Sign-on notifications for end users

When enabled, this email notification notifies end users of any sign-in activity. The email contains user sign-on details such as the web browser, operating system used to sign in, and time and location of authentication.

Important Note


New sign-on notification emails complement other security features such as multifactor authentication and should not act as a replacement. In most scenarios, clients are easily and accurately identified but there are some limitations.

HealthInsight task recommendation

Configure network block listing to deny access from known malicious IP addresses or locations from your Okta tenant.

Okta recommends

Enable this email notification so end users are informed about new sign-on activity, which can inform them if a different user has signed in to their account.

Security impact


End-user impact


End users receive an email notification if they sign in from a new or unrecognized client.

Known limitations

Currently, new sign-on notifications do not use Improved New Device Behavior Detection when sending email notifications for new sign-ins. Changes to deviceToken or browser cookies may not trigger a new sign-on email notification.

Enable sign-on notification emails for end users

  1. From the Admin Console, navigate to Security > General.
  2. Under Security Notification Emails, click Edit.
  3. Set New sign-on notification email to Enabled.

    Enabling notifications so that end users receive an email for each sign-in to their org.

  4. Click Save to continue.

Related topics

HealthInsight tasks and recommendations

About Network Zones

Configure Okta ThreatInsight

Password changed notification for end users

Factor enrollment notifications for end users

Factor reset notifications for end users

General Security