<iframe src="https://www.googletagmanager.com/ns.html?id=GTM-M74D8PB" height="0" width="0" style="display:none;visibility:hidden">
Loading
Skip to NavigationSkip to Main Content
System Status
Announcements
Announcements
Search
Search
Select Language
Knowledge Base
Knowledge Articles
Support Videos ↗
Documentation
Product Documentation ↗
Developer Documentation ↗
Product Release Notes ↗
Community
Events & Webinars
Okta Ideas ↗
Resources
Product Hub
Customer Success Hub
Product Release Update
Learning
Okta Learning ↗
Get Support
Open a Case
HomeKnowledge Base
Okta-Integrations Showing as the RawUserAgent with Okta IPs
Jan 16, 2026
Administration
Okta Classic Engine
Okta Identity Engine
Overview

Users may observe login events or other activities in the System Logs where the RawUserAgent displays as Okta-Integrations. These events often appear to originate from Okta IP addresses and may be flagged by administrators as suspicious.

 

This is the event that is displayed in the Okta System Log when Okta services communicate internally:

 

Okta-Integrations

Applies To
  • System Log
Cause

  • This occurrence is expected behavior.

  • Okta-Integrations is the RawUserAgent that facilitates communication within Okta internal systems.

  • Login events to the Admin Console display multiple occurrences of this behavior, including administrators who appear to sign in from an Okta IP.

Solution

Follow these steps to verify that the event is a legitimate internal Okta communication:

  1. Identify the IP address associated with the Okta-Integrations event in the System Log.

  2. Compare the IP address against the official Okta IP address allowlist.

  3. If the IP address is listed in the allowlist, the event is a valid internal system process, and no further action is required.

 

 

 

 

Recommended content

Still looking for help?
Loading
Okta-Integrations Showing as the RawUserAgent with Okta IPs