Users receive unexpected Okta activation emails for an unknown tenant because the email addresses are added to a different Okta environment. Specifically, users receive an Okta invite to an Okta instance that is not part of the organization, and the invitation is entirely unexpected. To resolve this, administrators must open a support case with Okta to initiate a security investigation.

• Okta Identity Engine (OIE)
• Okta Classic Engine
• Security

An Okta tenant generates an automated invitation email when the email address (for example, <user@domain.com>) is added to the environment, resulting in a pending user action status.

What actions should an Okta Administrator take to investigate a user who received an unexpected activation email?

Initiate a security investigation regarding the unexpected tenant invitations by opening a support case.

1. Open a support case with Okta.
2. Request an investigation into the unauthorized tenant invitations.
3. Provide the unexpected tenant URL (for example, https://<subdomain>.okta.com/) and the affected email address (for example, <user@domain.com>) in the case details.

NOTE: To inquire why these accounts were created, contact the corresponding tenant administrators directly via the associated tenant help page or the associated company website contact page. Okta Security is unable to provide tenant details.