Okta incident

Issue with 3rd party connectivity

Minor Resolved View vendor source →
Started
Apr 22, 2026, 04:08 PM UTC
Resolved
Apr 29, 2026, 10:42 PM UTC
Duration
7d 6h
Detected by Pingoru
Apr 22, 2026, 04:08 PM UTC

Affected components

okta-emea.com cell 1okta.com cell 1okta.com cell 2okta.com cell 3okta.com cell 4okta.com cell 6okta.com cell 7okta.com cell 8okta.com cell 9okta.com cell 11okta.com cell 12okta.com cell 14okta.com cell 16okta.com cell 17okta.com cell 18okta.com cell 19oktapreview.com cell 1oktapreview.com cell 2oktapreview.com cell 3Third Party

Update timeline

  1. resolved Apr 22, 2026, 04:08 PM UTC

    On April 22, 2026, at 9:08 AM PT, we confirmed a third-party incident occurred with the Device Trust SAML authentication flow resulting in some users being redirected to an incorrect service provider between approximately 8:24 and 8:30am PT. This behavior originated from Kolide, a third-party middleware integration used for device trust signals and was isolated to organizations that use that specific security layer. While this resulted in users receiving 400 errors and being unable to access their intended applications, our investigation confirms that users were unable to access unauthorized applications or environments. Mitigation was in place by 8:30 AM PT, restoring service. A full root cause analysis will be forthcoming.

  2. resolved Apr 29, 2026, 10:42 PM UTC

    We sincerely apologize for any impact this incident has caused to you, your business, or your customers. At Okta, trust and transparency are our top priorities. Outlined below is the RCA summary for a recent incident where a third-party provider or downstream service experienced an issue that impacted the Okta service. We are committed to implementing improvements to the service to prevent similar occurrences. Detection and Impact: Customers using the third-party service Kolide began reporting that attempts to sign in to their orgs redirected to an unrelated tenant and received an HTTP 400 error with the message “Login Failed - 400: Bad Request Error Code: GENERAL_NONSUCCESS” Root Cause Summary: Kolide has confirmed for Okta that an incident occurred with their Device Trust SAML authentication system, resulting in some users being redirected to an incorrect service provider after completing authentication. This resulted in users receiving a 400 error. Kolide reported that users were unable to access their intended application, any unauthorized applications, or any unauthorized environments. Remediation Steps: Okta Support advised customers that they could temporarily disable their Kolide integrations to allow their users to successfully access their services. Timing: Kolide reports: Incident start: April 22, 2026, at 8:24 AM PDT Incident resolved: April 22, 2026, at 8:30 AM PDT Duration (# of minutes): 6 Minutes

Looking to track Okta downtime and outages?

Pingoru polls Okta's status page every 5 minutes and alerts you the moment it reports an issue — before your customers do.

  • Real-time alerts when Okta reports an incident
  • Email, Slack, Discord, Microsoft Teams, and webhook notifications
  • Track Okta alongside 5,000+ providers in one dashboard
  • Component-level filtering
  • Notification groups + maintenance calendar
Start monitoring Okta for free

5 free monitors · No credit card required