<iframe src="https://www.googletagmanager.com/ns.html?id=GTM-M74D8PB" height="0" width="0" style="display:none;visibility:hidden">
Loading
Skip to NavigationSkip to Main Content
System Status
Announcements
Announcements
Search
Search
Select Language
Knowledge Base
Knowledge Articles
Support Videos ↗
Documentation
Product Documentation ↗
Developer Documentation ↗
Product Release Notes ↗
Community
Events & Webinars
Okta Ideas ↗
Resources
Product Hub
Customer Success Hub
Product Release Update
Learning
Okta Learning ↗
Get Support
Open a Case
HomeCommunityForum
0D54z0000AE6oEiCQJOkta Classic EngineIdentity GovernanceAnswered2025-09-24T09:00:13.000Z2024-08-22T19:14:09.000Z2024-08-23T18:52:17.000Z

altv8 (altv8) asked a question.

August 22, 2024 at 7:14 PM
Okta access requests log event questions

Looking to get a better understanding of Okta access requests, particularly around their event logs.

Okta access request documentation: https://help.okta.com/oie/en-us/content/topics/identity-governance/access-requests/ar-overview.htm

 

Per API event types documentation, I see there are events for a few actions, such as creation of an access request, rejection, expiration. All these events appear to be under names like access.request.* . I’m not seeing an event name in this list for the act of approving an access request - does approving an access request trigger an event that gets logged by Okta? If so, what’s the event name?

Secondly, is there any way to correlate an access request to the temporary addition to a group that supplies the new permissions to the user per the request? I'm aware there are logs for group membership additions, but I’m wondering if there’s any identifiable piece of data from the log event generated from the access request that can be used to correlate with the group membership addition log event.

API events documentation: https://developer.okta.com/docs/reference/api/event-types/

 

Thanks in advance!

  • 2 answers
  • 494 views
AngelC.60954 likes this.

  • Mihai N. (Okta, Inc.)

    Hi @altv8 (altv8)​ , Thank you for reaching out to the Okta Community! 

     

    While I admit this is not my area of expertise, I ran this by my OIG colleagues and got the following information for you: 

     

    I’m not seeing an event name in this list for the act of approving an access request - does approving an access request trigger an event that gets logged by Okta? If so, what’s the event name?

    No event for this currently. Possible implementation in the future, but no ETA yet. 

     

     

    Secondly, is there any way to correlate an access request to the temporary addition to a group that supplies the new permissions to the user per the request? I'm aware there are logs for group membership additions, but I’m wondering if there’s any identifiable piece of data from the log event generated from the access request that can be used to correlate with the group membership addition log event.

    Also no event for this one, the closest thing would be to use the public API to fetch more info about the request using the request ID in the Okta System logs event.

     

     

    I also recommend checking in with the OIG Discussion group for anything OIG related. 

     

     

    If my answer helped, remember to mark it as best to increase its visibility for other members of the Okta Community who might have the same questions as you. 

     

    Hope my answer helps! 

     

    --

    Ask Us Anything thru 9/3 Okta’s New MFA Requirement for Admin Console Access

    Expand Post
    Selected as Best

  • Mihai N. (Okta, Inc.)

    Hi @altv8 (altv8)​ , Thank you for reaching out to the Okta Community! 

     

    While I admit this is not my area of expertise, I ran this by my OIG colleagues and got the following information for you: 

     

    I’m not seeing an event name in this list for the act of approving an access request - does approving an access request trigger an event that gets logged by Okta? If so, what’s the event name?

    No event for this currently. Possible implementation in the future, but no ETA yet. 

     

     

    Secondly, is there any way to correlate an access request to the temporary addition to a group that supplies the new permissions to the user per the request? I'm aware there are logs for group membership additions, but I’m wondering if there’s any identifiable piece of data from the log event generated from the access request that can be used to correlate with the group membership addition log event.

    Also no event for this one, the closest thing would be to use the public API to fetch more info about the request using the request ID in the Okta System logs event.

     

     

    I also recommend checking in with the OIG Discussion group for anything OIG related. 

     

     

    If my answer helped, remember to mark it as best to increase its visibility for other members of the Okta Community who might have the same questions as you. 

     

    Hope my answer helps! 

     

    --

    Ask Us Anything thru 9/3 Okta’s New MFA Requirement for Admin Console Access

    Expand Post
    Selected as Best

    • altv8 (altv8)

      Thank you for the detailed response!

This question is closed.
Loading
Okta access requests log event questions