I am excited to make full use of the Suspicious Activity Reporting feature in Okta so that end users can simply report suspicious activity at the click of a button. Right now we encourage our users to phone in to our 24x7 service desk which may not always be convenient or possible depending on the user situation.

What i would like to do as an alternative is insert the Report Suspicious Activity button into all end user Okta email notifications and have those events sent through to PagerDuty when our oncall staff can followup as high priority.

I understand i can use Event Hooks in Okta to make an outbound API call to PagerDuty for any events matching "user.account.report_suspicious_activity_by_enduser" in the system log. This would be awesome!

I went into PagerDuty and created an integration against our service to use the PagerDuty API directly against the "Events API v2".

I went into Okta and and created a new Event Hook and entered in the pagerduty public API URL and named it accordingly. I entered the Authentication field as "routing_key" following PagerDuty documentation. I entered in the Authentication secret as the PagerDuty Integration Key for my Integration. I entered in all relevent fields as tested through PagerDutys own API tester.

I subscribed to a random event (because i cant even see "user.account.report_suspicious_activity_by_enduser" listed in the dropdown box even though the doco says it should be) but then I just hit a brick wall because i need to do a one time verification that i own the API URL. Which i dont, as its public PagerDutys, and i guess i am stuck...

Has anyone successfully got Event Hooks to send to PagerDuty from Okta?