Suspicious Activity Reported
Trigger a flow when suspicious activity is reported in Okta API.
Scopes
See event cards for the list of required OAuth scopes needed by this card.
Output
| Field | Definition | Type |
|---|---|---|
|
Date and Time |
Date and time the webhook event was published. |
Text |
|
Name |
Name of the user who reported suspicious activity. |
Text |
|
|
Email address of the reporter. |
Text |
|
User ID |
Unique identifier of the user. | Text |
|
Suspicious Activity Details |
Details about the suspicious activity reported. |
Text |
|
Event Details |
Raw JSON payload returned from the Okta API for this particular event. |
Object |
|
Headers |
Object representing the headers for the response; each key of the header will be parsed into a header string as "key: value" ( |
Object |
|
Source |
Source of user-specific data. |
Object |
|
Debug Context |
||
|
Debug Data |
Information on the triggered event used for debugging; for example, returned data can include a URI, an SMS provider, or transaction ID. |
Object |
While you can create more user or group fields for an Okta event, the Okta API only returns values for four fields: ID, Alternate ID, Display Name, and Type.
No other fields are supported for users or groups, and this event card doesn't return data from such fields.