There is a risk concern around the ability of a tenant admin to log in directly or through SSO (Oauth) to our tenant. I would like the ability to alert when a non-SSO log in occurs as we adopt a policy that non-SSO log in is only performed for emergency purposes when our OAUTH provider is unavailable/broken.

This doesn't appear to be a feature available in the current alerting/notification settings with the Distributed Cloud platform.