Operations (sample payloads)
Main operationsCopy
Activate enrollment factorCopy
Activates a specific enrollment factor with a passcode.
Sample Input
1{2"user_id": "00u1a2b3c4d5e6f7g8",3"factor_id": "sms1a2b3c4d5e6f7g8h9",4"pass_code": "123456"5}
Sample Output
1{2"id": "sms1a2b3c4d5e6f7g8h9",3"factorType": "sms",4"provider": "OKTA",5"vendorName": "OKTA",6"status": "ACTIVE",7"created": "2023-05-15T14:30:00.000Z",8"lastUpdated": "2023-05-15T14:32:00.000Z",9"profile": {10"phoneNumber": "+1-555-123-4567"11},12"_links": {13"resend": [14{15"name": "sms",16"href": "https://your-domain.okta.com/api/v1/users/00u1a2b3c4d5e6f7g8/factors/sms1a2b3c4d5e6f7g8h9/resend",17"hints": {18"allow": [19"POST"20]21}22}23],24"activate": {25"href": "https://your-domain.okta.com/api/v1/users/00u1a2b3c4d5e6f7g8/factors/sms1a2b3c4d5e6f7g8h9/lifecycle/activate",26"hints": {27"allow": [28"POST"29]30}31},32"self": {33"href": "https://your-domain.okta.com/api/v1/users/00u1a2b3c4d5e6f7g8/factors/sms1a2b3c4d5e6f7g8h9",34"hints": {35"allow": [36"GET",37"DELETE"38]39}40},41"user": {42"href": "https://your-domain.okta.com/api/v1/users/00u1a2b3c4d5e6f7g8",43"hints": {44"allow": [45"GET"46]47}48}49}50}
Activate userCopy
Activates a user. This operation can only be performed on users with a STAGED status. Activation of a user is an asynchronous operation.
Sample Input
1{2"user_id": "john.doe@example.com",3"send_email": true4}
Sample Output
1{2"success": true,3"user_id": "00u1a2b3c4d5e6f7g8",4"user_found": true,5"activated": true,6"message": {}7}
Add user to groupCopy
Adds a user to a group with OKTA_GROUP type.
Sample Input
1{2"group_id": "00g1emaKYZTWRYYRLBPL",3"user_id": "00u1emqFWWRYYRLBPL"4}
Sample Output
1{2"link": "https://your-domain.okta.com/api/v1/groups/00g1emaKYZTWRYYRLBPL/users/00u1emqFWWRYYRLBPL",3"results": [4{5"id": "00u1emqFWWRYYRLBPL",6"status": "ACTIVE",7"created": "2023-05-15T14:30:22.000Z",8"activated": "2023-05-15T14:30:22.000Z",9"statusChanged": "2023-05-15T14:30:22.000Z",10"lastLogin": "2023-05-16T09:45:13.000Z",11"lastUpdated": "2023-05-16T10:15:30.000Z",12"passwordChanged": "2023-05-15T14:30:22.000Z",13"type": {14"id": "oty1emrKYZTWRYYRLBPL"15},16"profile": {17"firstName": "John",18"lastName": "Doe",19"mobilePhone": "+1-555-1234567",20"secondEmail": "john.doe.backup@example.com",21"login": "john.doe@example.com",22"email": "john.doe@example.com"23},24"credentials": {25"password": {},26"emails": [27{28"value": "john.doe@example.com",29"status": "VERIFIED",30"type": "PRIMARY"31}32],33"provider": {34"type": "OKTA",35"name": "OKTA"36}37},38"_links": {39"self": {40"href": "https://your-domain.okta.com/api/v1/users/00u1emqFWWRYYRLBPL"41}42}43}44],45"next": "https://your-domain.okta.com/api/v1/groups/00g1emaKYZTWRYYRLBPL/users?after=00u1emqFWWRYYRLBPL"46}
Create groupCopy
Creates a new group with OKTA_GROUP type in your organisation.
Sample Input
1{2"group_profile": {3"name": "Marketing Team",4"description": "Group for all marketing team members"5}6}
Sample Output
1{2"id": "00g1emaKYZTWRYYRRTSK",3"created": "2023-06-15T14:30:22.000Z",4"lastUpdated": "2023-06-15T14:30:22.000Z",5"lastMembershipUpdated": "2023-06-15T14:30:22.000Z",6"objectClass": [7"okta:user_group"8],9"type": "OKTA_GROUP",10"profile": {11"name": "Marketing Team",12"description": "Group for all marketing team members"13},14"_links": {15"logo": [16{17"name": "medium",18"href": "https://example.okta.com/assets/img/logos/groups/okta-medium.png",19"type": "image/png"20}21],22"users": {23"href": "https://example.okta.com/api/v1/groups/00g1emaKYZTWRYYRRTSK/users"24},25"apps": {26"href": "https://example.okta.com/api/v1/groups/00g1emaKYZTWRYYRRTSK/apps"27}28}29}
Create userCopy
Creates a new user in your Okta organisation with or without credentials.
Sample Input
1{2"activate": true,3"force_password_change": true,4"profile": {5"login": "john.doe@example.com",6"email": "john.doe@example.com",7"first_name": "John",8"last_name": "Doe",9"middle_name": "Michael",10"user_title": "Mr.",11"display_name": "John M. Doe",12"nick_name": "Johnny",13"primary_phone": "+1-555-123-4567",14"mobile_phone": "+1-555-987-6543",15"street_address": "123 Main St",16"city": "Anytown",17"state": "CA",18"zip_code": "12345",19"country_code": "US",20"preferred_language": "en-US",21"timezone": "America/Los_Angeles",22"user_type": "Employee",23"employee_number": "E12345",24"division": "Sales",25"manager": "Jane Smith"26},27"profile_custom_fields": [28{29"key": "department",30"value": "Marketing"31},32{33"key": "start_date",34"value": "2023-06-01"35}36],37"credentials": {38"password": {39"value": "SecureP@ssw0rd!"40},41"recovery_question": {42"question": "What was the name of your first pet?",43"answer": "Fluffy"44}45},46"group_ids": [47"00g1ab2c3d4EXAMPLE"48]49}
Sample Output
1{2"id": "00u1a2b3cEXAMPLE",3"status": "ACTIVE",4"created": "2023-06-01T10:00:00.000Z",5"activated": "2023-06-01T10:00:00.000Z",6"statusChanged": "2023-06-01T10:00:00.000Z",7"lastLogin": null,8"lastUpdated": "2023-06-01T10:00:00.000Z",9"passwordChanged": "2023-06-01T10:00:00.000Z",10"type": {11"id": "oty1a2b3cEXAMPLE"12},13"profile": {14"firstName": "John",15"lastName": "Doe",16"mobilePhone": "+1-555-987-6543",17"secondEmail": null,18"login": "john.doe@example.com",19"email": "john.doe@example.com"20},21"credentials": {22"password": {},23"emails": [24{25"value": "john.doe@example.com",26"status": "VERIFIED",27"type": "PRIMARY"28}29],30"provider": {31"type": "OKTA",32"name": "OKTA"33}34},35"_links": {36"suspend": {37"href": "https://your-domain.okta.com/api/v1/users/00u1a2b3cEXAMPLE/lifecycle/suspend",38"method": "POST"39},40"schema": {41"href": "https://your-domain.okta.com/api/v1/meta/schemas/user/osc1a2b3cEXAMPLE"42},43"resetPassword": {44"href": "https://your-domain.okta.com/api/v1/users/00u1a2b3cEXAMPLE/lifecycle/reset_password",45"method": "POST"46},47"expirePassword": {48"href": "https://your-domain.okta.com/api/v1/users/00u1a2b3cEXAMPLE/lifecycle/expire_password",49"method": "POST"50},51"changeRecoveryQuestion": {52"href": "https://your-domain.okta.com/api/v1/users/00u1a2b3cEXAMPLE/credentials/change_recovery_question",53"method": "POST"54},55"self": {56"href": "https://your-domain.okta.com/api/v1/users/00u1a2b3cEXAMPLE"57},58"type": {59"href": "https://your-domain.okta.com/api/v1/meta/types/user/oty1a2b3cEXAMPLE"60},61"changePassword": {62"href": "https://your-domain.okta.com/api/v1/users/00u1a2b3cEXAMPLE/credentials/change_password",63"method": "POST"64},65"deactivate": {66"href": "https://your-domain.okta.com/api/v1/users/00u1a2b3cEXAMPLE/lifecycle/deactivate",67"method": "POST"68}69}70}
Deactivate userCopy
Deactivates a user. This operation can only be performed on users that do not have a DEPROVISIONED status. Deactivation of a user is an asynchronous operation.
Sample Input
1{2"user_id": "john.doe@example.com",3"send_email": true4}
Sample Output
1{2"success": true,3"user_id": "00u1a2b3c4d5e6f7g8",4"user_found": true,5"deactivated": true,6"message": {}7}
Delete userCopy
Deletes a user permanently. This operation can only be performed on users that have a DEPROVISIONED status. Using this operation on a user that hasn’t been deactivated causes that user to be deactivated. A second delete operation is required to delete the user.
Sample Input
1{2"user_id": "john.doe@example.com",3"send_email": true4}
Sample Output
1{2"success": true,3"user_found": true,4"deleted": true,5"message": {}6}
Enroll Okta call factorCopy
Enrolls a user with the Okta call factor and a call profile. A voice call with an OTP is made to the device during enrollment and must be activated.
Sample Input
1{2"user_id": "00u1a2b3c4d5e6f7g8",3"phone_number": "+15551234567",4"phone_extension": "123"5}
Sample Output
1{2"id": "clf1a2b3c4d5e6f7g8",3"factorType": "call",4"provider": "OKTA",5"vendorName": "OKTA",6"status": "PENDING_ACTIVATION",7"created": "2023-05-15T14:30:00.000Z",8"lastUpdated": "2023-05-15T14:30:00.000Z",9"profile": {10"phoneNumber": "+15551234567",11"phoneExtension": "123"12},13"_links": {14"resend": [15{16"name": "call",17"href": "https://your-domain.okta.com/api/v1/users/00u1a2b3c4d5e6f7g8/factors/clf1a2b3c4d5e6f7g8/resend",18"hints": {19"allow": [20"POST"21]22}23}24],25"activate": {26"href": "https://your-domain.okta.com/api/v1/users/00u1a2b3c4d5e6f7g8/factors/clf1a2b3c4d5e6f7g8/lifecycle/activate",27"hints": {28"allow": [29"POST"30]31}32},33"self": {34"href": "https://your-domain.okta.com/api/v1/users/00u1a2b3c4d5e6f7g8/factors/clf1a2b3c4d5e6f7g8",35"hints": {36"allow": [37"GET",38"DELETE"39]40}41},42"user": {43"href": "https://your-domain.okta.com/api/v1/users/00u1a2b3c4d5e6f7g8",44"hints": {45"allow": [46"GET"47]48}49}50}51}
Enroll Okta email factorCopy
Enrolls a user with an email factor. An email with an OTP is sent to the primary or secondary (depending on which one is enrolled) email address of the user during enrollment.
Sample Input
1{2"user_id": "00u1a2b3c4d5e6f7g8",3"email": "user@example.com",4"lifetime_seconds": 6005}
Sample Output
1{2"id": "emf1a2b3c4d5e6f7g8",3"factorType": "email",4"provider": "OKTA",5"vendorName": "OKTA",6"status": "PENDING_ACTIVATION",7"profile": {8"email": "user@example.com"9},10"_links": {11"resend": [12{13"name": "email",14"href": "https://your-domain.okta.com/api/v1/users/00u1a2b3c4d5e6f7g8/factors/emf1a2b3c4d5e6f7g8/resend",15"hints": {16"allow": [17"POST"18]19}20}21],22"activate": {23"href": "https://your-domain.okta.com/api/v1/users/00u1a2b3c4d5e6f7g8/factors/emf1a2b3c4d5e6f7g8/lifecycle/activate",24"hints": {25"allow": [26"POST"27]28}29},30"self": {31"href": "https://your-domain.okta.com/api/v1/users/00u1a2b3c4d5e6f7g8/factors/emf1a2b3c4d5e6f7g8",32"hints": {33"allow": [34"GET",35"DELETE"36]37}38},39"user": {40"href": "https://your-domain.okta.com/api/v1/users/00u1a2b3c4d5e6f7g8",41"hints": {42"allow": [43"GET"44]45}46}47}48}
Enroll Okta security question factorCopy
Enrolls a user with the question factor and question profile.
Sample Input
1{2"user_id": "00u1a2b3c4d5e6f7g8",3"question": "What is the name of your first pet?",4"answer": "Fluffy"5}
Sample Output
1{2"id": "sft1a2b3c4d5e6f7g8",3"factorType": "question",4"provider": "OKTA",5"vendorName": "OKTA",6"status": "ACTIVE",7"created": "2023-05-15T10:30:45.000Z",8"lastUpdated": "2023-05-15T10:30:45.000Z",9"profile": {10"question": "pet_name",11"questionText": "What is the name of your first pet?"12},13"_links": {14"questions": {15"href": "https://your-domain.okta.com/api/v1/users/00u1a2b3c4d5e6f7g8/factors/questions",16"hints": {17"allow": [18"GET"19]20}21},22"self": {23"href": "https://your-domain.okta.com/api/v1/users/00u1a2b3c4d5e6f7g8/factors/sft1a2b3c4d5e6f7g8",24"hints": {25"allow": [26"GET",27"DELETE"28]29}30},31"user": {32"href": "https://your-domain.okta.com/api/v1/users/00u1a2b3c4d5e6f7g8",33"hints": {34"allow": [35"GET"36]37}38}39}40}
Enroll Okta SMS factorCopy
Enrolls a user with the Okta SMS factor and an SMS profile. A text message with an OTP is sent to the device during enrollment and must be activated by following the activate link relation to complete the enrollment process.
Sample Input
1{2"user_id": "00u1a2b3c4d5e6f7g",3"phone_number": "+15551234567",4"update_number": true5}
Sample Output
1{2"id": "sms1a2b3c4d5e6f7g8h",3"factorType": "sms",4"provider": "OKTA",5"vendorName": "OKTA",6"status": "PENDING_ACTIVATION",7"created": "2023-05-15T14:30:00.000Z",8"lastUpdated": "2023-05-15T14:30:00.000Z",9"profile": {10"phoneNumber": "+15551234567"11},12"_links": {13"resend": [14{15"name": "sms",16"href": "https://your-domain.okta.com/api/v1/users/00u1a2b3c4d5e6f7g/factors/sms1a2b3c4d5e6f7g8h/resend",17"hints": {18"allow": [19"POST"20]21}22}23],24"activate": {25"href": "https://your-domain.okta.com/api/v1/users/00u1a2b3c4d5e6f7g/factors/sms1a2b3c4d5e6f7g8h/lifecycle/activate",26"hints": {27"allow": [28"POST"29]30}31},32"self": {33"href": "https://your-domain.okta.com/api/v1/users/00u1a2b3c4d5e6f7g/factors/sms1a2b3c4d5e6f7g8h",34"hints": {35"allow": [36"GET",37"DELETE"38]39}40},41"user": {42"href": "https://your-domain.okta.com/api/v1/users/00u1a2b3c4d5e6f7g",43"hints": {44"allow": [45"GET"46]47}48}49}50}
Enroll Okta verify TOTP factorCopy
Enrolls a user with an Okta token:software:totp factor. The factor must be activated after enrollment by following the activate link to complete the enrollment process.
Sample Input
1{2"user_id": "00u1a2b3c4d5e6f7g8",3"totp_provider": "GOOGLE"4}
Sample Output
1{2"id": "ftk1a2b3c4d5e6f7g8",3"factorType": "token:software:totp",4"provider": "GOOGLE",5"vendorName": "GOOGLE",6"status": "PENDING_ACTIVATION",7"created": "2023-05-15T14:30:00.000Z",8"lastUpdated": "2023-05-15T14:30:00.000Z",9"profile": {10"credentialId": "john.doe@example.com"11},12"_links": {13"activate": {14"href": "https://your-domain.okta.com/api/v1/users/00u1a2b3c4d5e6f7g8/factors/ftk1a2b3c4d5e6f7g8/lifecycle/activate",15"hints": {16"allow": [17"POST"18]19}20},21"self": {22"href": "https://your-domain.okta.com/api/v1/users/00u1a2b3c4d5e6f7g8/factors/ftk1a2b3c4d5e6f7g8",23"hints": {24"allow": [25"GET",26"DELETE"27]28}29},30"user": {31"href": "https://your-domain.okta.com/api/v1/users/00u1a2b3c4d5e6f7g8",32"hints": {33"allow": [34"GET"35]36}37}38},39"_embedded": {40"activation": {41"timeStep": 30,42"sharedSecret": "JBSWY3DPEHPK3PXP",43"encoding": "base32",44"keyLength": 6,45"factorResult": "WAITING",46"_links": {47"qrcode": {48"href": "https://your-domain.okta.com/api/v1/users/00u1a2b3c4d5e6f7g8/factors/ftk1a2b3c4d5e6f7g8/qr/00Qw1x2y3z4A5B6C7",49"type": "image/png"50}51}52}53}54}
Get factorCopy
Retrieves a factor for the specified user.
Sample Input
1{2"user_id": "00u1a2b3c4d5e6f7g",3"factor_id": "mbl1a2b3c4d5e6f7g"4}
Sample Output
1{2"id": "mbl1a2b3c4d5e6f7g",3"factorType": "sms",4"provider": "OKTA",5"vendorName": "OKTA",6"status": "ACTIVE",7"created": "2023-05-15T14:30:00.000Z",8"lastUpdated": "2023-05-15T14:30:00.000Z",9"profile": {10"phoneNumber": "+1-555-123-4567",11"phoneExtension": null12},13"_links": {14"resend": [15{16"name": "sms",17"href": "https://your-domain.okta.com/api/v1/users/00u1a2b3c4d5e6f7g/factors/mbl1a2b3c4d5e6f7g/resend",18"hints": {19"allow": [20"POST"21]22}23}24],25"activate": {26"href": "https://your-domain.okta.com/api/v1/users/00u1a2b3c4d5e6f7g/factors/mbl1a2b3c4d5e6f7g/lifecycle/activate",27"hints": {28"allow": [29"POST"30]31}32},33"self": {34"href": "https://your-domain.okta.com/api/v1/users/00u1a2b3c4d5e6f7g/factors/mbl1a2b3c4d5e6f7g",35"hints": {36"allow": [37"GET",38"DELETE"39]40}41},42"user": {43"href": "https://your-domain.okta.com/api/v1/users/00u1a2b3c4d5e6f7g",44"hints": {45"allow": [46"GET"47]48}49}50}51}
Get groupCopy
Retrieves a specific group from your organisation.
Sample Input
1{2"group_id": "00g1emaKYZTWRYYXLBCR"3}
Sample Output
1{2"id": "00g1emaKYZTWRYYXLBCR",3"created": "2023-05-15T14:30:22.000Z",4"lastUpdated": "2023-05-15T14:30:22.000Z",5"lastMembershipUpdated": "2023-05-15T14:30:22.000Z",6"objectClass": [7"okta:user_group"8],9"type": "OKTA_GROUP",10"profile": {11"name": "Marketing Team",12"description": "Group for all marketing team members"13},14"_links": {15"logo": [16{17"name": "medium",18"href": "https://example.okta.com/assets/img/logos/groups/okta-medium.png",19"type": "image/png"20}21],22"users": {23"href": "https://example.okta.com/api/v1/groups/00g1emaKYZTWRYYXLBCR/users"24},25"apps": {26"href": "https://example.okta.com/api/v1/groups/00g1emaKYZTWRYYXLBCR/apps"27}28}29}
Get userCopy
Retrieves a user by id, login, or login shortname (if the shortname is unambiguous).
Sample Input
1{2"user_id": "john.doe@example.com"3}
Sample Output
1{2"id": "00u1a2b3c4d5e6f7g8",3"status": "ACTIVE",4"created": "2023-05-15T10:30:45.000Z",5"activated": "2023-05-15T10:35:22.000Z",6"statusChanged": "2023-05-15T10:35:22.000Z",7"lastLogin": "2023-05-20T14:22:33.000Z",8"lastUpdated": "2023-05-20T14:22:33.000Z",9"passwordChanged": true,10"type": {11"id": "oty1a2b3c4d5e6f7g8"12},13"profile": {14"firstName": "John",15"lastName": "Doe",16"mobilePhone": "+1-555-123-4567",17"secondEmail": "john.alternate@example.com",18"login": "john.doe@example.com",19"email": "john.doe@example.com"20},21"credentials": {22"emails": [23{24"value": "john.doe@example.com",25"status": "VERIFIED",26"type": "PRIMARY"27}28],29"provider": {30"type": "OKTA",31"name": "OKTA"32}33},34"_links": {35"suspend": {36"href": "https://your-domain.okta.com/api/v1/users/00u1a2b3c4d5e6f7g8/lifecycle/suspend",37"method": "POST"38},39"schema": {40"href": "https://your-domain.okta.com/api/v1/meta/schemas/user/osc1a2b3c4d5e6f7g8"41},42"resetPassword": {43"href": "https://your-domain.okta.com/api/v1/users/00u1a2b3c4d5e6f7g8/lifecycle/reset_password",44"method": "POST"45},46"reactivate": {47"href": "https://your-domain.okta.com/api/v1/users/00u1a2b3c4d5e6f7g8/lifecycle/reactivate",48"method": "POST"49},50"self": {51"href": "https://your-domain.okta.com/api/v1/users/00u1a2b3c4d5e6f7g8"52},53"type": {54"href": "https://your-domain.okta.com/api/v1/meta/types/user/oty1a2b3c4d5e6f7g8"55},56"deactivate": {57"href": "https://your-domain.okta.com/api/v1/users/00u1a2b3c4d5e6f7g8/lifecycle/deactivate",58"method": "POST"59}60}61}
Get user profile custom fieldCopy
Retrieves a single user profile custom fields.
Sample Input
1{2"type_id": "default",3"custom_field_id": "customField1"4}
Sample Output
1{2"key": {3"title": "Employee ID",4"type": "string",5"mutability": "READ_WRITE",6"scope": "NONE",7"minLength": 1,8"maxLength": 10,9"permissions": [10{11"principal": "SELF",12"action": "READ_ONLY"13},14{15"principal": "ADMIN",16"action": "READ_WRITE"17}18],19"master": {20"type": "PROFILE_MASTER"21}22}23}
Get user schemaCopy
Retrieves the schema for a type of user schema.
Sample Input
1{2"type_id": "default"3}
Sample Output
1{2"id": "https://example.okta.com/meta/schemas/user/default",3"$schema": "http://json-schema.org/draft-04/schema#",4"name": "user",5"title": "User",6"description": "Okta user profile schema",7"lastUpdated": "2023-06-15T10:30:00.000Z",8"created": "2023-01-01T00:00:00.000Z",9"definitions": {10"custom": {11"id": "#custom",12"type": "object",13"properties": {14"variable1": {15"title": "Custom Variable 1",16"type": "string",17"mutability": "READ_WRITE",18"scope": "NONE",19"minLength": 1,20"maxLength": 100,21"permissions": [22{23"principal": "SELF",24"action": "READ_WRITE"25}26],27"master": {28"type": "PROFILE_MASTER"29}30},31"variable2": {32"title": "Custom Variable 2",33"type": "string",34"mutability": "READ_WRITE",35"scope": "NONE",36"minLength": 1,37"maxLength": 50,38"permissions": [39{40"principal": "SELF",41"action": "READ_ONLY"42}43],44"master": {45"type": "OKTA"46}47}48},49"required": []50},51"base": {52"id": "#base",53"type": "object",54"properties": {55"login": {56"title": "Username",57"type": "string",58"required": true,59"mutability": "READ_WRITE",60"scope": "NONE",61"minLength": 5,62"maxLength": 100,63"pattern": "^[a-zA-Z0-9._%+-]+@[a-zA-Z0-9.-]+\\.[a-zA-Z]{2,}$",64"permissions": [65{66"principal": "SELF",67"action": "READ_ONLY"68}69],70"master": {71"type": "OKTA"72}73},74"email": {75"title": "Primary email",76"type": "string",77"required": true,78"format": "email",79"mutability": "READ_WRITE",80"scope": "NONE",81"permissions": [82{83"principal": "SELF",84"action": "READ_WRITE"85}86],87"master": {88"type": "PROFILE_MASTER"89}90},91"firstName": {92"title": "First name",93"type": "string",94"required": true,95"mutability": "READ_WRITE",96"scope": "NONE",97"minLength": 1,98"maxLength": 50,99"permissions": [100{101"principal": "SELF",102"action": "READ_WRITE"103}104],105"master": {106"type": "PROFILE_MASTER"107}108},109"lastName": {110"title": "Last name",111"type": "string",112"required": true,113"mutability": "READ_WRITE",114"scope": "NONE",115"minLength": 1,116"maxLength": 50,117"permissions": [118{119"principal": "SELF",120"action": "READ_WRITE"121}122],123"master": {124"type": "PROFILE_MASTER"125}126}127},128"required": [129"login",130"email",131"firstName",132"lastName"133]134}135},136"type": "object",137"properties": {138"profile": {139"allOf": [140{141"$ref": "#base"142},143{144"$ref": "#custom"145}146]147}148},149"_links": {150"self": {151"rel": "self",152"href": "https://example.okta.com/api/v1/meta/schemas/user/default",153"method": "GET"154},155"type": {156"rel": "described_by",157"href": "https://example.okta.com/api/v1/meta/types/user",158"method": "GET"159}160}161}
Get user schema propertyCopy
Retrieves the schema property for the default type of user schema.
Sample Input
1{2"type_id": "default",3"property_title": "firstName"4}
Sample Output
1{2"title": "First name",3"type": "string",4"required": true,5"mutability": "READ_WRITE",6"scope": "NONE",7"minLength": 1,8"maxLength": 50,9"pattern": "^[a-zA-Z]+$",10"permissions": [11{12"principal": "SELF",13"action": "READ_WRITE"14},15{16"principal": "ADMIN",17"action": "READ_WRITE"18}19],20"master": {21"type": "PROFILE_MASTER"22}23}
Get user typeCopy
Retrieves a user type by its ID.
Sample Input
1{2"type_id": "oty1a2b3c4d5e6f7g8h9"3}
Sample Output
1{2"id": "oty1a2b3c4d5e6f7g8h9",3"displayName": "Employee",4"name": "employee",5"description": "Standard employee user type",6"createdBy": "00u1qw2e3r4t5y6u7i8",7"lastUpdatedBy": "00u9o8i7u6y5t4r3e2",8"created": "2023-06-15T14:30:45.000Z",9"lastUpdated": "2023-06-16T09:15:22.000Z",10"default": false,11"_links": {12"schema": {13"rel": "schema",14"href": "https://your-domain.okta.com/api/v1/meta/types/user/oty1a2b3c4d5e6f7g8h9/schema",15"method": "GET"16},17"self": {18"rel": "self",19"href": "https://your-domain.okta.com/api/v1/meta/types/user/oty1a2b3c4d5e6f7g8h9",20"method": "GET"21}22}23}
List enrolled factorsCopy
Lists all the enrolled factors for the specified user.
Sample Input
1{2"user_id": "00u1a2b3c4d5e6f7g"3}
Sample Output
1{2"results": [3{4"id": "mbl1a2b3c4d5e6f7g",5"factorType": "sms",6"provider": "OKTA",7"vendorName": "OKTA",8"status": "ACTIVE",9"created": "2023-05-15T10:30:00.000Z",10"lastUpdated": "2023-05-15T10:35:00.000Z",11"profile": {12"phoneNumber": "+1-555-123-4567"13},14"_links": {15"resend": [16{17"name": "sms",18"href": "https://your-domain.okta.com/api/v1/users/00u1a2b3c4d5e6f7g/factors/mbl1a2b3c4d5e6f7g/resend",19"hints": {20"allow": [21"POST"22]23}24}25],26"activate": {27"href": "https://your-domain.okta.com/api/v1/users/00u1a2b3c4d5e6f7g/factors/mbl1a2b3c4d5e6f7g/lifecycle/activate",28"hints": {29"allow": [30"POST"31]32}33},34"self": {35"href": "https://your-domain.okta.com/api/v1/users/00u1a2b3c4d5e6f7g/factors/mbl1a2b3c4d5e6f7g",36"hints": {37"allow": [38"GET",39"DELETE"40]41}42},43"user": {44"href": "https://your-domain.okta.com/api/v1/users/00u1a2b3c4d5e6f7g",45"hints": {46"allow": [47"GET"48]49}50}51}52}53]54}
List factors to enrollCopy
Lists all the supported factors that can be enrolled for the specified user.
Sample Input
1{2"user_id": "00u1a2b3c4d5e6f7g"3}
Sample Output
1{2"results": [3{4"factorType": "sms",5"provider": "OKTA",6"vendorName": "OKTA",7"_links": {8"enroll": {9"href": "https://your-domain.okta.com/api/v1/users/00u1a2b3c4d5e6f7g/factors",10"hints": {11"allow": [12"POST"13]14}15}16},17"status": "NOT_SETUP",18"enrollment": "OPTIONAL"19},20{21"factorType": "push",22"provider": "OKTA",23"vendorName": "OKTA Verify",24"_links": {25"enroll": {26"href": "https://your-domain.okta.com/api/v1/users/00u1a2b3c4d5e6f7g/factors",27"hints": {28"allow": [29"POST"30]31}32}33},34"status": "NOT_SETUP",35"enrollment": "OPTIONAL"36},37{38"factorType": "token:software:totp",39"provider": "GOOGLE",40"vendorName": "Google Authenticator",41"_links": {42"enroll": {43"href": "https://your-domain.okta.com/api/v1/users/00u1a2b3c4d5e6f7g/factors",44"hints": {45"allow": [46"POST"47]48}49}50},51"status": "NOT_SETUP",52"enrollment": "OPTIONAL"53}54]55}
List group membersCopy
Lists users that are a member of a group.
Sample Input
1{2"group_id": "00g1emaKYZTWRYYXLBCR",3"limit": 1004}
Sample Output
1{2"link": "https://your-domain.okta.com/api/v1/groups/00g1emaKYZTWRYYXLBCR/users?limit=100",3"results": [4{5"id": "00u1e6JHZlKGQCAZZABR",6"status": "ACTIVE",7"created": "2023-05-15T14:32:21.000Z",8"activated": "2023-05-15T14:32:22.000Z",9"statusChanged": "2023-05-15T14:32:22.000Z",10"lastLogin": "2023-05-20T09:15:33.000Z",11"lastUpdated": "2023-05-20T09:15:33.000Z",12"passwordChanged": "2023-05-15T14:32:22.000Z",13"type": {14"id": "oty1emaKYZTWRYYXLBCR"15},16"profile": {17"firstName": "John",18"lastName": "Doe",19"mobilePhone": "+1-555-1234567",20"secondEmail": "john.doe.backup@example.com",21"login": "john.doe@example.com",22"email": "john.doe@example.com"23},24"credentials": {25"password": {},26"emails": [27{28"value": "john.doe@example.com",29"status": "VERIFIED",30"type": "PRIMARY"31}32],33"provider": {34"type": "OKTA",35"name": "OKTA"36}37},38"_links": {39"self": {40"href": "https://your-domain.okta.com/api/v1/users/00u1e6JHZlKGQCAZZABR"41}42}43}44],45"next": "https://your-domain.okta.com/api/v1/groups/00g1emaKYZTWRYYXLBCR/users?after=00u1e6JHZlKGQCAZZABR&limit=100"46}
List groupsCopy
Lists groups in your organisation.
Sample Input
1{2"filter": "type eq \"OKTA_GROUP\"",3"q": "Engineering",4"after": "0oa1ab2c3d4E5F6G7H",5"limit": 506}
Sample Output
1{2"results": [3{4"id": "00g1emaKYZTWRYYRRTSK",5"created": "2023-04-15T10:30:00.000Z",6"lastUpdated": "2023-05-20T14:45:00.000Z",7"lastMembershipUpdated": "2023-05-25T09:15:00.000Z",8"objectClass": [9"okta:user_group"10],11"type": "OKTA_GROUP",12"profile": {13"name": "Engineering Team",14"description": "Group for all engineering team members"15},16"_links": {17"logo": [18{19"name": "medium",20"href": "https://example.okta.com/assets/img/logos/groups/okta-medium.png",21"type": "image/png"22}23],24"users": {25"href": "https://example.okta.com/api/v1/groups/00g1emaKYZTWRYYRRTSK/users"26},27"apps": {28"href": "https://example.okta.com/api/v1/groups/00g1emaKYZTWRYYRRTSK/apps"29}30}31},32{33"id": "00g2fmaLZATXSZZSSUTL",34"created": "2023-04-16T11:00:00.000Z",35"lastUpdated": "2023-05-21T15:30:00.000Z",36"lastMembershipUpdated": "2023-05-26T10:00:00.000Z",37"objectClass": [38"okta:user_group"39],40"type": "OKTA_GROUP",41"profile": {42"name": "Engineering Managers",43"description": "Group for engineering team managers"44},45"_links": {46"logo": [47{48"name": "medium",49"href": "https://example.okta.com/assets/img/logos/groups/okta-medium.png",50"type": "image/png"51}52],53"users": {54"href": "https://example.okta.com/api/v1/groups/00g2fmaLZATXSZZSSUTL/users"55},56"apps": {57"href": "https://example.okta.com/api/v1/groups/00g2fmaLZATXSZZSSUTL/apps"58}59}60}61],62"next": "https://example.okta.com/api/v1/groups?after=00g2fmaLZATXSZZSSUTL&limit=50"63}
List security questionsCopy
Lists all available security questions for a user’s question factor.
Sample Input
1{2"user_id": "00u1a2b3c4d5e6f7g"3}
Sample Output
1{2"results": [3{4"question": "favorite_pet",5"questionText": "What is the name of your favorite pet?"6},7{8"question": "first_car",9"questionText": "What was the make and model of your first car?"10},11{12"question": "birthplace",13"questionText": "In what city were you born?"14},15{16"question": "mother_maiden_name",17"questionText": "What is your mother's maiden name?"18},19{20"question": "childhood_friend",21"questionText": "What is the name of your childhood best friend?"22}23]24}
List system logsCopy
Lists your Okta system logs.
Sample Input
1{2"since": "2023-06-01T00:00:00Z",3"until": "2023-06-30T23:59:59Z",4"filter": "eventType eq \"user.session.start\"",5"q": "San Francisco",6"sort_order": "DESCENDING",7"limit": 508}
Sample Output
1{2"link": "https://your-domain.okta.com/api/v1/logs",3"results": [4{5"actor": {6"id": "00u1qw2xYSWRNBOLIVKH",7"type": "User",8"alternateId": "john.doe@example.com",9"displayName": "John Doe"10},11"client": {12"userAgent": "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.114 Safari/537.36",13"zone": "OFF_NETWORK",14"device": "Computer",15"id": "ohw1qw2xYSWRNBOLIVKH",16"ipAddress": "203.0.113.42",17"geographicalContext": "San Francisco, California, United States"18},19"authenticationContext": {20"authenticationProvider": "OKTA_AUTHENTICATION_PROVIDER",21"credentialProvider": "OKTA_CREDENTIAL_PROVIDER",22"credentialType": "OTP",23"issuer": null,24"interface": "web",25"authenticationStep": 026},27"displayMessage": "User login to Okta",28"eventType": "user.session.start",29"outcome": {30"result": "SUCCESS"31},32"published": "2023-06-30T22:35:57.636Z",33"securityContext": {34"asNumber": "AS7018",35"asOrg": "AT&T Services, Inc.",36"isp": "AT&T Services",37"domain": "att.com",38"isProxy": false39},40"severity": "INFO",41"legacyEventType": "core.user_auth.login_success",42"transaction": {43"type": "WEB",44"id": "XxF2H3d4e5f6g7h8I9j0",45"detail": {}46},47"uuid": "1f2e3d4c-5b6a-7c8d-9e0f-1a2b3c4d5e6f",48"version": "0"49}50],51"next": "https://your-domain.okta.com/api/v1/logs?after=1593561600000_1f2e3d4c-5b6a-7c8d-9e0f-1a2b3c4d5e6f"52}
List user profile custom fieldsCopy
Lists your user profile custom fields.
Sample Input
1{2"type_id": "default"3}
Sample Output
1{2"test": {3"title": "Employee ID",4"description": "Unique identifier for the employee",5"type": "string",6"mutability": "READ_WRITE",7"scope": "NONE",8"minLength": 5,9"maxLength": 10,10"permissions": [11{12"principal": "SELF",13"action": "READ_ONLY"14},15{16"principal": "ADMIN",17"action": "READ_WRITE"18}19]20}21}
List usersCopy
Lists users in your organisation.
Sample Input
1{2"filter": "status eq \"ACTIVE\"",3"q": "John",4"search": "profile.firstName sw \"J\"",5"sort_by": "lastName",6"sort_order": "asc",7"limit": 1008}
Sample Output
1{2"link": "https://your-domain.okta.com/api/v1/users",3"results": [4{5"id": "00u1a2b3c4d5e6f7g8",6"status": "ACTIVE",7"created": "2023-05-01T10:00:00.000Z",8"activated": "2023-05-01T10:15:00.000Z",9"statusChanged": "2023-05-01T10:15:00.000Z",10"lastLogin": "2023-05-15T14:30:00.000Z",11"lastUpdated": "2023-05-15T14:30:00.000Z",12"passwordChanged": "2023-05-01T10:15:00.000Z",13"type": {14"id": "oty1h2i3j4k5l6m7n8"15},16"profile": {17"firstName": "John",18"lastName": "Doe",19"mobilePhone": "+1-555-123-4567",20"secondEmail": "john.doe.backup@example.com",21"login": "john.doe@example.com",22"email": "john.doe@example.com"23},24"credentials": {25"password": {},26"emails": [27{28"value": "john.doe@example.com",29"status": "VERIFIED",30"type": "PRIMARY"31}32],33"recovery_question": {34"question": "What was the name of your first pet?"35},36"provider": {37"type": "OKTA",38"name": "OKTA"39}40},41"_links": {42"self": {43"href": "https://your-domain.okta.com/api/v1/users/00u1a2b3c4d5e6f7g8"44}45}46}47],48"next": "https://your-domain.okta.com/api/v1/users?after=00u1a2b3c4d5e6f7g8"49}
Raw HTTP request (advanced)Copy
Perform a raw HTTP request with some pre-configuration and processing by the connector, such as authentication.
Sample Input
1{2"method": "GET",3"url": {4"endpoint": "/api/v1/users"5},6"headers": [7{8"key": "Accept",9"value": "application/json"10}11],12"query_parameters": [13{14"key": "limit",15"value": "10"16},17{18"key": "filter",19"value": "status eq \"ACTIVE\""20}21],22"body": {23"none": null24},25"include_raw_body": false,26"parse_response": "true"27}
Sample Output
1{2"response": {3"status_code": 200,4"headers": {5"Content-Type": "application/json",6"Date": "Wed, 21 Jul 2023 14:30:00 GMT",7"Server": "nginx",8"X-Okta-Request-Id": "XbvFEFe@WJbEKKabcdef"9},10"body": [11{12"id": "00u1a2b3c4d5e6f7g8",13"status": "ACTIVE",14"created": "2023-07-01T10:00:00.000Z",15"activated": "2023-07-01T10:05:00.000Z",16"statusChanged": "2023-07-01T10:05:00.000Z",17"lastLogin": "2023-07-21T14:25:00.000Z",18"lastUpdated": "2023-07-21T14:25:00.000Z",19"passwordChanged": "2023-07-01T10:05:00.000Z",20"profile": {21"firstName": "John",22"lastName": "Doe",23"email": "john.doe@example.com",24"login": "john.doe@example.com",25"mobilePhone": null26},27"credentials": {28"provider": {29"type": "OKTA",30"name": "OKTA"31}32},33"_links": {34"self": {35"href": "https://your-domain.okta.com/api/v1/users/00u1a2b3c4d5e6f7g8"36}37}38}39]40}41}
Reactivate userCopy
Reactivates a user. This operation can only be performed on users with a PROVISIONED status.
Sample Input
1{2"user_id": "john.doe@example.com",3"send_email": true4}
Sample Output
1{2"success": true,3"user_id": "00u1a2b3c4d5e6f7g8",4"user_found": true,5"reactivated": true,6"message": {}7}
Remove user from groupCopy
Removes a user from a group with OKTA_GROUP type.
Sample Input
1{2"group_id": "00g1emaKYZTWRYYRLBPL",3"user_id": "00u1e6ck2xJHwXnFP5d7"4}
Sample Output
1{2"link": "https://your-domain.okta.com/api/v1/groups/00g1emaKYZTWRYYRLBPL/users/00u1e6ck2xJHwXnFP5d7",3"results": [4{5"id": "00u1e6ck2xJHwXnFP5d7",6"status": "ACTIVE",7"created": "2023-05-15T14:30:22.000Z",8"activated": "2023-05-15T14:30:22.000Z",9"statusChanged": "2023-05-15T14:30:22.000Z",10"lastLogin": "2023-05-20T09:15:30.000Z",11"lastUpdated": "2023-05-20T10:45:12.000Z",12"passwordChanged": "2023-05-15T14:30:22.000Z",13"type": {14"id": "oty1emf9x8RFPCHZK5d7"15},16"profile": {17"firstName": "John",18"lastName": "Doe",19"mobilePhone": "+1-555-1234567",20"secondEmail": "john.doe.backup@example.com",21"login": "john.doe@example.com",22"email": "john.doe@example.com"23},24"credentials": {25"password": {},26"emails": [27{28"value": "john.doe@example.com",29"status": "VERIFIED",30"type": "PRIMARY"31}32],33"provider": {34"type": "OKTA",35"name": "OKTA"36}37},38"_links": {39"self": {40"href": "https://your-domain.okta.com/api/v1/users/00u1e6ck2xJHwXnFP5d7"41}42}43}44],45"next": "https://your-domain.okta.com/api/v1/users?after=00u1e6ck2xJHwXnFP5d7"46}
Resends SMS as part of enrollment.Copy
Use the resend link to send another OTP if user doesn’t receive the original activation SMS OTP.
Sample Input
1{2"user_id": "00u1a2b3c4d5e6f7g",3"factor_id": "sms1a2b3c4d5e6f7g8h",4"phone_number": "+14155551234",5"update_number": true6}
Sample Output
1{2"id": "sms1a2b3c4d5e6f7g8h",3"factorType": "sms",4"provider": "OKTA",5"vendorName": "OKTA",6"status": "PENDING_ACTIVATION",7"created": "2023-05-15T10:30:00.000Z",8"lastUpdated": "2023-05-15T10:35:00.000Z",9"profile": {10"phoneNumber": "+14155551234"11},12"_links": {13"resend": [14{15"name": "sms",16"href": "https://your-domain.okta.com/api/v1/users/00u1a2b3c4d5e6f7g/factors/sms1a2b3c4d5e6f7g8h/resend",17"hints": {18"allow": [19"POST"20]21}22}23],24"activate": {25"href": "https://your-domain.okta.com/api/v1/users/00u1a2b3c4d5e6f7g/factors/sms1a2b3c4d5e6f7g8h/lifecycle/activate",26"hints": {27"allow": [28"POST"29]30}31},32"self": {33"href": "https://your-domain.okta.com/api/v1/users/00u1a2b3c4d5e6f7g/factors/sms1a2b3c4d5e6f7g8h",34"hints": {35"allow": [36"GET",37"DELETE"38]39}40},41"user": {42"href": "https://your-domain.okta.com/api/v1/users/00u1a2b3c4d5e6f7g",43"hints": {44"allow": [45"GET"46]47}48}49}50}
Reset factorCopy
Unenrolls an existing factor for the specified user, allowing the user to enroll a new factor.
Sample Input
1{2"user_id": "john.doe@example.com",3"factor_id": "mbl1nz9EXAMPLE"4}
Sample Output
1{2"success": true3}
Set user password (Admin)Copy
Sets passwords without validating existing user credentials. This is an administrative operation.
Sample Input
1{2"user_id": "john.doe@example.com",3"password": "NewSecurePassword123!"4}
Sample Output
1{2"id": "00u1a2b3c4d5e6f7g8",3"status": "ACTIVE",4"created": "2023-05-15T10:30:45.000Z",5"activated": "2023-05-15T10:30:45.000Z",6"statusChanged": "2023-05-15T10:30:45.000Z",7"lastLogin": "2023-05-15T14:22:30.000Z",8"lastUpdated": "2023-05-15T15:45:00.000Z",9"passwordChanged": "2023-05-15T15:45:00.000Z",10"type": {11"id": "oty1a2b3c4d5e6f7g8"12},13"profile": {14"firstName": "John",15"lastName": "Doe",16"mobilePhone": "+1-555-123-4567",17"secondEmail": "john.alternate@example.com",18"login": "john.doe@example.com",19"email": "john.doe@example.com"20},21"credentials": {22"password": {},23"emails": [24{25"value": "john.doe@example.com",26"status": "VERIFIED",27"type": "PRIMARY"28}29],30"recovery_question": {31"question": "What was the name of your first pet?"32},33"provider": {34"type": "OKTA",35"name": "OKTA"36}37},38"_links": {39"suspend": {40"href": "https://your-domain.okta.com/api/v1/users/00u1a2b3c4d5e6f7g8/lifecycle/suspend",41"method": "POST"42},43"schema": {44"href": "https://your-domain.okta.com/api/v1/meta/schemas/user/osc1a2b3c4d5e6f7g8"45},46"resetPassword": {47"href": "https://your-domain.okta.com/api/v1/users/00u1a2b3c4d5e6f7g8/lifecycle/reset_password",48"method": "POST"49},50"forgotPassword": {51"href": "https://your-domain.okta.com/api/v1/users/00u1a2b3c4d5e6f7g8/credentials/forgot_password",52"method": "POST"53},54"expirePassword": {55"href": "https://your-domain.okta.com/api/v1/users/00u1a2b3c4d5e6f7g8/lifecycle/expire_password",56"method": "POST"57},58"changeRecoveryQuestion": {59"href": "https://your-domain.okta.com/api/v1/users/00u1a2b3c4d5e6f7g8/credentials/change_recovery_question",60"method": "POST"61},62"self": {63"href": "https://your-domain.okta.com/api/v1/users/00u1a2b3c4d5e6f7g8"64},65"type": {66"href": "https://your-domain.okta.com/api/v1/meta/types/user/oty1a2b3c4d5e6f7g8"67},68"changePassword": {69"href": "https://your-domain.okta.com/api/v1/users/00u1a2b3c4d5e6f7g8/credentials/change_password",70"method": "POST"71},72"deactivate": {73"href": "https://your-domain.okta.com/api/v1/users/00u1a2b3c4d5e6f7g8/lifecycle/deactivate",74"method": "POST"75}76}77}
Suspend userCopy
Suspends a user. T