I want to create a log of all activation / password changing related activity for users on my application.
Problem: Okta event hooks read from system log which is “global” in a sense and gathers all account activity information for all users in the okta instance. I need all users of only a single application.
Currently it doesn’t seem like there is a way to filter out activity by application. Is there?
So instead I thought of taking a polling approach where I query for all users under an application id.
Problem: Currently when querying users with application you have 4 fields to “filter” on, lastname, firstname, email, and username. This does not support filtering user info on time related fields.
has the available filters:
lastUpdated eq “yyyy-MM-dd’T’HH:mm:ss.SSSZ” - Users last updated before a specific timestamp
lastUpdated lt “yyyy-MM-dd’T’HH:mm:ss.SSSZ” - Users last updated at a specific timestamp
lastUpdated gr “yyyy-MM-dd’T’HH:mm:ss.SSSZ” - Users last updated after a specific timestamp
GET USERS BY APP ID
has the available “filtering”:
The value of q is matched against an application user profile’s userName, firstName, lastName, and email. Note: This operation only supports startsWith that matches what the string starts with to the query.
Really what I want to avoid is polling users from different applications in my organization that are using the same okta instance.