Use Cases
Suspicious Login Investigator
Investigates Jira tickets related to suspicious login activity by reviewing user behavior, Okta events, and Jira history, then documenting and advancing resolution directly within the ticket. This automation closes the loop between alert, investigation, and resolution by ensuring all suspicious login issues are handled consistently and traceably. Ensures login-related issues are reviewed, actioned, and clearly documented.
Alert & Incident Triage
Tools
 |  | |||
|---|---|---|---|---|
Okta | Jira |
Trigger
New JIRA ticket
Agent Flow
When provided a Jira issue key, this agent:
Retrieves and summarizes the Jira ticket, its comments, and change history
Queries Okta system logs for relevant login anomalies
Looks up user metadata in Okta
Documents findings clearly with time-based event data and context
Based on the investigation, it:
Adds detailed comments back into the Jira ticket
Logs time and updates the ticket’s status
Suggests next investigative steps (e.g., additional log queries, user verification, MFA reset)
Informs the user if a transition fails and recommends retrieving available transitions