Suspicious Activity Reported

Trigger a flow when suspicious activity is reported in Okta API.


Field Definition Type
Date and Time Date and time the webhook event was published. String
Name Name of the user who reported suspicious activity. String
Email Email address of the reporter. String
User ID Unique identifier of the user. String
Suspicious Activity Details Details about the suspicious activity reported. String
Event Details Raw JSON payload returned from the Okta API for this particular event. Object
Headers Object representing the headers for the response; each key of the header will be parsed into a header string as "key: value" (Content-Type: text/plain). Object
Source Source of user-specific data. Object
Debug Context
Debug Data Information on the triggered event used for debugging; for example, returned data can include a URI, an SMS provider, or transaction ID. Object

While you can create additional user or group fields for an Okta event, the Okta API only supports four fields for Okta connector event cards: ID, Alternate ID, Display Name, and Type. Values will be returned for these four input fields only. No other fields are supported for users or groups, and data from such fields will not be returned by this event card.

Related topics

Okta connector

Elements of Workflows

Guidance for Okta connector

Okta API documentation