The Recent Activity page of the Okta End-User Dashboard displays sign-in and security event activity.
- Sign-ins provides end users with increased visibility into their account with a list of their most recent sign-in activity to Okta.
- Security Events provides end users with a list of recent security events from their Okta account.
Enable Recent Activity
In the Admin Console, go to Security > General.
Go to the Organizational Security section.
Select Enabled from the dropdown menu for Users can see Recent Activity.
After enabling this feature, end users can access their recent activity using either of the following methods.
- Click their name, then select Recent Activity.
- Click Last sign in: 1 hour ago on the navigation bar.
Sign-ins and Security Events details
- Sign-ins relies on a System Log event called user.authentication.verify. Okta logs this event when an end user signs in to Okta.
- Security Events logs primary and secondary email updates, password change events, factor enrollment events, and reset events from the most recent days.
Sign-ins provides end users with a summary of their most recent Okta account activity.
The last 100 sign-in attempts or all activity in the previous 30 day period.
Approximate locations for recent sign-in activity.
The devices used to sign in to Okta. Click any device to view recent sign-in details for that device.
- A Report link to send any suspicious activity directly to their Okta admin.
End users on Internet Explorer might experience alignment issues with the Sign-ins table. See Browsers.
After enabling this feature, there are no additional configuration settings. End users have access to the following account information.
The device used by the end user to sign in to Okta. When a user clicks this link, Okta displays detailed information for each sign-in event:
|Last Sign-in||The most recent time that the device was used to sign in.|
|Last Sign-in Location||The best effort or approximate location where the user signed in.|
The total sign-in count from this device.
|Report to admin||An option for the user to report potential suspicious activity directly to their admin.|
Security Events provides end users with a summarized list of recent security events inside their Okta account. This includes information about updates to primary and secondary email accounts, account password changes, and MFA Factor reset and enrollment.
- The three most recent security events appear as cards. These cards contain an overview of each security event.
Click the security event card to open a dialog with the event details. Users can also click Report to report suspicious activity to their Okta admin directly.
- To view more security events, click See all security events.
Security Events details
After enabling this feature, there are no additional configuration settings to configure. End users have access to the following Security Events information.
When a user clicks a security event, Okta displays detailed information for each event:
The Device, IP address, and Location information appear as Unknown if the original event didn't capture enough log information.