if the user goes directly into the app.

Applications Access Audit

This is an Early Access feature. To enable it, please contact Okta Support.

The Applications Access Audit section contains the following two reports: Current Assignments and Recent Unassignments..

  • Current Assignments

    The Current Assignments report contains data about how an application is being used over a specified time range. It shows which users are assigned a specified app and all the apps assigned to a specified user. This report is not recommended for apps with more than 50,000 assigned users, as downloading the CSV report may take up to 15 minutes. If you navigate away from the download page, the download stops.

  • Recent Unassignments

    The Recent Unassignments report shows which users were unassigned from an app for a specified period. Enter an app by typing the first letter of the app and then selecting from the list that appears, and then enter the beginning and ending dates for the report. You can only run this report for one app at a time. Downloading the CSV report may take up to 3 minutes. If you navigate away from the download page, the download stops.

MFA Usage

The MFA Usage report details Multifactor Authentication status and usage. This report shows all the MFA factors in Okta and the usage, by user. A user can have multiple entries in this report, if that user has many MFA factors configured. You can run the report for all users or for a single user. If you do not enter a user, selecting Run Report generates the report for all users.

Yubikey Report

The Yubikey report shows Yubikey usage for a specified period.

Suspicious Activity

The Suspicious Activity report contains data about suspicious events such as failed logins and locked out users over a specified time range. The report includes information about the time, login (user), clientEssentially, a client is anything that talks to the Okta service. Within the traditional client-server model, Okta is the server. The client might be an agent, an Okta mobile app, or a browser plugin. IP (user computer), and type of suspicious event that occurred.

Deprovision Details

The Deprovision Details report contains data about all assignments that have been deprovisioned over a specified time range.

SMS Usage

The SMS Usage report contains data about the SMS usage for the orgAn abbreviation of organization, but can also be thought of as a company. A company that uses Okta as their SSO portal is generally referred to as an org. As an administrator, you decide how Okta should be displayed and/or integrated with your org..