Okta
Last updated
Last updated
user.mfa.factor.activate - Active MFA factor (basically add device).
user.mfa.factor.deactivate - Remove MFA factor
user.account.reset_password - Reset password
user.session.start - Authentication attempt
device.user.add - Add MFA device (depends on factor).
user.authentication.sso - User clicks a tile in their assigned applications for SSO.
Using device inventory to look for deactivated or active devices.
MFA devices registered in Okta do NOT show up in Entra ID.
Successful Okta MFA logins do NOT show up as multifactor in sign-in logs.
Successful Okta MFA logins do NOT show up in AUDIT logs.
