Continuous Access evaluation

Early Access release

Continuous Access monitors user sessions after the user authenticates to Okta. It evaluates the authentication and global session policies to identify changes in session context, such as these:

  • Changes in the IP address associated with the received web request.
  • Changes in the device context.

If Okta detects a context change, Continuous Access re-evaluates the session details. Okta records the user.session.context.change System Log event with the result of the evaluation.

You can configure Continuous Access to automatically take certain actions when it detects a global session policy violation, such as prompting users for multifactor authentication, signing users out of apps and Okta, or triggering a Workflow.

If you configure Continuous Access to respond to violations but turn this feature off, Okta doesn't launch any actions if it detects policy violations. Okta still logs session events and policy evaluation outcomes.

Continuous Access statistics appear on dashboard widgets, which present different information depending on how you’ve configured this feature. There are also reports that you can run and download that track violations over a given period of time. See Identity Threat Protection with Okta AI dashboard widgets and Identity Threat Protection with Okta AI reports.