Okta Outage History

Internal monitoring confirmed that the OP1 environment has fully recovered and is operating normally. A full Root Cause Analysis (RCA) will be made available within 5 days. We apologize for any disruption this may have caused.

On April 22, 2026, at 9:08 AM PT, we confirmed a third-party incident occurred with the Device Trust SAML authentication flow resulting in some users being redirected to an incorrect service provider between approximately 8:24 and 8:30am PT. This behavior originated from Kolide, a third-party middleware integration used for device trust signals and was isolated to organizations that use that specific security layer. While this resulted in users receiving 400 errors and being unable to access their intended applications, our investigation confirms that users were unable to access unauthorized applications or environments. Mitigation was in place by 8:30 AM PT, restoring service. A full root cause analysis will be forthcoming.

We sincerely apologize for any impact this incident has caused to you, your business, or your customers. At Okta, trust and transparency are our top priorities. Outlined below is the RCA summary for a recent incident where a third-party provider or downstream service experienced an issue that impacted the Okta service. We are committed to implementing improvements to the service to prevent similar occurrences. Detection and Impact: Customers using the third-party service Kolide began reporting that attempts to sign in to their orgs redirected to an unrelated tenant and received an HTTP 400 error with the message “Login Failed - 400: Bad Request Error Code: GENERAL_NONSUCCESS” Root Cause Summary: Kolide has confirmed for Okta that an incident occurred with their Device Trust SAML authentication system, resulting in some users being redirected to an incorrect service provider after completing authentication. This resulted in users receiving a 400 error. Kolide reported that users were unable to access their intended application, any unauthorized applications, or any unauthorized environments. Remediation Steps: Okta Support advised customers that they could temporarily disable their Kolide integrations to allow their users to successfully access their services. Timing: Kolide reports: Incident start: April 22, 2026, at 8:24 AM PDT Incident resolved: April 22, 2026, at 8:30 AM PDT Duration (# of minutes): 6 Minutes

At 4/13/2026 12:30 PM PT, Engineering became aware of an issue with job processing to our service affecting customers submitting Access Requests. Our team is actively investigating this issue and working on a fix to address the issues. We will provide another update within the next 30 min, or sooner if additional information becomes available.

Okta has identified the issue impacting Access Request job processing and Engineering Teams are working to restore the service. We are rolling out the fix for this issue in 30 minutes and will provide another update once the fix is rolled out.

Okta has identified the root cause of the issue affecting Access Request job processing as of 1:00 PM PT. A resolution was implemented at 1:45 PM PT, and the service is now fully operational for new submissions. The engineering team is currently working to restore and process any requests submitted during the disruption period. We will provide another update within the next 30 minutes, or sooner if additional information becomes available.

While new Access Request job processing has been restored, Okta is also working to resolve the issue affecting in-flight Access Request job requests processed during the disruption period. The fix for this issue is expected to be implemented around 5:00pm PT. Okta will provide another update at 5:00pm PT or sooner if one becomes available.

The issue with in-flight Access Request job requests processed during the disruption period has also been resolved. All Access Request jobs are now processing normally. A root cause analysis (RCA) will be posted here within five business days. We apologize for any inconvenience this may have caused.

We sincerely apologize for any impact this incident has caused to you, your business, or your customers. At Okta, trust and transparency are our top priorities. Outlined below are the facts regarding this incident. We are committed to implementing improvements to the service to prevent future occurrences of this kind. Detection and Impact: On April 13, 2026, at 11:51 AM PST, an incident was reported where Okta Identity Governance (OIG) access requests stalled in the "In Progress" state indefinitely across all environments. The system accepted initial submissions and first-level approvals, but failed to trigger subsequent automated tasks like assigning users to apps/groups or running delegated workflows. . Root Cause Summary: During a recent update deployment, new tasks inadvertently moved to a 'LOCKED' status without implementing the necessary logic to transition them back to 'OPEN.' This caused the tasks to become permanently hidden, preventing the automated execution of the action associated with them. Remediation Steps: Okta's engineering teams promptly responded, initiating immediate detection and diagnosis. Corrective measures, including a code fix deployed to all cells, were implemented to prevent any new access requests from becoming stuck. A remediation migration successfully transitioned most affected requests to a fixed state. Normal functionality was fully restored by April 13, 2026, at 5:18 PM PST, following the completion of a final migration to unblock remaining requests.On April 14, 2026, Okta took further steps to resolve in-flight requests that were stuck, moving them to a final, terminal state. Preventative Actions: Okta is taking several steps to prevent this issue from recurring. These include enhanced testing, deployment of safeguards, and improvements to our monitoring and alerting systems. Duration (# of minutes): 434

Okta Engineering team became aware of the third-party issue that impacted access to support.okta.com and status.okta.com, and confirmed that the third-party provider has resolved the issue and services are restored. A root cause analysis (RCA) will be posted here within five business days. We apologize for any inconvenience this may have caused.

We sincerely apologize for any impact this incident has caused to you, your business, or your customers. At Okta, trust and transparency are our top priorities. Outlined below is the RCA summary for a recent incident where a third-party provider or downstream service experienced an issue that impacted the Okta service. We are committed to implementing improvements to the service to prevent similar occurrences. Detection and Impact: Okta internal monitoring alerted our engineering team to disruptions to the Okta status page and the commercial support portal. Okta Engineering identified a service disruption with our third-party provider and confirmed the impact. During the disruption, customer admins were unable to access the Okta Support Center (support.okta.com) to log support cases or view the primary status page (status.okta.com). Root Cause Summary: Okta’s third-party provider, responsible for hosting the Okta Support Center and status page, experienced a service disruption. The third-party provider identified a version mismatch between their application and database layers as the technical trigger. This mismatch resulted in internal server errors and login failures, rendering the Okta Support Center and status page inaccessible for a portion of their disruption. Remediation Steps: Okta teams posted an admin banner within the Okta Admin Console to provide visibility into the disruption and offer a phone number for customers who needed to log support cases manually while the Okta Support Center was unavailable. Services were fully restored after the third-party provider successfully deployed a fix-forward release to the impacted infrastructure, which restored login access. Preventive Actions: As part of Okta’s commitment to operational resilience, we have optimized our vendor engagement matrix to accelerate incident mitigation and downstream coordination. We are also conducting an expanded audit of external dependencies to formalize alternative response procedures within our disaster recovery plans. Simultaneously, Engineering has enhanced real-time monitoring and alerting for service endpoints, enabling faster detection and resolution. Timing: Incident start: March 16, 2026, at 08:58 PM PDT Incident resolved: March 16, 2026, at 11:34 PM PDT Duration (# of minutes): 156 minutes

At 10:30 AM PT on 3/13/2026, the Okta Engineering team became aware of an impact to the Okta Admin Console. affecting customers on OK1 and EU1 cells. During this time, customers may not be able to view all the users. The Okta Engineering team is investigating and working to mitigate the issue as soon as possible. We’ll provide an update in 30 minutes, or sooner if additional information becomes available.

At around 11:20AM PT, Okta Engineering has confirmed that the issue has been resolved in both cells, EU1 and OK1. An RCA will be provided in five business days. We apologize for any inconvenience this may have caused.

We sincerely apologize for any impact this incident has caused to you, your business, or your customers. At Okta, trust and transparency are our top priorities. Outlined below are the facts regarding this incident. We are committed to implementing improvements to the service to prevent future occurrences of this kind. Detection and Impact On March 13, 2026, at 10:49 AM PT, Okta detected a service degradation that prevented some customers on the OK1 and EU1 cells from performing directory operations, viewing or searching for users, groups, and devices in the Okta Admin Console. Customers may have experienced "Invalid search query" messages or 5xx errors. This issue also affected several API endpoints related to users, groups, and devices, which may have impacted customer integrations relying on this functionality. End-user authentication was not impacted. Root Cause Summary The root cause of this incident was a planned configuration change that exposed a bug in the underlying service, resulting in system errors and disrupting both directory-based APIs. Remediation Steps Upon detection, Okta's engineering teams initiated incident response procedures. Once the problematic configuration change was identified as the source of the errors, it was immediately reverted. After the reversion was applied and verified, full functionality was restored to all impacted customers. Preventative Actions Okta is taking steps to prevent future occurrences of this kind, including enhancing our testing processes, hardening and improving our configuration rollout strategy, and upgrading our monitoring and alerting systems for enhanced detection. Start Time: 03/13/2026 10:17 AM PT End Time: 03/13/2026 11:21 AM PT Duration (# of minutes): 64

At 04/02/2026 02:41 PT, the team became aware of an issue with to our service affecting customers in EMEA Cell 9. During this time, users may be experiencing intermittent issues within our system. Our team is actively investigating this issue and to mitigate the issue. We will provide another update within the next 30 minutes, or sooner if additional information becomes available.

Okta has implemented a fix for the LDAP issue affecting the OK9 environment. We are observing signs of service recovery and confirmed improvements from customers. We will continue to monitor the situation closely to ensure full resolution. We are monitoring the situation closely and will provide further updates within the next 30 minutes.

This incident has been resolved. Internal monitoring and customer reports confirm that the LDAPi system in OK9 has fully recovered and is operating normally. We will continue to closely monitor the service to ensure stability. A full Root Cause Analysis (RCA) will be made available within 5 days. We apologize for any disruption this may have caused.

On February 4th, 2026, at 3:33 AM PT, Okta received customer reports of authentication failures within the OK9 (EMEA) cell. Customers attempting to access LDAP interface services encountered certificate validation errors related to hostname mismatches, preventing successful authentication. Root Cause Summary: The incident was triggered by a misconfiguration introduced during a scheduled update of our LDAP interface to a new configuration source on February 4th 2:24 AM PT. This update inadvertently applied an incorrect SSL certificate profile to the LDAP interface within the OK9 environment. This misconfiguration caused certificate validity errors, resulting in connection issues when attempting to use LDAP services. Remediation Steps: Once the source of the issue was identified, Okta engineering team rolled back changes at 4:07 AM PT. These actions successfully addressed the issue and restored normal operations by 4:26 AM PT. Preventative Actions: To prevent future incidents, Okta has updated synthetic tests and enhanced monitoring. Teams also plan to add new tooling to improve changes to the LDAP service certificates. In addition, we are reviewing our internal processes and procedures, refining our automated rollback processes to further reduce the customer impact time for similar issues in the future. Duration (# of minutes): Total Duration (Minutes): 122 minutes Actual Time: 02:24 AM PT - 04:26 AM PT