Bot protection reporting
Early Access release. See Enable self-service features.
Bot protection starts when user credentials are submitted for authentication. If the feature determines that the agent that clicked Next, Sign up, or Change password is a bot, it records the event in System Log.
The System Log event contains the following information:
-
Client IP address
-
Bot activity threshold
-
Whether remediation was applicable
-
If Okta Challenge was enforced, whether the user was verified or denied access
Remediation
If you determine that a valid user was prompted with Okta Challenge, you can add their network zone to the Default Exempt IP Zone. Gateway IPs that you add to DefaultExemptIpZone always have access to Okta resources, offering a bypass to IP and ASN session binding based on the client IP. You can add gateway IPs directly from the System Log event or by editing the zone.
-
In the Admin Console, go to .
- Find the event and IP address in the System Log.
- Hover over the IP to display the ... menu, and then select Add to zone.
- In the Add IP to zone dialog, select the following:
- Add to zone: Select the network zone to which to add the IP address. If you want to always allow traffic from this IP, select DefaultExemptIpZone. To always block traffic from this IP, select BlockedIpZone instead.
- IP type: Select from Proxy or Gateway. If you selected DefaultExemptIpZone, you can only add gateway IPs.
- Click Save.
When you edit a network zone, wait approximately 60 seconds for the change to propagate across all servers and take effect.