This article clarifies how long Okta Identity Governance data is retained in Okta.
- Access Requests
- Access Certifications
- Entitlement Management Report
- Okta Identity Governance Reports
Governance Reports: Okta Identity Governance Reports provide a high-level overview of Past Access Requests and Access Certifications and are available for up to three years. To retain data beyond three years, export the reports to a CSV file.
Access Requests: The Access Requests UI and API display detailed request information for the past 12 months. To view high-level summaries of requests older than 12 months, use the Governance Reports.
Access Certifications: Full campaign details remain visible in the Admin UI, Reviewer UI, and API for the past 12 months. To view high-level summaries of certification data older than 12 months, use the Governance Reports.
System Log: Transactional data and logs resulting from Access Requests or Access Certification Reviews can be found in the Okta System Log. As a reminder, the Okta System Log retains transactional data and logs for 90 days. To retain logs for a longer period, integrate the Okta tenant with a Security Information and Event Management (SIEM) solution.
