Suspicious Activity Reported

Trigger a flow when suspicious activity is reported in Okta API.

Output

Field Definition Type
Date and Time Date and time the webhook event was published. String
Name Name of the user who reported suspicious activity. String
Email Email address of the reporter. String
User ID

Unique identifier of the user.

String
Suspicious Activity Details Details about the suspicious activity reported. String
Event Details Raw JSON payload returned from the Okta API for this particular event. Object
Headers Object representing the headers for the response; each key of the header will be parsed into a header string as "key: value" (Content-Type: text/plain). Object
Source Source of user-specific data. Object
Debug Context
Debug Data Information on the triggered event used for debugging; for example, returned data can include a URI, an SMS provider, or transaction ID. Object

While you can create additional user or group fields for an Okta event, the Okta API only returns values for four fields: ID, Alternate ID, Display Name, and Type.

No other fields are supported for users or groups, and data from such fields isn't returned by this event card.

Related topics

Okta connector

Workflow elements

Guidance for Okta connector

Okta API documentation