Okta administrator role assigned to user

Set up the okta integration.

This page is not yet available in Spanish. We are working on its translation.
If you have any questions or feedback about our current translation project, feel free to reach out to us!

Goal

Detect when administrative privileges are provisioned to an Okta user.

Strategy

This rule lets you monitor the following Okta event to detect when administrative privileges are provisioned:

  • user.account.privilege.grant

Triage and response

  1. Contact the Okta administrator: {{@usr.email}} to confirm that the user or users should have administrative privileges.
  2. If the change was not authorized, verify there are no other signals from the Okta administrator: {{@usr.email}}.
PREVIEWING: esther/docs-9478-fix-split-after-example