Suspicious Activity Reporting for End Users
This is a Beta feature. To see about participating in this Beta program, please refer to the Beta Programs page.
This feature provides end usersIn Okta literature, we generally refer to "end users" as the people who have their own Okta home page (My Applications), using chiclets to authenticate into all of their apps. End users do not have any administrative control. When we refer to "users" we are generally referring to the individual(s) who have administrative control. with an option to notify their orgThe Okta container that represents a real-world organization. adminAn abbreviation of administrator. This is the individual(s) who have access to the Okta Administrator Dashboard. They control the provisioning and deprovisioning of end users, the assigning of apps, the resetting of passwords, and the overall end user experience. Only administrators have the Administration button on the upper right side of the My Applications page. of any unrecognized or suspicious activity on their account by submitting a report via an email notification. The submitted report contains activity details such as browser type, OS, location, and IP address.
2. User Roles
|Okta admins (Super admins and Org admins)|
To use this feature, your Okta preview tenant must have the feature flag enabled:
Note: You will be informed via email once the feature flag has been enabled on your preview account.
- Sign in to the Okta admin console.
Navigate to Settings > Email & SMS. The Email & SMS Customization page is displayed.
From the left navigation menu, scroll down to Other.
Edit one or all of the following templates, each which contain a new section with a link that provides users with the option to report unrecognized activity:
- New Device Notification
- MFA Factor Enrolled
- MFA Factor Reset
Once this feature is configured, admins will receive an email notification when the report is submitted by an end user.
Note: To view details in the system log, click Review Security Event. The event name is: