Detects users with a rate limit violation. Okta has several rate-limiting functions for API. In this check, we alert on system.org.rate_limit.violation and core.concurrency.org.limit.violation and we share which users contributed to the rate violation.

Recommended Actions

In most cases, these are service accounts from services that require tuning, such as Oort, Datadog, or Workday. Please check your organizational rate limits based on Okta API rate limit categories.

Consider the following actions: (1) Contact support of Okta to increase rate limit if the operation is required, (2) Contact support of product to see if events can be tuned, (3) Consider moving to EventBridge to collect events.

Compatibility

Okta