Suspicious Activity Reported
Trigger a flow when suspicious activity is reported in Okta API.
Scopes
See Event cards for the list of required OAuth scopes needed by this card.
Output
| Field | Definition | Type |
|---|---|---|
| Date and Time | Date and time the webhook event was published. |
Text |
| Name | Name of the user who reported suspicious activity. |
Text |
| Email address of the reporter. |
Text |
|
| User ID |
Unique identifier of the user. |
Text |
| Suspicious Activity Details | Details about the suspicious activity reported. |
Text |
| Event Details | Raw JSON payload returned from the Okta API for this particular event. |
Object |
| Headers | Object representing the headers for the response; each key of the header will be parsed into a header string as "key: value" (Content-Type: text/plain). |
Object |
| Source | Source of user-specific data. |
Object |
|
Debug Context |
||
| Debug Data | Information on the triggered event used for debugging; for example, returned data can include a URI, an SMS provider, or transaction ID. |
Object |
While you can create more user or group fields for an Okta event, the Okta API only returns values for four fields: ID, Alternate ID, Display Name, and Type.
No other fields are supported for users or groups, and this event card doesn't return data from such fields.