Recent Activity

The Recent Activity page of the End-User Dashboard displays sign-in and security event activity.

  • Sign-ins provides end users with increased visibility into their account by summarizing a list of their most recent sign-in activity to Okta.
  • Security Events provides end users with a summarized list of recent security events from their Okta account.

Enable Recent Activity

  1. In the Admin Console, go to Security > General.

  2. Go to the Organizational Security section.

  3. Click Edit.

  4. Select Enabled from the dropdown associated with the Users can see Recent Activity field.

  5. Click Save.

Access Recent Activity

In the End-User Dashboard, you can access recent activity using either of the following methods:

  • Click your name, then select Recent Activity.
  • Click last sign in: 1 hour ago on the navigation bar.

Sign-ins and Security Events details

  • Sign-ins relies on a System Log event called user.authentication.verify. This event is fired when an end user signs in to Okta.
  • Security Events logs primary and secondary email updates, password change events, factor enrollment events, and reset events from the most recent days.

Sign-ins

Sign-ins provides end users with a summarized list of their most recent sign-in to Okta.

When enabled, users can do the following tasks:

  • View the last 100 sign-in attempts or activity up to the last 30 days.
  • View the information grouped by the device used to sign in to Okta.
  • Click a device link to view recent sign-in details.
  • View an approximate location for recent sign-in activity.
  • Report suspicious activity to their Okta admin directly.

Note that Sign-ins table may have some alignment issues on Internet Explorer. See Browsers.

Sign-ins information

After this feature is enabled, there are no additional settings to configure. End users have access to the following information about their account:

Device

The device used by the end user to sign in to Okta. When a user clicks this link, detailed information is displayed for each sign-in activity:

  • IP Address
  • Location
  • Time
  • Browser
  • Report: Users can click Report to report unrecognized activity directly to their org admin.
Last Sign-in The most recent time that the device was used to sign in.
Last Sign-in Location The best effort or approximate location where the user signed in.
Total Sign-ins

The total sign-in count from this device.

Report to admin An option for the user to report potential suspicious activity directly to their admin.

Security Events

Security Events provides end users with a summarized list of recent security events from their Okta account. Security Events provides information about updates to primary and secondary email accounts, account password changes, and MFA Factor reset and enrollment.

When enabled, users can do the following tasks:

  • View the last three recent security event cards, which contain an overview of each security event.
  • Click the security event card to open a dialog to see the event details. Users can also click Report to report suspicious activity to their Okta admin directly.
  • View more security events when they click See all security events.
  • See a message informing them that no information is available.


Security Events information

After this feature is enabled, there are no additional settings to configure. End users have access to the following Security Events information:

Security Events

When a user clicks a security event, detailed information is displayed for each security event:

  • Event
  • IP Address
  • Device
  • Browser
  • Location
  • Time
  • Report

Device, IP Address, and Location events may display Unknown if the original event doesn't capture enough log information.

Related topics

Suspicious Activity Reporting

Sign-on notifications for end users

Authenticator enrollment notifications for end users

Authenticator reset notifications for end users

Password changed notification for end users