A web application that audits Okta administrator accounts in real time โ surfacing inactive admins, flagging privilege anomalies, and showing last-action timestamps so IT teams can enforce least-privilege access without manual digging.
In most Okta tenants, administrator access accumulates over time. Someone gets elevated for a one-off task and never gets downgraded. A contractor leaves but their account stays active with super-admin privileges. A role is assigned "temporarily" and then forgotten.
The standard Okta admin console gives you a list of admins โ but no context. No last-login date, no last action, no flag for accounts that haven't touched anything in 90 days. Doing a proper admin audit manually meant cross-referencing the system log, the admin list, and individual account details one by one.
The app pulls all admin-role assignments from the Okta API, enriches each account with last-login and last-action data from the System Log, and presents everything in a clean dashboard โ sortable by role level, last activity, and account status.
What used to be a multi-hour manual process โ cross-referencing the admin list against the system log โ became a 30-second dashboard check. The team can now run admin audits on demand, before any compliance review, or as part of a quarterly access review process.
The first audit using the tool identified 4 accounts with elevated privileges that should have been downgraded months earlier โ including one belonging to a former contractor whose account had never been fully deactivated.