Skip to main content

Okta Component

Manage users, groups, applications, and authentication policies in Okta.

Component key: okta-management-api

Changelog ↓

Description

Okta is an identity and access management platform that helps organizations manage user authentication, authorization, and security policies. This component allows you to interact with the Okta Management API.

API Documentation

This component was built using the Okta API Documentation

Connections

API Token

Configuring an API Token

  1. Log into your Okta Admin Console e.g., (https://your-domain.okta.com/admin)
  2. Navigate to Security > API > Tokens
  3. Select Create Token and provide a descriptive name
  4. Copy the token value immediately (it will only be shown once)
  5. From the integration connection fill in the required fields:
    • Okta Domain: Your Okta domain e.g., (dev-12345.okta.com)
    • API Token: The token obtained from your Okta admin console
InputNotesExample
API Token
password
/ Required
apiToken
API Token generated in your Okta Admin Console. [Learn more](https://developer.okta.com/docs/guides/create-an-api-token/main/).
 
Okta Domain
string
/ Required
oktaDomainUrl
The base URL for the Okta API. Depending on your cloud environment, you can choose the correct one [here](https://developer.okta.com/docs/reference/api-overview/).
your-org.okta.com

OAuth 2.0 Authorization Code

Configuring OAuth 2.0 Authorization Code

  1. Log into your Okta Admin Console e.g., (https://your-domain.okta.com/admin)
  2. Navigate to Applications > Applications > Create App Integration
  3. Select OIDC - OpenID Connect and Web Application
  4. Configure the application:
    • App integration name: Okta Integration
    • Sign-in redirect URIs: https://oauth2.prismatic.io/callback
    • Grant type: Authorization Code
  5. Grant required API scopes in the Okta API Scopes tab
  6. Copy the Client ID and Client Secret from the General tab
  7. From the integration connection fill in the required fields:
    • Okta Domain: Your Okta domain e.g., (dev-12345.okta.com)
    • Client ID: The Client ID from your Okta application
    • Client Secret: The Client Secret from your Okta application
InputDefaultNotesExample
Authorize URL
template
/ Required
Hidden Field
authorizeUrl
https://{{#oktaDomainUrl}}/oauth2/v1/authorize
The OAuth 2.0 Authorization URL for Okta's API.
https://{{#oktaDomainUrl}}/oauth2/v1/authorize
Client ID
string
/ Required
clientId
Client Id of your Okta's application. [Learn more](https://developer.okta.com/docs/guides/implement-grant-type/authcode/main/)
11111111-2222-3333-4444-555555555555
Client secret value
password
/ Required
clientSecret
Client Secret generated in your Okta's application. [Learn more](https://developer.okta.com/docs/guides/implement-grant-type/authcode/main/).
11111111-2222-3333-4444-555555555555
Okta Domain
string
/ Required
oktaDomainUrl
The base URL for the Okta API. Depending on your cloud environment, you can choose the correct one [here](https://developer.okta.com/docs/reference/api-overview/).
your-org.okta.com
Scopes
string
scopes
Okta API permission scopes are set on the OAuth application.
 
Token URL
template
/ Required
Hidden Field
tokenUrl
https://{{#oktaDomainUrl}}/oauth2/v1/token
The OAuth 2.0 Token URL for Okta's API.
https://{{#oktaDomainUrl}}/oauth2/v1/token

Triggers

Event Hook

Receive event hooks from Okta when a specified event occurs. | key: eventHook

InputNotesExample
Connection
connection
/ Required
connection
 
 
Event Hook Filters
code
eventHookFilter
The optional filter defined on a specific event type.
Event Hook Items
string
Value List
eventHookItems
The list of event types to subscribe to.
 
Dynamic Event Hook Items
code
eventHookItemsCode
The list of event types to subscribe to in code format.
Event Hook URL Headers
string
Key Value List
eventHookUrlHeaders
Optional headers to include in the webhook request.
{ "X-Custom-Header": "value" }

You can configure an Okta Event Hook to send real time notifications to a flow's webhook URL when specific events occur in your Okta organization (user created, user deactivated, application assigned, etc.).

How it Works

This trigger responds to Okta event hook requests with the verification response that Okta expects during the initial setup and processes incoming event notifications.

Event Types

Okta supports numerous event types including:

  • User lifecycle events (user.lifecycle.create, user.lifecycle.activate, user.lifecycle.deactivate)
  • Authentication events (user.authentication.auth_via_mfa, user.authentication.auth_via_password)
  • Application events (application.user_membership.add, application.user_membership.remove)
  • Group membership events (group.user_membership.add, group.user_membership.remove)

New System Logs

Fetches system logs created on a recurring schedule. | key: newSystemLogsPollingTrigger

InputNotesExample
Connection
connection
/ Required
connection
 
 
Filter
string
filter
A filter string to narrow down results. See Okta's documentation for supported filter fields and operators [click here](https://developer.okta.com/docs/api/openapi/okta-management/management/tag/User/#tag/User/operation/listUsers!in=query&path=filter&t=request).
lastUpdated gt "2013-06-01T00:00:00.000Z"

New Users

Fetches users created on a recurring schedule. | key: newUsersPollingTrigger

InputNotes
Connection
connection
/ Required
connection
 

Updated Users

Fetches users updated on a recurring schedule. | key: updatedUsersPollingTrigger

InputNotes
Connection
connection
/ Required
connection
 

Data Sources

Select Application

A picklist of Applications in your Okta Org. | key: selectApplication | type: picklist

InputNotes
Connection
connection
/ Required
connection
 

{
"result": [
{
"label": "My Application",
"key": "appId"
},
{
"label": "Another Application",
"key": "anotherAppId"
}
]
}

Select Event Hook

A picklist of Event Hooks in your Okta Org. | key: selectEventHook | type: picklist

InputNotes
Connection
connection
/ Required
connection
 

{
"result": [
{
"label": "My Event Hook",
"key": "eventHookId"
}
]
}

Select Group

A picklist of groups in your Okta Org. | key: selectGroup | type: picklist

InputNotes
Connection
connection
/ Required
connection
 

{
"result": [
{
"label": "My Group",
"key": "groupId"
},
{
"label": "Another Group",
"key": "anotherGroupId"
}
]
}

Select Realm

A picklist of Realms in your Okta Org. | key: selectRealm | type: picklist

InputNotes
Connection
connection
/ Required
connection
 

{
"result": [
{
"label": "My Realm",
"key": "realmId"
},
{
"label": "Another Realm",
"key": "anotherRealmId"
}
]
}

Select User

A picklist of users in your Okta Org. | key: selectUser | type: picklist

InputNotes
Connection
connection
/ Required
connection
 

{
"result": [
{
"label": "My User",
"key": "userId"
},
{
"label": "Another User",
"key": "anotherUserId"
}
]
}

Select User Factor

A picklist of a user's factors in your Okta Org. | key: selectUserFactor | type: picklist

InputNotesExample
Connection
connection
/ Required
connection
 
 
User ID
string
/ Required
userId
ID of an existing Okta user.
00u1abcd2EFGHijkL3m4

{
"result": [
{
"label": "Security Question",
"key": "factorId"
},
{
"label": "Another Factor",
"key": "anotherFactorId"
}
]
}

Select User Type

A picklist of User Types in your Okta Org. | key: selectUserType | type: picklist

InputNotes
Connection
connection
/ Required
connection
 

{
"result": [
{
"label": "My User",
"key": "userId"
},
{
"label": "Another User",
"key": "anotherUserId"
}
]
}

Actions

Activate Event Hook

Activate a specific event hook. | key: activateEventHook

InputNotesExample
Connection
connection
/ Required
connection
 
 
Event Hook ID
string
/ Required
eventHookId
The ID of the event hook.
1234567890abcdef

{
"data": {
"id": "who8tsqyrhCdmetzx135",
"status": "ACTIVE",
"verificationStatus": "VERIFIED",
"name": "Event Hook Test",
"description": null,
"created": "2023-07-07T17:41:56.000Z",
"createdBy": "00u7xut94qEWYx5ss1e5",
"lastUpdated": "2023-07-07T17:43:03.000Z",
"events": {
"type": "EVENT_TYPE",
"items": [
"user.lifecycle.deactivate",
"user.lifecycle.activate"
],
"filter": null
},
"channel": {
"type": "HTTP",
"version": "1.0.0",
"config": {
"uri": "https://example_external_service/userDeactivate",
"headers": [],
"method": "POST",
"authScheme": {
"type": "HEADER",
"key": "authorization"
}
}
},
"_links": {
"self": {
"href": "https://example.com/api/v1/eventHooks/who8tsqyrhCdmetzx135"
},
"verify": {
"href": "https://example.com/api/v1/eventHooks/who8tsqyrhCdmetzx135/lifecycle/verify",
"hints": {
"allow": [
"POST"
]
}
},
"deactivate": {
"href": "https://example.com/api/v1/eventHooks/who8tsqyrhCdmetzx135/lifecycle/deactivate",
"hints": {
"allow": [
"POST"
]
}
}
}
}
}

Activate User

Activate a user by ID or login. | key: activateUser

InputDefaultNotesExample
Connection
connection
/ Required
connection
 
 
 
ID
string
/ Required
id
An ID, login, or login shortname (as long as the shortname is unambiguous) of an existing Okta user.
00u1abcd2EFGHijkL3m4
Send Email
boolean
sendEmail
false
Sends a deactivation email to the admin if true.
 

{
"data": {
"activationToken": "XE6wE17zmphl3KqAPFxO",
"activationUrl": "https://{yourOktaDomain}/welcome/XE6wE17zmphl3KqAPFxO"
}
}

Add User to Group

Add a user to a group. | key: addUserToGroup

InputNotesExample
Connection
connection
/ Required
connection
 
 
Group ID
string
/ Required
groupId
The unique identifier for the group.
00g1abcd2EFGHijkL3m4
User ID
string
/ Required
userId
ID of an existing Okta user.
00u1abcd2EFGHijkL3m4

{
"data": {
"success": true,
"message": "User 123 added to group 123"
}
}

Assign Application to User

Assigns an application to a user with app-specific profile and credentials. | key: assignApplicationToUser

InputNotesExample
Application ID
string
/ Required
applicationId
The unique identifier for the application.
0oab1234XYZ5678
Connection
connection
/ Required
connection
 
 
Password
password
password
The user's password.
P@ssw0rd!
Profile
code
profile
The app-specific profile for the user.
Scope
string
scope
Specifies the scope of the application.
 
User ID
string
/ Required
userId
ID of an existing Okta user.
00u1abcd2EFGHijkL3m4
Username
string
username
The username of the user to whom the application will be assigned.
johndoe

{
"data": {
"success": true,
"message": "User 123 added to group 123"
}
}

Clear User Sessions

Clears all active sessions for a user, forcing re-authentication on next access. | key: clearUserSessions

InputDefaultNotesExample
Connection
connection
/ Required
connection
 
 
 
Forget Devices
boolean
forgetDevices
false
Clears the user's remembered factors for all devices.
 
OAuth Tokens
boolean
oauthTokens
false
Revokes issued OpenID Connect and OAuth refresh and access tokens.
 
User ID
string
/ Required
userId
ID of an existing Okta user.
00ub0oNGTSWTBKOLGLNR

{
"data": {
"id": "userId",
"status": "SESSIONS_CLEARED"
}
}

Create Event Hook

Create a new event hook. | key: createEventHook

InputDefaultNotesExample
Connection
connection
/ Required
connection
 
 
 
Do Not Activate on Create
boolean
doNotActivateOnCreate
false
If true, the event hook will not be activated and a verification request will not be sent.
 
Event Hook Description
string
eventHookDescription
The description of the event hook.
This is my event hook.
Event Hook Filters
code
eventHookFilter
The optional filter defined on a specific event type.
Event Hook Items
string
Value List
eventHookItems
The list of event types to subscribe to.
 
Dynamic Event Hook Items
code
eventHookItemsCode
The list of event types to subscribe to in code format.
Event Hook Name
string
/ Required
eventHookName
The name of the event hook.
My Event Hook
Event Hook URL
string
/ Required
eventHookUrl
The URL of the event hook.
https://example.com/webhook
Event Hook URL Headers
string
Key Value List
eventHookUrlHeaders
Optional headers to include in the webhook request.
{ "X-Custom-Header": "value" }

{
"data": {
"id": "who8tsqyrhCdmetzx135",
"status": "ACTIVE",
"verificationStatus": "VERIFIED",
"name": "Event Hook Test",
"description": null,
"created": "2023-07-07T17:41:56.000Z",
"createdBy": "00u7xut94qEWYx5ss1e5",
"lastUpdated": "2023-07-07T17:43:03.000Z",
"events": {
"type": "EVENT_TYPE",
"items": [
"user.lifecycle.deactivate",
"user.lifecycle.activate"
],
"filter": null
},
"channel": {
"type": "HTTP",
"version": "1.0.0",
"config": {
"uri": "https://example_external_service/userDeactivate",
"headers": [],
"method": "POST",
"authScheme": {
"type": "HEADER",
"key": "authorization"
}
}
},
"_links": {
"self": {
"href": "https://example.com/api/v1/eventHooks/who8tsqyrhCdmetzx135"
},
"verify": {
"href": "https://example.com/api/v1/eventHooks/who8tsqyrhCdmetzx135/lifecycle/verify",
"hints": {
"allow": [
"POST"
]
}
},
"deactivate": {
"href": "https://example.com/api/v1/eventHooks/who8tsqyrhCdmetzx135/lifecycle/deactivate",
"hints": {
"allow": [
"POST"
]
}
}
}
}
}

Create Group

Create a group in Okta. | key: createGroup

InputNotesExample
Connection
connection
/ Required
connection
 
 
Group Description
string
description
A brief description of the group.
This group contains all members of the engineering team.
Group Name
string
/ Required
name
The name of the group.
Engineering Team

{
"data": {
"id": "00g1emaKYZTWRYYRRTSK",
"created": "2015-02-06T10:11:28.000Z",
"lastUpdated": "2015-10-05T19:16:43.000Z",
"lastMembershipUpdated": "2015-11-28T19:15:32.000Z",
"objectClass": [
"okta:user_group"
],
"type": "OKTA_GROUP",
"profile": {
"name": "West Coast users",
"description": "All users West of The Rockies"
},
"_links": {
"logo": [
{
"name": "medium",
"href": "https://{yourOktaDomain}/img/logos/groups/okta-medium.png",
"type": "image/png"
},
{
"name": "large",
"href": "https://{yourOktaDomain}/img/logos/groups/okta-large.png",
"type": "image/png"
}
],
"users": {
"href": "https://{yourOktaDomain}/api/v1/groups/00g1emaKYZTWRYYRRTSK/users"
},
"apps": {
"href": "https://{yourOktaDomain}/api/v1/groups/00g1emaKYZTWRYYRRTSK/apps"
}
}
}
}

Create User

Create a new user. | key: createUser

InputDefaultNotesExample
Activate
boolean
activate
true
Executes an activation lifecycle operation when creating the user. Defaults to true.
 
Answer
string
answer
The user's recovery answer.
Blue
Connection
connection
/ Required
connection
 
 
 
Department
string
/ Required
department
The user's department.
Engineering
Email
string
/ Required
email
The user's email address.
john.doe@example.com
Employee Number
string
/ Required
employeeNumber
The user's employee number.
12345
First Name
string
/ Required
firstName
The user's first name.
John
Group IDs
code
groupIds
List of group IDs to assign the user to.
Hash Password
code
hashPassword
The user's password hash.
Last Name
string
/ Required
lastName
The user's last name.
Doe
Locale
string
/ Required
locale
en_US
The user's default location for purposes of localizing items such as currency, date time format, numerical representations, and so on. A locale value is a concatenation of the ISO 639-1 two-letter language code, an underscore, and the ISO 3166-1 two-letter country code.
en_US
Login
string
/ Required
login
The unique identifier for the user (username).
johndoe
Mobile Phone
string
mobilePhone
The user's mobile phone number.
15551234567
Next Login
string
nextLogin
With activate=true, if nextLogin=changePassword, a user is created, activated, and the password is set to EXPIRED. The user must change it the next time they sign in.
changePassword
Password
password
password
The user's password. If not provided, an activation email will be sent to the user.
P@ssw0rd!
Profile Extra Attributes
code
profileExtraInputs
List of additional profile attributes to include in the request. This can be used to include attributes that are not explicitly supported by this component. See [Okta's API documentation](https://developer.okta.com/docs/api/openapi/okta-management/management/tag/User/#tag/User/operation/updateUser!path=profile&t=request) for a list of supported attributes.
Provider
boolean
provider
false
Indicates whether to create a user with a specified authentication provider.
 
Provider Name
string
providerName
The name of the provider for the user.
OKTA
Provider Type
string
providerType
The type of the provider for the user.
 
Question
string
question
The user's recovery question.
What is your favorite color?
Realm ID
string
realmId
The ID of the realm to which the user belongs.
00g1abcd2EFGHijkL3m4
Type
string
type
The type of the user.
Employee

{
"data": {
"id": "00u118oQYT4TBGuay0g4",
"status": "ACTIVE",
"created": "2022-04-04T15:56:05.000Z",
"activated": null,
"statusChanged": null,
"lastLogin": "2022-05-04T19:50:52.000Z",
"lastUpdated": "2022-05-05T18:15:44.000Z",
"passwordChanged": "2022-04-04T16:00:22.000Z",
"type": {
"id": "oty1162QAr8hJjTaq0g4"
},
"profile": {
"firstName": "Alice",
"lastName": "Smith",
"mobilePhone": null,
"secondEmail": null,
"login": "alice.smith@example.com",
"email": "alice.smith@example.com"
},
"realmId": "guo1afiNtSnZYILxO0g4",
"credentials": {
"password": {},
"provider": {}
},
"_links": {
"self": {}
}
}
}

Deactivate Event Hook

Deactivate a specific event hook. | key: deactivateEventHook

InputNotesExample
Connection
connection
/ Required
connection
 
 
Event Hook ID
string
/ Required
eventHookId
The ID of the event hook.
1234567890abcdef

{
"data": {
"id": "who8tsqyrhCdmetzx135",
"status": "ACTIVE",
"verificationStatus": "VERIFIED",
"name": "Event Hook Test",
"description": null,
"created": "2023-07-07T17:41:56.000Z",
"createdBy": "00u7xut94qEWYx5ss1e5",
"lastUpdated": "2023-07-07T17:43:03.000Z",
"events": {
"type": "EVENT_TYPE",
"items": [
"user.lifecycle.deactivate",
"user.lifecycle.activate"
],
"filter": null
},
"channel": {
"type": "HTTP",
"version": "1.0.0",
"config": {
"uri": "https://example_external_service/userDeactivate",
"headers": [],
"method": "POST",
"authScheme": {
"type": "HEADER",
"key": "authorization"
}
}
},
"_links": {
"self": {
"href": "https://example.com/api/v1/eventHooks/who8tsqyrhCdmetzx135"
},
"verify": {
"href": "https://example.com/api/v1/eventHooks/who8tsqyrhCdmetzx135/lifecycle/verify",
"hints": {
"allow": [
"POST"
]
}
},
"deactivate": {
"href": "https://example.com/api/v1/eventHooks/who8tsqyrhCdmetzx135/lifecycle/deactivate",
"hints": {
"allow": [
"POST"
]
}
}
}
}
}

Deactivate User

Deactivate a user by ID or login. | key: deactivateUser

InputDefaultNotesExample
Connection
connection
/ Required
connection
 
 
 
ID
string
/ Required
id
An ID, login, or login shortname (as long as the shortname is unambiguous) of an existing Okta user.
00u1abcd2EFGHijkL3m4
Send Email
boolean
sendEmail
false
Sends a deactivation email to the admin if true.
 

{
"data": {
"id": "userId",
"status": "DEPROVISIONED"
}
}

Delete All Event Hooks

Delete an event hook by ID. | key: deleteAllEventHooks

InputNotesExample
Connection
connection
/ Required
connection
 
 
Event Hook URL
string
eventHookUrl
If provided, only event hooks with this URL will be deleted. If not provided, all event hooks will be deleted.
https://example.com/webhook

{
"data": [
{
"id": "who8tsqyrhCdmetzx135",
"deleted": true
}
]
}

Delete Event Hook

Delete an event hook by ID. | key: deleteEventHook

InputNotesExample
Connection
connection
/ Required
connection
 
 
Event Hook ID
string
/ Required
eventHookId
The ID of the event hook.
1234567890abcdef

{
"data": {
"id": "who8tsqyrhCdmetzx135",
"deleted": true
}
}

Delete Group

Delete a group by ID. | key: deleteGroup

InputNotesExample
Connection
connection
/ Required
connection
 
 
Group ID
string
/ Required
groupId
The unique identifier for the group.
00g1abcd2EFGHijkL3m4

{
"data": {
"id": "00g1emaKYZTWRYYRRTSK",
"status": "DELETED"
}
}

Delete User

Delete a user by ID or login. | key: deleteUser

InputDefaultNotesExample
Connection
connection
/ Required
connection
 
 
 
ID
string
/ Required
id
An ID, login, or login shortname (as long as the shortname is unambiguous) of an existing Okta user.
00u1abcd2EFGHijkL3m4
Send Email
boolean
sendEmail
false
Sends a deactivation email to the admin if true.
 

{
"data": {
"id": "userId",
"status": "DELETED"
}
}

Get Application

Retrieve an application by ID. | key: getApplication

InputNotesExample
Application ID
string
/ Required
applicationId
The unique identifier for the application.
0oab1234XYZ5678
Connection
connection
/ Required
connection
 
 
Expand
string
expand
Indicates whether to expand the credentials for the user. By default, credentials are not returned in the response.
blocks

{
"data": {
"id": "0oa1gjh63g214q0Hq0g4",
"orn": "orn:okta:idp:00o1n8sbwArJ7OQRw406:apps:testorgone_customsaml20app_1:0oa1gjh63g214q0Hq0g4",
"name": "testorgone_customsaml20app_1",
"label": "Custom Saml 2.0 App",
"status": "ACTIVE",
"lastUpdated": "2016-08-09T20:12:19.000Z",
"created": "2016-08-09T20:12:19.000Z",
"accessibility": {
"selfService": false,
"errorRedirectUrl": null,
"loginRedirectUrl": null
},
"visibility": {
"autoSubmitToolbar": false,
"hide": {
"iOS": false,
"web": false
},
"appLinks": {
"testorgone_customsaml20app_1_link": true
}
},
"features": [],
"signOnMode": "SAML_2_0",
"credentials": {
"userNameTemplate": {
"template": "templateName",
"type": "BUILT_IN"
},
"signing": {}
},
"settings": {
"app": {},
"notifications": {
"vpn": {
"network": {
"connection": "DISABLED"
},
"message": null,
"helpUrl": null
}
},
"signOn": {
"defaultRelayState": "",
"ssoAcsUrl": "https://{yourOktaDomain}",
"idpIssuer": "https://www.okta.com/org.externalKey",
"audience": "https://example.com/tenant/123",
"recipient": "https://recipient.okta.com",
"destination": "https://destination.okta.com",
"subjectNameIdTemplate": "user.userName",
"subjectNameIdFormat": "urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress",
"responseSigned": true,
"assertionSigned": true,
"signatureAlgorithm": "RSA_SHA256",
"digestAlgorithm": "SHA256",
"honorForceAuthn": true,
"authnContextClassRef": "urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport",
"slo": {
"enabled": true,
"spIssuer": "https://testorgone.okta.com",
"logoutUrl": "https://testorgone.okta.com/logout"
},
"participateSlo": {
"enabled": true,
"logoutRequestUrl": "https://testorgone.okta.com/logout/participate",
"sessionIndexRequired": true,
"bindingType": "REDIRECT"
},
"spCertificate": {
"x5c": [
"MIIFnDCCA4QCCQDBSLbiON2T1zANBgkqhkiG9w0BAQsFADCBjzELMAkGA1UEBhMCVVMxDjAMBgNV\r\n"
]
},
"assertionEncryption": {
"enabled": false,
"requestCompressed": false,
"allowMultipleAcsEndpoints": false,
"acsEndpoints": [],
"attributeStatements": [],
"_links": {
"logo": [
{
"name": "medium",
"href": "https://testorgone.okta.com/assets/img/logos/default.6770228fb0dab49a1695ef440a5279bb.png",
"type": "image/png"
}
],
"appLinks": [
{
"name": "testorgone_customsaml20app_1_link",
"href": "https://testorgone.okta.com/home/testorgone_customsaml20app_1/0oa1gjh63g214q0Hq0g4/aln1gofChJaerOVfY0g4",
"type": "text/html"
}
],
"help": {
"href": "https://testorgone-admin.okta.com/app/testorgone_customsaml20app_1/0oa1gjh63g214q0Hq0g4/setup/help/SAML_2_0/instructions",
"type": "text/html"
},
"users": {
"href": "https://testorgone.okta.com/api/v1/apps/0oa1gjh63g214q0Hq0g4/users"
},
"deactivate": {
"href": "https://testorgone.okta.com/api/v1/apps/0oa1gjh63g214q0Hq0g4/lifecycle/deactivate"
},
"groups": {
"href": "https://testorgone.okta.com/api/v1/apps/0oa1gjh63g214q0Hq0g4/groups"
},
"metadata": {
"href": "https://testorgone.okta.com/api/v1/apps/0oa1gjh63g214q0Hq0g4/sso/saml/metadata",
"type": "application/xml"
}
},
"_embedded": {
"user": {
"id": "00ucw2RPGIUNTDQOYPOF",
"externalId": null,
"created": "2014-03-21T23:31:35.000Z",
"lastUpdated": "2014-03-21T23:31:35.000Z",
"scope": "USER",
"status": "ACTIVE",
"statusChanged": "2014-03-21T23:31:35.000Z",
"passwordChanged": null,
"syncState": "DISABLED",
"lastSync": null,
"credentials": {
"userName": "user@example.com"
},
"_links": {
"app": {
"href": "https://{yourOktaDomain}/api/v1/apps/0oabizCHPNYALCHDUIOD"
},
"user": {
"href": "https://{yourOktaDomain}/api/v1/users/00ucw2RPGIUNTDQOYPOF"
}
}
},
"id": "0oabkvBLDEKCNXBGYUAS",
"name": "template_swa",
"label": "Sample Plugin App",
"status": "ACTIVE",
"lastUpdated": "2013-09-11T17:58:54.000Z",
"created": "2013-09-11T17:46:08.000Z",
"accessibility": {
"selfService": false,
"errorRedirectUrl": null
},
"visibility": {
"autoSubmitToolbar": false,
"hide": {
"iOS": false,
"web": false
},
"appLinks": {
"login": true
}
},
"features": [],
"signOnMode": "BROWSER_PLUGIN",
"credentials": {
"scheme": "EDIT_USERNAME_AND_PASSWORD",
"userNameTemplate": {
"template": "source.login",
"type": "BUILT_IN"
}
},
"settings": {
"app": {
"buttonField": "btn-login",
"passwordField": "txtbox-password",
"usernameField": "txtbox-username",
"url": "https://example.com/login.html"
}
},
"_links": {
"logo": [
{
"href": "https://example.okta.com/img/logos/logo_1.png",
"name": "medium",
"type": "image/png"
}
],
"users": {
"href": "https://{yourOktaDomain}/api/v1/apps/0oabkvBLDEKCNXBGYUAS/users"
},
"groups": {
"href": "https://{yourOktaDomain}/api/v1/apps/0oabkvBLDEKCNXBGYUAS/groups"
},
"self": {
"href": "https://{yourOktaDomain}/api/v1/apps/0oabkvBLDEKCNXBGYUAS"
},
"deactivate": {
"href": "https://{yourOktaDomain}/api/v1/apps/0oabkvBLDEKCNXBGYUAS/lifecycle/deactivate"
}
},
"_embedded": {
"user": {
"id": "00ucw2RPGIUNTDQOYPOF",
"externalId": null,
"created": "2014-06-10T15:16:01.000Z",
"lastUpdated": "2014-06-10T15:17:38.000Z",
"scope": "USER",
"status": "ACTIVE",
"statusChanged": "2014-06-10T15:16:01.000Z",
"passwordChanged": "2014-06-10T15:17:38.000Z",
"syncState": "DISABLED",
"lastSync": null,
"credentials": {
"userName": "user@example.com",
"password": {}
},
"_links": {
"app": {
"href": "https://{yourOktaDomain}/api/v1/apps/0oabkvBLDEKCNXBGYUAS"
},
"user": {
"href": "https://{yourOktaDomain}/api/v1/users/00ucw2RPGIUNTDQOYPOF"
}
}
}
}
}
}
}
}
}
}

Get Application User Assignment

Retrieves a specific user assignment for a specific app. | key: getApplicationUserAssignment

InputNotesExample
Application ID
string
/ Required
applicationId
The unique identifier for the application.
0oab1234XYZ5678
Connection
connection
/ Required
connection
 
 
Expand
string
expand
Indicates whether to expand the credentials for the user. By default, credentials are not returned in the response.
blocks
User ID
string
/ Required
userId
ID of an existing Okta user.
00u1abcd2EFGHijkL3m4

{
"data": {
"id": "00u1dnq5S0CfjlkpABCD",
"externalId": "00u5edt3PNbbjzvIABCD",
"created": "2024-01-31T18:25:01.000Z",
"lastUpdated": "2024-01-31T18:25:03.000Z",
"scope": "USER",
"status": "PROVISIONED",
"statusChanged": "2024-01-31T18:25:03.000Z",
"passwordChanged": null,
"syncState": "SYNCHRONIZED",
"lastSync": "2024-01-31T18:25:03.000Z",
"credentials": {
"userName": "saml.test@example.com"
},
"profile": {
"secondEmail": null,
"lastName": "Test",
"mobilePhone": null,
"displayName": "Saml O Test",
"email": "saml.test@example.com",
"salesforceGroups": [],
"role": "Tester",
"firstName": "Saml",
"streetAddress": null,
"profile": "Standard Platform User"
},
"_links": {
"app": {
"href": "https://{yourOktaDomain}/api/v1/apps/0oajiqIRNXPPJBNZMGYL"
},
"user": {
"href": "https://{yourOktaDomain}/api/v1/users/00u1dnq5S0CfjlkpABCD"
}
},
"_embedded": {
"user": {
"id": "00u1dnq5S0CfjlkpABCD",
"status": "ACTIVE",
"created": "2024-01-09T15:36:04.000Z",
"activated": "2024-01-09T15:36:05.000Z",
"statusChanged": "2024-01-09T15:36:05.000Z",
"lastLogin": null,
"lastUpdated": "2024-01-09T15:36:05.000Z",
"passwordChanged": "2024-01-09T15:36:05.000Z",
"type": {
"id": "otyzhh29g7Python90g3"
},
"profile": {
"firstName": "Saml",
"lastName": "Test",
"mobilePhone": null,
"secondEmail": null,
"login": "saml.test@example.com",
"email": "saml.test@example.com"
},
"credentials": {
"password": {},
"provider": {
"type": "OKTA",
"name": "OKTA"
}
},
"_links": {
"suspend": {
"href": "https://{yourOktaDomain}/api/v1/users/00u1dnq5S0CfjlkpABCD/lifecycle/suspend",
"method": "POST"
},
"schema": {
"href": "https://{yourOktaDomain}/api/v1/meta/schemas/user/oscarho9g7PythoN23z9"
},
"resetPassword": {
"href": "https://{yourOktaDomain}/api/v1/users/00u1dnq5S0CfjlkpABCD/lifecycle/reset_password",
"method": "POST"
},
"expirePassword": {
"href": "https://{yourOktaDomain}/api/v1/users/00u1dnq5S0CfjlkpABCD/lifecycle/expire_password",
"method": "POST"
},
"changeRecoveryQuestion": {
"href": "https://{yourOktaDomain}/api/v1/users/00u1dnq5S0CfjlkpABCD/credentials/change_recovery_question",
"method": "POST"
},
"self": {
"href": "https://{yourOktaDomain}/api/v1/users/00u1dnq5S0CfjlkpABCD"
},
"type": {
"href": "https://{yourOktaDomain}/api/v1/meta/types/user/otyzhh29g7Python90g3"
},
"changePassword": {
"href": "https://rain.okta1.com/api/v1/users/00u1dnq5S0CfjlkpABCD/credentials/change_password",
"method": "POST"
},
"deactivate": {
"href": "https://{yourOktaDomain}/api/v1/users/00u1dnq5S0CfjlkpABCD/lifecycle/deactivate",
"method": "POST"
}
}
}
}
}
}

Get Event Hook

Get an event hook by ID. | key: getEventHook

InputNotesExample
Connection
connection
/ Required
connection
 
 
Event Hook ID
string
/ Required
eventHookId
The ID of the event hook.
1234567890abcdef

{
"data": {
"id": "who8tsqyrhCdmetzx135",
"status": "ACTIVE",
"verificationStatus": "VERIFIED",
"name": "Event Hook Test",
"description": null,
"created": "2023-07-07T17:41:56.000Z",
"createdBy": "00u7xut94qEWYx5ss1e5",
"lastUpdated": "2023-07-07T17:43:03.000Z",
"events": {
"type": "EVENT_TYPE",
"items": [
"user.lifecycle.deactivate",
"user.lifecycle.activate"
],
"filter": null
},
"channel": {
"type": "HTTP",
"version": "1.0.0",
"config": {
"uri": "https://example_external_service/userDeactivate",
"headers": [],
"method": "POST",
"authScheme": {
"type": "HEADER",
"key": "authorization"
}
}
},
"_links": {
"self": {
"href": "https://example.com/api/v1/eventHooks/who8tsqyrhCdmetzx135"
},
"verify": {
"href": "https://example.com/api/v1/eventHooks/who8tsqyrhCdmetzx135/lifecycle/verify",
"hints": {
"allow": [
"POST"
]
}
},
"deactivate": {
"href": "https://example.com/api/v1/eventHooks/who8tsqyrhCdmetzx135/lifecycle/deactivate",
"hints": {
"allow": [
"POST"
]
}
}
}
}
}

Get Group

Retrieve a group by ID. | key: getGroup

InputNotesExample
Connection
connection
/ Required
connection
 
 
Group ID
string
/ Required
groupId
The unique identifier for the group.
00g1abcd2EFGHijkL3m4

{
"data": {
"id": "00g1emaKYZTWRYYRRTSK",
"created": "2015-02-06T10:11:28.000Z",
"lastUpdated": "2015-10-05T19:16:43.000Z",
"lastMembershipUpdated": "2015-11-28T19:15:32.000Z",
"objectClass": [
"okta:user_group"
],
"type": "OKTA_GROUP",
"profile": {
"name": "West Coast users",
"description": "All users West of The Rockies"
},
"_links": {
"logo": [
{
"name": "medium",
"href": "https://{yourOktaDomain}/img/logos/groups/okta-medium.png",
"type": "image/png"
},
{
"name": "large",
"href": "https://{yourOktaDomain}/img/logos/groups/okta-large.png",
"type": "image/png"
}
],
"users": {
"href": "https://{yourOktaDomain}/api/v1/groups/00g1emaKYZTWRYYRRTSK/users"
},
"apps": {
"href": "https://{yourOktaDomain}/api/v1/groups/00g1emaKYZTWRYYRRTSK/apps"
}
}
}
}

Get System Logs

Retrieves system log events for security monitoring and compliance auditing. Max 10000 records can be fetched at once. | key: getSystemLogs

InputDefaultNotesExample
After
string
after
The cursor for the next page of results. This value is obtained from the `Link` header of the response.
abc123
Connection
connection
/ Required
connection
 
 
 
Fetch All
boolean
fetchAll
false
If true, fetches all pages of results.
 
Filter
string
filter
A filter string to narrow down results. See Okta's documentation for supported filter fields and operators [click here](https://developer.okta.com/docs/api/openapi/okta-management/management/tag/User/#tag/User/operation/listUsers!in=query&path=filter&t=request).
lastUpdated gt "2013-06-01T00:00:00.000Z"
Limit
string
limit
Specifies the number of results returned. Defaults to 200.
100
q
string
q
Searches for apps with name or label properties that starts with the q value using the startsWith operation.
Okta
Since
string
since
Filters the lower time bound of the log events published property for bounded queries or persistence time for polling queries.
7 days prior to until
Sort Order
string
sortOrder
Specifies the sort order: asc or desc (for search queries only). Sorting is done in ASCII sort order (that is, by ASCII character value), but isn't case sensitive. sortOrder is ignored if sortBy isn't present.
 
Until
string
until
Filters the upper time bound of the log events published property for bounded queries or persistence time for polling queries.
current time

{
"data": [
{
"actor": {
"id": "00uttidj01jqL21aM1d6",
"type": "User",
"alternateId": "john.doe@example.com",
"displayName": "John Doe",
"detailEntry": null
},
"client": {
"userAgent": {
"rawUserAgent": "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36",
"os": "Mac OS X",
"browser": "CHROME"
},
"zone": null,
"device": "Computer",
"id": null,
"ipAddress": "10.0.0.1",
"geographicalContext": {
"city": "New York",
"state": "New York",
"country": "United States",
"postalCode": 10013,
"geolocation": {
"lat": 40.3157,
"lon": -74.01
}
}
},
"device": {
"id": "guofdhyjex1feOgbN1d9",
"name": "Mac15,6",
"os_platform": "OSX",
"os_version": "14.6.0",
"managed": false,
"registered": true,
"device_integrator": null,
"disk_encryption_type": "ALL_INTERNAL_VOLUMES",
"screen_lock_type": "BIOMETRIC",
"jailbreak": null,
"secure_hardware_present": true
},
"authenticationContext": {
"authenticationProvider": null,
"credentialProvider": null,
"credentialType": null,
"issuer": null,
"interface": null,
"authenticationStep": 0,
"rootSessionId": "idxBager62CSveUkTxvgRtonA",
"externalSessionId": "idxBager62CSveUkTxvgRtonA"
},
"displayMessage": "User login to Okta",
"eventType": "user.session.start",
"outcome": {
"result": "SUCCESS",
"reason": null
},
"published": "2024-08-13T15:58:20.353Z",
"securityContext": {
"asNumber": 394089,
"asOrg": "ASN 0000",
"isp": "google",
"domain": null,
"isProxy": false
},
"severity": "INFO",
"debugContext": {
"debugData": {
"requestId": "ab609228fe84ce59cdcbfa690bcce016",
"requestUri": "/idp/idx/authenticators/poll",
"url": "/idp/idx/authenticators/poll"
}
},
"legacyEventType": "core.user_auth.login_success",
"transaction": {
"type": "WEB",
"id": "ab609228fe84ce59cdcbfa690bgce016",
"detail": null
},
"uuid": "dc9fd3c0-598c-11ef-8478-2b7584bf8d5a",
"version": 0,
"request": {
"ipChain": [
{
"ip": "10.0.0.1",
"geographicalContext": {
"city": "New York",
"state": "New York",
"country": "United States",
"postalCode": 10013,
"geolocation": {
"lat": 40.3157,
"lon": -74.01
}
},
"version": "V4",
"source": null
}
]
},
"target": [
{
"id": "pfdfdhyjf0HMbkP2e1d7",
"type": "AuthenticatorEnrollment",
"alternateId": "unknown",
"displayName": "Okta Verify",
"detailEntry": null
},
{
"id": "0oatxlef9sQvvqInq5d6",
"type": "AppInstance",
"alternateId": "Okta Admin Console",
"displayName": "Okta Admin Console",
"detailEntry": null
}
]
}
]
}

Get User

Retrieve a user by ID or login. | key: getUser

InputNotesExample
Connection
connection
/ Required
connection
 
 
Expand
string
expand
Indicates whether to expand the credentials for the user. By default, credentials are not returned in the response.
blocks
ID
string
/ Required
id
An ID, login, or login shortname (as long as the shortname is unambiguous) of an existing Okta user.
00u1abcd2EFGHijkL3m4

{
"data": {
"id": "00u118oQYT4TBGuay0g4",
"status": "ACTIVE",
"created": "2022-04-04T15:56:05.000Z",
"activated": null,
"statusChanged": null,
"lastLogin": "2022-05-04T19:50:52.000Z",
"lastUpdated": "2022-05-05T18:15:44.000Z",
"passwordChanged": "2022-04-04T16:00:22.000Z",
"type": {
"id": "oty1162QAr8hJjTaq0g4"
},
"profile": {
"firstName": "Alice",
"lastName": "Smith",
"mobilePhone": null,
"secondEmail": null,
"login": "alice.smith@example.com",
"email": "alice.smith@example.com"
},
"realmId": "guo1afiNtSnZYILxO0g4",
"credentials": {
"password": {},
"provider": {}
},
"_links": {
"self": {}
}
}
}

List Applications

List applications with optional search and filtering. | key: listApplications

InputDefaultNotesExample
After
string
after
The cursor for the next page of results. This value is obtained from the `Link` header of the response.
abc123
Connection
connection
/ Required
connection
 
 
 
Expand
string
expand
Indicates whether to expand the credentials for the user. By default, credentials are not returned in the response.
blocks
Fetch All
boolean
fetchAll
false
If true, fetches all pages of results.
 
Filter
string
filter
A filter string to narrow down results. See Okta's documentation for supported filter fields and operators [click here](https://developer.okta.com/docs/api/openapi/okta-management/management/tag/User/#tag/User/operation/listUsers!in=query&path=filter&t=request).
lastUpdated gt "2013-06-01T00:00:00.000Z"
Include Non-Deleted
boolean
includeNonDeleted
false
When true, both deleted and non-deleted applications are returned.
 
Limit
string
limit
Specifies the number of results returned. Defaults to 200.
100
q
string
q
Searches for apps with name or label properties that starts with the q value using the startsWith operation.
Okta
Use Optimization
boolean
useOptimization
false
When true, the response will be optimized for faster retrieval. This may exclude some properties from the response.
 

{
"data": [
{
"id": "0oa1gjh63g214q0Hq0g4",
"orn": "orn:okta:idp:00o1n8sbwArJ7OQRw406:apps:testorgone_customsaml20app_1:0oa1gjh63g214q0Hq0g4",
"name": "testorgone_customsaml20app_1",
"label": "Custom Saml 2.0 App",
"status": "ACTIVE",
"lastUpdated": "2016-08-09T20:12:19.000Z",
"created": "2016-08-09T20:12:19.000Z",
"accessibility": {
"selfService": false,
"errorRedirectUrl": null,
"loginRedirectUrl": null
},
"visibility": {
"autoSubmitToolbar": false,
"hide": {
"iOS": false,
"web": false
},
"appLinks": {
"testorgone_customsaml20app_1_link": true
}
},
"features": [],
"signOnMode": "SAML_2_0",
"credentials": {
"userNameTemplate": {
"template": "templateName",
"type": "BUILT_IN"
},
"signing": {}
},
"settings": {
"app": {},
"notifications": {
"vpn": {
"network": {
"connection": "DISABLED"
},
"message": null,
"helpUrl": null
}
},
"signOn": {
"defaultRelayState": "",
"ssoAcsUrl": "https://{yourOktaDomain}",
"idpIssuer": "https://www.okta.com/org.externalKey",
"audience": "https://example.com/tenant/123",
"recipient": "https://recipient.okta.com",
"destination": "https://destination.okta.com",
"subjectNameIdTemplate": "user.userName",
"subjectNameIdFormat": "urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress",
"responseSigned": true,
"assertionSigned": true,
"signatureAlgorithm": "RSA_SHA256",
"digestAlgorithm": "SHA256",
"honorForceAuthn": true,
"authnContextClassRef": "urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport",
"slo": {
"enabled": true,
"spIssuer": "https://testorgone.okta.com",
"logoutUrl": "https://testorgone.okta.com/logout"
},
"participateSlo": {
"enabled": true,
"logoutRequestUrl": "https://testorgone.okta.com/logout/participate",
"sessionIndexRequired": true,
"bindingType": "REDIRECT"
},
"spCertificate": {
"x5c": [
"MIIFnDCCA4QCCQDBSLbiON2T1zANBgkqhkiG9w0BAQsFADCBjzELMAkGA1UEBhMCVVMxDjAMBgNV\r\n"
]
},
"assertionEncryption": {
"enabled": false,
"requestCompressed": false,
"allowMultipleAcsEndpoints": false,
"acsEndpoints": [],
"attributeStatements": [],
"_links": {
"logo": [
{
"name": "medium",
"href": "https://testorgone.okta.com/assets/img/logos/default.6770228fb0dab49a1695ef440a5279bb.png",
"type": "image/png"
}
],
"appLinks": [
{
"name": "testorgone_customsaml20app_1_link",
"href": "https://testorgone.okta.com/home/testorgone_customsaml20app_1/0oa1gjh63g214q0Hq0g4/aln1gofChJaerOVfY0g4",
"type": "text/html"
}
],
"help": {
"href": "https://testorgone-admin.okta.com/app/testorgone_customsaml20app_1/0oa1gjh63g214q0Hq0g4/setup/help/SAML_2_0/instructions",
"type": "text/html"
},
"users": {
"href": "https://testorgone.okta.com/api/v1/apps/0oa1gjh63g214q0Hq0g4/users"
},
"deactivate": {
"href": "https://testorgone.okta.com/api/v1/apps/0oa1gjh63g214q0Hq0g4/lifecycle/deactivate"
},
"groups": {
"href": "https://testorgone.okta.com/api/v1/apps/0oa1gjh63g214q0Hq0g4/groups"
},
"metadata": {
"href": "https://testorgone.okta.com/api/v1/apps/0oa1gjh63g214q0Hq0g4/sso/saml/metadata",
"type": "application/xml"
}
},
"_embedded": {
"user": {
"id": "00ucw2RPGIUNTDQOYPOF",
"externalId": null,
"created": "2014-03-21T23:31:35.000Z",
"lastUpdated": "2014-03-21T23:31:35.000Z",
"scope": "USER",
"status": "ACTIVE",
"statusChanged": "2014-03-21T23:31:35.000Z",
"passwordChanged": null,
"syncState": "DISABLED",
"lastSync": null,
"credentials": {
"userName": "user@example.com"
},
"_links": {
"app": {
"href": "https://{yourOktaDomain}/api/v1/apps/0oabizCHPNYALCHDUIOD"
},
"user": {
"href": "https://{yourOktaDomain}/api/v1/users/00ucw2RPGIUNTDQOYPOF"
}
}
},
"id": "0oabkvBLDEKCNXBGYUAS",
"name": "template_swa",
"label": "Sample Plugin App",
"status": "ACTIVE",
"lastUpdated": "2013-09-11T17:58:54.000Z",
"created": "2013-09-11T17:46:08.000Z",
"accessibility": {
"selfService": false,
"errorRedirectUrl": null
},
"visibility": {
"autoSubmitToolbar": false,
"hide": {
"iOS": false,
"web": false
},
"appLinks": {
"login": true
}
},
"features": [],
"signOnMode": "BROWSER_PLUGIN",
"credentials": {
"scheme": "EDIT_USERNAME_AND_PASSWORD",
"userNameTemplate": {
"template": "source.login",
"type": "BUILT_IN"
}
},
"settings": {
"app": {
"buttonField": "btn-login",
"passwordField": "txtbox-password",
"usernameField": "txtbox-username",
"url": "https://example.com/login.html"
}
},
"_links": {
"logo": [
{
"href": "https://example.okta.com/img/logos/logo_1.png",
"name": "medium",
"type": "image/png"
}
],
"users": {
"href": "https://{yourOktaDomain}/api/v1/apps/0oabkvBLDEKCNXBGYUAS/users"
},
"groups": {
"href": "https://{yourOktaDomain}/api/v1/apps/0oabkvBLDEKCNXBGYUAS/groups"
},
"self": {
"href": "https://{yourOktaDomain}/api/v1/apps/0oabkvBLDEKCNXBGYUAS"
},
"deactivate": {
"href": "https://{yourOktaDomain}/api/v1/apps/0oabkvBLDEKCNXBGYUAS/lifecycle/deactivate"
}
},
"_embedded": {
"user": {
"id": "00ucw2RPGIUNTDQOYPOF",
"externalId": null,
"created": "2014-06-10T15:16:01.000Z",
"lastUpdated": "2014-06-10T15:17:38.000Z",
"scope": "USER",
"status": "ACTIVE",
"statusChanged": "2014-06-10T15:16:01.000Z",
"passwordChanged": "2014-06-10T15:17:38.000Z",
"syncState": "DISABLED",
"lastSync": null,
"credentials": {
"userName": "user@example.com",
"password": {}
},
"_links": {
"app": {
"href": "https://{yourOktaDomain}/api/v1/apps/0oabkvBLDEKCNXBGYUAS"
},
"user": {
"href": "https://{yourOktaDomain}/api/v1/users/00ucw2RPGIUNTDQOYPOF"
}
}
}
}
}
}
}
}
}
]
}

List Event Hooks

List all event hooks. | key: listEventHooks

InputNotes
Connection
connection
/ Required
connection
 

{
"data": [
{
"id": "who8tsqyrhCdmetzx135",
"status": "ACTIVE",
"verificationStatus": "VERIFIED",
"name": "Event Hook Test",
"description": null,
"created": "2023-07-07T17:41:56.000Z",
"createdBy": "00u7xut94qEWYx5ss1e5",
"lastUpdated": "2023-07-07T17:43:03.000Z",
"events": {
"type": "EVENT_TYPE",
"items": [
"user.lifecycle.deactivate",
"user.lifecycle.activate"
],
"filter": null
},
"channel": {
"type": "HTTP",
"version": "1.0.0",
"config": {
"uri": "https://example_external_service/userDeactivate",
"headers": [],
"method": "POST",
"authScheme": {
"type": "HEADER",
"key": "authorization"
}
}
},
"_links": {
"self": {
"href": "https://example.com/api/v1/eventHooks/who8tsqyrhCdmetzx135"
},
"verify": {
"href": "https://example.com/api/v1/eventHooks/who8tsqyrhCdmetzx135/lifecycle/verify",
"hints": {
"allow": [
"POST"
]
}
},
"deactivate": {
"href": "https://example.com/api/v1/eventHooks/who8tsqyrhCdmetzx135/lifecycle/deactivate",
"hints": {
"allow": [
"POST"
]
}
}
}
},
{
"id": "who8vt36qfNpCGz9H1e6",
"status": "ACTIVE",
"verificationStatus": "VERIFIED",
"name": "Event Hook with Filter",
"description": "An event hook using an Okta Expression Language filter",
"created": "2023-07-07T13:41:56.000Z",
"createdBy": "00u7xut94qEWYx5ss1e5",
"lastUpdated": "2023-07-07T13:43:03.000Z",
"events": {
"type": "EVENT_TYPE",
"items": [
"group.user_membership.add"
],
"filter": {
"type": "EXPRESSION_LANGUAGE",
"eventFilterMap": [
{
"event": "group.user_membership.add",
"condition": {
"version": null,
"expression": "event.target.?[type eq 'UserGroup'].size()>0 && event.target.?[displayName eq 'Sales'].size()>0"
}
}
]
}
},
"channel": {
"type": "HTTP",
"version": "1.0.0",
"config": {
"uri": "https://example_external_service/userAdded",
"headers": [],
"method": "POST",
"authScheme": {
"type": "HEADER",
"key": "authorization"
}
}
},
"_links": {
"self": {
"href": "https://example.com/api/v1/eventHooks/who8tsqyrhCdmetzx1e6"
},
"verify": {
"href": "https://example.com/api/v1/eventHooks/who8tsqyrhCdmetzx1e6/lifecycle/verify",
"hints": {
"allow": [
"POST"
]
}
},
"deactivate": {
"href": "https://example.com/api/v1/eventHooks/who8tsqyrhCdmetzx1e6/lifecycle/deactivate",
"hints": {
"allow": [
"POST"
]
}
}
}
}
]
}

List Group Members

Retrieves all users who are members of the specified group. | key: listGroupMembers

InputDefaultNotesExample
After
string
after
The cursor for the next page of results. This value is obtained from the `Link` header of the response.
abc123
Connection
connection
/ Required
connection
 
 
 
Fetch All
boolean
fetchAll
false
If true, fetches all pages of results.
 
Group ID
string
/ Required
groupId
The unique identifier for the group.
00g1abcd2EFGHijkL3m4
Limit
string
limit
Specifies the number of results returned. Defaults to 200.
100

{
"data": [
{
"id": "00u118oQYT4TBTemp0g4",
"status": "ACTIVE",
"created": "2022-04-04T15:56:05.000Z",
"activated": null,
"statusChanged": null,
"lastLogin": "2022-05-04T19:50:52.000Z",
"lastUpdated": "2022-05-05T18:15:44.000Z",
"passwordChanged": "2022-04-04T16:00:22.000Z",
"type": {
"id": "oty1162QAr8hJjTaq0g4"
},
"profile": {
"firstName": "Alice",
"lastName": "Smith",
"mobilePhone": null,
"secondEmail": null,
"login": "alice.smith@example.com",
"email": "alice.smith@example.com"
},
"credentials": {
"password": {},
"provider": {
"type": "OKTA",
"name": "OKTA"
}
},
"_links": {
"self": {
"href": "http://your-subdomain.okta.com/api/v1/users/00u118oQYT4TBGuay0g4"
}
}
}
]
}

List Groups

List groups with optional search and filtering. | key: listGroups

InputDefaultNotesExample
After
string
after
The cursor for the next page of results. This value is obtained from the `Link` header of the response.
abc123
Connection
connection
/ Required
connection
 
 
 
Extra Parameters
string
Key Value List
extraParameters
List of additional parameters to include in the request. This can be used to include parameters that are not explicitly supported by this component. See Okta's API documentation for a list of supported parameters.
{after: 'abc123'}
Fetch All
boolean
fetchAll
false
If true, fetches all pages of results.
 
Filter
string
filter
A filter string to narrow down results. See Okta's documentation for supported filter fields and operators [click here](https://developer.okta.com/docs/api/openapi/okta-management/management/tag/User/#tag/User/operation/listUsers!in=query&path=filter&t=request).
lastUpdated gt "2013-06-01T00:00:00.000Z"
Limit
string
limit
Specifies the number of results returned. Defaults to 200.
100
q
string
q
Searches for apps with name or label properties that starts with the q value using the startsWith operation.
Okta
Search
string
search
A search string to filter results. See Okta's documentation for supported search fields and operators [click here](https://developer.okta.com/docs/api/openapi/okta-management/management/tag/User/#tag/User/operation/listUsers!in=query&path=search&t=request).
profile.firstName eq "John"
Sort By
string
sortBy
Specifies field to sort by (for search queries only). This can be any single property, for example sortBy=profile.lastName. Users with the same value for the sortBy property will be ordered by id.
profile.lastName
Sort Order
string
sortOrder
Specifies the sort order: asc or desc (for search queries only). Sorting is done in ASCII sort order (that is, by ASCII character value), but isn't case sensitive. sortOrder is ignored if sortBy isn't present.
 

{
"data": [
{
"id": "00g1emaKYZTWRYYRRTSK",
"created": "2015-02-06T10:11:28.000Z",
"lastUpdated": "2015-10-05T19:16:43.000Z",
"lastMembershipUpdated": "2015-11-28T19:15:32.000Z",
"objectClass": [
"okta:user_group"
],
"type": "OKTA_GROUP",
"profile": {
"name": "West Coast users",
"description": "All users West of The Rockies"
},
"_links": {
"logo": [
{
"name": "medium",
"href": "https://{yourOktaDomain}/img/logos/groups/okta-medium.png",
"type": "image/png"
},
{
"name": "large",
"href": "https://{yourOktaDomain}/img/logos/groups/okta-large.png",
"type": "image/png"
}
],
"users": {
"href": "https://{yourOktaDomain}/api/v1/groups/00g1emaKYZTWRYYRRTSK/users"
},
"apps": {
"href": "https://{yourOktaDomain}/api/v1/groups/00g1emaKYZTWRYYRRTSK/apps"
}
}
}
]
}

List Policies

List policies with optional search and filtering. | key: listPolicies

InputDefaultNotesExample
After
string
after
The cursor for the next page of results. This value is obtained from the `Link` header of the response.
abc123
Connection
connection
/ Required
connection
 
 
 
Expand
string
expand
Indicates whether to expand the credentials for the user. By default, credentials are not returned in the response.
blocks
Fetch All
boolean
fetchAll
false
If true, fetches all pages of results.
 
Limit
string
limit
Specifies the number of results returned. Defaults to 200.
100
q
string
q
Searches for apps with name or label properties that starts with the q value using the startsWith operation.
Okta
Resource ID
string
resourceId
Reference to the associated authorization server.
00g1abcd2EFGH3IJK4l5
Sort By
string
sortBy
Specifies field to sort by (for search queries only). This can be any single property, for example sortBy=profile.lastName. Users with the same value for the sortBy property will be ordered by id.
profile.lastName
Status
string
status
Specifies the status of the policies to return.
 
Type
string
/ Required
type
Specifies the type of policy to return. The following policy types are available only with the Okta Identity Engine.
 

{
"data": [
{
"type": "ACCESS_POLICY",
"id": "policyId",
"status": "ACTIVE",
"name": "Policy name",
"description": "Policy description",
"priority": 1,
"system": true,
"conditions": null,
"created": "2024-04-25T17:35:02.000Z",
"lastUpdated": "2024-04-25T17:35:02.000Z",
"_links": {
"self": {
"href": "https://{yourOktaDomain}/api/v1/policies/{policyId}",
"hints": {
"allow": [
"GET",
"PUT"
]
}
},
"rules": {
"href": "https://{yourOktaDomain}/api/v1/policies/{policyId}/rules",
"hints": {
"allow": [
"GET",
"POST"
]
}
}
}
}
]
}

List Realms

Lists all realms in your org. | key: listRealms

InputDefaultNotesExample
After
string
after
The cursor for the next page of results. This value is obtained from the `Link` header of the response.
abc123
Connection
connection
/ Required
connection
 
 
 
Fetch All
boolean
fetchAll
false
If true, fetches all pages of results.
 
Limit
string
limit
Specifies the number of results returned. Defaults to 200.
100
Search
string
search
A search string to filter results. See Okta's documentation for supported search fields and operators [click here](https://developer.okta.com/docs/api/openapi/okta-management/management/tag/User/#tag/User/operation/listUsers!in=query&path=search&t=request).
profile.firstName eq "John"
Sort By
string
sortBy
Specifies field to sort by (for search queries only). This can be any single property, for example sortBy=profile.lastName. Users with the same value for the sortBy property will be ordered by id.
profile.lastName
Sort Order
string
sortOrder
Specifies the sort order: asc or desc (for search queries only). Sorting is done in ASCII sort order (that is, by ASCII character value), but isn't case sensitive. sortOrder is ignored if sortBy isn't present.
 

{
"data": [
{
"id": "guox9jQ16k9V8IFEL0g3",
"created": "2022-04-04T15:56:05.000Z",
"lastUpdated": "2022-05-05T18:15:44.000Z",
"isDefault": false,
"profile": {
"name": "Car Co",
"realmType": "PARTNER",
"domains": [
"atko.com",
"user.com"
]
},
"_links": {
"self": {
"rel": "self",
"href": "http://your-subdomain.okta.com/api/v1/realms/guox9jQ16k9V8IFEL0g3",
"method": "GET"
}
}
}
]
}

List User Applications

List applications for a specific user. | key: listUserApplications

InputNotesExample
Connection
connection
/ Required
connection
 
 
ID
string
/ Required
id
An ID, login, or login shortname (as long as the shortname is unambiguous) of an existing Okta user.
00u1abcd2EFGHijkL3m4

{
"data": [
{
"id": "00ub0oNGTSWTBKOLGLNR",
"label": "Google Apps Mail",
"linkUrl": "https://{yourOktaDomain}/home/google/0oa3omz2i9XRNSRIHBZO/50",
"logoUrl": "https://{yourOktaDomain}/img/logos/google-mail.png",
"appName": "google",
"appInstanceId": "0oa3omz2i9XRNSRIHBZO",
"appAssignmentId": "0ua3omz7weMMMQJERBKY",
"credentialsSetup": false,
"hidden": false,
"sortOrder": 0
},
{
"id": "00ub0oNGTSWTBKOLGLNR",
"label": "Google Apps Calendar",
"linkUrl": "https://{yourOktaDomain}/home/google/0oa3omz2i9XRNSRIHBZO/54",
"logoUrl": "https://{yourOktaDomain}/img/logos/google-calendar.png",
"appName": "google",
"appInstanceId": "0oa3omz2i9XRNSRIHBZO",
"appAssignmentId": "0ua3omz7weMMMQJERBKY",
"credentialsSetup": false,
"hidden": false,
"sortOrder": 1
},
{
"id": "00ub0oNGTSWTBKOLGLNR",
"label": "Box",
"linkUrl": "https://{yourOktaDomain}/home/boxnet/0oa3ompioiQCSTOYXVBK/72",
"logoUrl": "https://{yourOktaDomain}/img/logos/box.png",
"appName": "boxnet",
"appInstanceId": "0oa3ompioiQCSTOYXVBK",
"appAssignmentId": "0ua3omx46lYEZLPPRWBO",
"credentialsSetup": false,
"hidden": false,
"sortOrder": 3
},
{
"id": "00ub0oNGTSWTBKOLGLNR",
"label": "Salesforce.com",
"linkUrl": "https://{yourOktaDomain}/home/salesforce/0oa12ecnxtBQMKOXJSMF/46",
"logoUrl": "https://{yourOktaDomain}/img/logos/salesforce_logo.png",
"appName": "salesforce",
"appInstanceId": "0oa12ecnxtBQMKOXJSMF",
"appAssignmentId": "0ua173qgj5VAVOBQMCVB",
"credentialsSetup": true,
"hidden": false,
"sortOrder": 2
}
]
}

List User Factors

Lists all enrolled factors for the specified user that are included in the highest priority authenticator enrollment policy that applies to the user. | key: listUserFactors

InputNotesExample
Connection
connection
/ Required
connection
 
 
User ID
string
/ Required
userId
ID of an existing Okta user.
00u1abcd2EFGHijkL3m4

{
"data": [
{
"id": "ufs2bysphxKODSZKWVCT",
"factorType": "question",
"provider": "OKTA",
"vendorName": "OKTA",
"status": "ACTIVE",
"created": "2014-04-15T18:10:06.000Z",
"lastUpdated": "2014-04-15T18:10:06.000Z",
"profile": {
"question": "favorite_art_piece",
"questionText": "What is your favorite piece of art?"
},
"_links": {
"questions": {
"href": "https://{yourOktaDomain}/api/v1/users/00u15s1KDETTQMQYABRL/factors/questions",
"hints": {
"allow": [
"GET"
]
}
},
"self": {
"href": "https://{yourOktaDomain}/api/v1/users/00u15s1KDETTQMQYABRL/factors/ufs2bysphxKODSZKWVCT",
"hints": {
"allow": [
"GET",
"DELETE"
]
}
},
"user": {
"href": "https://{yourOktaDomain}/api/v1/users/00u15s1KDETTQMQYABRL",
"hints": {
"allow": [
"GET"
]
}
}
}
},
{
"id": "ostf2gsyictRQDSGTDZE",
"factorType": "token:software:totp",
"provider": "OKTA",
"status": "PENDING_ACTIVATION",
"created": "2014-06-27T20:27:33.000Z",
"lastUpdated": "2014-06-27T20:27:33.000Z",
"profile": {
"credentialId": "dade.murphy@example.com"
},
"_links": {
"next": {
"name": "activate",
"href": "https://{yourOktaDomain}/api/v1/users/00u15s1KDETTQMQYABRL/factors/ostf2gsyictRQDSGTDZE/lifecycle/activate",
"hints": {
"allow": [
"POST"
]
}
},
"self": {
"href": "https://{yourOktaDomain}/api/v1/users/00u15s1KDETTQMQYABRL/factors/ostf2gsyictRQDSGTDZE",
"hints": {
"allow": [
"GET"
]
}
},
"user": {
"href": "https://{yourOktaDomain}/api/v1/users/00u15s1KDETTQMQYABRL",
"hints": {
"allow": [
"GET"
]
}
}
},
"_embedded": {
"activation": {
"timeStep": 30,
"sharedSecret": "HE64TMLL2IUZW2ZLB",
"encoding": "base32",
"keyLength": 16
}
}
}
]
}

List User Groups

List groups for a specific user. | key: listUserGroups

InputNotesExample
Connection
connection
/ Required
connection
 
 
ID
string
/ Required
id
An ID, login, or login shortname (as long as the shortname is unambiguous) of an existing Okta user.
00u1abcd2EFGHijkL3m4

{
"data": [
{
"id": "0gabcd1234",
"profile": {
"name": "Cloud app users",
"description": "Users can access cloud apps"
}
},
{
"id": "0gefgh5678",
"profile": {
"name": "Internal app users",
"description": "Users can access internal apps"
}
}
]
}

List User Types

Lists all user types in your org. | key: listUserTypes

InputNotes
Connection
connection
/ Required
connection
 

{
"data": [
{
"id": "otyfnly5cQjJT9PnR0g4",
"displayName": "New user type",
"name": "newUserType",
"description": "A new custom user type",
"createdBy": "sprz9fj1ycBcsgopy1d6",
"lastUpdatedBy": "sprz9fj1ycBcsgopy1d6",
"created": "2021-07-05T20:40:38.000Z",
"lastUpdated": "2021-07-05T20:40:38.000Z",
"default": false,
"_links": {
"self": {
"href": "https://{yourOktaDomain}/api/v1/meta/schemas/user/oscz9fj2jMiRBC1ZT1d6"
},
"schema": {
"href": "https://{yourOktaDomain}/api/v1/meta/schemas/user/oscz9fj2jMiRBC1ZT1d6"
}
}
},
{
"id": "otyz9fj2jMiRBC1ZT1d6",
"displayName": "User",
"name": "user",
"description": "Okta user profile template with default permission settings",
"createdBy": "sprz9fj1ycBcsgopy1d6",
"lastUpdatedBy": "sprz9fj1ycBcsgopy1d6",
"created": "2021-07-05T20:40:38.000Z",
"lastUpdated": "2021-07-05T20:40:38.000Z",
"default": true,
"_links": {
"self": {
"href": "https://{yourOktaDomain}/api/v1/meta/schemas/user/oscz9fj2jMiRBC1ZT1d6"
},
"schema": {
"href": "https://{yourOktaDomain}/api/v1/meta/schemas/user/oscz9fj2jMiRBC1ZT1d6"
}
}
}
]
}

List Users

List users with optional search and filtering. | key: listUsers

InputDefaultNotesExample
After
string
after
The cursor for the next page of results. This value is obtained from the `Link` header of the response.
abc123
Connection
connection
/ Required
connection
 
 
 
Extra Parameters
string
Key Value List
extraParameters
List of additional parameters to include in the request. This can be used to include parameters that are not explicitly supported by this component. See Okta's API documentation for a list of supported parameters.
{after: 'abc123'}
Fetch All
boolean
fetchAll
false
If true, fetches all pages of results.
 
Filter
string
filter
A filter string to narrow down results. See Okta's documentation for supported filter fields and operators [click here](https://developer.okta.com/docs/api/openapi/okta-management/management/tag/User/#tag/User/operation/listUsers!in=query&path=filter&t=request).
lastUpdated gt "2013-06-01T00:00:00.000Z"
Limit
string
limit
Specifies the number of results returned. Defaults to 200.
100
q
string
q
Searches for apps with name or label properties that starts with the q value using the startsWith operation.
Okta
Search
string
search
A search string to filter results. See Okta's documentation for supported search fields and operators [click here](https://developer.okta.com/docs/api/openapi/okta-management/management/tag/User/#tag/User/operation/listUsers!in=query&path=search&t=request).
profile.firstName eq "John"
Sort By
string
sortBy
Specifies field to sort by (for search queries only). This can be any single property, for example sortBy=profile.lastName. Users with the same value for the sortBy property will be ordered by id.
profile.lastName
Sort Order
string
sortOrder
Specifies the sort order: asc or desc (for search queries only). Sorting is done in ASCII sort order (that is, by ASCII character value), but isn't case sensitive. sortOrder is ignored if sortBy isn't present.
 

{
"data": [
{
"id": "00u118oQYT4TBGuay0g4",
"status": "ACTIVE",
"created": "2022-04-04T15:56:05.000Z",
"activated": null,
"statusChanged": null,
"lastLogin": "2022-05-04T19:50:52.000Z",
"lastUpdated": "2022-05-05T18:15:44.000Z",
"passwordChanged": "2022-04-04T16:00:22.000Z",
"type": {
"id": "oty1162QAr8hJjTaq0g4"
},
"profile": {
"firstName": "Alice",
"lastName": "Smith",
"mobilePhone": null,
"secondEmail": null,
"login": "alice.smith@example.com",
"email": "alice.smith@example.com"
},
"realmId": "guo1afiNtSnZYILxO0g4",
"credentials": {
"password": {},
"provider": {}
},
"_links": {
"self": {}
}
}
]
}

Raw Request

Send raw HTTP request to Okta. | key: rawRequest

InputDefaultNotesExample
Connection
connection
/ Required
connection
 
 
 
Data
string
data
The HTTP body payload to send to the URL.
{"exampleKey": "Example Data"}
File Data
string
Key Value List
fileData
File Data to be sent as a multipart form upload.
[{key: "example.txt", value: "My File Contents"}]
File Data File Names
string
Key Value List
fileDataFileNames
File names to apply to the file data inputs. Keys must match the file data keys above.
 
Form Data
string
Key Value List
formData
The Form Data to be sent as a multipart form upload.
[{"key": "Example Key", "value": new Buffer("Hello World")}]
Header
string
Key Value List
headers
A list of headers to send with the request.
User-Agent: curl/7.64.1
Max Retry Count
string
maxRetries
0
The maximum number of retries to attempt. Specify 0 for no retries.
 
Method
string
/ Required
method
The HTTP method to use.
 
Query Parameter
string
Key Value List
queryParams
A list of query parameters to send with the request. This is the portion at the end of the URL similar to ?key1=value1&key2=value2.
 
Response Type
string
/ Required
responseType
json
The type of data you expect in the response. You can request json, text, or binary data.
 
Retry On All Errors
boolean
retryAllErrors
false
If true, retries on all erroneous responses regardless of type. This is helpful when retrying after HTTP 429 or other 3xx or 4xx errors. Otherwise, only retries on HTTP 5xx and network errors.
 
Retry Delay (ms)
string
retryDelayMS
0
The delay in milliseconds between retries. This is used when 'Use Exponential Backoff' is disabled.
 
Timeout
string
timeout
The maximum time that a client will await a response to its request
2000
URL
string
/ Required
url
Input the path only (/users), The base URL is already included (https://{yourOktaDomain}.com/api/v1). For example, to connect to https://{yourOktaDomain}.com/api/v1/users, only /users is entered in this field.
/users
Use Exponential Backoff
boolean
useExponentialBackoff
false
Specifies whether to use a pre-defined exponential backoff strategy for retries. When enabled, 'Retry Delay (ms)' is ignored.
 

Reactivate User

Reactivate a user by ID or login. | key: reactivateUser

InputDefaultNotesExample
Connection
connection
/ Required
connection
 
 
 
ID
string
/ Required
id
An ID, login, or login shortname (as long as the shortname is unambiguous) of an existing Okta user.
00u1abcd2EFGHijkL3m4
Send Email
boolean
sendEmail
false
Sends a deactivation email to the admin if true.
 

{
"data": {
"activationToken": "XE6wE17zmphl3KqAPFxO",
"activationUrl": "https://{yourOktaDomain}/welcome/XE6wE17zmphl3KqAPFxO"
}
}

Remove Application User Assignment

Removes an application assignment from a user, revoking access to the application. | key: removeApplicationUserAssignment

InputDefaultNotesExample
Application ID
string
/ Required
applicationId
The unique identifier for the application.
0oab1234XYZ5678
Connection
connection
/ Required
connection
 
 
 
Send Email
boolean
sendEmail
false
Sends a deactivation email to the admin if true.
 
User ID
string
/ Required
userId
ID of an existing Okta user.
00u1abcd2EFGHijkL3m4

{
"data": {
"id": "00u1dnq5S0CfjlkpABCD",
"status": "DELETED"
}
}

Remove User from Group

Remove a user from a group. | key: removeUserFromGroup

InputNotesExample
Connection
connection
/ Required
connection
 
 
Group ID
string
/ Required
groupId
The unique identifier for the group.
00g1abcd2EFGHijkL3m4
User ID
string
/ Required
userId
The unique identifier for the user to be removed from the group.
00u1abcd2EFGHijkL3m4

{
"data": {
"success": true,
"message": "User 123 removed from group 123"
}
}

Reset User Password

Reset a user's password by ID or login. | key: resetUserPassword

InputDefaultNotesExample
Connection
connection
/ Required
connection
 
 
 
ID
string
/ Required
id
An ID, login, or login shortname (as long as the shortname is unambiguous) of an existing Okta user.
00u1abcd2EFGHijkL3m4
Revoke Sessions
boolean
revokeSessions
false
If true, revokes all of the user's active sessions.
 
Send Email
boolean
/ Required
sendEmail
true
Sends a deactivation email to the admin if true.
 

{
"data": {
"summary": "Reset password without sending email",
"resetPasswordUrl": "https://{yourOktaDomain}/reset_password/XE6wE17zmphl3KqAPFxO"
}
}

Set User Password

Set a user's password by ID or login. | key: setUserPassword

InputDefaultNotesExample
Connection
connection
/ Required
connection
 
 
 
New Hash Password
code
newHashPassword
The new password hash for the user.
New Password
password
/ Required
newPassword
The new password for the user.
P@ssw0rd!
Old Hash Password
code
oldHashPassword
The old password hash for the user.
Old Password
password
/ Required
oldPassword
The old password for the user.
P@ssw0rd!
Revoke Sessions
boolean
revokeSessions
false
If true, revokes all of the user's active sessions.
 
User ID
string
/ Required
userId
ID of an existing Okta user.
00u1abcd2EFGHijkL3m4

{
"data": {
"password": {},
"recovery_question": {
"question": "Who's a major player in the cowboy scene?"
},
"provider": {
"type": "OKTA",
"name": "OKTA"
}
}
}

Suspend User

Suspend a user by ID or login. | key: suspendUser

InputNotesExample
Connection
connection
/ Required
connection
 
 
ID
string
/ Required
id
An ID, login, or login shortname (as long as the shortname is unambiguous) of an existing Okta user.
00u1abcd2EFGHijkL3m4

{
"data": {
"id": "userId",
"status": "SUSPENDED"
}
}

Unenroll User Factor

Unenrolls a specific factor for the specified user. | key: unenrollUserFactor

InputDefaultNotesExample
Connection
connection
/ Required
connection
 
 
 
Factor ID
string
/ Required
factorId
ID of an existing user factor.
opf1abcd2EFGHijkL3m4
Remove Recovery Enrollment
boolean
removeRecoveryEnrollment
false
If true, removes the phone number as both a recovery method and a factor. This parameter is only used for the sms and call factors.
 
User ID
string
/ Required
userId
ID of an existing Okta user.
00u1abcd2EFGHijkL3m4

{
"data": {
"id": "opf1abcd2EFGHijkL3m4",
"status": "UNENROLLED"
}
}

Unlock User

Unlock a user by ID or login. | key: unlockUser

InputDefaultNotesExample
Connection
connection
/ Required
connection
 
 
 
ID
string
/ Required
id
An ID, login, or login shortname (as long as the shortname is unambiguous) of an existing Okta user.
00u1abcd2EFGHijkL3m4
Send Email
boolean
sendEmail
false
Sends a deactivation email to the admin if true.
 

{
"data": {
"id": "userId",
"status": "ACTIVE"
}
}

Unsuspend User

Unsuspend a user by ID or login. | key: unsuspendUser

InputNotesExample
Connection
connection
/ Required
connection
 
 
ID
string
/ Required
id
An ID, login, or login shortname (as long as the shortname is unambiguous) of an existing Okta user.
00u1abcd2EFGHijkL3m4

{
"data": {
"id": "userId",
"status": "ACTIVE"
}
}

Update Application User Assignment

Updates the app-specific profile and credentials for a user's application assignment. | key: updateApplicationUserAssignment

InputNotesExample
Application ID
string
/ Required
applicationId
The unique identifier for the application.
0oab1234XYZ5678
Connection
connection
/ Required
connection
 
 
Password
password
password
The user's password.
P@ssw0rd!
Profile
code
profile
The app-specific profile for the user. Either the profile or password/username must be provided.
User ID
string
/ Required
userId
ID of an existing Okta user.
00u1abcd2EFGHijkL3m4
Username
string
username
The username of the user to whom the application will be assigned.
johndoe

{
"data": {
"credentials": {
"userName": "rae.cloud@example.com",
"password": {
"value": "updatedP@55word"
}
}
}
}

Update Group

Updates profile information for an existing group. | key: updateGroup

InputNotesExample
Connection
connection
/ Required
connection
 
 
Group Description
string
description
A brief description of the group.
This group contains all members of the engineering team.
Group ID
string
/ Required
groupId
The unique identifier for the group.
00g1abcd2EFGHijkL3m4
Group Name
string
name
The name of the group.
Engineering Team

{
"data": {
"id": "00g1emaKYZTWRYYRRTSK",
"created": "2015-02-06T10:11:28.000Z",
"lastUpdated": "2015-10-05T19:16:43.000Z",
"lastMembershipUpdated": "2015-11-28T19:15:32.000Z",
"objectClass": [
"okta:user_group"
],
"type": "OKTA_GROUP",
"profile": {
"name": "West Coast users",
"description": "All users West of The Rockies"
},
"_links": {
"logo": [
{
"name": "medium",
"href": "https://{yourOktaDomain}/img/logos/groups/okta-medium.png",
"type": "image/png"
},
{
"name": "large",
"href": "https://{yourOktaDomain}/img/logos/groups/okta-large.png",
"type": "image/png"
}
],
"users": {
"href": "https://{yourOktaDomain}/api/v1/groups/00g1emaKYZTWRYYRRTSK/users"
},
"apps": {
"href": "https://{yourOktaDomain}/api/v1/groups/00g1emaKYZTWRYYRRTSK/apps"
}
}
}
}

Update User

Update a user by ID or login. | key: updateUser

InputDefaultNotesExample
Answer
string
answer
The user's recovery answer.
Blue
Connection
connection
/ Required
connection
 
 
 
Department
string
department
The user's department.
Engineering
Email
string
email
The user's email address.
john.doe@example.com
Employee Number
string
employeeNumber
The user's employee number.
12345
First Name
string
firstName
The user's first name.
John
Hash Password
code
hashPassword
The user's password hash.
ID
string
/ Required
id
An ID, login, or login shortname (as long as the shortname is unambiguous) of an existing Okta user.
00u1abcd2EFGHijkL3m4
Last Name
string
lastName
The user's last name.
Doe
Locale
string
locale
en_US
The user's default location for purposes of localizing items such as currency, date time format, numerical representations, and so on. A locale value is a concatenation of the ISO 639-1 two-letter language code, an underscore, and the ISO 3166-1 two-letter country code.
en_US
Login
string
login
The unique identifier for the user (username).
johndoe
Mobile Phone
string
mobilePhone
The user's mobile phone number.
15551234567
Password
password
password
The user's password. If not provided, an activation email will be sent to the user.
P@ssw0rd!
Profile Extra Attributes
code
profileExtraInputs
List of additional profile attributes to include in the request. This can be used to include attributes that are not explicitly supported by this component. See [Okta's API documentation](https://developer.okta.com/docs/api/openapi/okta-management/management/tag/User/#tag/User/operation/updateUser!path=profile&t=request) for a list of supported attributes.
Question
string
question
The user's recovery question.
What is your favorite color?
Realm ID
string
realmId
The ID of the realm to which the user belongs.
00g1abcd2EFGHijkL3m4

{
"data": {
"id": "00u118oQYT4TBGuay0g4",
"status": "ACTIVE",
"created": "2022-04-04T15:56:05.000Z",
"activated": null,
"statusChanged": null,
"lastLogin": "2022-05-04T19:50:52.000Z",
"lastUpdated": "2022-05-05T18:15:44.000Z",
"passwordChanged": "2022-04-04T16:00:22.000Z",
"type": {
"id": "oty1162QAr8hJjTaq0g4"
},
"profile": {
"firstName": "Alice",
"lastName": "Smith",
"mobilePhone": null,
"secondEmail": null,
"login": "alice.smith@example.com",
"email": "alice.smith@example.com"
},
"realmId": "guo1afiNtSnZYILxO0g4",
"credentials": {
"password": {},
"provider": {}
},
"_links": {
"self": {}
}
}
}

Verify Event Hook

Verify a specific event hook. | key: verifyEventHook

InputNotesExample
Connection
connection
/ Required
connection
 
 
Event Hook ID
string
/ Required
eventHookId
The ID of the event hook.
1234567890abcdef

{
"data": {
"id": "who8tsqyrhCdmetzx135",
"status": "ACTIVE",
"verificationStatus": "VERIFIED",
"name": "Event Hook Test",
"description": null,
"created": "2023-07-07T17:41:56.000Z",
"createdBy": "00u7xut94qEWYx5ss1e5",
"lastUpdated": "2023-07-07T17:43:03.000Z",
"events": {
"type": "EVENT_TYPE",
"items": [
"user.lifecycle.deactivate",
"user.lifecycle.activate"
],
"filter": null
},
"channel": {
"type": "HTTP",
"version": "1.0.0",
"config": {
"uri": "https://example_external_service/userDeactivate",
"headers": [],
"method": "POST",
"authScheme": {
"type": "HEADER",
"key": "authorization"
}
}
},
"_links": {
"self": {
"href": "https://example.com/api/v1/eventHooks/who8tsqyrhCdmetzx135"
},
"verify": {
"href": "https://example.com/api/v1/eventHooks/who8tsqyrhCdmetzx135/lifecycle/verify",
"hints": {
"allow": [
"POST"
]
}
},
"deactivate": {
"href": "https://example.com/api/v1/eventHooks/who8tsqyrhCdmetzx135/lifecycle/deactivate",
"hints": {
"allow": [
"POST"
]
}
}
}
}
}

Changelog

2025-10-01

  • Initial release of Okta component with comprehensive integration capabilities