Okta is an identity solution used as a single sign-on (SSO) for logging into multiple platforms at once. For prerequisites and installation steps see Okta Quick Start Setup Guide.


Cisco Cloudlock monitors Okta in the following policy:

User Events and Behavior Analytics (UEBA)

  • Build Your Own: Event Analysis

Response Actions

In addition to the Global Response Actions available in all platforms, Okta also has one unique Response Action:

Add User to Group

Adds the user who violated the policy to a specified Okta group.

Incident Examples

Event Analysis Policy Incident

Event Analysis Policy Incident


Suggested Edits are limited on API Reference Pages

You can only suggest edits to Markdown body content, but not to the API spec.