openapi.city
Sign in

Okta

Identity and access management

developer.okta.com/docs/reference ↗
Version
2.16.0
OpenAPI
3.0.0
Endpoints
341
Schemas
532
Updated
3 days ago
Identity identity authentication security
Use this API in your AI agent

Query structured spec data via REST or MCP. Get exactly what your agent needs.

Get API Key

Server URLs

https://your-subdomain.okta.com

Authentication

apiKey

Endpoints

GET POST PUT PATCH DELETE

Application 49 endpoints

GET /api/v1/apps

Enumerates apps added to your organization with pagination. A subset of apps can be returned that match a supported filter expression or query.

operationId: Application_listApps

Parameters

Name In Required Type Description
q query optional string
after query optional string Specifies the pagination cursor for the next page of apps
limit query optional integer Specifies the number of results for a page
filter query optional string Filters apps by status, user.id, group.id or credentials.signing.kid expression
expand query optional string Traverses users link relationship and optionally embeds Application User resource
includeNonDeleted query optional boolean

Responses

200 Success
GET /api/v1/apps
POST /api/v1/apps

Adds a new application to your Okta organization.

operationId: Application_createNew

Parameters

Name In Required Type Description
activate query optional boolean Executes activation lifecycle operation when creating the app
OktaAccessGateway-Agent header optional string

Request Body

{
  "$ref": "#/components/requestBodies/Application"
}

Responses

200 Success
POST /api/v1/apps
DELETE /api/v1/apps/{appId}

Removes an inactive application.

operationId: Application_removeInactive

Parameters

Name In Required Type Description
appId path required string

Responses

200 Success
DELETE /api/v1/apps/{appId}
GET /api/v1/apps/{appId}

Fetches an application from your Okta organization by `id`.

operationId: Application_getById

Parameters

Name In Required Type Description
appId path required string
expand query optional string

Responses

200 Success
GET /api/v1/apps/{appId}
PUT /api/v1/apps/{appId}

Updates an application in your organization.

operationId: Application_updateApplicationInOrg

Parameters

Name In Required Type Description
appId path required string

Request Body

{
  "$ref": "#/components/requestBodies/Application"
}

Responses

200 Success
PUT /api/v1/apps/{appId}
GET /api/v1/apps/{appId}/connections/default

Get default Provisioning Connection for application

operationId: Application_getDefaultProvisioningConnection

Parameters

Name In Required Type Description
appId path required string

Responses

200 Success
404 Not Found
GET /api/v1/apps/{appId}/connections/default
POST /api/v1/apps/{appId}/connections/default

Set default Provisioning Connection for application

operationId: Application_setDefaultProvisioningConnection

Parameters

Name In Required Type Description
appId path required string
activate query optional boolean

Request Body

{
  "content": {
    "application/json": {
      "schema": {
        "$ref": "#/components/schemas/ProvisioningConnectionRequest"
      }
    }
  },
  "required": true
}

Responses

201 Created
400 Bad Request
404 Not Found
POST /api/v1/apps/{appId}/connections/default
POST /api/v1/apps/{appId}/connections/default/lifecycle/activate

Activates the default Provisioning Connection for an application.

operationId: Application_activateDefaultProvisioningConnection

Parameters

Name In Required Type Description
appId path required string

Responses

204 No Content
404 Not Found
POST /api/v1/apps/{appId}/connections/default/lifecycle/activate
POST /api/v1/apps/{appId}/connections/default/lifecycle/deactivate

Deactivates the default Provisioning Connection for an application.

operationId: Application_deactivateDefaultProvisioningConnection

Parameters

Name In Required Type Description
appId path required string

Responses

204 No Content
404 Not Found
POST /api/v1/apps/{appId}/connections/default/lifecycle/deactivate
GET /api/v1/apps/{appId}/credentials/csrs

Enumerates Certificate Signing Requests for an application

operationId: Application_listCsrsForApplication

Parameters

Name In Required Type Description
appId path required string

Responses

200 Success
GET /api/v1/apps/{appId}/credentials/csrs
POST /api/v1/apps/{appId}/credentials/csrs

Generates a new key pair and returns the Certificate Signing Request for it.

operationId: Application_generateCsrForApplication

Parameters

Name In Required Type Description
appId path required string

Request Body

{
  "$ref": "#/components/requestBodies/CsrMetadata"
}

Responses

201 Created
POST /api/v1/apps/{appId}/credentials/csrs
DELETE /api/v1/apps/{appId}/credentials/csrs/{csrId}
operationId: Application_deleteCsrById

Parameters

Name In Required Type Description
appId path required string
csrId path required string

Responses

204 No Content
DELETE /api/v1/apps/{appId}/credentials/csrs/{csrId}
GET /api/v1/apps/{appId}/credentials/csrs/{csrId}
operationId: Application_getCredentialsCsrs

Parameters

Name In Required Type Description
appId path required string
csrId path required string

Responses

200 Success
GET /api/v1/apps/{appId}/credentials/csrs/{csrId}
POST /api/v1/apps/{appId}/credentials/csrs/{csrId}/lifecycle/publish
operationId: Application_publishCsrLifecycle

Parameters

Name In Required Type Description
appId path required string
csrId path required string

Responses

201 Created
POST /api/v1/apps/{appId}/credentials/csrs/{csrId}/lifecycle/publish
GET /api/v1/apps/{appId}/credentials/keys

Enumerates key credentials for an application

operationId: Application_listKeyCredentials

Parameters

Name In Required Type Description
appId path required string

Responses

200 Success
GET /api/v1/apps/{appId}/credentials/keys
POST /api/v1/apps/{appId}/credentials/keys/generate

Generates a new X.509 certificate for an application key credential

operationId: Application_generateX509Certificate

Parameters

Name In Required Type Description
appId path required string
validityYears query optional integer

Responses

201 Created
POST /api/v1/apps/{appId}/credentials/keys/generate
GET /api/v1/apps/{appId}/credentials/keys/{keyId}

Gets a specific application key credential by kid

operationId: Application_getKeyCredential

Parameters

Name In Required Type Description
appId path required string
keyId path required string

Responses

200 Success
GET /api/v1/apps/{appId}/credentials/keys/{keyId}
POST /api/v1/apps/{appId}/credentials/keys/{keyId}/clone

Clones a X.509 certificate for an application key credential from a source application to target application.

operationId: Application_cloneApplicationKeyCredential

Parameters

Name In Required Type Description
appId path required string
keyId path required string
targetAid query required string Unique key of the target Application

Responses

201 Created
POST /api/v1/apps/{appId}/credentials/keys/{keyId}/clone
GET /api/v1/apps/{appId}/credentials/secrets

Enumerates the client's collection of secrets

operationId: Application_listClientSecrets

Parameters

Name In Required Type Description
appId path required string

Responses

200 Success
GET /api/v1/apps/{appId}/credentials/secrets
POST /api/v1/apps/{appId}/credentials/secrets

Adds a new secret to the client's collection of secrets.

operationId: Application_addClientSecret

Parameters

Name In Required Type Description
appId path required string

Request Body

{
  "content": {
    "application/json": {
      "schema": {
        "$ref": "#/components/schemas/ClientSecretMetadata"
      }
    }
  },
  "required": true
}

Responses

201 Created
POST /api/v1/apps/{appId}/credentials/secrets
DELETE /api/v1/apps/{appId}/credentials/secrets/{secretId}

Removes a secret from the client's collection of secrets.

operationId: Application_removeSecret

Parameters

Name In Required Type Description
appId path required string
secretId path required string

Responses

204 No Content
DELETE /api/v1/apps/{appId}/credentials/secrets/{secretId}
GET /api/v1/apps/{appId}/credentials/secrets/{secretId}

Gets a specific client secret by secretId

operationId: Application_getClientSecret

Parameters

Name In Required Type Description
appId path required string
secretId path required string

Responses

200 Success
GET /api/v1/apps/{appId}/credentials/secrets/{secretId}
POST /api/v1/apps/{appId}/credentials/secrets/{secretId}/lifecycle/activate

Activates a specific client secret by secretId

operationId: Application_activateClientSecret

Parameters

Name In Required Type Description
appId path required string
secretId path required string

Responses

200 Success
POST /api/v1/apps/{appId}/credentials/secrets/{secretId}/lifecycle/activate
POST /api/v1/apps/{appId}/credentials/secrets/{secretId}/lifecycle/deactivate

Deactivates a specific client secret by secretId

operationId: Application_deactivateClientSecretById

Parameters

Name In Required Type Description
appId path required string
secretId path required string

Responses

200 Success
POST /api/v1/apps/{appId}/credentials/secrets/{secretId}/lifecycle/deactivate
GET /api/v1/apps/{appId}/features

List Features for application

operationId: Application_listFeatures

Parameters

Name In Required Type Description
appId path required string

Responses

200 Success
404 Not Found
GET /api/v1/apps/{appId}/features
GET /api/v1/apps/{appId}/features/{name}

Fetches a Feature object for an application.

operationId: Application_getFeature

Parameters

Name In Required Type Description
appId path required string
name path required string

Responses

200 Success
404 Not Found
GET /api/v1/apps/{appId}/features/{name}
PUT /api/v1/apps/{appId}/features/{name}

Updates a Feature object for an application.

operationId: Application_updateFeature

Parameters

Name In Required Type Description
appId path required string
name path required string

Request Body

{
  "content": {
    "application/json": {
      "schema": {
        "$ref": "#/components/schemas/CapabilitiesObject"
      }
    }
  },
  "required": true
}

Responses

200 Success
404 Not Found
PUT /api/v1/apps/{appId}/features/{name}
GET /api/v1/apps/{appId}/grants

Lists all scope consent grants for the application

operationId: Application_listScopeConsentGrants

Parameters

Name In Required Type Description
appId path required string
expand query optional string

Responses

200 Success
GET /api/v1/apps/{appId}/grants
POST /api/v1/apps/{appId}/grants

Grants consent for the application to request an OAuth 2.0 Okta scope

operationId: Application_grantConsentToScope

Parameters

Name In Required Type Description
appId path required string

Request Body

{
  "content": {
    "application/json": {
      "schema": {
        "$ref": "#/components/schemas/OAuth2ScopeConsentGrant"
      }
    }
  },
  "required": true
}

Responses

201 Created
POST /api/v1/apps/{appId}/grants
DELETE /api/v1/apps/{appId}/grants/{grantId}

Revokes permission for the application to request the given scope

operationId: Application_revokePermission

Parameters

Name In Required Type Description
appId path required string
grantId path required string

Responses

204 No Content
DELETE /api/v1/apps/{appId}/grants/{grantId}
GET /api/v1/apps/{appId}/grants/{grantId}

Fetches a single scope consent grant for the application

operationId: Application_getSingleScopeConsentGrant

Parameters

Name In Required Type Description
appId path required string
grantId path required string
expand query optional string

Responses

200 Success
GET /api/v1/apps/{appId}/grants/{grantId}
GET /api/v1/apps/{appId}/groups

Enumerates group assignments for an application.

operationId: Application_listGroupsAssigned

Parameters

Name In Required Type Description
appId path required string
q query optional string
after query optional string Specifies the pagination cursor for the next page of assignments
limit query optional integer Specifies the number of results for a page
expand query optional string

Responses

200 Success
GET /api/v1/apps/{appId}/groups
DELETE /api/v1/apps/{appId}/groups/{groupId}

Removes a group assignment from an application.

operationId: Application_removeGroupAssignment

Parameters

Name In Required Type Description
appId path required string
groupId path required string

Responses

204 No Content
DELETE /api/v1/apps/{appId}/groups/{groupId}
GET /api/v1/apps/{appId}/groups/{groupId}

Fetches an application group assignment

operationId: Application_getGroupAssignment

Parameters

Name In Required Type Description
appId path required string
groupId path required string
expand query optional string

Responses

200 Success
GET /api/v1/apps/{appId}/groups/{groupId}
PUT /api/v1/apps/{appId}/groups/{groupId}

Assigns a group to an application

operationId: Application_assignGroupTo

Parameters

Name In Required Type Description
appId path required string
groupId path required string

Request Body

{
  "content": {
    "application/json": {
      "schema": {
        "$ref": "#/components/schemas/ApplicationGroupAssignment"
      }
    }
  }
}

Responses

200 Success
PUT /api/v1/apps/{appId}/groups/{groupId}
POST /api/v1/apps/{appId}/lifecycle/activate

Activates an inactive application.

operationId: Application_activateInactive

Parameters

Name In Required Type Description
appId path required string

Responses

200 Success
POST /api/v1/apps/{appId}/lifecycle/activate
POST /api/v1/apps/{appId}/lifecycle/deactivate

Deactivates an active application.

operationId: Application_deactivateLifecycle

Parameters

Name In Required Type Description
appId path required string

Responses

200 Success
POST /api/v1/apps/{appId}/lifecycle/deactivate
POST /api/v1/apps/{appId}/logo

Update the logo for an application.

operationId: Application_updateLogo

Parameters

Name In Required Type Description
appId path required string

Request Body

{
  "$ref": "#/components/requestBodies/uploadApplicationLogo"
}

Responses

201 Created
400 Bad Request
404 Not Found
POST /api/v1/apps/{appId}/logo
PUT /api/v1/apps/{appId}/policies/{policyId}

Assign an application to a specific policy. This unassigns the application from its currently assigned policy.

operationId: Application_assignPolicyToApplication

Parameters

Name In Required Type Description
appId path required string
policyId path required string

Responses

204 No Content
PUT /api/v1/apps/{appId}/policies/{policyId}
GET /api/v1/apps/{appId}/sso/saml/metadata

Previews SAML metadata based on a specific key credential for an application

operationId: Application_previewSamlAppMetadata

Parameters

Name In Required Type Description
appId path required string
kid query required string unique key identifier of an Application Key Credential

Responses

200 Success
GET /api/v1/apps/{appId}/sso/saml/metadata
DELETE /api/v1/apps/{appId}/tokens

Revokes all tokens for the specified application

operationId: Application_revokeAllTokens

Parameters

Name In Required Type Description
appId path required string

Responses

204 No Content
DELETE /api/v1/apps/{appId}/tokens
GET /api/v1/apps/{appId}/tokens

Lists all tokens for the application

operationId: Application_listTokens

Parameters

Name In Required Type Description
appId path required string
expand query optional string
after query optional string
limit query optional integer

Responses

200 Success
GET /api/v1/apps/{appId}/tokens
DELETE /api/v1/apps/{appId}/tokens/{tokenId}

Revokes the specified token for the specified application

operationId: Application_revokeToken

Parameters

Name In Required Type Description
appId path required string
tokenId path required string

Responses

204 No Content
DELETE /api/v1/apps/{appId}/tokens/{tokenId}
GET /api/v1/apps/{appId}/tokens/{tokenId}

Gets a token for the specified application

operationId: Application_getToken

Parameters

Name In Required Type Description
appId path required string
tokenId path required string
expand query optional string

Responses

200 Success
GET /api/v1/apps/{appId}/tokens/{tokenId}
GET /api/v1/apps/{appId}/users

Enumerates all assigned [application users](https://raw.githubusercontent.com) for an application.

operationId: Application_listAssignedUsers

Parameters

Name In Required Type Description
appId path required string
q query optional string
query_scope query optional string
after query optional string specifies the pagination cursor for the next page of assignments
limit query optional integer specifies the number of results for a page
filter query optional string
expand query optional string

Responses

200 Success
GET /api/v1/apps/{appId}/users
POST /api/v1/apps/{appId}/users

Assigns an user to an application with [credentials](https://raw.githubusercontent.com) and an app-specific [profile](https://raw.githubusercontent.com). Profile mappings defined for the application are first applied before applying any profile properties specified in the request.

operationId: Application_assignUserToApplication

Parameters

Name In Required Type Description
appId path required string

Request Body

{
  "$ref": "#/components/requestBodies/AppUser"
}

Responses

200 Success
POST /api/v1/apps/{appId}/users
DELETE /api/v1/apps/{appId}/users/{userId}

Removes an assignment for a user from an application.

operationId: Application_removeUserFrom

Parameters

Name In Required Type Description
appId path required string
userId path required string
sendEmail query optional boolean

Responses

204 No Content
DELETE /api/v1/apps/{appId}/users/{userId}
GET /api/v1/apps/{appId}/users/{userId}

Fetches a specific user assignment for application by `id`.

operationId: Application_getSpecificUserAssignment

Parameters

Name In Required Type Description
appId path required string
userId path required string
expand query optional string

Responses

200 Success
GET /api/v1/apps/{appId}/users/{userId}
POST /api/v1/apps/{appId}/users/{userId}

Updates a user's profile for an application

operationId: Application_updateProfileForUser

Parameters

Name In Required Type Description
appId path required string
userId path required string

Request Body

{
  "$ref": "#/components/requestBodies/AppUser"
}

Responses

200 Success
POST /api/v1/apps/{appId}/users/{userId}

Authenticator 6 endpoints

GET /api/v1/authenticators

List Authenticators

operationId: Authenticator_listAllAvailable

Responses

200 Success
GET /api/v1/authenticators
POST /api/v1/authenticators

Create Authenticator

operationId: Authenticator_createNew

Parameters

Name In Required Type Description
activate query optional boolean

Request Body

{
  "$ref": "#/components/requestBodies/Authenticator"
}

Responses

200 Success
POST /api/v1/authenticators
GET /api/v1/authenticators/{authenticatorId}

Success

operationId: Authenticator_getSuccess

Parameters

Name In Required Type Description
authenticatorId path required string

Responses

200 Success
GET /api/v1/authenticators/{authenticatorId}
PUT /api/v1/authenticators/{authenticatorId}

Updates an authenticator

operationId: Authenticator_updateAuthenticator

Parameters

Name In Required Type Description
authenticatorId path required string

Request Body

{
  "$ref": "#/components/requestBodies/Authenticator"
}

Responses

200 Success
PUT /api/v1/authenticators/{authenticatorId}
POST /api/v1/authenticators/{authenticatorId}/lifecycle/activate

Success

operationId: Authenticator_activateLifecycleSuccess

Parameters

Name In Required Type Description
authenticatorId path required string

Responses

200 Success
POST /api/v1/authenticators/{authenticatorId}/lifecycle/activate
POST /api/v1/authenticators/{authenticatorId}/lifecycle/deactivate

Success

operationId: Authenticator_deactivateLifecycleSuccess

Parameters

Name In Required Type Description
authenticatorId path required string

Responses

200 Success
POST /api/v1/authenticators/{authenticatorId}/lifecycle/deactivate

Authorizationserver 38 endpoints

GET /api/v1/authorizationServers

Success

operationId: AuthorizationServer_listServers

Parameters

Name In Required Type Description
q query optional string
limit query optional string
after query optional string

Responses

200 Success
GET /api/v1/authorizationServers
POST /api/v1/authorizationServers

Success

operationId: AuthorizationServer_createNewServer

Request Body

{
  "$ref": "#/components/requestBodies/AuthorizationServer"
}

Responses

200 Success
201 Created
POST /api/v1/authorizationServers
DELETE /api/v1/authorizationServers/{authServerId}

Success

operationId: AuthorizationServer_deleteSuccess

Parameters

Name In Required Type Description
authServerId path required string

Responses

204 No Content
DELETE /api/v1/authorizationServers/{authServerId}
GET /api/v1/authorizationServers/{authServerId}

Success

operationId: AuthorizationServer_getById

Parameters

Name In Required Type Description
authServerId path required string

Responses

200 Success
GET /api/v1/authorizationServers/{authServerId}
PUT /api/v1/authorizationServers/{authServerId}

Success

operationId: AuthorizationServer_updateById

Parameters

Name In Required Type Description
authServerId path required string

Request Body

{
  "$ref": "#/components/requestBodies/AuthorizationServer"
}

Responses

200 Success
PUT /api/v1/authorizationServers/{authServerId}
GET /api/v1/authorizationServers/{authServerId}/claims

Success

operationId: AuthorizationServer_getClaims

Parameters

Name In Required Type Description
authServerId path required string

Responses

200 Success
GET /api/v1/authorizationServers/{authServerId}/claims
POST /api/v1/authorizationServers/{authServerId}/claims

Success

operationId: AuthorizationServer_createClaims

Parameters

Name In Required Type Description
authServerId path required string

Request Body

{
  "$ref": "#/components/requestBodies/OAuth2Claim"
}

Responses

200 Created
201 Success
POST /api/v1/authorizationServers/{authServerId}/claims
DELETE /api/v1/authorizationServers/{authServerId}/claims/{claimId}

Success

operationId: AuthorizationServer_deleteClaim

Parameters

Name In Required Type Description
authServerId path required string
claimId path required string

Responses

204 No Content
DELETE /api/v1/authorizationServers/{authServerId}/claims/{claimId}
GET /api/v1/authorizationServers/{authServerId}/claims/{claimId}

Success

operationId: AuthorizationServer_getClaims

Parameters

Name In Required Type Description
authServerId path required string
claimId path required string

Responses

200 Success
GET /api/v1/authorizationServers/{authServerId}/claims/{claimId}
PUT /api/v1/authorizationServers/{authServerId}/claims/{claimId}

Success

operationId: AuthorizationServer_updateClaimSuccess

Parameters

Name In Required Type Description
authServerId path required string
claimId path required string

Request Body

{
  "$ref": "#/components/requestBodies/OAuth2Claim"
}

Responses

200 Success
PUT /api/v1/authorizationServers/{authServerId}/claims/{claimId}
GET /api/v1/authorizationServers/{authServerId}/clients

Success

operationId: AuthorizationServer_listClients

Parameters

Name In Required Type Description
authServerId path required string

Responses

200 Success
GET /api/v1/authorizationServers/{authServerId}/clients
DELETE /api/v1/authorizationServers/{authServerId}/clients/{clientId}/tokens

Success

operationId: AuthorizationServer_deleteClientToken

Parameters

Name In Required Type Description
authServerId path required string
clientId path required string

Responses

204 No Content
DELETE /api/v1/authorizationServers/{authServerId}/clients/{clientId}/tokens
GET /api/v1/authorizationServers/{authServerId}/clients/{clientId}/tokens

Success

operationId: AuthorizationServer_getClientTokens

Parameters

Name In Required Type Description
authServerId path required string
clientId path required string
expand query optional string
after query optional string
limit query optional integer

Responses

200 Success
GET /api/v1/authorizationServers/{authServerId}/clients/{clientId}/tokens
DELETE /api/v1/authorizationServers/{authServerId}/clients/{clientId}/tokens/{tokenId}

Success

operationId: AuthorizationServer_deleteAuthToken

Parameters

Name In Required Type Description
authServerId path required string
clientId path required string
tokenId path required string

Responses

204 No Content
DELETE /api/v1/authorizationServers/{authServerId}/clients/{clientId}/tokens/{tokenId}
GET /api/v1/authorizationServers/{authServerId}/clients/{clientId}/tokens/{tokenId}

Success

operationId: AuthorizationServer_getClientAuthToken

Parameters

Name In Required Type Description
authServerId path required string
clientId path required string
tokenId path required string
expand query optional string

Responses

200 Success
GET /api/v1/authorizationServers/{authServerId}/clients/{clientId}/tokens/{tokenId}
GET /api/v1/authorizationServers/{authServerId}/credentials/keys

Success

operationId: AuthorizationServer_listCredentialsKeys

Parameters

Name In Required Type Description
authServerId path required string

Responses

200 Success
GET /api/v1/authorizationServers/{authServerId}/credentials/keys
POST /api/v1/authorizationServers/{authServerId}/credentials/lifecycle/keyRotate

Success

operationId: AuthorizationServer_rotateKeyLifecycle

Parameters

Name In Required Type Description
authServerId path required string

Request Body

{
  "content": {
    "application/json": {
      "schema": {
        "$ref": "#/components/schemas/JwkUse"
      }
    }
  },
  "required": true
}

Responses

200 Success
POST /api/v1/authorizationServers/{authServerId}/credentials/lifecycle/keyRotate
POST /api/v1/authorizationServers/{authServerId}/lifecycle/activate

Success

operationId: AuthorizationServer_activateLifecycleSuccess

Parameters

Name In Required Type Description
authServerId path required string

Responses

200 Success
POST /api/v1/authorizationServers/{authServerId}/lifecycle/activate
POST /api/v1/authorizationServers/{authServerId}/lifecycle/deactivate

Success

operationId: AuthorizationServer_deactivateLifecycle

Parameters

Name In Required Type Description
authServerId path required string

Responses

200 Success
POST /api/v1/authorizationServers/{authServerId}/lifecycle/deactivate
GET /api/v1/authorizationServers/{authServerId}/policies

Success

operationId: AuthorizationServer_getPoliciesSuccess

Parameters

Name In Required Type Description
authServerId path required string

Responses

200 Success
GET /api/v1/authorizationServers/{authServerId}/policies
POST /api/v1/authorizationServers/{authServerId}/policies

Success

operationId: AuthorizationServer_createPolicy

Parameters

Name In Required Type Description
authServerId path required string

Request Body

{
  "$ref": "#/components/requestBodies/AuthorizationServerPolicy"
}

Responses

200 Success
201 Created
POST /api/v1/authorizationServers/{authServerId}/policies
DELETE /api/v1/authorizationServers/{authServerId}/policies/{policyId}

Success

operationId: AuthorizationServer_deletePolicyById

Parameters

Name In Required Type Description
authServerId path required string
policyId path required string

Responses

204 No Content
DELETE /api/v1/authorizationServers/{authServerId}/policies/{policyId}
GET /api/v1/authorizationServers/{authServerId}/policies/{policyId}

Success

operationId: AuthorizationServer_getPolicies

Parameters

Name In Required Type Description
authServerId path required string
policyId path required string

Responses

200 Success
GET /api/v1/authorizationServers/{authServerId}/policies/{policyId}
PUT /api/v1/authorizationServers/{authServerId}/policies/{policyId}

Success

operationId: AuthorizationServer_updatePolicySuccess

Parameters

Name In Required Type Description
authServerId path required string
policyId path required string

Request Body

{
  "$ref": "#/components/requestBodies/AuthorizationServerPolicy"
}

Responses

200 Success
PUT /api/v1/authorizationServers/{authServerId}/policies/{policyId}
POST /api/v1/authorizationServers/{authServerId}/policies/{policyId}/lifecycle/activate

Activate Authorization Server Policy

operationId: AuthorizationServer_activatePolicyLifecycle

Parameters

Name In Required Type Description
authServerId path required string
policyId path required string

Responses

200 Success
POST /api/v1/authorizationServers/{authServerId}/policies/{policyId}/lifecycle/activate
POST /api/v1/authorizationServers/{authServerId}/policies/{policyId}/lifecycle/deactivate

Deactivate Authorization Server Policy

operationId: AuthorizationServer_deactivatePolicyLifecycle

Parameters

Name In Required Type Description
authServerId path required string
policyId path required string

Responses

200 Success
POST /api/v1/authorizationServers/{authServerId}/policies/{policyId}/lifecycle/deactivate
GET /api/v1/authorizationServers/{authServerId}/policies/{policyId}/rules

Enumerates all policy rules for the specified Custom Authorization Server and Policy.

operationId: AuthorizationServer_enumeratePolicyRules

Parameters

Name In Required Type Description
authServerId path required string
policyId path required string

Responses

200 Success
GET /api/v1/authorizationServers/{authServerId}/policies/{policyId}/rules
POST /api/v1/authorizationServers/{authServerId}/policies/{policyId}/rules

Creates a policy rule for the specified Custom Authorization Server and Policy.

operationId: AuthorizationServer_createPolicyRule

Parameters

Name In Required Type Description
authServerId path required string
policyId path required string

Request Body

{
  "$ref": "#/components/requestBodies/AuthorizationServerPolicyRule"
}

Responses

200 Success
POST /api/v1/authorizationServers/{authServerId}/policies/{policyId}/rules
DELETE /api/v1/authorizationServers/{authServerId}/policies/{policyId}/rules/{ruleId}

Deletes a Policy Rule defined in the specified Custom Authorization Server and Policy.

operationId: AuthorizationServer_deletePolicyRule

Parameters

Name In Required Type Description
authServerId path required string
policyId path required string
ruleId path required string

Responses

204 No Content
DELETE /api/v1/authorizationServers/{authServerId}/policies/{policyId}/rules/{ruleId}
GET /api/v1/authorizationServers/{authServerId}/policies/{policyId}/rules/{ruleId}

Returns a Policy Rule by ID that is defined in the specified Custom Authorization Server and Policy.

operationId: AuthorizationServer_getPolicyRuleById

Parameters

Name In Required Type Description
authServerId path required string
policyId path required string
ruleId path required string

Responses

200 Success
GET /api/v1/authorizationServers/{authServerId}/policies/{policyId}/rules/{ruleId}
PUT /api/v1/authorizationServers/{authServerId}/policies/{policyId}/rules/{ruleId}

Updates the configuration of the Policy Rule defined in the specified Custom Authorization Server and Policy.

operationId: AuthorizationServer_updatePolicyRuleConfiguration

Parameters

Name In Required Type Description
authServerId path required string
policyId path required string
ruleId path required string

Request Body

{
  "$ref": "#/components/requestBodies/AuthorizationServerPolicyRule"
}

Responses

200 Success
PUT /api/v1/authorizationServers/{authServerId}/policies/{policyId}/rules/{ruleId}
POST /api/v1/authorizationServers/{authServerId}/policies/{policyId}/rules/{ruleId}/lifecycle/activate

Activate Authorization Server Policy Rule

operationId: AuthorizationServer_activatePolicyRule

Parameters

Name In Required Type Description
authServerId path required string
policyId path required string
ruleId path required string

Responses

200 Success
POST /api/v1/authorizationServers/{authServerId}/policies/{policyId}/rules/{ruleId}/lifecycle/activate
POST /api/v1/authorizationServers/{authServerId}/policies/{policyId}/rules/{ruleId}/lifecycle/deactivate

Deactivate Authorization Server Policy Rule

operationId: AuthorizationServer_deactivatePolicyRule

Parameters

Name In Required Type Description
authServerId path required string
policyId path required string
ruleId path required string

Responses

200 Success
POST /api/v1/authorizationServers/{authServerId}/policies/{policyId}/rules/{ruleId}/lifecycle/deactivate
GET /api/v1/authorizationServers/{authServerId}/scopes

Success

operationId: AuthorizationServer_getScopes

Parameters

Name In Required Type Description
authServerId path required string
q query optional string
filter query optional string
cursor query optional string
limit query optional integer

Responses

200 Success
GET /api/v1/authorizationServers/{authServerId}/scopes
POST /api/v1/authorizationServers/{authServerId}/scopes

Success

operationId: AuthorizationServer_createScope

Parameters

Name In Required Type Description
authServerId path required string

Request Body

{
  "$ref": "#/components/requestBodies/OAuth2Scope"
}

Responses

200 Success
201 Success
POST /api/v1/authorizationServers/{authServerId}/scopes
DELETE /api/v1/authorizationServers/{authServerId}/scopes/{scopeId}

Success

operationId: AuthorizationServer_deleteScope

Parameters

Name In Required Type Description
authServerId path required string
scopeId path required string

Responses

204 No Content
DELETE /api/v1/authorizationServers/{authServerId}/scopes/{scopeId}
GET /api/v1/authorizationServers/{authServerId}/scopes/{scopeId}

Success

operationId: AuthorizationServer_getScopes

Parameters

Name In Required Type Description
authServerId path required string
scopeId path required string

Responses

200 Success
GET /api/v1/authorizationServers/{authServerId}/scopes/{scopeId}
PUT /api/v1/authorizationServers/{authServerId}/scopes/{scopeId}

Success

operationId: AuthorizationServer_updateScopeSuccess

Parameters

Name In Required Type Description
authServerId path required string
scopeId path required string

Request Body

{
  "$ref": "#/components/requestBodies/OAuth2Scope"
}

Responses

200 Success
PUT /api/v1/authorizationServers/{authServerId}/scopes/{scopeId}

Brand 24 endpoints

GET /api/v1/brands

List all the brands in your org.

operationId: Brand_getAllBrands

Responses

200 Success
GET /api/v1/brands
GET /api/v1/brands/{brandId}

Fetches a brand by `brandId`

operationId: Brand_getById

Parameters

Name In Required Type Description
brandId path required string

Responses

200 Success
404 Not Found
GET /api/v1/brands/{brandId}
PUT /api/v1/brands/{brandId}

Updates a brand by `brandId`

operationId: Brand_updateByBrandId

Parameters

Name In Required Type Description
brandId path required string

Request Body

{
  "content": {
    "application/json": {
      "schema": {
        "$ref": "#/components/schemas/Brand"
      }
    }
  },
  "required": true
}

Responses

200 Success
400 Bad Request
PUT /api/v1/brands/{brandId}
GET /api/v1/brands/{brandId}/templates/email

List email templates in your organization with pagination.

operationId: Brand_listEmailTemplates

Parameters

Name In Required Type Description
brandId path required string
after query optional string Specifies the pagination cursor for the next page of email templates.
limit query optional integer Specifies the number of results returned (maximum 200)

Responses

200 Success
GET /api/v1/brands/{brandId}/templates/email
GET /api/v1/brands/{brandId}/templates/email/{templateName}

Fetch an email template by templateName

operationId: Brand_getEmailTemplate

Parameters

Name In Required Type Description
brandId path required string
templateName path required string

Responses

200 Success
GET /api/v1/brands/{brandId}/templates/email/{templateName}
DELETE /api/v1/brands/{brandId}/templates/email/{templateName}/customizations

Delete all customizations for an email template. Also known as “Reset to Default”.

operationId: Brand_deleteEmailTemplateCustomizations

Parameters

Name In Required Type Description
brandId path required string
templateName path required string

Responses

204 Success
DELETE /api/v1/brands/{brandId}/templates/email/{templateName}/customizations
GET /api/v1/brands/{brandId}/templates/email/{templateName}/customizations

List all email customizations for an email template

operationId: Brand_listEmailTemplateCustomizations

Parameters

Name In Required Type Description
brandId path required string
templateName path required string

Responses

200 Success
GET /api/v1/brands/{brandId}/templates/email/{templateName}/customizations
POST /api/v1/brands/{brandId}/templates/email/{templateName}/customizations

Create an email customization

operationId: Brand_createEmailTemplateCustomization

Parameters

Name In Required Type Description
brandId path required string
templateName path required string

Request Body

{
  "$ref": "#/components/requestBodies/EmailTemplateCustomizationRequest"
}

Responses

200 Success
409 Conflict
POST /api/v1/brands/{brandId}/templates/email/{templateName}/customizations
DELETE /api/v1/brands/{brandId}/templates/email/{templateName}/customizations/{customizationId}

Delete an email customization

operationId: Brand_deleteEmailCustomization

Parameters

Name In Required Type Description
brandId path required string
templateName path required string
customizationId path required string

Responses

204 No Content
409 Conflict
DELETE /api/v1/brands/{brandId}/templates/email/{templateName}/customizations/{customizationId}
GET /api/v1/brands/{brandId}/templates/email/{templateName}/customizations/{customizationId}

Fetch an email customization by id.

operationId: Brand_getEmailTemplateCustomizationById

Parameters

Name In Required Type Description
brandId path required string
templateName path required string
customizationId path required string

Responses

200 Success
GET /api/v1/brands/{brandId}/templates/email/{templateName}/customizations/{customizationId}
PUT /api/v1/brands/{brandId}/templates/email/{templateName}/customizations/{customizationId}

Update an email customization

operationId: Brand_updateEmailCustomization

Parameters

Name In Required Type Description
brandId path required string
templateName path required string
customizationId path required string

Request Body

{
  "$ref": "#/components/requestBodies/EmailTemplateCustomizationRequest"
}

Responses

200 Success
409 Conflict
PUT /api/v1/brands/{brandId}/templates/email/{templateName}/customizations/{customizationId}
GET /api/v1/brands/{brandId}/templates/email/{templateName}/customizations/{customizationId}/preview

Get a preview of an email template customization.

operationId: Brand_getEmailCustomizationPreview

Parameters

Name In Required Type Description
brandId path required string
templateName path required string
customizationId path required string

Responses

200 Success
GET /api/v1/brands/{brandId}/templates/email/{templateName}/customizations/{customizationId}/preview
GET /api/v1/brands/{brandId}/templates/email/{templateName}/default-content

Fetch the default content for an email template.

operationId: Brand_getEmailTemplateDefaultContent

Parameters

Name In Required Type Description
brandId path required string
templateName path required string

Responses

200 Success
GET /api/v1/brands/{brandId}/templates/email/{templateName}/default-content
GET /api/v1/brands/{brandId}/templates/email/{templateName}/default-content/preview

Fetch a preview of an email template's default content by populating velocity references with the current user's environment.

operationId: Brand_getEmailTemplateDefaultContentPreview

Parameters

Name In Required Type Description
brandId path required string
templateName path required string

Responses

200 Success
GET /api/v1/brands/{brandId}/templates/email/{templateName}/default-content/preview
POST /api/v1/brands/{brandId}/templates/email/{templateName}/test

Send a test email to the current users primary and secondary email addresses. The email content is selected based on the following priority: An email customization specifically for the users locale. The default language of email customizations. The email templates default content.

operationId: Brand_getEmailTemplateDefaultContentPreview

Parameters

Name In Required Type Description
brandId path required string
templateName path required string

Request Body

{
  "content": {
    "application/json": {
      "schema": {
        "$ref": "#/components/schemas/EmailTemplateTestRequest"
      }
    }
  },
  "required": true
}

Responses

204 No Content
POST /api/v1/brands/{brandId}/templates/email/{templateName}/test
GET /api/v1/brands/{brandId}/themes

List all the themes in your brand

operationId: Brand_getThemes

Parameters

Name In Required Type Description
brandId path required string

Responses

200 Success
GET /api/v1/brands/{brandId}/themes
GET /api/v1/brands/{brandId}/themes/{themeId}

Fetches a theme for a brand

operationId: Brand_getThemeById

Parameters

Name In Required Type Description
brandId path required string
themeId path required string

Responses

200 Success
GET /api/v1/brands/{brandId}/themes/{themeId}
PUT /api/v1/brands/{brandId}/themes/{themeId}

Updates a theme for a brand

operationId: Brand_updateTheme

Parameters

Name In Required Type Description
brandId path required string
themeId path required string

Request Body

{
  "content": {
    "application/json": {
      "schema": {
        "$ref": "#/components/schemas/Theme"
      }
    }
  },
  "required": true
}

Responses

200 Success
400 Bad Request
404 Not Found
PUT /api/v1/brands/{brandId}/themes/{themeId}
DELETE /api/v1/brands/{brandId}/themes/{themeId}/background-image

Deletes a Theme background image

operationId: Brand_deleteThemeBackgroundImage

Parameters

Name In Required Type Description
brandId path required string
themeId path required string

Responses

204 No Content
404 Not Found
DELETE /api/v1/brands/{brandId}/themes/{themeId}/background-image
POST /api/v1/brands/{brandId}/themes/{themeId}/background-image

Updates the background image for your Theme

operationId: Brand_updateThemeBackgroundImage

Parameters

Name In Required Type Description
brandId path required string
themeId path required string

Request Body

{
  "$ref": "#/components/requestBodies/uploadApplicationLogo"
}

Responses

201 Created
400 Bad Request
404 Not Found
POST /api/v1/brands/{brandId}/themes/{themeId}/background-image
DELETE /api/v1/brands/{brandId}/themes/{themeId}/favicon

Deletes a Theme favicon. The org then uses the Okta default favicon.

operationId: Brand_deleteThemeFavicon

Parameters

Name In Required Type Description
brandId path required string
themeId path required string

Responses

204 No Content
404 Not Found
DELETE /api/v1/brands/{brandId}/themes/{themeId}/favicon
POST /api/v1/brands/{brandId}/themes/{themeId}/favicon

Updates the favicon for your theme

operationId: Brand_updateThemeFavicon

Parameters

Name In Required Type Description
brandId path required string
themeId path required string

Request Body

{
  "$ref": "#/components/requestBodies/uploadApplicationLogo"
}

Responses

201 Created
400 Bad Request
404 Not Found
POST /api/v1/brands/{brandId}/themes/{themeId}/favicon
DELETE /api/v1/brands/{brandId}/themes/{themeId}/logo

Deletes a Theme logo. The org then uses the Okta default logo.

operationId: Brand_deleteThemeLogo

Parameters

Name In Required Type Description
brandId path required string
themeId path required string

Responses

204 No Content
404 Not Found
DELETE /api/v1/brands/{brandId}/themes/{themeId}/logo
POST /api/v1/brands/{brandId}/themes/{themeId}/logo

Updates the logo for your Theme

operationId: Brand_updateThemeLogo

Parameters

Name In Required Type Description
brandId path required string
themeId path required string

Request Body

{
  "$ref": "#/components/requestBodies/uploadApplicationLogo"
}

Responses

200 Success
400 Bad Request
404 Not Found
POST /api/v1/brands/{brandId}/themes/{themeId}/logo

Domain 6 endpoints

GET /api/v1/domains

List all verified custom Domains for the org.

operationId: Domain_listVerifiedCustom

Responses

200 Success
GET /api/v1/domains
POST /api/v1/domains

Creates your domain.

operationId: Domain_createNewDomain

Request Body

{
  "content": {
    "application/json": {
      "schema": {
        "$ref": "#/components/schemas/Domain"
      }
    }
  },
  "required": true
}

Responses

200 Success
POST /api/v1/domains
DELETE /api/v1/domains/{domainId}

Deletes a Domain by `id`.

operationId: Domain_removeById

Parameters

Name In Required Type Description
domainId path required string

Responses

204 No Content
DELETE /api/v1/domains/{domainId}
GET /api/v1/domains/{domainId}

Fetches a Domain by `id`.

operationId: Domain_getById

Parameters

Name In Required Type Description
domainId path required string

Responses

200 Success
GET /api/v1/domains/{domainId}
PUT /api/v1/domains/{domainId}/certificate

Creates the Certificate for the Domain.

operationId: Domain_createCertificate

Parameters

Name In Required Type Description
domainId path required string

Request Body

{
  "content": {
    "application/json": {
      "schema": {
        "$ref": "#/components/schemas/DomainCertificate"
      }
    }
  },
  "required": true
}

Responses

204 No Content
PUT /api/v1/domains/{domainId}/certificate
POST /api/v1/domains/{domainId}/verify

Verifies the Domain by `id`.

operationId: Domain_verifyById

Parameters

Name In Required Type Description
domainId path required string

Responses

200 Success
POST /api/v1/domains/{domainId}/verify

Eventhook 8 endpoints

GET /api/v1/eventHooks

Success

operationId: EventHook_listSuccessEvents

Responses

200 Success
GET /api/v1/eventHooks
POST /api/v1/eventHooks

Success

operationId: EventHook_createSuccess

Request Body

{
  "$ref": "#/components/requestBodies/EventHook"
}

Responses

200 Success
POST /api/v1/eventHooks
DELETE /api/v1/eventHooks/{eventHookId}

Success

operationId: EventHook_removeSuccessEvent

Parameters

Name In Required Type Description
eventHookId path required string

Responses

204 No Content
DELETE /api/v1/eventHooks/{eventHookId}
GET /api/v1/eventHooks/{eventHookId}

Success

operationId: EventHook_getSuccessEvent

Parameters

Name In Required Type Description
eventHookId path required string

Responses

200 Success
GET /api/v1/eventHooks/{eventHookId}
PUT /api/v1/eventHooks/{eventHookId}

Success

operationId: EventHook_updateSuccessEvent

Parameters

Name In Required Type Description
eventHookId path required string

Request Body

{
  "$ref": "#/components/requestBodies/EventHook"
}

Responses

200 Success
PUT /api/v1/eventHooks/{eventHookId}
POST /api/v1/eventHooks/{eventHookId}/lifecycle/activate

Success

operationId: EventHook_activateLifecycleSuccess

Parameters

Name In Required Type Description
eventHookId path required string

Responses

200 Success
POST /api/v1/eventHooks/{eventHookId}/lifecycle/activate
POST /api/v1/eventHooks/{eventHookId}/lifecycle/deactivate

Success

operationId: EventHook_deactivateLifecycleEvent

Parameters

Name In Required Type Description
eventHookId path required string

Responses

200 Success
POST /api/v1/eventHooks/{eventHookId}/lifecycle/deactivate
POST /api/v1/eventHooks/{eventHookId}/lifecycle/verify

Success

operationId: EventHook_verifyLifecycleSuccess

Parameters

Name In Required Type Description
eventHookId path required string

Responses

200 Success
POST /api/v1/eventHooks/{eventHookId}/lifecycle/verify

Feature 5 endpoints

GET /api/v1/features

Success

operationId: Feature_getSuccess

Responses

200 Success
GET /api/v1/features
GET /api/v1/features/{featureId}

Success

operationId: Feature_getSuccessById

Parameters

Name In Required Type Description
featureId path required string

Responses

200 Success
GET /api/v1/features/{featureId}
GET /api/v1/features/{featureId}/dependencies

Success

operationId: Feature_listDependencies

Parameters

Name In Required Type Description
featureId path required string

Responses

200 Success
GET /api/v1/features/{featureId}/dependencies
GET /api/v1/features/{featureId}/dependents

Success

operationId: Feature_listDependents

Parameters

Name In Required Type Description
featureId path required string

Responses

200 Success
GET /api/v1/features/{featureId}/dependents
POST /api/v1/features/{featureId}/{lifecycle}

Success

operationId: Feature_createLifecycleSuccess

Parameters

Name In Required Type Description
featureId path required string
lifecycle path required string
mode query optional string

Responses

200 Success
POST /api/v1/features/{featureId}/{lifecycle}

Group 28 endpoints

GET /api/v1/groups

Enumerates groups in your organization with pagination. A subset of groups can be returned that match a supported filter expression or query.

operationId: Group_list

Parameters

Name In Required Type Description
q query optional string Searches the name property of groups for matching value
filter query optional string Filter expression for groups
after query optional string Specifies the pagination cursor for the next page of groups
limit query optional integer Specifies the number of group results in a page
expand query optional string If specified, it causes additional metadata to be included in the response.
search query optional string Searches for groups with a supported filtering expression for all attributes except for _embedded, _links, and objectClass

Responses

200 Success
GET /api/v1/groups
POST /api/v1/groups

Adds a new group with `OKTA_GROUP` type to your organization.

operationId: Group_createNewGroup

Request Body

{
  "$ref": "#/components/requestBodies/Group"
}

Responses

200 Success
POST /api/v1/groups
GET /api/v1/groups/rules

Lists all group rules for your organization.

operationId: Group_getAllRules

Parameters

Name In Required Type Description
limit query optional integer Specifies the number of rule results in a page
after query optional string Specifies the pagination cursor for the next page of rules
search query optional string Specifies the keyword to search fules for
expand query optional string If specified as `groupIdToGroupNameMap`, then show group names

Responses

200 Success
GET /api/v1/groups/rules
POST /api/v1/groups/rules

Creates a group rule to dynamically add users to the specified group if they match the condition

operationId: Group_addRule

Request Body

{
  "$ref": "#/components/requestBodies/GroupRule"
}

Responses

200 Success
POST /api/v1/groups/rules
DELETE /api/v1/groups/rules/{ruleId}

Removes a specific group rule by id from your organization

operationId: Group_removeRuleById

Parameters

Name In Required Type Description
ruleId path required string
removeUsers query optional boolean Indicates whether to keep or remove users from groups assigned by this rule.

Responses

202 Accepted
DELETE /api/v1/groups/rules/{ruleId}
GET /api/v1/groups/rules/{ruleId}

Fetches a specific group rule by id from your organization

operationId: Group_getGroupRuleById

Parameters

Name In Required Type Description
ruleId path required string
expand query optional string

Responses

200 Success
GET /api/v1/groups/rules/{ruleId}
PUT /api/v1/groups/rules/{ruleId}

Updates a group rule. Only `INACTIVE` rules can be updated.

operationId: Group_updateRule

Parameters

Name In Required Type Description
ruleId path required string

Request Body

{
  "$ref": "#/components/requestBodies/GroupRule"
}

Responses

200 Success
PUT /api/v1/groups/rules/{ruleId}
POST /api/v1/groups/rules/{ruleId}/lifecycle/activate

Activates a specific group rule by id from your organization

operationId: Group_activateRuleLifecycle

Parameters

Name In Required Type Description
ruleId path required string

Responses

204 No Content
POST /api/v1/groups/rules/{ruleId}/lifecycle/activate
POST /api/v1/groups/rules/{ruleId}/lifecycle/deactivate

Deactivates a specific group rule by id from your organization

operationId: Group_deactivateRuleLifecycle

Parameters

Name In Required Type Description
ruleId path required string

Responses

204 No Content
POST /api/v1/groups/rules/{ruleId}/lifecycle/deactivate
DELETE /api/v1/groups/{groupId}

Removes a group with `OKTA_GROUP` type from your organization.

operationId: Group_removeOperation

Parameters

Name In Required Type Description
groupId path required string

Responses

204 No Content
DELETE /api/v1/groups/{groupId}
GET /api/v1/groups/{groupId}

Fetches a group from your organization.

operationId: Group_getRules

Parameters

Name In Required Type Description
groupId path required string

Responses

200 Success
GET /api/v1/groups/{groupId}
PUT /api/v1/groups/{groupId}

Updates the profile for a group with `OKTA_GROUP` type from your organization.

operationId: Group_updateProfile

Parameters

Name In Required Type Description
groupId path required string

Request Body

{
  "$ref": "#/components/requestBodies/Group"
}

Responses

200 Success
PUT /api/v1/groups/{groupId}
GET /api/v1/groups/{groupId}/apps

Enumerates all applications that are assigned to a group.

operationId: Group_listAssignedApps

Parameters

Name In Required Type Description
groupId path required string
after query optional string Specifies the pagination cursor for the next page of apps
limit query optional integer Specifies the number of app results for a page

Responses

200 Success
GET /api/v1/groups/{groupId}/apps
GET /api/v1/groups/{groupId}/roles

Success

operationId: Group_getRoleList

Parameters

Name In Required Type Description
groupId path required string
expand query optional string

Responses

200 Success
GET /api/v1/groups/{groupId}/roles
POST /api/v1/groups/{groupId}/roles

Assigns a Role to a Group

operationId: Group_assignRoleToGroup

Parameters

Name In Required Type Description
groupId path required string
disableNotifications query optional boolean

Request Body

{
  "$ref": "#/components/requestBodies/AssignRoleRequest"
}

Responses

200 Success
201 Success
POST /api/v1/groups/{groupId}/roles
DELETE /api/v1/groups/{groupId}/roles/{roleId}

Unassigns a Role from a Group

operationId: Group_unassignRole

Parameters

Name In Required Type Description
groupId path required string
roleId path required string

Responses

204 No Content
DELETE /api/v1/groups/{groupId}/roles/{roleId}
GET /api/v1/groups/{groupId}/roles/{roleId}

Success

operationId: Group_getRoleSuccess

Parameters

Name In Required Type Description
groupId path required string
roleId path required string

Responses

200 Success
GET /api/v1/groups/{groupId}/roles/{roleId}
GET /api/v1/groups/{groupId}/roles/{roleId}/targets/catalog/apps

Lists all App targets for an `APP_ADMIN` Role assigned to a Group. This methods return list may include full Applications or Instances. The response for an instance will have an `ID` value, while Application will not have an ID.

operationId: Group_getRoleTargetsCatalogApps

Parameters

Name In Required Type Description
groupId path required string
roleId path required string
after query optional string
limit query optional integer

Responses

200 Success
GET /api/v1/groups/{groupId}/roles/{roleId}/targets/catalog/apps
DELETE /api/v1/groups/{groupId}/roles/{roleId}/targets/catalog/apps/{appName}

Success

operationId: Group_deleteTargetGroupRolesCatalogApps

Parameters

Name In Required Type Description
groupId path required string
roleId path required string
appName path required string

Responses

204 No Content
DELETE /api/v1/groups/{groupId}/roles/{roleId}/targets/catalog/apps/{appName}
PUT /api/v1/groups/{groupId}/roles/{roleId}/targets/catalog/apps/{appName}

Success

operationId: Group_updateRolesCatalogApps

Parameters

Name In Required Type Description
groupId path required string
roleId path required string
appName path required string

Responses

200 Success
PUT /api/v1/groups/{groupId}/roles/{roleId}/targets/catalog/apps/{appName}
DELETE /api/v1/groups/{groupId}/roles/{roleId}/targets/catalog/apps/{appName}/{applicationId}

Remove App Instance Target to App Administrator Role given to a Group

operationId: Group_removeAppInstanceTargetToAppAdminRoleGivenToGroup

Parameters

Name In Required Type Description
groupId path required string
roleId path required string
appName path required string
applicationId path required string

Responses

204 No Content
DELETE /api/v1/groups/{groupId}/roles/{roleId}/targets/catalog/apps/{appName}/{applicationId}
PUT /api/v1/groups/{groupId}/roles/{roleId}/targets/catalog/apps/{appName}/{applicationId}

Add App Instance Target to App Administrator Role given to a Group

operationId: Group_addAppInstanceTargetToAppAdminRoleGivenToGroup

Parameters

Name In Required Type Description
groupId path required string
roleId path required string
appName path required string
applicationId path required string

Responses

204 No Content
PUT /api/v1/groups/{groupId}/roles/{roleId}/targets/catalog/apps/{appName}/{applicationId}
GET /api/v1/groups/{groupId}/roles/{roleId}/targets/groups

Success

operationId: Group_listRoleTargetsGroups

Parameters

Name In Required Type Description
groupId path required string
roleId path required string
after query optional string
limit query optional integer

Responses

200 Success
GET /api/v1/groups/{groupId}/roles/{roleId}/targets/groups
DELETE /api/v1/groups/{groupId}/roles/{roleId}/targets/groups/{targetGroupId}
operationId: Group_removeTargetGroup

Parameters

Name In Required Type Description
groupId path required string
roleId path required string
targetGroupId path required string

Responses

204 No Content
DELETE /api/v1/groups/{groupId}/roles/{roleId}/targets/groups/{targetGroupId}
PUT /api/v1/groups/{groupId}/roles/{roleId}/targets/groups/{targetGroupId}
operationId: Group_updateTargetGroupsRole

Parameters

Name In Required Type Description
groupId path required string
roleId path required string
targetGroupId path required string

Responses

204 No Content
PUT /api/v1/groups/{groupId}/roles/{roleId}/targets/groups/{targetGroupId}
GET /api/v1/groups/{groupId}/users

Enumerates all users that are a member of a group.

operationId: Group_enumerateGroupMembers

Parameters

Name In Required Type Description
groupId path required string
after query optional string Specifies the pagination cursor for the next page of users
limit query optional integer Specifies the number of user results in a page

Responses

200 Success
GET /api/v1/groups/{groupId}/users
DELETE /api/v1/groups/{groupId}/users/{userId}

Removes a user from a group with 'OKTA_GROUP' type.

operationId: Group_removeUserFrom

Parameters

Name In Required Type Description
groupId path required string
userId path required string

Responses

204 No Content
DELETE /api/v1/groups/{groupId}/users/{userId}
PUT /api/v1/groups/{groupId}/users/{userId}

Adds a user to a group with 'OKTA_GROUP' type.

operationId: Group_addUserToGroup

Parameters

Name In Required Type Description
groupId path required string
userId path required string

Responses

204 No Content
PUT /api/v1/groups/{groupId}/users/{userId}

Groupschema 2 endpoints

GET /api/v1/meta/schemas/group/default

Fetches the group schema

operationId: GroupSchema_get

Responses

200 successful operation
GET /api/v1/meta/schemas/group/default
POST /api/v1/meta/schemas/group/default

Updates, adds ore removes one or more custom Group Profile properties in the schema

operationId: GroupSchema_updateCustomProperties

Request Body

{
  "content": {
    "application/json": {
      "schema": {
        "$ref": "#/components/schemas/GroupSchema"
      }
    }
  }
}

Responses

200 successful operation
POST /api/v1/meta/schemas/group/default

Identityprovider 25 endpoints

GET /api/v1/idps

Enumerates IdPs in your organization with pagination. A subset of IdPs can be returned that match a supported filter expression or query.

operationId: IdentityProvider_list

Parameters

Name In Required Type Description
q query optional string Searches the name property of IdPs for matching value
after query optional string Specifies the pagination cursor for the next page of IdPs
limit query optional integer Specifies the number of IdP results in a page
type query optional string Filters IdPs by type

Responses

200 Success
GET /api/v1/idps
POST /api/v1/idps

Adds a new IdP to your organization.

operationId: IdentityProvider_addNewIdp

Request Body

{
  "$ref": "#/components/requestBodies/IdentityProvider"
}

Responses

200 Success
POST /api/v1/idps
GET /api/v1/idps/credentials/keys

Enumerates IdP key credentials.

operationId: IdentityProvider_enumerateIdpKeys

Parameters

Name In Required Type Description
after query optional string Specifies the pagination cursor for the next page of keys
limit query optional integer Specifies the number of key results in a page

Responses

200 Success
GET /api/v1/idps/credentials/keys
POST /api/v1/idps/credentials/keys

Adds a new X.509 certificate credential to the IdP key store.

operationId: IdentityProvider_addX509CertificatePublicKey

Request Body

{
  "content": {
    "application/json": {
      "schema": {
        "$ref": "#/components/schemas/JsonWebKey"
      }
    }
  },
  "required": true
}

Responses

200 Success
POST /api/v1/idps/credentials/keys
DELETE /api/v1/idps/credentials/keys/{keyId}

Deletes a specific IdP Key Credential by `kid` if it is not currently being used by an Active or Inactive IdP.

operationId: IdentityProvider_deleteKeyCredential

Parameters

Name In Required Type Description
keyId path required string

Responses

204 No Content
DELETE /api/v1/idps/credentials/keys/{keyId}
GET /api/v1/idps/credentials/keys/{keyId}

Gets a specific IdP Key Credential by `kid`

operationId: IdentityProvider_getKeyCredentialByIdp

Parameters

Name In Required Type Description
keyId path required string

Responses

200 Success
GET /api/v1/idps/credentials/keys/{keyId}
DELETE /api/v1/idps/{idpId}

Removes an IdP from your organization.

operationId: IdentityProvider_removeIdp

Parameters

Name In Required Type Description
idpId path required string

Responses

204 No Content
DELETE /api/v1/idps/{idpId}
GET /api/v1/idps/{idpId}

Fetches an IdP by `id`.

operationId: IdentityProvider_getByIdp

Parameters

Name In Required Type Description
idpId path required string

Responses

200 Success
GET /api/v1/idps/{idpId}
PUT /api/v1/idps/{idpId}

Updates the configuration for an IdP.

operationId: IdentityProvider_updateConfiguration

Parameters

Name In Required Type Description
idpId path required string

Request Body

{
  "$ref": "#/components/requestBodies/IdentityProvider"
}

Responses

200 Success
PUT /api/v1/idps/{idpId}
GET /api/v1/idps/{idpId}/credentials/csrs

Enumerates Certificate Signing Requests for an IdP

operationId: IdentityProvider_listCsrsForCertificateSigningRequests

Parameters

Name In Required Type Description
idpId path required string

Responses

200 Success
GET /api/v1/idps/{idpId}/credentials/csrs
POST /api/v1/idps/{idpId}/credentials/csrs

Generates a new key pair and returns a Certificate Signing Request for it.

operationId: IdentityProvider_generateCsr

Parameters

Name In Required Type Description
idpId path required string

Request Body

{
  "$ref": "#/components/requestBodies/CsrMetadata"
}

Responses

201 Created
POST /api/v1/idps/{idpId}/credentials/csrs
DELETE /api/v1/idps/{idpId}/credentials/csrs/{csrId}

Revoke a Certificate Signing Request and delete the key pair from the IdP

operationId: IdentityProvider_revokeCsrForIdentityProvider

Parameters

Name In Required Type Description
idpId path required string
csrId path required string

Responses

204 No Content
DELETE /api/v1/idps/{idpId}/credentials/csrs/{csrId}
GET /api/v1/idps/{idpId}/credentials/csrs/{csrId}

Gets a specific Certificate Signing Request model by id

operationId: IdentityProvider_getCsrByIdp

Parameters

Name In Required Type Description
idpId path required string
csrId path required string

Responses

200 Success
GET /api/v1/idps/{idpId}/credentials/csrs/{csrId}
POST /api/v1/idps/{idpId}/credentials/csrs/{csrId}/lifecycle/publish

Update the Certificate Signing Request with a signed X.509 certificate and add it into the signing key credentials for the IdP.

operationId: IdentityProvider_updateCsrLifecyclePublish

Parameters

Name In Required Type Description
idpId path required string
csrId path required string

Responses

201 Created
POST /api/v1/idps/{idpId}/credentials/csrs/{csrId}/lifecycle/publish
GET /api/v1/idps/{idpId}/credentials/keys

Enumerates signing key credentials for an IdP

operationId: IdentityProvider_listSigningKeyCredentials

Parameters

Name In Required Type Description
idpId path required string

Responses

200 Success
GET /api/v1/idps/{idpId}/credentials/keys
POST /api/v1/idps/{idpId}/credentials/keys/generate

Generates a new X.509 certificate for an IdP signing key credential to be used for signing assertions sent to the IdP

operationId: IdentityProvider_generateNewSigningKeyCredential

Parameters

Name In Required Type Description
idpId path required string
validityYears query required integer expiry of the IdP Key Credential

Responses

200 Success
POST /api/v1/idps/{idpId}/credentials/keys/generate
GET /api/v1/idps/{idpId}/credentials/keys/{keyId}

Gets a specific IdP Key Credential by `kid`

operationId: IdentityProvider_getSigningKeyCredentialByIdp

Parameters

Name In Required Type Description
idpId path required string
keyId path required string

Responses

200 Success
GET /api/v1/idps/{idpId}/credentials/keys/{keyId}
POST /api/v1/idps/{idpId}/credentials/keys/{keyId}/clone

Clones a X.509 certificate for an IdP signing key credential from a source IdP to target IdP

operationId: IdentityProvider_cloneSigningKeyCredential

Parameters

Name In Required Type Description
idpId path required string
keyId path required string
targetIdpId query required string

Responses

201 Created
POST /api/v1/idps/{idpId}/credentials/keys/{keyId}/clone
POST /api/v1/idps/{idpId}/lifecycle/activate

Activates an inactive IdP.

operationId: IdentityProvider_activateIdpLifecycle

Parameters

Name In Required Type Description
idpId path required string

Responses

200 Success
POST /api/v1/idps/{idpId}/lifecycle/activate
POST /api/v1/idps/{idpId}/lifecycle/deactivate

Deactivates an active IdP.

operationId: IdentityProvider_deactivateIdp

Parameters

Name In Required Type Description
idpId path required string

Responses

200 Success
POST /api/v1/idps/{idpId}/lifecycle/deactivate
GET /api/v1/idps/{idpId}/users

Find all the users linked to an identity provider

operationId: IdentityProvider_getUser

Parameters

Name In Required Type Description
idpId path required string

Responses

200 Success
GET /api/v1/idps/{idpId}/users
DELETE /api/v1/idps/{idpId}/users/{userId}

Removes the link between the Okta user and the IdP user.

operationId: IdentityProvider_unlinkUser

Parameters

Name In Required Type Description
idpId path required string
userId path required string

Responses

204 No Content
DELETE /api/v1/idps/{idpId}/users/{userId}
GET /api/v1/idps/{idpId}/users/{userId}

Fetches a linked IdP user by ID

operationId: IdentityProvider_getLinkedUserById

Parameters

Name In Required Type Description
idpId path required string
userId path required string

Responses

200 Success
GET /api/v1/idps/{idpId}/users/{userId}
POST /api/v1/idps/{idpId}/users/{userId}

Links an Okta user to an existing Social Identity Provider. This does not support the SAML2 Identity Provider Type

operationId: IdentityProvider_linkUserToIdpWithoutTransaction

Parameters

Name In Required Type Description
idpId path required string
userId path required string

Request Body

{
  "content": {
    "application/json": {
      "schema": {
        "$ref": "#/components/schemas/UserIdentityProviderLinkRequest"
      }
    }
  },
  "required": true
}

Responses

200 Success
POST /api/v1/idps/{idpId}/users/{userId}
GET /api/v1/idps/{idpId}/users/{userId}/credentials/tokens

Fetches the tokens minted by the Social Authentication Provider when the user authenticates with Okta via Social Auth.

operationId: IdentityProvider_getSocialAuthTokens

Parameters

Name In Required Type Description
idpId path required string
userId path required string

Responses

200 Success
GET /api/v1/idps/{idpId}/users/{userId}/credentials/tokens

Inlinehook 8 endpoints

GET /api/v1/inlineHooks

Success

operationId: InlineHook_getSuccess

Parameters

Name In Required Type Description
type query optional string

Responses

200 Success
GET /api/v1/inlineHooks
POST /api/v1/inlineHooks

Success

operationId: InlineHook_createSuccess

Request Body

{
  "$ref": "#/components/requestBodies/InlineHook"
}

Responses

200 Success
POST /api/v1/inlineHooks
DELETE /api/v1/inlineHooks/{inlineHookId}

Deletes the Inline Hook matching the provided id. Once deleted, the Inline Hook is unrecoverable. As a safety precaution, only Inline Hooks with a status of INACTIVE are eligible for deletion.

operationId: InlineHook_deleteMatchingById

Parameters

Name In Required Type Description
inlineHookId path required string

Responses

204 No Content
DELETE /api/v1/inlineHooks/{inlineHookId}
GET /api/v1/inlineHooks/{inlineHookId}

Gets an inline hook by ID

operationId: InlineHook_getById

Parameters

Name In Required Type Description
inlineHookId path required string

Responses

200 Success
GET /api/v1/inlineHooks/{inlineHookId}
PUT /api/v1/inlineHooks/{inlineHookId}

Updates an inline hook by ID

operationId: InlineHook_updateById

Parameters

Name In Required Type Description
inlineHookId path required string

Request Body

{
  "$ref": "#/components/requestBodies/InlineHook"
}

Responses

200 Success
PUT /api/v1/inlineHooks/{inlineHookId}
POST /api/v1/inlineHooks/{inlineHookId}/execute

Executes the Inline Hook matching the provided inlineHookId using the request body as the input. This will send the provided data through the Channel and return a response if it matches the correct data contract. This execution endpoint should only be used for testing purposes.

operationId: InlineHook_executeWithInput

Parameters

Name In Required Type Description
inlineHookId path required string

Request Body

{
  "content": {
    "application/json": {
      "schema": {
        "$ref": "#/components/schemas/InlineHookPayload"
      }
    }
  },
  "required": true
}

Responses

200 Success
POST /api/v1/inlineHooks/{inlineHookId}/execute
POST /api/v1/inlineHooks/{inlineHookId}/lifecycle/activate

Activates the Inline Hook matching the provided id

operationId: InlineHook_activateLifecycle

Parameters

Name In Required Type Description
inlineHookId path required string

Responses

200 Success
POST /api/v1/inlineHooks/{inlineHookId}/lifecycle/activate
POST /api/v1/inlineHooks/{inlineHookId}/lifecycle/deactivate

Deactivates the Inline Hook matching the provided id

operationId: InlineHook_deactivateLifecycle

Parameters

Name In Required Type Description
inlineHookId path required string

Responses

200 Success
POST /api/v1/inlineHooks/{inlineHookId}/lifecycle/deactivate

Linkedobject 4 endpoints

GET /api/v1/meta/schemas/user/linkedObjects

Success

operationId: LinkedObject_getUserLinkedObjects

Responses

200 Success
GET /api/v1/meta/schemas/user/linkedObjects
POST /api/v1/meta/schemas/user/linkedObjects

Success

operationId: LinkedObject_createLinkedObject

Request Body

{
  "content": {
    "application/json": {
      "schema": {
        "$ref": "#/components/schemas/LinkedObject"
      }
    }
  },
  "required": true
}

Responses

201 Created
POST /api/v1/meta/schemas/user/linkedObjects
DELETE /api/v1/meta/schemas/user/linkedObjects/{linkedObjectName}

Success

operationId: LinkedObject_deleteUserLinkedObject

Parameters

Name In Required Type Description
linkedObjectName path required string

Responses

204 No Content
DELETE /api/v1/meta/schemas/user/linkedObjects/{linkedObjectName}
GET /api/v1/meta/schemas/user/linkedObjects/{linkedObjectName}

Success

operationId: LinkedObject_getUserLinkedObjects

Parameters

Name In Required Type Description
linkedObjectName path required string

Responses

200 Success
GET /api/v1/meta/schemas/user/linkedObjects/{linkedObjectName}

Log 1 endpoints

GET /api/v1/logs

The Okta System Log API provides read access to your organization’s system log. This API provides more functionality than the Events API

operationId: Log_getListEvents

Parameters

Name In Required Type Description
since query optional string
until query optional string
filter query optional string
q query optional string
limit query optional integer
sortOrder query optional string
after query optional string

Responses

200 Success
GET /api/v1/logs

Networkzone 7 endpoints

GET /api/v1/zones

Enumerates network zones added to your organization with pagination. A subset of zones can be returned that match a supported filter expression or query.

operationId: NetworkZone_listZones

Parameters

Name In Required Type Description
after query optional string Specifies the pagination cursor for the next page of network zones
limit query optional integer Specifies the number of results for a page
filter query optional string Filters zones by usage or id expression

Responses

200 Success
GET /api/v1/zones
POST /api/v1/zones

Adds a new network zone to your Okta organization.

operationId: NetworkZone_createNew

Request Body

{
  "$ref": "#/components/requestBodies/NetworkZone"
}

Responses

200 Success
POST /api/v1/zones
DELETE /api/v1/zones/{zoneId}

Removes network zone.

operationId: NetworkZone_removeZone

Parameters

Name In Required Type Description
zoneId path required string

Responses

200 Success
DELETE /api/v1/zones/{zoneId}
GET /api/v1/zones/{zoneId}

Fetches a network zone from your Okta organization by `id`.

operationId: NetworkZone_getById

Parameters

Name In Required Type Description
zoneId path required string

Responses

200 Success
GET /api/v1/zones/{zoneId}
PUT /api/v1/zones/{zoneId}

Updates a network zone in your organization.

operationId: NetworkZone_updateZone

Parameters

Name In Required Type Description
zoneId path required string

Request Body

{
  "$ref": "#/components/requestBodies/NetworkZone"
}

Responses

200 Success
PUT /api/v1/zones/{zoneId}
POST /api/v1/zones/{zoneId}/lifecycle/activate

Activate Network Zone

operationId: NetworkZone_activateLifecycle

Parameters

Name In Required Type Description
zoneId path required string

Responses

200 Success
POST /api/v1/zones/{zoneId}/lifecycle/activate
POST /api/v1/zones/{zoneId}/lifecycle/deactivate

Deactivates a network zone.

operationId: NetworkZone_deactivateZoneLifecycle

Parameters

Name In Required Type Description
zoneId path required string

Responses

200 Success
POST /api/v1/zones/{zoneId}/lifecycle/deactivate

Org 17 endpoints

GET /api/v1/org

Get settings of your organization.

operationId: Org_getSettings

Responses

200 Success
GET /api/v1/org
POST /api/v1/org

Partial update settings of your organization.

operationId: Org_updateSettings

Request Body

{
  "$ref": "#/components/requestBodies/OrgSetting"
}

Responses

200 Success
POST /api/v1/org
PUT /api/v1/org

Update settings of your organization.

operationId: Org_updateSetting

Request Body

{
  "$ref": "#/components/requestBodies/OrgSetting"
}

Responses

200 Success
PUT /api/v1/org
GET /api/v1/org/contacts

Gets Contact Types of your organization.

operationId: Org_listContactTypes

Responses

200 Success
GET /api/v1/org/contacts
GET /api/v1/org/contacts/{contactType}

Retrieves the URL of the User associated with the specified Contact Type.

operationId: Org_getContactUser

Parameters

Name In Required Type Description
contactType path required string

Responses

200 Success
GET /api/v1/org/contacts/{contactType}
PUT /api/v1/org/contacts/{contactType}

Updates the User associated with the specified Contact Type.

operationId: Org_updateContactUser

Parameters

Name In Required Type Description
contactType path required string

Request Body

{
  "content": {
    "application/json": {
      "schema": {
        "$ref": "#/components/schemas/UserIdString"
      }
    }
  },
  "required": true
}

Responses

200 Success
PUT /api/v1/org/contacts/{contactType}
POST /api/v1/org/logo

Updates the logo for your organization.

operationId: Org_updateOrganizationLogo

Request Body

{
  "$ref": "#/components/requestBodies/uploadApplicationLogo"
}

Responses

201 Created
POST /api/v1/org/logo
GET /api/v1/org/preferences

Gets preferences of your organization.

operationId: Org_getOrgPreferences

Responses

200 Success
GET /api/v1/org/preferences
POST /api/v1/org/preferences/hideEndUserFooter

Hide the Okta UI footer for all end users of your organization.

operationId: Org_hideEndUserFooter

Responses

200 Success
POST /api/v1/org/preferences/hideEndUserFooter
POST /api/v1/org/preferences/showEndUserFooter

Makes the Okta UI footer visible for all end users of your organization.

operationId: Org_makeOktaUiFooterVisible

Responses

200 Success
POST /api/v1/org/preferences/showEndUserFooter
GET /api/v1/org/privacy/oktaCommunication

Gets Okta Communication Settings of your organization.

operationId: Org_getOktaCommunicationSettings

Responses

200 Success
GET /api/v1/org/privacy/oktaCommunication
POST /api/v1/org/privacy/oktaCommunication/optIn

Opts in all users of this org to Okta Communication emails.

operationId: Org_optInOktaCommunicationEmails

Responses

200 Success
POST /api/v1/org/privacy/oktaCommunication/optIn
POST /api/v1/org/privacy/oktaCommunication/optOut

Opts out all users of this org from Okta Communication emails.

operationId: Org_optOutOktaCommunicationEmails

Responses

200 Success
POST /api/v1/org/privacy/oktaCommunication/optOut
GET /api/v1/org/privacy/oktaSupport

Gets Okta Support Settings of your organization.

operationId: Org_getOktaSupportSettings

Responses

200 Success
GET /api/v1/org/privacy/oktaSupport
POST /api/v1/org/privacy/oktaSupport/extend

Extends the length of time that Okta Support can access your org by 24 hours. This means that 24 hours are added to the remaining access time.

operationId: Org_extendOktaSupport

Responses

200 Success
POST /api/v1/org/privacy/oktaSupport/extend
POST /api/v1/org/privacy/oktaSupport/grant

Enables you to temporarily allow Okta Support to access your org as an administrator for eight hours.

operationId: Org_grantOktaSupportAccess

Responses

200 Success
POST /api/v1/org/privacy/oktaSupport/grant
POST /api/v1/org/privacy/oktaSupport/revoke

Revokes Okta Support access to your organization.

operationId: Org_extendOktaSupport

Responses

200 Success
POST /api/v1/org/privacy/oktaSupport/revoke

Policy 14 endpoints

GET /api/v1/policies

Gets all policies with the specified type.

operationId: Policy_getAllWithType

Parameters

Name In Required Type Description
type query required string
status query optional string
expand query optional string

Responses

200 Success
GET /api/v1/policies
POST /api/v1/policies

Creates a policy.

operationId: Policy_createNewPolicy

Parameters

Name In Required Type Description
activate query optional boolean

Request Body

{
  "$ref": "#/components/requestBodies/Policy"
}

Responses

200 Success
POST /api/v1/policies
DELETE /api/v1/policies/{policyId}

Removes a policy.

operationId: Policy_removePolicyOperation

Parameters

Name In Required Type Description
policyId path required string

Responses

200 Success
DELETE /api/v1/policies/{policyId}
GET /api/v1/policies/{policyId}

Gets a policy.

operationId: Policy_getPolicy

Parameters

Name In Required Type Description
policyId path required string
expand query optional string

Responses

200 Success
GET /api/v1/policies/{policyId}
PUT /api/v1/policies/{policyId}

Updates a policy.

operationId: Policy_updateOperation

Parameters

Name In Required Type Description
policyId path required string

Request Body

{
  "$ref": "#/components/requestBodies/Policy"
}

Responses

200 Success
PUT /api/v1/policies/{policyId}
POST /api/v1/policies/{policyId}/lifecycle/activate

Activates a policy.

operationId: Policy_activateLifecycle

Parameters

Name In Required Type Description
policyId path required string

Responses

204 No Content
POST /api/v1/policies/{policyId}/lifecycle/activate
POST /api/v1/policies/{policyId}/lifecycle/deactivate

Deactivates a policy.

operationId: Policy_deactivateLifecycle

Parameters

Name In Required Type Description
policyId path required string

Responses

204 No Content
POST /api/v1/policies/{policyId}/lifecycle/deactivate
GET /api/v1/policies/{policyId}/rules

Enumerates all policy rules.

operationId: Policy_enumerateRules

Parameters

Name In Required Type Description
policyId path required string

Responses

200 Success
GET /api/v1/policies/{policyId}/rules
POST /api/v1/policies/{policyId}/rules

Creates a policy rule.

operationId: Policy_createRule

Parameters

Name In Required Type Description
policyId path required string

Request Body

{
  "$ref": "#/components/requestBodies/PolicyRule"
}

Responses

200 Success
POST /api/v1/policies/{policyId}/rules
DELETE /api/v1/policies/{policyId}/rules/{ruleId}

Removes a policy rule.

operationId: Policy_removeRule

Parameters

Name In Required Type Description
policyId path required string
ruleId path required string

Responses

204 No Content
DELETE /api/v1/policies/{policyId}/rules/{ruleId}
GET /api/v1/policies/{policyId}/rules/{ruleId}

Gets a policy rule.

operationId: Policy_getPolicyRule

Parameters

Name In Required Type Description
policyId path required string
ruleId path required string

Responses

200 Success
GET /api/v1/policies/{policyId}/rules/{ruleId}
PUT /api/v1/policies/{policyId}/rules/{ruleId}

Updates a policy rule.

operationId: Policy_updateRule

Parameters

Name In Required Type Description
policyId path required string
ruleId path required string

Request Body

{
  "$ref": "#/components/requestBodies/PolicyRule"
}

Responses

200 Success
PUT /api/v1/policies/{policyId}/rules/{ruleId}
POST /api/v1/policies/{policyId}/rules/{ruleId}/lifecycle/activate

Activates a policy rule.

operationId: Policy_activateRuleLifecycle

Parameters

Name In Required Type Description
policyId path required string
ruleId path required string

Responses

200 Success
POST /api/v1/policies/{policyId}/rules/{ruleId}/lifecycle/activate
POST /api/v1/policies/{policyId}/rules/{ruleId}/lifecycle/deactivate

Deactivates a policy rule.

operationId: Policy_deactivateRuleLifecycle

Parameters

Name In Required Type Description
policyId path required string
ruleId path required string

Responses

204 No Content
POST /api/v1/policies/{policyId}/rules/{ruleId}/lifecycle/deactivate

Profilemapping 3 endpoints

GET /api/v1/mappings

Enumerates Profile Mappings in your organization with pagination.

operationId: ProfileMapping_listWithPagination

Parameters

Name In Required Type Description
after query optional string
limit query optional integer
sourceId query optional string
targetId query optional string

Responses

200 Success
GET /api/v1/mappings
GET /api/v1/mappings/{mappingId}

Fetches a single Profile Mapping referenced by its ID.

operationId: ProfileMapping_getById

Parameters

Name In Required Type Description
mappingId path required string

Responses

200 Success
GET /api/v1/mappings/{mappingId}
POST /api/v1/mappings/{mappingId}

Updates an existing Profile Mapping by adding, updating, or removing one or many Property Mappings.

operationId: ProfileMapping_updatePropertyMappings

Parameters

Name In Required Type Description
mappingId path required string

Request Body

{
  "content": {
    "application/json": {
      "schema": {
        "$ref": "#/components/schemas/ProfileMapping"
      }
    }
  },
  "required": true
}

Responses

200 Success
POST /api/v1/mappings/{mappingId}

Session 4 endpoints

POST /api/v1/sessions

Creates a new session for a user with a valid session token. Use this API if, for example, you want to set the session cookie yourself instead of allowing Okta to set it, or want to hold the session ID in order to delete a session via the API instead of visiting the logout URL.

operationId: Session_createSessionWithToken

Request Body

{
  "content": {
    "application/json": {
      "schema": {
        "$ref": "#/components/schemas/CreateSessionRequest"
      }
    }
  },
  "required": true
}

Responses

200 Success
400 Bad Request
POST /api/v1/sessions
DELETE /api/v1/sessions/{sessionId}
operationId: Session_close

Parameters

Name In Required Type Description
sessionId path required string

Responses

204 No Content
400 Bad Request
404 Not Found
DELETE /api/v1/sessions/{sessionId}
GET /api/v1/sessions/{sessionId}

Get details about a session.

operationId: Session_getDetails

Parameters

Name In Required Type Description
sessionId path required string

Responses

200 Success
GET /api/v1/sessions/{sessionId}
POST /api/v1/sessions/{sessionId}/lifecycle/refresh
operationId: Session_refreshLifecycle

Parameters

Name In Required Type Description
sessionId path required string

Responses

200 Success
404 Not Found
POST /api/v1/sessions/{sessionId}/lifecycle/refresh

Subscription 6 endpoints

GET /api/v1/roles/{roleTypeOrRoleId}/subscriptions

When roleType List all subscriptions of a Role. Else when roleId List subscriptions of a Custom Role

operationId: Subscription_listRoleSubscriptions

Parameters

Name In Required Type Description
roleTypeOrRoleId path required string

Responses

200 Success
404 Not Found
GET /api/v1/roles/{roleTypeOrRoleId}/subscriptions
GET /api/v1/roles/{roleTypeOrRoleId}/subscriptions/{notificationType}

When roleType Get subscriptions of a Role with a specific notification type. Else when roleId Get subscription of a Custom Role with a specific notification type.

operationId: Subscription_getRoleSubscriptionsByNotificationType

Parameters

Name In Required Type Description
roleTypeOrRoleId path required string
notificationType path required string

Responses

200 Success
404 Not Found
GET /api/v1/roles/{roleTypeOrRoleId}/subscriptions/{notificationType}
POST /api/v1/roles/{roleTypeOrRoleId}/subscriptions/{notificationType}/subscribe

When roleType Subscribes a Role to a specific notification type. When you change the subscription status of a Role, it overrides the subscription of any individual user of that Role. Else when roleId Subscribes a Custom Role to a specific notification type. When you change the subscription status of a Custom Role, it overrides the subscription of any individual user of that Custom Role.

operationId: Subscription_roleNotificationSubscribe

Parameters

Name In Required Type Description
roleTypeOrRoleId path required string
notificationType path required string

Responses

200 Success
404 Not Found
POST /api/v1/roles/{roleTypeOrRoleId}/subscriptions/{notificationType}/subscribe
POST /api/v1/roles/{roleTypeOrRoleId}/subscriptions/{notificationType}/unsubscribe

When roleType Unsubscribes a Role from a specific notification type. When you change the subscription status of a Role, it overrides the subscription of any individual user of that Role. Else when roleId Unsubscribes a Custom Role from a specific notification type. When you change the subscription status of a Custom Role, it overrides the subscription of any individual user of that Custom Role.

operationId: Subscription_customRoleNotificationUnsubscribe

Parameters

Name In Required Type Description
roleTypeOrRoleId path required string
notificationType path required string

Responses

200 Success
404 Not Found
POST /api/v1/roles/{roleTypeOrRoleId}/subscriptions/{notificationType}/unsubscribe
POST /api/v1/users/{userId}/subscriptions/{notificationType}/subscribe

Subscribes a User to a specific notification type. Only the current User can subscribe to a specific notification type. An AccessDeniedException message is sent if requests are made from other users.

operationId: Subscription_userNotificationSubscribe

Parameters

Name In Required Type Description
userId path required string
notificationType path required string

Responses

200 Success
404 Not Found
POST /api/v1/users/{userId}/subscriptions/{notificationType}/subscribe
POST /api/v1/users/{userId}/subscriptions/{notificationType}/unsubscribe

Unsubscribes a User from a specific notification type. Only the current User can unsubscribe from a specific notification type. An AccessDeniedException message is sent if requests are made from other users.

operationId: Subscription_unsubscribeUserSubscriptionByNotificationType

Parameters

Name In Required Type Description
userId path required string
notificationType path required string

Responses

200 Success
404 Not Found
POST /api/v1/users/{userId}/subscriptions/{notificationType}/unsubscribe

Template 6 endpoints

GET /api/v1/templates/sms

Enumerates custom SMS templates in your organization. A subset of templates can be returned that match a template type.

operationId: Template_enumerateSmsTemplates

Parameters

Name In Required Type Description
templateType query optional string

Responses

200 Success
GET /api/v1/templates/sms
POST /api/v1/templates/sms

Adds a new custom SMS template to your organization.

operationId: Template_addNewCustomSms

Request Body

{
  "$ref": "#/components/requestBodies/SmsTemplate"
}

Responses

200 Success
POST /api/v1/templates/sms
DELETE /api/v1/templates/sms/{templateId}

Removes an SMS template.

operationId: Template_removeSms

Parameters

Name In Required Type Description
templateId path required string

Responses

204 No Content
DELETE /api/v1/templates/sms/{templateId}
GET /api/v1/templates/sms/{templateId}

Fetches a specific template by `id`

operationId: Template_getById

Parameters

Name In Required Type Description
templateId path required string

Responses

200 Success
GET /api/v1/templates/sms/{templateId}
POST /api/v1/templates/sms/{templateId}

Updates only some of the SMS template properties:

operationId: Template_partialSmsUpdate

Parameters

Name In Required Type Description
templateId path required string

Request Body

{
  "$ref": "#/components/requestBodies/SmsTemplate"
}

Responses

200 Success
POST /api/v1/templates/sms/{templateId}
PUT /api/v1/templates/sms/{templateId}

Updates the SMS template.

operationId: Template_updateSmsTemplate

Parameters

Name In Required Type Description
templateId path required string

Request Body

{
  "$ref": "#/components/requestBodies/SmsTemplate"
}

Responses

200 Success
PUT /api/v1/templates/sms/{templateId}

Threatinsight 2 endpoints

GET /api/v1/threats/configuration

Gets current ThreatInsight configuration

operationId: ThreatInsight_getCurrentConfiguration

Responses

200 Success
GET /api/v1/threats/configuration
POST /api/v1/threats/configuration

Updates ThreatInsight configuration

operationId: ThreatInsight_updateConfiguration

Request Body

{
  "content": {
    "application/json": {
      "schema": {
        "$ref": "#/components/schemas/ThreatInsightConfiguration"
      }
    }
  },
  "required": true
}

Responses

200 Success
POST /api/v1/threats/configuration

Trustedorigin 7 endpoints

GET /api/v1/trustedOrigins

Success

operationId: TrustedOrigin_getList

Parameters

Name In Required Type Description
q query optional string
filter query optional string
after query optional string
limit query optional integer

Responses

200 Success
GET /api/v1/trustedOrigins
POST /api/v1/trustedOrigins

Success

operationId: TrustedOrigin_createSuccess

Request Body

{
  "$ref": "#/components/requestBodies/TrustedOrigin"
}

Responses

200 Success
POST /api/v1/trustedOrigins
DELETE /api/v1/trustedOrigins/{trustedOriginId}

Success

operationId: TrustedOrigin_deleteSuccess

Parameters

Name In Required Type Description
trustedOriginId path required string

Responses

200 Success
DELETE /api/v1/trustedOrigins/{trustedOriginId}
GET /api/v1/trustedOrigins/{trustedOriginId}

Success

operationId: TrustedOrigin_getSuccessById

Parameters

Name In Required Type Description
trustedOriginId path required string

Responses

200 Success
GET /api/v1/trustedOrigins/{trustedOriginId}
PUT /api/v1/trustedOrigins/{trustedOriginId}

Success

operationId: TrustedOrigin_updateSuccess

Parameters

Name In Required Type Description
trustedOriginId path required string

Request Body

{
  "$ref": "#/components/requestBodies/TrustedOrigin"
}

Responses

200 Success
PUT /api/v1/trustedOrigins/{trustedOriginId}
POST /api/v1/trustedOrigins/{trustedOriginId}/lifecycle/activate

Success

operationId: TrustedOrigin_activateLifecycleSuccess

Parameters

Name In Required Type Description
trustedOriginId path required string

Responses

200 Success
POST /api/v1/trustedOrigins/{trustedOriginId}/lifecycle/activate
POST /api/v1/trustedOrigins/{trustedOriginId}/lifecycle/deactivate

Success

operationId: TrustedOrigin_deactivateLifecycleSuccess

Parameters

Name In Required Type Description
trustedOriginId path required string

Responses

200 Success
POST /api/v1/trustedOrigins/{trustedOriginId}/lifecycle/deactivate

User 52 endpoints

GET /api/v1/users

Lists users that do not have a status of 'DEPROVISIONED' (by default), up to the maximum (200 for most orgs), with pagination in most cases. A subset of users can be returned that match a supported filter expression or search criteria.

operationId: User_listActiveUsers

Parameters

Name In Required Type Description
q query optional string Finds a user that matches firstName, lastName, and email properties
after query optional string Specifies the pagination cursor for the next page of users
limit query optional integer Specifies the number of results returned
filter query optional string Filters users with a supported expression for a subset of properties
search query optional string Searches for users with a supported filtering expression for most properties
sortBy query optional string
sortOrder query optional string

Responses

200 Success
GET /api/v1/users
POST /api/v1/users

Creates a new user in your Okta organization with or without credentials.

operationId: User_createNewUser

Parameters

Name In Required Type Description
activate query optional boolean Executes activation lifecycle operation when creating the user
provider query optional boolean Indicates whether to create a user with a specified authentication provider
nextLogin query optional string With activate=true, set nextLogin to "changePassword" to have the password be EXPIRED, so user must change it the next time they log in.

Request Body

{
  "content": {
    "application/json": {
      "schema": {
        "$ref": "#/components/schemas/CreateUserRequest"
      }
    }
  },
  "required": true
}

Responses

200 Success
POST /api/v1/users
PUT /api/v1/users/{associatedUserId}/linkedObjects/{primaryRelationshipName}/{primaryUserId}
operationId: User_updateLinkedObject

Parameters

Name In Required Type Description
associatedUserId path required string
primaryRelationshipName path required string
primaryUserId path required string

Responses

204 Success
PUT /api/v1/users/{associatedUserId}/linkedObjects/{primaryRelationshipName}/{primaryUserId}
DELETE /api/v1/users/{userId}

Deletes a user permanently. This operation can only be performed on users that have a `DEPROVISIONED` status. **This action cannot be recovered!**

operationId: User_deletePermanently

Parameters

Name In Required Type Description
userId path required string
sendEmail query optional boolean

Responses

202 ACCEPTED
DELETE /api/v1/users/{userId}
GET /api/v1/users/{userId}

Fetches a user from your Okta organization.

operationId: User_getOktaUser

Parameters

Name In Required Type Description
userId path required string

Responses

200 Success
GET /api/v1/users/{userId}
POST /api/v1/users/{userId}

Update a user's profile or credentials with partial update semantics.

operationId: User_updateProfile

Parameters

Name In Required Type Description
userId path required string
strict query optional boolean

Request Body

{
  "$ref": "#/components/requestBodies/User"
}

Responses

200 Success
POST /api/v1/users/{userId}
PUT /api/v1/users/{userId}

Update a user's profile and/or credentials using strict-update semantics.

operationId: User_updateProfile

Parameters

Name In Required Type Description
userId path required string
strict query optional boolean

Request Body

{
  "$ref": "#/components/requestBodies/User"
}

Responses

200 Success
PUT /api/v1/users/{userId}
GET /api/v1/users/{userId}/appLinks

Fetches appLinks for all direct or indirect (via group membership) assigned applications.

operationId: User_listAssignedAppLinks

Parameters

Name In Required Type Description
userId path required string

Responses

200 Success
GET /api/v1/users/{userId}/appLinks
GET /api/v1/users/{userId}/clients

Lists all client resources for which the specified user has grants or tokens.

operationId: User_listClients

Parameters

Name In Required Type Description
userId path required string

Responses

200 Success
GET /api/v1/users/{userId}/clients
DELETE /api/v1/users/{userId}/clients/{clientId}/grants

Revokes all grants for the specified user and client

operationId: User_revokeGrantsForUserAndClient

Parameters

Name In Required Type Description
userId path required string
clientId path required string

Responses

204 No Content
DELETE /api/v1/users/{userId}/clients/{clientId}/grants
GET /api/v1/users/{userId}/clients/{clientId}/grants

Lists all grants for a specified user and client

operationId: User_listGrantsForClient

Parameters

Name In Required Type Description
userId path required string
clientId path required string
expand query optional string
after query optional string
limit query optional integer

Responses

200 Success
GET /api/v1/users/{userId}/clients/{clientId}/grants
DELETE /api/v1/users/{userId}/clients/{clientId}/tokens

Revokes all refresh tokens issued for the specified User and Client.

operationId: User_revokeAllTokens

Parameters

Name In Required Type Description
userId path required string
clientId path required string

Responses

204 No Content
DELETE /api/v1/users/{userId}/clients/{clientId}/tokens
GET /api/v1/users/{userId}/clients/{clientId}/tokens

Lists all refresh tokens issued for the specified User and Client.

operationId: User_listRefreshTokensForUserAndClient

Parameters

Name In Required Type Description
userId path required string
clientId path required string
expand query optional string
after query optional string
limit query optional integer

Responses

200 Success
GET /api/v1/users/{userId}/clients/{clientId}/tokens
DELETE /api/v1/users/{userId}/clients/{clientId}/tokens/{tokenId}

Revokes the specified refresh token.

operationId: User_revokeTokenForClient

Parameters

Name In Required Type Description
userId path required string
clientId path required string
tokenId path required string

Responses

204 No Content
DELETE /api/v1/users/{userId}/clients/{clientId}/tokens/{tokenId}
GET /api/v1/users/{userId}/clients/{clientId}/tokens/{tokenId}

Gets a refresh token issued for the specified User and Client.

operationId: User_getClientRefreshToken

Parameters

Name In Required Type Description
userId path required string
clientId path required string
tokenId path required string
expand query optional string
limit query optional integer
after query optional string

Responses

200 Success
GET /api/v1/users/{userId}/clients/{clientId}/tokens/{tokenId}
POST /api/v1/users/{userId}/credentials/change_password

Changes a user's password by validating the user's current password. This operation can only be performed on users in `STAGED`, `ACTIVE`, `PASSWORD_EXPIRED`, or `RECOVERY` status that have a valid password credential

operationId: User_changePasswordValidation

Parameters

Name In Required Type Description
userId path required string
strict query optional boolean

Request Body

{
  "content": {
    "application/json": {
      "schema": {
        "$ref": "#/components/schemas/ChangePasswordRequest"
      }
    }
  },
  "required": true
}

Responses

200 Success
POST /api/v1/users/{userId}/credentials/change_password
POST /api/v1/users/{userId}/credentials/change_recovery_question

Changes a user's recovery question & answer credential by validating the user's current password. This operation can only be performed on users in **STAGED**, **ACTIVE** or **RECOVERY** `status` that have a valid password credential

operationId: User_updateRecoveryQuestion

Parameters

Name In Required Type Description
userId path required string

Request Body

{
  "content": {
    "application/json": {
      "schema": {
        "$ref": "#/components/schemas/UserCredentials"
      }
    }
  },
  "required": true
}

Responses

200 Success
POST /api/v1/users/{userId}/credentials/change_recovery_question
POST /api/v1/users/{userId}/credentials/forgot_password
operationId: User_forgotPassword

Parameters

Name In Required Type Description
userId path required string

Responses

200 Success
POST /api/v1/users/{userId}/credentials/forgot_password
DELETE /api/v1/users/{userId}/grants

Revokes all grants for a specified user

operationId: User_revokeGrants

Parameters

Name In Required Type Description
userId path required string

Responses

204 No Content
DELETE /api/v1/users/{userId}/grants
GET /api/v1/users/{userId}/grants

Lists all grants for the specified user

operationId: User_listGrants

Parameters

Name In Required Type Description
userId path required string
scopeId query optional string
expand query optional string
after query optional string
limit query optional integer

Responses

200 Success
GET /api/v1/users/{userId}/grants
DELETE /api/v1/users/{userId}/grants/{grantId}

Revokes one grant for a specified user

operationId: User_revokeGrant

Parameters

Name In Required Type Description
userId path required string
grantId path required string

Responses

204 No Content
DELETE /api/v1/users/{userId}/grants/{grantId}
GET /api/v1/users/{userId}/grants/{grantId}

Gets a grant for the specified user

operationId: User_getGrantById

Parameters

Name In Required Type Description
userId path required string
grantId path required string
expand query optional string

Responses

200 Success
GET /api/v1/users/{userId}/grants/{grantId}
GET /api/v1/users/{userId}/groups

Fetches the groups of which the user is a member.

operationId: User_getMemberGroups

Parameters

Name In Required Type Description
userId path required string

Responses

200 Success
GET /api/v1/users/{userId}/groups
GET /api/v1/users/{userId}/idps

Lists the IdPs associated with the user.

operationId: User_listIdpsForUser

Parameters

Name In Required Type Description
userId path required string

Responses

200 Success
GET /api/v1/users/{userId}/idps
POST /api/v1/users/{userId}/lifecycle/activate

Activates a user. This operation can only be performed on users with a `STAGED` status. Activation of a user is an asynchronous operation. The user will have the `transitioningToStatus` property with a value of `ACTIVE` during activation to indicate that the user hasn't completed the asynchronous operation. The user will have a status of `ACTIVE` when the activation process is complete.

operationId: User_activateLifecycle

Parameters

Name In Required Type Description
userId path required string
sendEmail query required boolean Sends an activation email to the user if true

Responses

200 Success
POST /api/v1/users/{userId}/lifecycle/activate
POST /api/v1/users/{userId}/lifecycle/deactivate

Deactivates a user. This operation can only be performed on users that do not have a `DEPROVISIONED` status. While the asynchronous operation (triggered by HTTP header `Prefer: respond-async`) is proceeding the user's `transitioningToStatus` property is `DEPROVISIONED`. The user's status is `DEPROVISIONED` when the deactivation process is complete.

operationId: User_deactivateLifecycle

Parameters

Name In Required Type Description
userId path required string
sendEmail query optional boolean

Responses

200 OK
POST /api/v1/users/{userId}/lifecycle/deactivate
POST /api/v1/users/{userId}/lifecycle/expire_password?tempPassword=false

This operation transitions the user to the status of `PASSWORD_EXPIRED` so that the user is required to change their password at their next login.

operationId: User_expirePasswordAndGetTemporaryPassword

Parameters

Name In Required Type Description
userId path required string

Responses

200 Success
POST /api/v1/users/{userId}/lifecycle/expire_password?tempPassword=false
POST /api/v1/users/{userId}/lifecycle/expire_password?tempPassword=true

This operation transitions the user to the status of `PASSWORD_EXPIRED` and the user's password is reset to a temporary password that is returned.

operationId: User_expirePasswordAndTemporaryPassword

Parameters

Name In Required Type Description
userId path required string

Responses

200 Success
POST /api/v1/users/{userId}/lifecycle/expire_password?tempPassword=true
POST /api/v1/users/{userId}/lifecycle/reactivate

Reactivates a user. This operation can only be performed on users with a `PROVISIONED` status. This operation restarts the activation workflow if for some reason the user activation was not completed when using the activationToken from [Activate User](https://raw.githubusercontent.com).

operationId: User_reactivateUser

Parameters

Name In Required Type Description
userId path required string
sendEmail query optional boolean Sends an activation email to the user if true

Responses

200 Success
POST /api/v1/users/{userId}/lifecycle/reactivate
POST /api/v1/users/{userId}/lifecycle/reset_factors

This operation resets all factors for the specified user. All MFA factor enrollments returned to the unenrolled state. The user's status remains ACTIVE. This link is present only if the user is currently enrolled in one or more MFA factors.

operationId: User_resetFactorsOperation

Parameters

Name In Required Type Description
userId path required string

Responses

200 OK
POST /api/v1/users/{userId}/lifecycle/reset_factors
POST /api/v1/users/{userId}/lifecycle/reset_password

Generates a one-time token (OTT) that can be used to reset a user's password. The OTT link can be automatically emailed to the user or returned to the API caller and distributed using a custom flow.

operationId: User_generatePasswordResetToken

Parameters

Name In Required Type Description
userId path required string
sendEmail query required boolean

Responses

200 Success
POST /api/v1/users/{userId}/lifecycle/reset_password
POST /api/v1/users/{userId}/lifecycle/suspend

Suspends a user. This operation can only be performed on users with an `ACTIVE` status. The user will have a status of `SUSPENDED` when the process is complete.

operationId: User_suspendLifecycle

Parameters

Name In Required Type Description
userId path required string

Responses

200 OK
POST /api/v1/users/{userId}/lifecycle/suspend
POST /api/v1/users/{userId}/lifecycle/unlock

Unlocks a user with a `LOCKED_OUT` status and returns them to `ACTIVE` status. Users will be able to login with their current password.

operationId: User_unlockUserStatus

Parameters

Name In Required Type Description
userId path required string

Responses

200 Success
POST /api/v1/users/{userId}/lifecycle/unlock
POST /api/v1/users/{userId}/lifecycle/unsuspend

Unsuspends a user and returns them to the `ACTIVE` state. This operation can only be performed on users that have a `SUSPENDED` status.

operationId: User_unsuspendLifecycle

Parameters

Name In Required Type Description
userId path required string

Responses

200 Success
POST /api/v1/users/{userId}/lifecycle/unsuspend
DELETE /api/v1/users/{userId}/linkedObjects/{relationshipName}

Delete linked objects for a user, relationshipName can be ONLY a primary relationship name

operationId: User_deleteLinkedObjects

Parameters

Name In Required Type Description
userId path required string
relationshipName path required string

Responses

204 No Content
DELETE /api/v1/users/{userId}/linkedObjects/{relationshipName}
GET /api/v1/users/{userId}/linkedObjects/{relationshipName}

Get linked objects for a user, relationshipName can be a primary or associated relationship name

operationId: User_getLinkedObjects

Parameters

Name In Required Type Description
userId path required string
relationshipName path required string
after query optional string
limit query optional integer

Responses

200 Success
GET /api/v1/users/{userId}/linkedObjects/{relationshipName}
GET /api/v1/users/{userId}/roles

Lists all roles assigned to a user.

operationId: User_listAssignedRoles

Parameters

Name In Required Type Description
userId path required string
expand query optional string

Responses

200 Success
GET /api/v1/users/{userId}/roles
POST /api/v1/users/{userId}/roles

Assigns a role to a user.

operationId: User_assignRole

Parameters

Name In Required Type Description
userId path required string
disableNotifications query optional boolean

Request Body

{
  "$ref": "#/components/requestBodies/AssignRoleRequest"
}

Responses

201 Created
POST /api/v1/users/{userId}/roles
DELETE /api/v1/users/{userId}/roles/{roleId}

Unassigns a role from a user.

operationId: User_unassignRole

Parameters

Name In Required Type Description
userId path required string
roleId path required string

Responses

204 No Content
DELETE /api/v1/users/{userId}/roles/{roleId}
GET /api/v1/users/{userId}/roles/{roleId}

Gets role that is assigne to user.

operationId: User_getAssignedRole

Parameters

Name In Required Type Description
userId path required string
roleId path required string

Responses

200 Success
GET /api/v1/users/{userId}/roles/{roleId}
GET /api/v1/users/{userId}/roles/{roleId}/targets/catalog/apps

Lists all App targets for an `APP_ADMIN` Role assigned to a User. This methods return list may include full Applications or Instances. The response for an instance will have an `ID` value, while Application will not have an ID.

operationId: User_listAppTargetsForRole

Parameters

Name In Required Type Description
userId path required string
roleId path required string
after query optional string
limit query optional integer

Responses

200 Success
GET /api/v1/users/{userId}/roles/{roleId}/targets/catalog/apps
PUT /api/v1/users/{userId}/roles/{roleId}/targets/catalog/apps

Success

operationId: User_updateRolesCatalogApps

Parameters

Name In Required Type Description
userId path required string
roleId path required string

Responses

200 Success
PUT /api/v1/users/{userId}/roles/{roleId}/targets/catalog/apps
DELETE /api/v1/users/{userId}/roles/{roleId}/targets/catalog/apps/{appName}

Success

operationId: User_deleteTargetApp

Parameters

Name In Required Type Description
userId path required string
roleId path required string
appName path required string

Responses

204 No Content
DELETE /api/v1/users/{userId}/roles/{roleId}/targets/catalog/apps/{appName}
PUT /api/v1/users/{userId}/roles/{roleId}/targets/catalog/apps/{appName}

Success

operationId: User_updateRolesCatalogApps

Parameters

Name In Required Type Description
userId path required string
roleId path required string
appName path required string

Responses

200 Success
PUT /api/v1/users/{userId}/roles/{roleId}/targets/catalog/apps/{appName}
DELETE /api/v1/users/{userId}/roles/{roleId}/targets/catalog/apps/{appName}/{applicationId}

Remove App Instance Target to App Administrator Role given to a User

operationId: User_removeAppInstanceTargetToAppAdministratorRoleGivenTo

Parameters

Name In Required Type Description
userId path required string
roleId path required string
appName path required string
applicationId path required string

Responses

204 No Content
DELETE /api/v1/users/{userId}/roles/{roleId}/targets/catalog/apps/{appName}/{applicationId}
PUT /api/v1/users/{userId}/roles/{roleId}/targets/catalog/apps/{appName}/{applicationId}

Add App Instance Target to App Administrator Role given to a User

operationId: User_addAppInstanceTargetToAppAdministratorRoleGivenToUser

Parameters

Name In Required Type Description
userId path required string
roleId path required string
appName path required string
applicationId path required string

Responses

204 No Content
PUT /api/v1/users/{userId}/roles/{roleId}/targets/catalog/apps/{appName}/{applicationId}
GET /api/v1/users/{userId}/roles/{roleId}/targets/groups

Success

operationId: User_listRoleTargetsGroups

Parameters

Name In Required Type Description
userId path required string
roleId path required string
after query optional string
limit query optional integer

Responses

200 Success
GET /api/v1/users/{userId}/roles/{roleId}/targets/groups
DELETE /api/v1/users/{userId}/roles/{roleId}/targets/groups/{groupId}

Success

operationId: User_removeTargetGroup

Parameters

Name In Required Type Description
userId path required string
roleId path required string
groupId path required string

Responses

204 No Content
DELETE /api/v1/users/{userId}/roles/{roleId}/targets/groups/{groupId}
PUT /api/v1/users/{userId}/roles/{roleId}/targets/groups/{groupId}

Success

operationId: User_updateRolesCatalogApps

Parameters

Name In Required Type Description
userId path required string
roleId path required string
groupId path required string

Responses

200 Success
PUT /api/v1/users/{userId}/roles/{roleId}/targets/groups/{groupId}
DELETE /api/v1/users/{userId}/sessions

Removes all active identity provider sessions. This forces the user to authenticate on the next operation. Optionally revokes OpenID Connect and OAuth refresh and access tokens issued to the user.

operationId: User_revokeAllSessions

Parameters

Name In Required Type Description
userId path required string
oauthTokens query optional boolean Revoke issued OpenID Connect and OAuth refresh and access tokens

Responses

204 No Content
DELETE /api/v1/users/{userId}/sessions
GET /api/v1/users/{userId}/subscriptions

List subscriptions of a User. Only lists subscriptions for current user. An AccessDeniedException message is sent if requests are made from other users.

operationId: User_listSubscriptions

Parameters

Name In Required Type Description
userId path required string

Responses

200 Success
404 Not Found
GET /api/v1/users/{userId}/subscriptions
GET /api/v1/users/{userId}/subscriptions/{notificationType}

Get the subscriptions of a User with a specific notification type. Only gets subscriptions for current user. An AccessDeniedException message is sent if requests are made from other users.

operationId: User_getSubscriptionByNotification

Parameters

Name In Required Type Description
userId path required string
notificationType path required string

Responses

200 Success
404 Not Found
GET /api/v1/users/{userId}/subscriptions/{notificationType}

Userfactor 9 endpoints

GET /api/v1/users/{userId}/factors

Enumerates all the enrolled factors for the specified user

operationId: UserFactor_enumerateEnrolled

Parameters

Name In Required Type Description
userId path required string

Responses

200 Success
GET /api/v1/users/{userId}/factors
POST /api/v1/users/{userId}/factors

Enrolls a user with a supported factor.

operationId: UserFactor_enrollSupportedFactor

Parameters

Name In Required Type Description
userId path required string
updatePhone query optional boolean
templateId query optional string id of SMS template (only for SMS factor)
tokenLifetimeSeconds query optional integer
activate query optional boolean

Request Body

{
  "content": {
    "application/json": {
      "schema": {
        "$ref": "#/components/schemas/UserFactor"
      }
    }
  },
  "required": true,
  "description": "Factor"
}

Responses

200 Success
POST /api/v1/users/{userId}/factors
GET /api/v1/users/{userId}/factors/catalog

Enumerates all the supported factors that can be enrolled for the specified user

operationId: UserFactor_enumerateSupportedFactors

Parameters

Name In Required Type Description
userId path required string

Responses

200 Success
GET /api/v1/users/{userId}/factors/catalog
GET /api/v1/users/{userId}/factors/questions

Enumerates all available security questions for a user's `question` factor

operationId: UserFactor_enumerateSecurityQuestions

Parameters

Name In Required Type Description
userId path required string

Responses

200 Success
GET /api/v1/users/{userId}/factors/questions
DELETE /api/v1/users/{userId}/factors/{factorId}

Unenrolls an existing factor for the specified user, allowing the user to enroll a new factor.

operationId: UserFactor_unenrollFactor

Parameters

Name In Required Type Description
userId path required string
factorId path required string

Responses

204 No Content
DELETE /api/v1/users/{userId}/factors/{factorId}
GET /api/v1/users/{userId}/factors/{factorId}

Fetches a factor for the specified user

operationId: UserFactor_getFactor

Parameters

Name In Required Type Description
userId path required string
factorId path required string

Responses

200 Success
GET /api/v1/users/{userId}/factors/{factorId}
POST /api/v1/users/{userId}/factors/{factorId}/lifecycle/activate

The `sms` and `token:software:totp` factor types require activation to complete the enrollment process.

operationId: UserFactor_activateFactorLifecycle

Parameters

Name In Required Type Description
userId path required string
factorId path required string

Request Body

{
  "content": {
    "application/json": {
      "schema": {
        "$ref": "#/components/schemas/ActivateFactorRequest"
      }
    }
  }
}

Responses

200 Success
POST /api/v1/users/{userId}/factors/{factorId}/lifecycle/activate
GET /api/v1/users/{userId}/factors/{factorId}/transactions/{transactionId}

Polls factors verification transaction for status.

operationId: UserFactor_pollFactorTransactionStatus

Parameters

Name In Required Type Description
userId path required string
factorId path required string
transactionId path required string

Responses

200 Success
GET /api/v1/users/{userId}/factors/{factorId}/transactions/{transactionId}
POST /api/v1/users/{userId}/factors/{factorId}/verify

Verifies an OTP for a `token` or `token:hardware` factor

operationId: UserFactor_verifyOtp

Parameters

Name In Required Type Description
userId path required string
factorId path required string
templateId query optional string
tokenLifetimeSeconds query optional integer
X-Forwarded-For header optional string
User-Agent header optional string
Accept-Language header optional string

Request Body

{
  "content": {
    "application/json": {
      "schema": {
        "$ref": "#/components/schemas/VerifyFactorRequest"
      }
    }
  }
}

Responses

200 Success
POST /api/v1/users/{userId}/factors/{factorId}/verify

Userschema 4 endpoints

GET /api/v1/meta/schemas/apps/{appInstanceId}/default

Fetches the Schema for an App User

operationId: UserSchema_getUserSchema

Parameters

Name In Required Type Description
appInstanceId path required string

Responses

200 successful operation
GET /api/v1/meta/schemas/apps/{appInstanceId}/default
POST /api/v1/meta/schemas/apps/{appInstanceId}/default

Partial updates on the User Profile properties of the Application User Schema.

operationId: UserSchema_partialUpdateUserProfile

Parameters

Name In Required Type Description
appInstanceId path required string

Request Body

{
  "content": {
    "application/json": {
      "schema": {
        "$ref": "#/components/schemas/UserSchema"
      }
    }
  }
}

Responses

200 successful operation
POST /api/v1/meta/schemas/apps/{appInstanceId}/default
GET /api/v1/meta/schemas/user/{schemaId}

Fetches the schema for a Schema Id.

operationId: UserSchema_getSchemaById

Parameters

Name In Required Type Description
schemaId path required string

Responses

200 Success
GET /api/v1/meta/schemas/user/{schemaId}
POST /api/v1/meta/schemas/user/{schemaId}

Partial updates on the User Profile properties of the user schema.

operationId: UserSchema_partialUpdateUserProfile

Parameters

Name In Required Type Description
schemaId path required string

Request Body

{
  "content": {
    "application/json": {
      "schema": {
        "$ref": "#/components/schemas/UserSchema"
      }
    }
  },
  "required": true
}

Responses

200 Success
POST /api/v1/meta/schemas/user/{schemaId}

Usertype 6 endpoints

GET /api/v1/meta/types/user

Fetches all User Types in your org

operationId: UserType_getAllUserTypes

Responses

200 Success
GET /api/v1/meta/types/user
POST /api/v1/meta/types/user

Creates a new User Type. A default User Type is automatically created along with your org, and you may add another 9 User Types for a maximum of 10.

operationId: UserType_createNewUserType

Request Body

{
  "$ref": "#/components/requestBodies/UserType"
}

Responses

200 Success
POST /api/v1/meta/types/user
DELETE /api/v1/meta/types/user/{typeId}

Deletes a User Type permanently. This operation is not permitted for the default type, nor for any User Type that has existing users

operationId: UserType_deletePermanently

Parameters

Name In Required Type Description
typeId path required string

Responses

204 No Content
DELETE /api/v1/meta/types/user/{typeId}
GET /api/v1/meta/types/user/{typeId}

Fetches a User Type by ID. The special identifier `default` may be used to fetch the default User Type.

operationId: UserType_getById

Parameters

Name In Required Type Description
typeId path required string

Responses

200 Success
GET /api/v1/meta/types/user/{typeId}
POST /api/v1/meta/types/user/{typeId}

Updates an existing User Type

operationId: UserType_updateExistingType

Parameters

Name In Required Type Description
typeId path required string

Request Body

{
  "$ref": "#/components/requestBodies/UserType"
}

Responses

200 Success
POST /api/v1/meta/types/user/{typeId}
PUT /api/v1/meta/types/user/{typeId}

Replace an existing User Type

operationId: UserType_replaceExistingType

Parameters

Name In Required Type Description
typeId path required string

Request Body

{
  "$ref": "#/components/requestBodies/UserType"
}

Responses

200 Success
PUT /api/v1/meta/types/user/{typeId}

Schemas

object AccessPolicy 
{
  "x-okta-tags": [
    "Policy"
  ],
  "x-okta-parent": "#/definitions/Policy"
}
object AccessPolicyConstraint 
{
  "type": "object",
  "properties": {
    "types": {
      "type": "array",
      "items": {
        "type": "string"
      }
    },
    "methods": {
      "type": "array",
      "items": {
        "type": "string"
      }
    },
    "reauthenticateIn": {
      "type": "string"
    }
  },
  "x-okta-tags": [
    "Policy"
  ]
}
object AccessPolicyConstraints 
{
  "type": "object",
  "properties": {
    "knowledge": {
      "$ref": "#/components/schemas/KnowledgeConstraint"
    },
    "possession": {
      "$ref": "#/components/schemas/PossessionConstraint"
    }
  },
  "x-okta-tags": [
    "Policy"
  ]
}
object AccessPolicyRule 
{
  "type": "object",
  "properties": {
    "name": {
      "type": "string"
    },
    "actions": {
      "$ref": "#/components/schemas/AccessPolicyRuleActions"
    },
    "conditions": {
      "$ref": "#/components/schemas/AccessPolicyRuleConditions"
    }
  },
  "x-okta-tags": [
    "Policy"
  ],
  "x-okta-parent": "#/definitions/PolicyRule"
}
object AccessPolicyRuleActions 
{
  "type": "object",
  "properties": {
    "appSignOn": {
      "$ref": "#/components/schemas/AccessPolicyRuleApplicationSignOn"
    }
  },
  "x-okta-tags": [
    "Policy"
  ],
  "x-okta-parent": "#/definitions/PolicyRuleActions"
}
object AccessPolicyRuleApplicationSignOn 
{
  "type": "object",
  "properties": {
    "access": {
      "type": "string"
    },
    "verificationMethod": {
      "$ref": "#/components/schemas/VerificationMethod"
    }
  },
  "x-okta-tags": [
    "Policy"
  ]
}
object AccessPolicyRuleConditions 
{
  "properties": {
    "device": {
      "$ref": "#/components/schemas/DeviceAccessPolicyRuleCondition"
    },
    "userType": {
      "$ref": "#/components/schemas/UserTypeCondition"
    },
    "elCondition": {
      "$ref": "#/components/schemas/AccessPolicyRuleCustomCondition"
    }
  },
  "x-okta-tags": [
    "Policy"
  ],
  "x-okta-parent": "#/definitions/PolicyRuleConditions"
}
object AccessPolicyRuleCustomCondition 
{
  "properties": {
    "condition": {
      "type": "string"
    }
  },
  "x-okta-tags": [
    "Policy"
  ]
}
object AcsEndpoint 
{
  "properties": {
    "url": {
      "type": "string"
    },
    "index": {
      "type": "integer"
    }
  },
  "x-okta-tags": [
    "Application"
  ]
}
object ActivateFactorRequest 
{
  "properties": {
    "passCode": {
      "type": "string"
    },
    "clientData": {
      "type": "string"
    },
    "stateToken": {
      "type": "string"
    },
    "attestation": {
      "type": "string"
    },
    "registrationData": {
      "type": "string"
    }
  },
  "x-okta-tags": [
    "UserFactor"
  ]
}
string AllowedForEnum 
{
  "enum": [
    "recovery",
    "sso",
    "any",
    "none"
  ],
  "type": "string",
  "x-okta-tags": [
    "Authenticator"
  ]
}
object AppAndInstanceConditionEvaluatorAppOrInstance 
{
  "type": "object",
  "properties": {
    "id": {
      "type": "string",
      "readOnly": true
    },
    "name": {
      "type": "string"
    },
    "type": {
      "enum": [
        "APP_TYPE",
        "APP"
      ],
      "type": "string"
    }
  },
  "x-okta-tags": [
    "Policy"
  ]
}
object AppAndInstancePolicyRuleCondition 
{
  "type": "object",
  "properties": {
    "exclude": {
      "type": "array",
      "items": {
        "$ref": "#/components/schemas/AppAndInstanceConditionEvaluatorAppOrInstance"
      }
    },
    "include": {
      "type": "array",
      "items": {
        "$ref": "#/components/schemas/AppAndInstanceConditionEvaluatorAppOrInstance"
      }
    }
  },
  "x-okta-tags": [
    "Policy"
  ]
}
object AppInstancePolicyRuleCondition 
{
  "type": "object",
  "properties": {
    "exclude": {
      "type": "array",
      "items": {
        "type": "string"
      }
    },
    "include": {
      "type": "array",
      "items": {
        "type": "string"
      }
    }
  },
  "x-okta-tags": [
    "Policy"
  ]
}
object AppLink 
{
  "type": "object",
  "properties": {
    "id": {
      "type": "string",
      "readOnly": true
    },
    "label": {
      "type": "string",
      "readOnly": true
    },
    "hidden": {
      "type": "boolean",
      "readOnly": true
    },
    "appName": {
      "type": "string",
      "readOnly": true
    },
    "linkUrl": {
      "type": "string",
      "readOnly": true
    },
    "logoUrl": {
      "type": "string",
      "readOnly": true
    },
    "sortOrder": {
      "type": "integer",
      "readOnly": true
    },
    "appInstanceId": {
      "type": "string",
      "readOnly": true
    },
    "appAssignmentId": {
      "type": "string",
      "readOnly": true
    },
    "credentialsSetup": {
      "type": "boolean",
      "readOnly": true
    }
  },
  "x-okta-tags": [
    "User"
  ]
}
object AppUser 
{
  "type": "object",
  "properties": {
    "id": {
      "type": "string"
    },
    "scope": {
      "type": "string"
    },
    "_links": {
      "type": "object",
      "readOnly": true,
      "additionalProperties": {
        "type": "object"
      }
    },
    "status": {
      "type": "string",
      "readOnly": true
    },
    "created": {
      "type": "string",
      "format": "date-time",
      "readOnly": true
    },
    "profile": {
      "type": "object",
      "additionalProperties": {
        "type": "object"
      }
    },
    "lastSync": {
      "type": "string",
      "format": "date-time",
      "readOnly": true
    },
    "_embedded": {
      "type": "object",
      "readOnly": true,
      "additionalProperties": {
        "type": "object"
      }
    },
    "syncState": {
      "type": "string",
      "readOnly": true
    },
    "externalId": {
      "type": "string",
      "readOnly": true
    },
    "credentials": {
      "$ref": "#/components/schemas/AppUserCredentials"
    },
    "lastUpdated": {
      "type": "string",
      "format": "date-time",
      "readOnly": true
    },
    "statusChanged": {
      "type": "string",
      "format": "date-time",
      "readOnly": true
    },
    "passwordChanged": {
      "type": "string",
      "format": "date-time",
      "readOnly": true
    }
  },
  "x-okta-crud": [
    {
      "alias": "update",
      "arguments": [
        {
          "dest": "appId",
          "parentSrc": "appId"
        },
        {
          "src": "id",
          "dest": "userId"
        },
        {
          "dest": "appUser",
          "self": true
        }
      ],
      "operationId": "updateApplicationUser"
    },
    {
      "alias": "delete",
      "arguments": [
        {
          "dest": "appId",
          "parentSrc": "appId"
        },
        {
          "src": "id",
          "dest": "userId"
        }
      ],
      "operationId": "deleteApplicationUser"
    }
  ],
  "x-okta-tags": [
    "Application"
  ]
}
object AppUserCredentials 
{
  "type": "object",
  "properties": {
    "password": {
      "$ref": "#/components/schemas/AppUserPasswordCredential"
    },
    "userName": {
      "type": "string"
    }
  },
  "x-okta-tags": [
    "Application"
  ]
}
object AppUserPasswordCredential 
{
  "properties": {
    "value": {
      "type": "string",
      "format": "password"
    }
  },
  "x-okta-tags": [
    "Application"
  ]
}
object Application 
{
  "type": "object",
  "properties": {
    "id": {
      "type": "string",
      "readOnly": true
    },
    "name": {
      "type": "string",
      "readOnly": true
    },
    "label": {
      "type": "string"
    },
    "_links": {
      "type": "object",
      "readOnly": true,
      "additionalProperties": {
        "type": "object"
      }
    },
    "status": {
      "enum": [
        "ACTIVE",
        "INACTIVE",
        "DELETED"
      ],
      "type": "string",
      "readOnly": true
    },
    "created": {
      "type": "string",
      "format": "date-time",
      "readOnly": true
    },
    "profile": {
      "type": "object",
      "additionalProperties": {
        "type": "object"
      }
    },
    "features": {
      "type": "array",
      "items": {
        "type": "string"
      }
    },
    "settings": {
      "$ref": "#/components/schemas/ApplicationSettings"
    },
    "_embedded": {
      "type": "object",
      "readOnly": true,
      "additionalProperties": {
        "type": "object"
      }
    },
    "licensing": {
      "$ref": "#/components/schemas/ApplicationLicensing"
    },
    "signOnMode": {
      "$ref": "#/components/schemas/ApplicationSignOnMode"
    },
    "visibility": {
      "$ref": "#/components/schemas/ApplicationVisibility"
    },
    "credentials": {
      "$ref": "#/components/schemas/ApplicationCredentials"
    },
    "lastUpdated": {
      "type": "string",
      "format": "date-time",
      "readOnly": true
    },
    "accessibility": {
      "$ref": "#/components/schemas/ApplicationAccessibility"
    }
  },
  "x-okta-crud": [
    {
      "alias": "read",
      "arguments": [
        {
          "src": "id",
          "dest": "appId"
        }
      ],
      "operationId": "getApplication"
    },
    {
      "alias": "update",
      "arguments": [
        {
          "src": "id",
          "dest": "appId"
        },
        {
          "dest": "application",
          "self": true
        }
      ],
      "operationId": "updateApplication"
    },
    {
      "alias": "delete",
      "arguments": [
        {
          "src": "id",
          "dest": "appId"
        }
      ],
      "operationId": "deleteApplication"
    }
  ],
  "x-okta-tags": [
    "Application"
  ],
  "x-okta-operations": [
    {
      "alias": "activate",
      "arguments": [
        {
          "src": "id",
          "dest": "appId"
        }
      ],
      "operationId": "activateApplication"
    },
    {
      "alias": "deactivate",
      "arguments": [
        {
          "src": "id",
          "dest": "appId"
        }
      ],
      "operationId": "deactivateApplication"
    },
    {
      "alias": "listApplicationUsers",
      "arguments": [
        {
          "src": "id",
          "dest": "appId"
        }
      ],
      "operationId": "listApplicationUsers"
    },
    {
      "alias": "assignUserToApplication",
      "arguments": [
        {
          "src": "id",
          "dest": "appId"
        }
      ],
      "operationId": "assignUserToApplication"
    },
    {
      "alias": "getApplicationUser",
      "arguments": [
        {
          "src": "id",
          "dest": "appId"
        }
      ],
      "operationId": "getApplicationUser"
    },
    {
      "alias": "createApplicationGroupAssignment",
      "arguments": [
        {
          "src": "id",
          "dest": "appId"
        }
      ],
      "operationId": "createApplicationGroupAssignment"
    },
    {
      "alias": "getApplicationGroupAssignment",
      "arguments": [
        {
          "src": "id",
          "dest": "appId"
        }
      ],
      "operationId": "getApplicationGroupAssignment"
    },
    {
      "alias": "cloneApplicationKey",
      "arguments": [
        {
          "src": "id",
          "dest": "appId"
        }
      ],
      "operationId": "cloneApplicationKey"
    },
    {
      "alias": "getApplicationKey",
      "arguments": [
        {
          "src": "id",
          "dest": "appId"
        }
      ],
      "operationId": "getApplicationKey"
    },
    {
      "alias": "listGroupAssignments",
      "arguments": [
        {
          "src": "id",
          "dest": "appId"
        }
      ],
      "operationId": "listApplicationGroupAssignments"
    },
    {
      "alias": "listKeys",
      "arguments": [
        {
          "src": "id",
          "dest": "appId"
        }
      ],
      "operationId": "listApplicationKeys"
    },
    {
      "alias": "generateKey",
      "arguments": [
        {
          "src": "id",
          "dest": "appId"
        }
      ],
      "operationId": "generateApplicationKey"
    },
    {
      "alias": "generateCsr",
      "arguments": [
        {
          "src": "id",
          "dest": "appId"
        }
      ],
      "operationId": "generateCsrForApplication"
    },
    {
      "alias": "getCsr",
      "arguments": [
        {
          "src": "id",
          "dest": "appId"
        }
      ],
      "operationId": "getCsrForApplication"
    },
    {
      "alias": "revokeCsr",
      "arguments": [
        {
          "src": "id",
          "dest": "appId"
        }
      ],
      "operationId": "revokeCsrFromApplication"
    },
    {
      "alias": "listCsrs",
      "arguments": [
        {
          "src": "id",
          "dest": "appId"
        }
      ],
      "operationId": "listCsrsForApplication"
    },
    {
      "alias": "publishCerCert",
      "arguments": [
        {
          "src": "id",
          "dest": "appId"
        }
      ],
      "operationId": "publishCerCert"
    },
    {
      "alias": "publishBinaryCerCert",
      "arguments": [
        {
          "src": "id",
          "dest": "appId"
        }
      ],
      "operationId": "publishBinaryCerCert"
    },
    {
      "alias": "publishDerCert",
      "arguments": [
        {
          "src": "id",
          "dest": "appId"
        }
      ],
      "operationId": "publishDerCert"
    },
    {
      "alias": "publishBinaryDerCert",
      "arguments": [
        {
          "src": "id",
          "dest": "appId"
        }
      ],
      "operationId": "publishBinaryDerCert"
    },
    {
      "alias": "publishBinaryPemCert",
      "arguments": [
        {
          "src": "id",
          "dest": "appId"
        }
      ],
      "operationId": "publishBinaryPemCert"
    },
    {
      "alias": "listOAuth2Tokens",
      "arguments": [
        {
          "src": "id",
          "dest": "appId"
        }
      ],
      "operationId": "listOAuth2TokensForApplication"
    },
    {
      "alias": "revokeOAuth2TokenForApplication",
      "arguments": [
        {
          "src": "id",
          "dest": "appId"
        }
      ],
      "operationId": "revokeOAuth2TokenForApplication"
    },
    {
      "alias": "getOAuth2Token",
      "arguments": [
        {
          "src": "id",
          "dest": "appId"
        }
      ],
      "operationId": "getOAuth2TokenForApplication"
    },
    {
      "alias": "revokeOAuth2Tokens",
      "arguments": [
        {
          "src": "id",
          "dest": "appId"
        }
      ],
      "operationId": "revokeOAuth2TokensForApplication"
    },
    {
      "alias": "listScopeConsentGrants",
      "arguments": [
        {
          "src": "id",
          "dest": "appId"
        }
      ],
      "operationId": "listScopeConsentGrants"
    },
    {
      "alias": "grantConsentToScope",
      "arguments": [
        {
          "src": "id",
          "dest": "appId"
        }
      ],
      "operationId": "grantConsentToScope"
    },
    {
      "alias": "revokeScopeConsentGrant",
      "arguments": [
        {
          "src": "id",
          "dest": "appId"
        }
      ],
      "operationId": "revokeScopeConsentGrant"
    },
    {
      "alias": "getScopeConsentGrant",
      "arguments": [
        {
          "src": "id",
          "dest": "appId"
        }
      ],
      "operationId": "getScopeConsentGrant"
    },
    {
      "alias": "uploadApplicationLogo",
      "operationId": "uploadApplicationLogo"
    },
    {
      "alias": "getFeatureForApplication",
      "arguments": [
        {
          "src": "id",
          "dest": "appId"
        }
      ],
      "operationId": "getFeatureForApplication"
    },
    {
      "alias": "updateFeatureForApplication",
      "arguments": [
        {
          "src": "id",
          "dest": "appId"
        }
      ],
      "operationId": "updateFeatureForApplication"
    },
    {
      "alias": "updateApplicationPolicy",
      "arguments": [
        {
          "src": "id",
          "dest": "appId"
        }
      ],
      "operationId": "updateApplicationPolicy"
    }
  ],
  "x-openapi-v3-discriminator": {
    "mapping": {
      "BOOKMARK": "#/definitions/BookmarkApplication",
      "SAML_1_1": "#/definitions/SamlApplication",
      "SAML_2_0": "#/definitions/SamlApplication",
      "AUTO_LOGIN": "#/definitions/AutoLoginApplication",
      "BASIC_AUTH": "#/definitions/BasicAuthApplication",
      "WS_FEDERATION": "#/definitions/WsFederationApplication",
      "BROWSER_PLUGIN": "#/definitions/BrowserPluginApplication",
      "OPENID_CONNECT": "#/definitions/OpenIdConnectApplication",
      "SECURE_PASSWORD_STORE": "#/definitions/SecurePasswordStoreApplication"
    },
    "propertyName": "signOnMode"
  }
}
object ApplicationAccessibility 
{
  "type": "object",
  "properties": {
    "selfService": {
      "type": "boolean"
    },
    "errorRedirectUrl": {
      "type": "string"
    },
    "loginRedirectUrl": {
      "type": "string"
    }
  },
  "x-okta-tags": [
    "Application"
  ]
}
object ApplicationCredentials 
{
  "type": "object",
  "properties": {
    "signing": {
      "$ref": "#/components/schemas/ApplicationCredentialsSigning"
    },
    "userNameTemplate": {
      "$ref": "#/components/schemas/ApplicationCredentialsUsernameTemplate"
    }
  },
  "x-okta-tags": [
    "Application"
  ]
}
object ApplicationCredentialsOAuthClient 
{
  "properties": {
    "client_id": {
      "type": "string"
    },
    "client_secret": {
      "type": "string"
    },
    "pkce_required": {
      "type": "boolean"
    },
    "autoKeyRotation": {
      "type": "boolean"
    },
    "token_endpoint_auth_method": {
      "$ref": "#/components/schemas/OAuthEndpointAuthenticationMethod"
    }
  },
  "x-okta-tags": [
    "Application"
  ]
}
string ApplicationCredentialsScheme 
{
  "enum": [
    "SHARED_USERNAME_AND_PASSWORD",
    "EXTERNAL_PASSWORD_SYNC",
    "EDIT_USERNAME_AND_PASSWORD",
    "EDIT_PASSWORD_ONLY",
    "ADMIN_SETS_CREDENTIALS"
  ],
  "type": "string",
  "x-okta-tags": [
    "Application"
  ]
}
object ApplicationCredentialsSigning 
{
  "type": "object",
  "properties": {
    "kid": {
      "type": "string"
    },
    "use": {
      "$ref": "#/components/schemas/ApplicationCredentialsSigningUse"
    },
    "lastRotated": {
      "type": "string",
      "format": "date-time",
      "readOnly": true
    },
    "nextRotation": {
      "type": "string",
      "format": "date-time",
      "readOnly": true
    },
    "rotationMode": {
      "type": "string"
    }
  },
  "x-okta-tags": [
    "Application"
  ]
}
string ApplicationCredentialsSigningUse 
{
  "enum": [
    "sig"
  ],
  "type": "string",
  "x-okta-tags": [
    "AuthorizationServer"
  ]
}
object ApplicationCredentialsUsernameTemplate 
{
  "type": "object",
  "properties": {
    "type": {
      "type": "string"
    },
    "suffix": {
      "type": "string"
    },
    "template": {
      "type": "string"
    },
    "pushStatus": {
      "type": "string"
    }
  },
  "x-okta-tags": [
    "Application"
  ]
}
object ApplicationFeature 
{
  "type": "object",
  "properties": {
    "name": {
      "type": "string"
    },
    "_links": {
      "type": "object",
      "readOnly": true,
      "additionalProperties": {
        "type": "object"
      }
    },
    "status": {
      "$ref": "#/components/schemas/EnabledStatus"
    },
    "description": {
      "type": "string"
    },
    "capabilities": {
      "$ref": "#/components/schemas/CapabilitiesObject"
    }
  },
  "x-okta-tags": [
    "Application"
  ],
  "x-okta-operations": [
    {
      "alias": "listFeaturesForApplication",
      "operationId": "listFeaturesForApplication"
    }
  ]
}
object ApplicationGroupAssignment 
{
  "type": "object",
  "properties": {
    "id": {
      "type": "string",
      "readOnly": true
    },
    "_links": {
      "type": "object",
      "readOnly": true,
      "additionalProperties": {
        "type": "object"
      }
    },
    "profile": {
      "type": "object",
      "additionalProperties": {
        "type": "object"
      }
    },
    "priority": {
      "type": "integer"
    },
    "_embedded": {
      "type": "object",
      "readOnly": true,
      "additionalProperties": {
        "type": "object"
      }
    },
    "lastUpdated": {
      "type": "string",
      "format": "date-time",
      "readOnly": true
    }
  },
  "x-okta-crud": [
    {
      "alias": "delete",
      "arguments": [
        {
          "dest": "appId",
          "parentSrc": "appId"
        },
        {
          "src": "id",
          "dest": "groupId"
        }
      ],
      "operationId": "deleteApplicationGroupAssignment"
    }
  ],
  "x-okta-tags": [
    "Application"
  ]
}
object ApplicationLicensing 
{
  "type": "object",
  "properties": {
    "seatCount": {
      "type": "integer"
    }
  },
  "x-okta-tags": [
    "Application"
  ]
}
array ApplicationListAppsResponse 
{
  "type": "array",
  "items": {
    "$ref": "#/components/schemas/Application"
  }
}
array ApplicationListAssignedUsersResponse 
{
  "type": "array",
  "items": {
    "$ref": "#/components/schemas/AppUser"
  }
}
array ApplicationListClientSecretsResponse 
{
  "type": "array",
  "items": {
    "$ref": "#/components/schemas/ClientSecret"
  }
}
array ApplicationListCsrsForApplicationResponse 
{
  "type": "array",
  "items": {
    "$ref": "#/components/schemas/Csr"
  }
}
array ApplicationListFeaturesResponse 
{
  "type": "array",
  "items": {
    "$ref": "#/components/schemas/ApplicationFeature"
  }
}
array ApplicationListGroupsAssignedResponse 
{
  "type": "array",
  "items": {
    "$ref": "#/components/schemas/ApplicationGroupAssignment"
  }
}
array ApplicationListKeyCredentialsResponse 
{
  "type": "array",
  "items": {
    "$ref": "#/components/schemas/JsonWebKey"
  }
}
array ApplicationListScopeConsentGrantsResponse 
{
  "type": "array",
  "items": {
    "$ref": "#/components/schemas/OAuth2ScopeConsentGrant"
  }
}
array ApplicationListTokensResponse 
{
  "type": "array",
  "items": {
    "$ref": "#/components/schemas/OAuth2Token"
  }
}
object ApplicationPreviewSamlAppMetadataResponse 
{
  "type": "object",
  "properties": {
    "EntityDescriptor": {
      "type": "object",
      "properties": {
        "entityID": {
          "xml": {
            "attribute": true
          },
          "type": "string"
        },
        "IDPSSODescriptor": {
          "type": "object",
          "properties": {
            "NameIDFormat": {
              "type": "array",
              "items": {
                "type": "string"
              }
            },
            "KeyDescriptor": {
              "type": "object",
              "properties": {
                "use": {
                  "xml": {
                    "attribute": true
                  },
                  "type": "string"
                },
                "KeyInfo": {
                  "type": "object",
                  "properties": {
                    "X509Data": {
                      "type": "object",
                      "properties": {
                        "X509Certificate": {
                          "type": "string"
                        }
                      }
                    }
                  }
                }
              }
            },
            "SingleLogoutService": {
              "type": "array",
              "items": {
                "type": "string"
              },
              "properties": {
                "Binding": {
                  "xml": {
                    "attribute": true
                  },
                  "type": "string"
                },
                "Location": {
                  "xml": {
                    "attribute": true
                  },
                  "type": "string"
                }
              }
            },
            "SingleSignOnService": {
              "type": "array",
              "items": {
                "type": "string"
              },
              "properties": {
                "Binding": {
                  "xml": {
                    "attribute": true
                  },
                  "type": "string"
                },
                "Location": {
                  "xml": {
                    "attribute": true
                  },
                  "type": "string"
                }
              }
            },
            "WantAuthnRequestsSigned": {
              "xml": {
                "attribute": true
              },
              "type": "boolean"
            },
            "protocolSupportEnumeration": {
              "xml": {
                "attribute": true
              },
              "type": "string"
            }
          }
        }
      }
    }
  }
}
object ApplicationSettings 
{
  "type": "object",
  "properties": {
    "app": {
      "$ref": "#/components/schemas/ApplicationSettingsApplication"
    },
    "notes": {
      "$ref": "#/components/schemas/ApplicationSettingsNotes"
    },
    "inlineHookId": {
      "type": "string"
    },
    "notifications": {
      "$ref": "#/components/schemas/ApplicationSettingsNotifications"
    },
    "implicitAssignment": {
      "type": "boolean"
    }
  },
  "x-okta-tags": [
    "Application"
  ]
}
object ApplicationSettingsApplication 
{
  "properties": {
    "url": {
      "type": "string"
    },
    "acsUrl": {
      "type": "string"
    },
    "orgName": {
      "type": "string"
    },
    "buttonField": {
      "type": "string"
    },
    "loginUrlRegex": {
      "type": "string"
    },
    "passwordField": {
      "type": "string"
    },
    "usernameField": {
      "type": "string"
    }
  },
  "x-okta-tags": [
    "Application"
  ]
}
object ApplicationSettingsNotes 
{
  "type": "object",
  "properties": {
    "admin": {
      "type": "string"
    },
    "enduser": {
      "type": "string"
    }
  },
  "x-okta-tags": [
    "Application"
  ]
}
object ApplicationSettingsNotifications 
{
  "type": "object",
  "properties": {
    "vpn": {
      "$ref": "#/components/schemas/ApplicationSettingsNotificationsVpn"
    }
  },
  "x-okta-tags": [
    "Application"
  ]
}
object ApplicationSettingsNotificationsVpn 
{
  "type": "object",
  "properties": {
    "helpUrl": {
      "type": "string"
    },
    "message": {
      "type": "string"
    },
    "network": {
      "$ref": "#/components/schemas/ApplicationSettingsNotificationsVpnNetwork"
    }
  },
  "x-okta-tags": [
    "Application"
  ]
}
object ApplicationSettingsNotificationsVpnNetwork 
{
  "type": "object",
  "properties": {
    "exclude": {
      "type": "array",
      "items": {
        "type": "string"
      }
    },
    "include": {
      "type": "array",
      "items": {
        "type": "string"
      }
    },
    "connection": {
      "type": "string"
    }
  },
  "x-okta-tags": [
    "Application"
  ]
}
string ApplicationSignOnMode 
{
  "enum": [
    "BOOKMARK",
    "BASIC_AUTH",
    "BROWSER_PLUGIN",
    "SECURE_PASSWORD_STORE",
    "AUTO_LOGIN",
    "WS_FEDERATION",
    "SAML_2_0",
    "OPENID_CONNECT",
    "SAML_1_1"
  ],
  "type": "string",
  "x-okta-tags": [
    "Application"
  ]
}
object ApplicationUpdateLogoRequest 
{
  "type": "object",
  "required": [
    "file"
  ],
  "properties": {
    "file": {
      "type": "string",
      "format": "binary"
    }
  }
}
object ApplicationVisibility 
{
  "type": "object",
  "properties": {
    "hide": {
      "$ref": "#/components/schemas/ApplicationVisibilityHide"
    },
    "appLinks": {
      "type": "object",
      "additionalProperties": {
        "type": "boolean"
      }
    },
    "autoLaunch": {
      "type": "boolean"
    },
    "autoSubmitToolbar": {
      "type": "boolean"
    }
  },
  "x-okta-tags": [
    "Application"
  ]
}
object ApplicationVisibilityHide 
{
  "type": "object",
  "properties": {
    "iOS": {
      "type": "boolean"
    },
    "web": {
      "type": "boolean"
    }
  },
  "x-okta-tags": [
    "Application"
  ]
}
object AssignRoleRequest 
{
  "properties": {
    "type": {
      "$ref": "#/components/schemas/RoleType"
    }
  },
  "x-okta-tags": [
    "Role"
  ]
}
object AuthenticationProvider 
{
  "type": "object",
  "properties": {
    "name": {
      "type": "string"
    },
    "type": {
      "$ref": "#/components/schemas/AuthenticationProviderType"
    }
  },
  "x-okta-tags": [
    "User"
  ]
}
string AuthenticationProviderType 
{
  "enum": [
    "ACTIVE_DIRECTORY",
    "FEDERATION",
    "LDAP",
    "OKTA",
    "SOCIAL",
    "IMPORT"
  ],
  "type": "string",
  "x-okta-tags": [
    "User"
  ]
}
object Authenticator 
{
  "type": "object",
  "properties": {
    "id": {
      "type": "string",
      "readOnly": true
    },
    "key": {
      "type": "string"
    },
    "name": {
      "type": "string"
    },
    "type": {
      "$ref": "#/components/schemas/AuthenticatorType"
    },
    "_links": {
      "type": "object",
      "readOnly": true,
      "additionalProperties": {
        "type": "object"
      }
    },
    "status": {
      "$ref": "#/components/schemas/AuthenticatorStatus"
    },
    "created": {
      "type": "string",
      "format": "date-time",
      "readOnly": true
    },
    "provider": {
      "$ref": "#/components/schemas/AuthenticatorProvider"
    },
    "settings": {
      "$ref": "#/components/schemas/AuthenticatorSettings"
    },
    "lastUpdated": {
      "type": "string",
      "format": "date-time",
      "readOnly": true
    }
  },
  "x-okta-crud": [
    {
      "alias": "read",
      "arguments": [],
      "operationId": "getAuthenticator"
    },
    {
      "alias": "update",
      "arguments": [
        {
          "src": "id",
          "dest": "authenticatorId"
        },
        {
          "dest": "authenticator",
          "self": true
        }
      ],
      "operationId": "updateAuthenticator"
    }
  ],
  "x-okta-tags": [
    "Authenticator"
  ],
  "x-okta-operations": [
    {
      "alias": "activate",
      "arguments": [
        {
          "src": "id",
          "dest": "authenticatorId"
        }
      ],
      "operationId": "activateAuthenticator"
    },
    {
      "alias": "deactivate",
      "arguments": [
        {
          "src": "id",
          "dest": "authenticatorId"
        }
      ],
      "operationId": "deactivateAuthenticator"
    }
  ]
}
array AuthenticatorListAllAvailableResponse 
{
  "type": "array",
  "items": {
    "$ref": "#/components/schemas/Authenticator"
  }
}
object AuthenticatorProvider 
{
  "properties": {
    "type": {
      "type": "string"
    },
    "configuration": {
      "$ref": "#/components/schemas/AuthenticatorProviderConfiguration"
    }
  },
  "x-okta-tags": [
    "Authenticator"
  ]
}
object AuthenticatorProviderConfiguration 
{
  "properties": {
    "host": {
      "type": "string"
    },
    "authPort": {
      "type": "integer"
    },
    "hostName": {
      "type": "string"
    },
    "secretKey": {
      "type": "string"
    },
    "instanceId": {
      "type": "string"
    },
    "sharedSecret": {
      "type": "string"
    },
    "integrationKey": {
      "type": "string"
    },
    "userNameTemplate": {
      "$ref": "#/components/schemas/AuthenticatorProviderConfigurationUserNamePlate"
    }
  },
  "x-okta-tags": [
    "Authenticator"
  ]
}
object AuthenticatorProviderConfigurationUserNamePlate 
{
  "properties": {
    "template": {
      "type": "string"
    }
  },
  "x-okta-tags": [
    "Authenticator"
  ]
}
object AuthenticatorSettings 
{
  "type": "object",
  "properties": {
    "allowedFor": {
      "$ref": "#/components/schemas/AllowedForEnum"
    },
    "compliance": {
      "$ref": "#/components/schemas/Compliance"
    },
    "appInstanceId": {
      "type": "string"
    },
    "channelBinding": {
      "$ref": "#/components/schemas/ChannelBinding"
    },
    "userVerification": {
      "$ref": "#/components/schemas/UserVerificationEnum"
    },
    "tokenLifetimeInMinutes": {
      "type": "integer"
    }
  },
  "x-okta-tags": [
    "Authenticator"
  ]
}
string AuthenticatorStatus 
{
  "enum": [
    "ACTIVE",
    "INACTIVE"
  ],
  "type": "string",
  "x-okta-tags": [
    "Authenticator"
  ]
}
string AuthenticatorType 
{
  "enum": [
    "app",
    "password",
    "security_question",
    "phone",
    "email",
    "security_key",
    "federated"
  ],
  "type": "string",
  "x-okta-tags": [
    "Authenticator"
  ]
}
object AuthorizationServer 
{
  "type": "object",
  "properties": {
    "id": {
      "type": "string",
      "readOnly": true
    },
    "name": {
      "type": "string"
    },
    "_links": {
      "type": "object",
      "readOnly": true,
      "additionalProperties": {
        "type": "object"
      }
    },
    "issuer": {
      "type": "string"
    },
    "status": {
      "enum": [
        "ACTIVE",
        "INACTIVE"
      ],
      "type": "string"
    },
    "created": {
      "type": "string",
      "format": "date-time",
      "readOnly": true
    },
    "default": {
      "type": "boolean",
      "readOnly": true
    },
    "audiences": {
      "type": "array",
      "items": {
        "type": "string"
      }
    },
    "issuerMode": {
      "enum": [
        "ORG_URL",
        "CUSTOM_URL",
        "DYNAMIC"
      ],
      "type": "string"
    },
    "credentials": {
      "$ref": "#/components/schemas/AuthorizationServerCredentials"
    },
    "description": {
      "type": "string"
    },
    "lastUpdated": {
      "type": "string",
      "format": "date-time",
      "readOnly": true
    }
  },
  "x-okta-crud": [
    {
      "alias": "create",
      "arguments": [
        {
          "dest": "authorizationServer",
          "self": true
        }
      ],
      "operationId": "createAuthorizationServer"
    },
    {
      "alias": "read",
      "arguments": [],
      "operationId": "getAuthorizationServer"
    },
    {
      "alias": "update",
      "arguments": [
        {
          "src": "id",
          "dest": "authServerId"
        },
        {
          "dest": "authorizationServer",
          "self": true
        }
      ],
      "operationId": "updateAuthorizationServer"
    },
    {
      "alias": "delete",
      "arguments": [
        {
          "src": "id",
          "dest": "authServerId"
        },
        {
          "dest": "authorizationServer",
          "self": true
        }
      ],
      "operationId": "deleteAuthorizationServer"
    }
  ],
  "x-okta-tags": [
    "AuthorizationServer"
  ],
  "x-okta-operations": [
    {
      "alias": "listOAuth2Claims",
      "arguments": [
        {
          "src": "id",
          "dest": "authServerId"
        }
      ],
      "operationId": "listOAuth2Claims"
    },
    {
      "alias": "createOAuth2Claim",
      "arguments": [
        {
          "src": "id",
          "dest": "authServerId"
        }
      ],
      "operationId": "createOAuth2Claim"
    },
    {
      "alias": "deleteOAuth2Claim",
      "arguments": [
        {
          "src": "id",
          "dest": "authServerId"
        }
      ],
      "operationId": "deleteOAuth2Claim"
    },
    {
      "alias": "getOAuth2Claim",
      "arguments": [
        {
          "src": "id",
          "dest": "authServerId"
        }
      ],
      "operationId": "getOAuth2Claim"
    },
    {
      "alias": "updateOAuth2Claim",
      "arguments": [
        {
          "src": "id",
          "dest": "authServerId"
        }
      ],
      "operationId": "updateOAuth2Claim"
    },
    {
      "alias": "listOAuth2Clients",
      "arguments": [
        {
          "src": "id",
          "dest": "authServerId"
        }
      ],
      "operationId": "listOAuth2ClientsForAuthorizationServer"
    },
    {
      "alias": "revokeRefreshTokensForClient",
      "arguments": [
        {
          "src": "id",
          "dest": "authServerId"
        }
      ],
      "operationId": "revokeRefreshTokensForAuthorizationServerAndClient"
    },
    {
      "alias": "listRefreshTokensForClient",
      "arguments": [
        {
          "src": "id",
          "dest": "authServerId"
        }
      ],
      "operationId": "listRefreshTokensForAuthorizationServerAndClient"
    },
    {
      "alias": "getRefreshTokenForClient",
      "arguments": [
        {
          "src": "id",
          "dest": "authServerId"
        }
      ],
      "operationId": "getRefreshTokenForAuthorizationServerAndClient"
    },
    {
      "alias": "revokeRefreshTokenForClient",
      "arguments": [
        {
          "src": "id",
          "dest": "authServerId"
        }
      ],
      "operationId": "revokeRefreshTokenForAuthorizationServerAndClient"
    },
    {
      "alias": "listKeys",
      "arguments": [
        {
          "src": "id",
          "dest": "authServerId"
        }
      ],
      "operationId": "listAuthorizationServerKeys"
    },
    {
      "alias": "rotateKeys",
      "arguments": [
        {
          "src": "id",
          "dest": "authServerId"
        }
      ],
      "operationId": "rotateAuthorizationServerKeys"
    },
    {
      "alias": "activate",
      "arguments": [
        {
          "src": "id",
          "dest": "authServerId"
        }
      ],
      "operationId": "activateAuthorizationServer"
    },
    {
      "alias": "deactivate",
      "arguments": [
        {
          "src": "id",
          "dest": "authServerId"
        }
      ],
      "operationId": "deactivateAuthorizationServer"
    },
    {
      "alias": "listPolicies",
      "arguments": [
        {
          "src": "id",
          "dest": "authServerId"
        }
      ],
      "operationId": "listAuthorizationServerPolicies"
    },
    {
      "alias": "createPolicy",
      "arguments": [
        {
          "src": "id",
          "dest": "authServerId"
        }
      ],
      "operationId": "createAuthorizationServerPolicy"
    },
    {
      "alias": "deletePolicy",
      "arguments": [
        {
          "src": "id",
          "dest": "authServerId"
        }
      ],
      "operationId": "deleteAuthorizationServerPolicy"
    },
    {
      "alias": "getPolicy",
      "arguments": [
        {
          "src": "id",
          "dest": "authServerId"
        }
      ],
      "operationId": "getAuthorizationServerPolicy"
    },
    {
      "alias": "updatePolicy",
      "arguments": [
        {
          "src": "id",
          "dest": "authServerId"
        }
      ],
      "operationId": "updateAuthorizationServerPolicy"
    },
    {
      "alias": "listOAuth2Scopes",
      "arguments": [
        {
          "src": "id",
          "dest": "authServerId"
        }
      ],
      "operationId": "listOAuth2Scopes"
    },
    {
      "alias": "createOAuth2Scope",
      "arguments": [
        {
          "src": "id",
          "dest": "authServerId"
        }
      ],
      "operationId": "createOAuth2Scope"
    },
    {
      "alias": "deleteOAuth2Scope",
      "arguments": [
        {
          "src": "id",
          "dest": "authServerId"
        }
      ],
      "operationId": "deleteOAuth2Scope"
    },
    {
      "alias": "getOAuth2Scope",
      "arguments": [
        {
          "src": "id",
          "dest": "authServerId"
        }
      ],
      "operationId": "getOAuth2Scope"
    },
    {
      "alias": "updateOAuth2Scope",
      "arguments": [
        {
          "src": "id",
          "dest": "authServerId"
        }
      ],
      "operationId": "updateOAuth2Scope"
    }
  ]
}
object AuthorizationServerCredentials 
{
  "properties": {
    "signing": {
      "$ref": "#/components/schemas/AuthorizationServerCredentialsSigningConfig"
    }
  },
  "x-okta-tags": [
    "Application"
  ]
}
string AuthorizationServerCredentialsRotationMode 
{
  "enum": [
    "AUTO",
    "MANUAL"
  ],
  "type": "string",
  "x-okta-tags": [
    "AuthorizationServer"
  ]
}
object AuthorizationServerCredentialsSigningConfig 
{
  "properties": {
    "kid": {
      "type": "string"
    },
    "use": {
      "$ref": "#/components/schemas/AuthorizationServerCredentialsUse"
    },
    "lastRotated": {
      "type": "string",
      "format": "date-time",
      "readOnly": true
    },
    "nextRotation": {
      "type": "string",
      "format": "date-time",
      "readOnly": true
    },
    "rotationMode": {
      "$ref": "#/components/schemas/AuthorizationServerCredentialsRotationMode"
    }
  },
  "x-okta-tags": [
    "AuthorizationServer"
  ]
}
string AuthorizationServerCredentialsUse 
{
  "enum": [
    "sig"
  ],
  "type": "string",
  "x-okta-tags": [
    "AuthorizationServer"
  ]
}
array AuthorizationServerEnumeratePolicyRulesResponse 
{
  "type": "array",
  "items": {
    "$ref": "#/components/schemas/AuthorizationServerPolicyRule"
  }
}
array AuthorizationServerGetClaimsResponse 
{
  "type": "array",
  "items": {
    "$ref": "#/components/schemas/OAuth2Claim"
  }
}
array AuthorizationServerGetClientTokensResponse 
{
  "type": "array",
  "items": {
    "$ref": "#/components/schemas/OAuth2RefreshToken"
  }
}
array AuthorizationServerGetPoliciesSuccessResponse 
{
  "type": "array",
  "items": {
    "$ref": "#/components/schemas/AuthorizationServerPolicy"
  }
}
array AuthorizationServerGetScopesResponse 
{
  "type": "array",
  "items": {
    "$ref": "#/components/schemas/OAuth2Scope"
  }
}
array AuthorizationServerListClientsResponse 
{
  "type": "array",
  "items": {
    "$ref": "#/components/schemas/OAuth2Client"
  }
}
array AuthorizationServerListCredentialsKeysResponse 
{
  "type": "array",
  "items": {
    "$ref": "#/components/schemas/JsonWebKey"
  }
}
array AuthorizationServerListServersResponse 
{
  "type": "array",
  "items": {
    "$ref": "#/components/schemas/AuthorizationServer"
  }
}
object AuthorizationServerPolicy 
{
  "type": "object",
  "properties": {
    "id": {
      "type": "string",
      "readOnly": true
    },
    "name": {
      "type": "string"
    },
    "type": {
      "$ref": "#/components/schemas/PolicyType"
    },
    "_links": {
      "type": "object",
      "readOnly": true,
      "additionalProperties": {
        "type": "object"
      }
    },
    "status": {
      "enum": [
        "ACTIVE",
        "INACTIVE"
      ],
      "type": "string"
    },
    "system": {
      "type": "boolean"
    },
    "created": {
      "type": "string",
      "format": "date-time",
      "readOnly": true
    },
    "priority": {
      "type": "integer"
    },
    "_embedded": {
      "type": "object",
      "readOnly": true,
      "additionalProperties": {
        "type": "object"
      }
    },
    "conditions": {
      "$ref": "#/components/schemas/PolicyRuleConditions"
    },
    "description": {
      "type": "string"
    },
    "lastUpdated": {
      "type": "string",
      "format": "date-time",
      "readOnly": true
    }
  },
  "x-okta-crud": [
    {
      "alias": "read",
      "arguments": [
        {
          "src": "id",
          "dest": "policyId"
        }
      ],
      "operationId": "getAuthorizationServerPolicy"
    },
    {
      "alias": "update",
      "arguments": [
        {
          "src": "id",
          "dest": "policyId"
        },
        {
          "dest": "policy",
          "self": true
        }
      ],
      "operationId": "updateAuthorizationServerPolicy"
    },
    {
      "alias": "delete",
      "arguments": [
        {
          "src": "id",
          "dest": "policyId"
        }
      ],
      "operationId": "deleteAuthorizationServerPolicy"
    }
  ],
  "x-okta-tags": [
    "AuthorizationServer"
  ],
  "x-okta-operations": [
    {
      "alias": "listPolicyRules",
      "arguments": [
        {
          "src": "id",
          "dest": "policyId"
        }
      ],
      "operationId": "listAuthorizationServerPolicyRules"
    },
    {
      "alias": "createPolicyRule",
      "arguments": [
        {
          "src": "id",
          "dest": "policyId"
        }
      ],
      "operationId": "createAuthorizationServerPolicyRule"
    },
    {
      "alias": "getPolicyRule",
      "arguments": [
        {
          "src": "id",
          "dest": "policyId"
        }
      ],
      "operationId": "getAuthorizationServerPolicyRule"
    },
    {
      "alias": "deletePolicyRule",
      "arguments": [
        {
          "src": "id",
          "dest": "policyId"
        }
      ],
      "operationId": "deleteAuthorizationServerPolicyRule"
    },
    {
      "alias": "activate",
      "arguments": [
        {
          "src": "id",
          "dest": "policyId"
        }
      ],
      "operationId": "activateAuthorizationServerPolicy"
    },
    {
      "alias": "deactivate",
      "arguments": [
        {
          "src": "id",
          "dest": "policyId"
        }
      ],
      "operationId": "deactivateAuthorizationServerPolicy"
    }
  ]
}
object AuthorizationServerPolicyRule 
{
  "type": "object",
  "properties": {
    "id": {
      "type": "string",
      "readOnly": true
    },
    "name": {
      "type": "string"
    },
    "type": {
      "enum": [
        "RESOURCE_ACCESS"
      ],
      "type": "string"
    },
    "status": {
      "enum": [
        "ACTIVE",
        "INACTIVE"
      ],
      "type": "string",
      "default": "ACTIVE"
    },
    "system": {
      "type": "boolean",
      "default": false
    },
    "actions": {
      "$ref": "#/components/schemas/AuthorizationServerPolicyRuleActions"
    },
    "created": {
      "type": "string",
      "format": "date-time",
      "readOnly": true
    },
    "priority": {
      "type": "integer"
    },
    "conditions": {
      "$ref": "#/components/schemas/AuthorizationServerPolicyRuleConditions"
    },
    "lastUpdated": {
      "type": "string",
      "format": "date-time",
      "readOnly": true
    }
  },
  "x-okta-crud": [
    {
      "alias": "update",
      "arguments": [
        {
          "src": "id",
          "dest": "ruleId"
        },
        {
          "dest": "policyRule",
          "self": true
        },
        {
          "dest": "policyId",
          "parentSrc": "id"
        }
      ],
      "operationId": "updateAuthorizationServerPolicyRule"
    },
    {
      "alias": "delete",
      "arguments": [
        {
          "src": "id",
          "dest": "ruleId"
        },
        {
          "dest": "policyId",
          "parentSrc": "policyId"
        }
      ],
      "operationId": "deleteAuthorizationServerPolicyRule"
    }
  ],
  "x-okta-tags": [
    "AuthorizationServerPolicy"
  ],
  "x-okta-operations": [
    {
      "alias": "activate",
      "arguments": [
        {
          "src": "id",
          "dest": "ruleId"
        },
        {
          "dest": "policyId",
          "parentSrc": "policyId"
        }
      ],
      "operationId": "activateAuthorizationServerPolicyRule"
    },
    {
      "alias": "deactivate",
      "arguments": [
        {
          "src": "id",
          "dest": "ruleId"
        },
        {
          "dest": "policyId",
          "parentSrc": "policyId"
        }
      ],
      "operationId": "deactivateAuthorizationServerPolicyRule"
    }
  ]
}
object AuthorizationServerPolicyRuleActions 
{
  "type": "object",
  "properties": {
    "token": {
      "$ref": "#/components/schemas/TokenAuthorizationServerPolicyRuleAction"
    }
  },
  "x-okta-tags": [
    "AuthorizationServerPolicy"
  ]
}
object AuthorizationServerPolicyRuleConditions 
{
  "type": "object",
  "properties": {
    "people": {
      "$ref": "#/components/schemas/PolicyPeopleCondition"
    },
    "scopes": {
      "$ref": "#/components/schemas/OAuth2ScopesMediationPolicyRuleCondition"
    },
    "clients": {
      "$ref": "#/components/schemas/ClientPolicyCondition"
    },
    "grantTypes": {
      "$ref": "#/components/schemas/GrantTypePolicyRuleCondition"
    }
  },
  "x-okta-tags": [
    "AuthorizationServerPolicy"
  ]
}
array AuthorizationServerRotateKeyLifecycleResponse 
{
  "type": "array",
  "items": {
    "$ref": "#/components/schemas/JsonWebKey"
  }
}
object AutoLoginApplication 
{
  "properties": {
    "settings": {
      "$ref": "#/components/schemas/AutoLoginApplicationSettings"
    },
    "credentials": {
      "$ref": "#/components/schemas/SchemeApplicationCredentials"
    }
  },
  "x-okta-tags": [
    "Application"
  ],
  "x-okta-parent": "#/definitions/Application"
}
object AutoLoginApplicationSettings 
{
  "properties": {
    "signOn": {
      "$ref": "#/components/schemas/AutoLoginApplicationSettingsSignOn"
    }
  },
  "x-okta-tags": [
    "Application"
  ],
  "x-okta-parent": "#/definitions/ApplicationSettings"
}
object AutoLoginApplicationSettingsSignOn 
{
  "properties": {
    "loginUrl": {
      "type": "string"
    },
    "redirectUrl": {
      "type": "string"
    }
  },
  "x-okta-tags": [
    "Application"
  ]
}
object BasicApplicationSettings 
{
  "properties": {
    "app": {
      "$ref": "#/components/schemas/BasicApplicationSettingsApplication"
    }
  },
  "x-okta-tags": [
    "Application"
  ],
  "x-okta-parent": "#/definitions/ApplicationSettings"
}
object BasicApplicationSettingsApplication 
{
  "properties": {
    "url": {
      "type": "string"
    },
    "authURL": {
      "type": "string"
    }
  },
  "x-okta-tags": [
    "Application"
  ],
  "x-okta-parent": "#/definitions/ApplicationSettingsApplication"
}
object BasicAuthApplication 
{
  "properties": {
    "name": {
      "default": "template_basic_auth"
    },
    "settings": {
      "$ref": "#/components/schemas/BasicApplicationSettings"
    },
    "credentials": {
      "$ref": "#/components/schemas/SchemeApplicationCredentials"
    }
  },
  "x-okta-tags": [
    "Application"
  ],
  "x-okta-parent": "#/definitions/Application",
  "x-okta-defined-as": {
    "name": "template_basic_auth"
  }
}
object BeforeScheduledActionPolicyRuleCondition 
{
  "type": "object",
  "properties": {
    "duration": {
      "$ref": "#/components/schemas/Duration"
    },
    "lifecycleAction": {
      "$ref": "#/components/schemas/ScheduledUserLifecycleAction"
    }
  },
  "x-okta-tags": [
    "Policy"
  ]
}
object BookmarkApplication 
{
  "properties": {
    "name": {
      "default": "bookmark"
    },
    "settings": {
      "$ref": "#/components/schemas/BookmarkApplicationSettings"
    }
  },
  "x-okta-tags": [
    "Application"
  ],
  "x-okta-parent": "#/definitions/Application",
  "x-okta-defined-as": {
    "name": "bookmark"
  }
}
object BookmarkApplicationSettings 
{
  "properties": {
    "app": {
      "$ref": "#/components/schemas/BookmarkApplicationSettingsApplication"
    }
  },
  "x-okta-tags": [
    "Application"
  ],
  "x-okta-parent": "#/definitions/ApplicationSettings"
}
object BookmarkApplicationSettingsApplication 
{
  "properties": {
    "url": {
      "type": "string"
    },
    "requestIntegration": {
      "type": "boolean"
    }
  },
  "x-okta-tags": [
    "Application"
  ],
  "x-okta-parent": "#/definitions/ApplicationSettingsApplication"
}
object Brand 
{
  "properties": {
    "id": {
      "type": "string",
      "readOnly": true
    },
    "_links": {
      "type": "object",
      "readOnly": true,
      "additionalProperties": {
        "type": "object"
      }
    },
    "removePoweredByOkta": {
      "type": "boolean"
    },
    "customPrivacyPolicyUrl": {
      "type": "string"
    },
    "agreeToCustomPrivacyPolicy": {
      "type": "boolean"
    }
  },
  "x-okta-crud": [
    {
      "alias": "read",
      "arguments": [
        {
          "src": "id",
          "dest": "brandId"
        }
      ],
      "operationId": "getBrand"
    },
    {
      "alias": "update",
      "arguments": [
        {
          "src": "id",
          "dest": "brandId"
        },
        {
          "dest": "brand",
          "self": true
        }
      ],
      "operationId": "updateBrand"
    }
  ],
  "x-okta-tags": [
    "Brand"
  ]
}
array BrandGetAllBrandsResponse 
{
  "type": "array",
  "items": {
    "$ref": "#/components/schemas/Brand"
  }
}
array BrandGetThemesResponse 
{
  "type": "array",
  "items": {
    "$ref": "#/components/schemas/ThemeResponse"
  }
}
array BrandListEmailTemplateCustomizationsResponse 
{
  "type": "array",
  "items": {
    "$ref": "#/components/schemas/EmailTemplateCustomization"
  }
}
array BrandListEmailTemplatesResponse 
{
  "type": "array",
  "items": {
    "$ref": "#/components/schemas/EmailTemplate"
  }
}
object BrowserPluginApplication 
{
  "properties": {
    "credentials": {
      "$ref": "#/components/schemas/SchemeApplicationCredentials"
    }
  },
  "x-okta-tags": [
    "Application"
  ],
  "x-okta-parent": "#/definitions/Application",
  "x-openapi-v3-discriminator": {
    "mapping": {
      "template_swa": "#/definitions/SwaApplication",
      "template_swa3field": "#/definitions/SwaThreeFieldApplication"
    },
    "propertyName": "name"
  }
}
object CallUserFactor 
{
  "properties": {
    "profile": {
      "$ref": "#/components/schemas/CallUserFactorProfile"
    }
  },
  "x-okta-tags": [
    "UserFactor"
  ],
  "x-okta-parent": "#/definitions/UserFactor"
}
object CallUserFactorProfile 
{
  "properties": {
    "phoneNumber": {
      "type": "string"
    },
    "phoneExtension": {
      "type": "string"
    }
  },
  "x-okta-tags": [
    "UserFactor"
  ]
}
object CapabilitiesCreateObject 
{
  "type": "object",
  "properties": {
    "lifecycleCreate": {
      "$ref": "#/components/schemas/LifecycleCreateSettingObject"
    }
  },
  "x-okta-tags": [
    "Application"
  ]
}
object CapabilitiesObject 
{
  "type": "object",
  "properties": {
    "create": {
      "$ref": "#/components/schemas/CapabilitiesCreateObject"
    },
    "update": {
      "$ref": "#/components/schemas/CapabilitiesUpdateObject"
    }
  },
  "x-okta-tags": [
    "Application"
  ]
}
object CapabilitiesUpdateObject 
{
  "type": "object",
  "properties": {
    "profile": {
      "$ref": "#/components/schemas/ProfileSettingObject"
    },
    "password": {
      "$ref": "#/components/schemas/PasswordSettingObject"
    },
    "lifecycleDeactivate": {
      "$ref": "#/components/schemas/LifecycleDeactivateSettingObject"
    }
  },
  "x-okta-tags": [
    "Application"
  ]
}
object CatalogApplication 
{
  "properties": {
    "id": {
      "type": "string",
      "readOnly": true
    },
    "name": {
      "type": "string"
    },
    "_links": {
      "type": "object",
      "readOnly": true,
      "additionalProperties": {
        "type": "object"
      }
    },
    "status": {
      "$ref": "#/components/schemas/CatalogApplicationStatus"
    },
    "website": {
      "type": "string"
    },
    "category": {
      "type": "string"
    },
    "features": {
      "type": "array",
      "items": {
        "type": "string"
      }
    },
    "description": {
      "type": "string"
    },
    "displayName": {
      "type": "string"
    },
    "lastUpdated": {
      "type": "string",
      "format": "date-time",
      "readOnly": true
    },
    "signOnModes": {
      "type": "array",
      "items": {
        "type": "string"
      }
    },
    "verificationStatus": {
      "type": "string"
    }
  },
  "x-okta-tags": [
    "Role"
  ]
}
string CatalogApplicationStatus 
{
  "enum": [
    "ACTIVE",
    "INACTIVE"
  ],
  "type": "string",
  "x-okta-tags": [
    "Role"
  ]
}
string ChangeEnum 
{
  "enum": [
    "KEEP_EXISTING",
    "CHANGE"
  ],
  "type": "string",
  "x-okta-tags": [
    "Application"
  ]
}
object ChangePasswordRequest 
{
  "type": "object",
  "properties": {
    "newPassword": {
      "$ref": "#/components/schemas/PasswordCredential"
    },
    "oldPassword": {
      "$ref": "#/components/schemas/PasswordCredential"
    }
  },
  "x-okta-tags": [
    "User"
  ]
}
object ChannelBinding 
{
  "type": "object",
  "properties": {
    "style": {
      "type": "string"
    },
    "required": {
      "$ref": "#/components/schemas/RequiredEnum"
    }
  },
  "x-okta-tags": [
    "Authenticator"
  ]
}
object ClientPolicyCondition 
{
  "type": "object",
  "properties": {
    "include": {
      "type": "array",
      "items": {
        "type": "string"
      }
    }
  },
  "x-okta-tags": [
    "Policy"
  ]
}
object ClientSecret 
{
  "properties": {
    "id": {
      "type": "string",
      "readOnly": true
    },
    "_links": {
      "type": "object",
      "readOnly": true,
      "additionalProperties": {
        "type": "object"
      }
    },
    "status": {
      "enum": [
        "ACTIVE",
        "INACTIVE"
      ],
      "type": "string"
    },
    "created": {
      "type": "string",
      "format": "date-time",
      "readOnly": true
    },
    "lastUpdated": {
      "type": "string",
      "format": "date-time",
      "readOnly": true
    },
    "secret_hash": {
      "type": "string"
    },
    "client_secret": {
      "type": "string"
    }
  },
  "x-okta-tags": [
    "Application"
  ]
}
object ClientSecretMetadata 
{
  "properties": {
    "client_secret": {
      "type": "string"
    }
  },
  "x-okta-tags": [
    "Application"
  ]
}
object Compliance 
{
  "type": "object",
  "properties": {
    "fips": {
      "$ref": "#/components/schemas/FipsEnum"
    }
  },
  "x-okta-tags": [
    "Authenticator"
  ]
}
object ContextPolicyRuleCondition 
{
  "type": "object",
  "properties": {
    "expression": {
      "type": "string"
    }
  },
  "x-okta-tags": [
    "Policy"
  ]
}
object CreateSessionRequest 
{
  "type": "object",
  "properties": {
    "sessionToken": {
      "type": "string"
    }
  },
  "x-okta-tags": [
    "Session"
  ]
}
object CreateUserRequest 
{
  "type": "object",
  "properties": {
    "type": {
      "$ref": "#/components/schemas/UserType"
    },
    "profile": {
      "$ref": "#/components/schemas/UserProfile"
    },
    "groupIds": {
      "type": "array",
      "items": {
        "type": "string"
      }
    },
    "credentials": {
      "$ref": "#/components/schemas/UserCredentials"
    }
  },
  "x-okta-tags": [
    "User"
  ]
}
object Csr 
{
  "type": "object",
  "properties": {
    "id": {
      "type": "string",
      "readOnly": true
    },
    "csr": {
      "type": "string",
      "readOnly": true
    },
    "kty": {
      "type": "string",
      "readOnly": true
    },
    "created": {
      "type": "string",
      "format": "date-time",
      "readOnly": true
    }
  },
  "x-okta-tags": [
    "Application"
  ]
}
object CsrMetadata 
{
  "properties": {
    "subject": {
      "$ref": "#/components/schemas/CsrMetadataSubject"
    },
    "subjectAltNames": {
      "$ref": "#/components/schemas/CsrMetadataSubjectAltNames"
    }
  },
  "x-okta-tags": [
    "Application"
  ]
}
object CsrMetadataSubject 
{
  "properties": {
    "commonName": {
      "type": "string"
    },
    "countryName": {
      "type": "string"
    },
    "localityName": {
      "type": "string"
    },
    "organizationName": {
      "type": "string"
    },
    "stateOrProvinceName": {
      "type": "string"
    },
    "organizationalUnitName": {
      "type": "string"
    }
  },
  "x-okta-tags": [
    "Application"
  ]
}
object CsrMetadataSubjectAltNames 
{
  "properties": {
    "dnsNames": {
      "type": "array",
      "items": {
        "type": "string"
      }
    }
  },
  "x-okta-tags": [
    "Application"
  ]
}
object CustomHotpUserFactor 
{
  "properties": {
    "profile": {
      "$ref": "#/components/schemas/CustomHotpUserFactorProfile"
    },
    "factorProfileId": {
      "type": "string"
    }
  },
  "x-okta-tags": [
    "UserFactor"
  ],
  "x-okta-parent": "#/definitions/UserFactor"
}
object CustomHotpUserFactorProfile 
{
  "properties": {
    "sharedSecret": {
      "type": "string"
    }
  },
  "x-okta-tags": [
    "UserFactor"
  ]
}
object DNSRecord 
{
  "properties": {
    "fqdn": {
      "type": "string"
    },
    "values": {
      "type": "array",
      "items": {
        "type": "string"
      }
    },
    "expiration": {
      "type": "string"
    },
    "recordType": {
      "$ref": "#/components/schemas/DNSRecordType"
    }
  },
  "x-okta-tags": [
    "Domain"
  ]
}
string DNSRecordType 
{
  "enum": [
    "TXT",
    "CNAME"
  ],
  "type": "string",
  "x-okta-tags": [
    "Domain"
  ]
}
object DeviceAccessPolicyRuleCondition 
{
  "properties": {
    "managed": {
      "type": "boolean"
    },
    "registered": {
      "type": "boolean"
    }
  },
  "x-okta-tags": [
    "Policy"
  ],
  "x-okta-parent": "#/definitions/DevicePolicyRuleCondition"
}
object DevicePolicyRuleCondition 
{
  "type": "object",
  "properties": {
    "rooted": {
      "type": "boolean"
    },
    "migrated": {
      "type": "boolean"
    },
    "platform": {
      "$ref": "#/components/schemas/DevicePolicyRuleConditionPlatform"
    },
    "trustLevel": {
      "enum": [
        "ANY",
        "TRUSTED"
      ],
      "type": "string"
    }
  },
  "x-okta-tags": [
    "Policy"
  ]
}
object DevicePolicyRuleConditionPlatform 
{
  "type": "object",
  "properties": {
    "types": {
      "type": "array",
      "items": {
        "enum": [
          "IOS",
          "ANDROID",
          "OSX",
          "WINDOWS"
        ],
        "type": "string"
      }
    },
    "supportedMDMFrameworks": {
      "type": "array",
      "items": {
        "enum": [
          "AFW",
          "SAFE",
          "NATIVE"
        ],
        "type": "string"
      }
    }
  },
  "x-okta-tags": [
    "Policy"
  ]
}
object Domain 
{
  "type": "object",
  "properties": {
    "id": {
      "type": "string",
      "readOnly": true
    },
    "domain": {
      "type": "string"
    },
    "dnsRecords": {
      "type": "array",
      "items": {
        "$ref": "#/components/schemas/DNSRecord"
      }
    },
    "validationStatus": {
      "$ref": "#/components/schemas/DomainValidationStatus"
    },
    "publicCertificate": {
      "$ref": "#/components/schemas/DomainCertificateMetadata"
    },
    "certificateSourceType": {
      "$ref": "#/components/schemas/DomainCertificateSourceType"
    }
  },
  "x-okta-tags": [
    "Domain"
  ]
}
object DomainCertificate 
{
  "properties": {
    "type": {
      "$ref": "#/components/schemas/DomainCertificateType"
    },
    "privateKey": {
      "type": "string"
    },
    "certificate": {
      "type": "string"
    },
    "certificateChain": {
      "type": "string"
    }
  },
  "x-okta-tags": [
    "Domain"
  ],
  "x-okta-operations": [
    {
      "alias": "createCertificate",
      "arguments": [
        {
          "dest": "certificate",
          "self": true
        }
      ],
      "operationId": "createCertificate"
    }
  ]
}
object DomainCertificateMetadata 
{
  "properties": {
    "subject": {
      "type": "string"
    },
    "expiration": {
      "type": "string"
    },
    "fingerprint": {
      "type": "string"
    }
  },
  "x-okta-tags": [
    "Domain"
  ]
}
string DomainCertificateSourceType 
{
  "enum": [
    "MANUAL",
    "OKTA_MANAGED"
  ],
  "type": "string",
  "x-okta-tags": [
    "Domain"
  ]
}
string DomainCertificateType 
{
  "enum": [
    "PEM"
  ],
  "type": "string",
  "x-okta-tags": [
    "Domain"
  ]
}
object DomainListResponse 
{
  "properties": {
    "domains": {
      "type": "array",
      "items": {
        "$ref": "#/components/schemas/Domain"
      }
    }
  },
  "x-okta-tags": [
    "Domain"
  ]
}
string DomainValidationStatus 
{
  "enum": [
    "NOT_STARTED",
    "IN_PROGRESS",
    "VERIFIED",
    "FAILED_TO_VERIFY",
    "DOMAIN_TAKEN",
    "COMPLETED"
  ],
  "type": "string",
  "x-okta-tags": [
    "Domain"
  ]
}
object Duration 
{
  "type": "object",
  "properties": {
    "unit": {
      "type": "string"
    },
    "number": {
      "type": "integer"
    }
  },
  "x-okta-tags": [
    "Policy"
  ]
}
object EmailTemplate 
{
  "properties": {
    "name": {
      "type": "string",
      "readOnly": true
    },
    "_links": {
      "type": "object",
      "readOnly": true,
      "additionalProperties": {
        "type": "object"
      }
    }
  },
  "x-okta-crud": [
    {
      "alias": "read",
      "operationId": "getEmailTemplate"
    }
  ],
  "x-okta-tags": [
    "Brands"
  ],
  "x-okta-operations": [
    {
      "alias": "getEmailTemplate",
      "operationId": "getEmailTemplate"
    },
    {
      "alias": "deleteEmailTemplateCustomizations",
      "operationId": "deleteEmailTemplateCustomizations"
    },
    {
      "alias": "listEmailTemplateCustomizations",
      "operationId": "listEmailTemplateCustomizations"
    },
    {
      "alias": "createEmailTemplateCustomization",
      "operationId": "createEmailTemplateCustomization"
    },
    {
      "alias": "deleteEmailTemplateCustomization",
      "operationId": "deleteEmailTemplateCustomization"
    },
    {
      "alias": "getEmailTemplateCustomization",
      "operationId": "getEmailTemplateCustomization"
    },
    {
      "alias": "updateEmailTemplateCustomization",
      "operationId": "updateEmailTemplateCustomization"
    },
    {
      "alias": "getEmailTemplateCustomizationPreview",
      "operationId": "getEmailTemplateCustomizationPreview"
    },
    {
      "alias": "getEmailTemplateDefaultContent",
      "operationId": "getEmailTemplateDefaultContent"
    },
    {
      "alias": "getEmailTemplateDefaultContentPreview",
      "operationId": "getEmailTemplateDefaultContentPreview"
    },
    {
      "alias": "sendTestEmail",
      "operationId": "sendTestEmail"
    }
  ]
}
object EmailTemplateContent 
{
  "properties": {
    "body": {
      "type": "string"
    },
    "_links": {
      "type": "object",
      "readOnly": true,
      "additionalProperties": {
        "type": "object"
      }
    },
    "subject": {
      "type": "string"
    },
    "fromName": {
      "type": "string"
    },
    "fromAddress": {
      "type": "string"
    }
  },
  "x-okta-tags": [
    "Brands"
  ]
}
object EmailTemplateCustomization 
{
  "properties": {
    "id": {
      "type": "string",
      "readOnly": true
    },
    "body": {
      "type": "string"
    },
    "_links": {
      "type": "object",
      "readOnly": true,
      "additionalProperties": {
        "type": "object"
      }
    },
    "created": {
      "type": "string",
      "format": "date-time",
      "readOnly": true
    },
    "subject": {
      "type": "string"
    },
    "language": {
      "type": "string",
      "description": "unique under each email template"
    },
    "isDefault": {
      "type": "boolean"
    },
    "lastUpdated": {
      "type": "string",
      "format": "date-time",
      "readOnly": true
    }
  },
  "x-okta-tags": [
    "Brands"
  ]
}
object EmailTemplateCustomizationRequest 
{
  "properties": {
    "body": {
      "type": "string"
    },
    "subject": {
      "type": "string"
    },
    "language": {
      "type": "string",
      "description": "unique under each email template"
    },
    "isDefault": {
      "type": "boolean"
    }
  },
  "x-okta-tags": [
    "Brands"
  ]
}
object EmailTemplateTestRequest 
{
  "properties": {
    "customizationId": {
      "type": "string"
    }
  },
  "x-okta-tags": [
    "Brands"
  ]
}
string EmailTemplateTouchPointVariant 
{
  "enum": [
    "OKTA_DEFAULT",
    "FULL_THEME"
  ],
  "type": "string",
  "x-okta-tags": [
    "Brand"
  ]
}
object EmailUserFactor 
{
  "properties": {
    "profile": {
      "$ref": "#/components/schemas/EmailUserFactorProfile"
    }
  },
  "x-okta-tags": [
    "UserFactor"
  ],
  "x-okta-parent": "#/definitions/UserFactor"
}
object EmailUserFactorProfile 
{
  "properties": {
    "email": {
      "type": "string"
    }
  },
  "x-okta-tags": [
    "UserFactor"
  ]
}
string EnabledStatus 
{
  "enum": [
    "ENABLED",
    "DISABLED"
  ],
  "type": "string",
  "x-okta-tags": [
    "Common"
  ]
}
string EndUserDashboardTouchPointVariant 
{
  "enum": [
    "OKTA_DEFAULT",
    "WHITE_LOGO_BACKGROUND",
    "FULL_THEME",
    "LOGO_ON_FULL_WHITE_BACKGROUND"
  ],
  "type": "string",
  "x-okta-tags": [
    "Brand"
  ]
}
string ErrorPageTouchPointVariant 
{
  "enum": [
    "OKTA_DEFAULT",
    "BACKGROUND_SECONDARY_COLOR",
    "BACKGROUND_IMAGE"
  ],
  "type": "string",
  "x-okta-tags": [
    "Brand"
  ]
}
object EventHook 
{
  "type": "object",
  "properties": {
    "id": {
      "type": "string",
      "readOnly": true
    },
    "name": {
      "type": "string"
    },
    "_links": {
      "type": "object",
      "readOnly": true,
      "additionalProperties": {
        "type": "object"
      }
    },
    "events": {
      "$ref": "#/components/schemas/EventSubscriptions"
    },
    "status": {
      "enum": [
        "ACTIVE",
        "INACTIVE"
      ],
      "type": "string"
    },
    "channel": {
      "$ref": "#/components/schemas/EventHookChannel"
    },
    "created": {
      "type": "string",
      "format": "date-time",
      "readOnly": true
    },
    "createdBy": {
      "type": "string"
    },
    "lastUpdated": {
      "type": "string",
      "format": "date-time",
      "readOnly": true
    },
    "verificationStatus": {
      "enum": [
        "UNVERIFIED",
        "VERIFIED"
      ],
      "type": "string"
    }
  },
  "x-okta-crud": [
    {
      "alias": "create",
      "arguments": [
        {
          "dest": "eventHook",
          "self": true
        }
      ],
      "operationId": "createEventHook"
    },
    {
      "alias": "read",
      "arguments": [],
      "operationId": "getEventHook"
    },
    {
      "alias": "update",
      "arguments": [
        {
          "src": "id",
          "dest": "eventHookId"
        },
        {
          "dest": "eventHook",
          "self": true
        }
      ],
      "operationId": "updateEventHook"
    },
    {
      "alias": "delete",
      "arguments": [
        {
          "src": "id",
          "dest": "eventHookId"
        }
      ],
      "operationId": "deleteEventHook"
    }
  ],
  "x-okta-tags": [
    "EventHook"
  ],
  "x-okta-operations": [
    {
      "alias": "activate",
      "arguments": [
        {
          "src": "id",
          "dest": "eventHookId"
        }
      ],
      "operationId": "activateEventHook"
    },
    {
      "alias": "deactivate",
      "arguments": [
        {
          "src": "id",
          "dest": "eventHookId"
        }
      ],
      "operationId": "deactivateEventHook"
    },
    {
      "alias": "verify",
      "arguments": [
        {
          "src": "id",
          "dest": "eventHookId"
        }
      ],
      "operationId": "verifyEventHook"
    }
  ]
}
object EventHookChannel 
{
  "type": "object",
  "properties": {
    "type": {
      "enum": [
        "HTTP"
      ],
      "type": "string",
      "readOnly": false
    },
    "config": {
      "$ref": "#/components/schemas/EventHookChannelConfig"
    },
    "version": {
      "type": "string",
      "readOnly": false
    }
  },
  "x-okta-tags": [
    "EventHook"
  ]
}
object EventHookChannelConfig 
{
  "type": "object",
  "properties": {
    "uri": {
      "type": "string"
    },
    "headers": {
      "type": "array",
      "items": {
        "$ref": "#/components/schemas/EventHookChannelConfigHeader"
      }
    },
    "authScheme": {
      "$ref": "#/components/schemas/EventHookChannelConfigAuthScheme"
    }
  },
  "x-okta-tags": [
    "EventHook"
  ]
}
object EventHookChannelConfigAuthScheme 
{
  "type": "object",
  "properties": {
    "key": {
      "type": "string"
    },
    "type": {
      "$ref": "#/components/schemas/EventHookChannelConfigAuthSchemeType"
    },
    "value": {
      "type": "string"
    }
  },
  "x-okta-tags": [
    "EventHook"
  ]
}
string EventHookChannelConfigAuthSchemeType 
{
  "enum": [
    "HEADER"
  ],
  "type": "string",
  "x-okta-tags": [
    "EventHook"
  ]
}
object EventHookChannelConfigHeader 
{
  "type": "object",
  "properties": {
    "key": {
      "type": "string"
    },
    "value": {
      "type": "string"
    }
  },
  "x-okta-tags": [
    "EventHook"
  ]
}
array EventHookListSuccessEventsResponse 
{
  "type": "array",
  "items": {
    "$ref": "#/components/schemas/EventHook"
  }
}
object EventSubscriptions 
{
  "type": "object",
  "properties": {
    "type": {
      "enum": [
        "EVENT_TYPE",
        "FLOW_EVENT"
      ],
      "type": "string"
    },
    "items": {
      "type": "array",
      "items": {
        "type": "string"
      }
    }
  },
  "x-okta-tags": [
    "EventHook"
  ],
  "discriminator": {
    "propertyName": "type"
  }
}
string FactorProvider 
{
  "enum": [
    "OKTA",
    "RSA",
    "FIDO",
    "GOOGLE",
    "SYMANTEC",
    "DUO",
    "YUBICO",
    "CUSTOM",
    "APPLE"
  ],
  "type": "string",
  "x-okta-tags": [
    "UserFactor"
  ]
}
string FactorResultType 
{
  "enum": [
    "SUCCESS",
    "CHALLENGE",
    "WAITING",
    "FAILED",
    "REJECTED",
    "TIMEOUT",
    "TIME_WINDOW_EXCEEDED",
    "PASSCODE_REPLAYED",
    "ERROR",
    "CANCELLED"
  ],
  "type": "string",
  "x-okta-tags": [
    "UserFactor"
  ]
}
string FactorStatus 
{
  "enum": [
    "PENDING_ACTIVATION",
    "ACTIVE",
    "INACTIVE",
    "NOT_SETUP",
    "ENROLLED",
    "DISABLED",
    "EXPIRED"
  ],
  "type": "string",
  "x-okta-tags": [
    "UserFactor"
  ]
}
string FactorType 
{
  "enum": [
    "call",
    "email",
    "hotp",
    "push",
    "question",
    "signed_nonce",
    "sms",
    "token:hardware",
    "token:hotp",
    "token:software:totp",
    "token",
    "u2f",
    "web",
    "webauthn"
  ],
  "type": "string",
  "x-okta-tags": [
    "UserFactor"
  ]
}
object Feature 
{
  "type": "object",
  "properties": {
    "id": {
      "type": "string",
      "readOnly": true
    },
    "name": {
      "type": "string"
    },
    "type": {
      "$ref": "#/components/schemas/FeatureType"
    },
    "stage": {
      "$ref": "#/components/schemas/FeatureStage"
    },
    "_links": {
      "type": "object",
      "readOnly": true,
      "additionalProperties": {
        "type": "object"
      }
    },
    "status": {
      "$ref": "#/components/schemas/EnabledStatus"
    },
    "description": {
      "type": "string"
    }
  },
  "x-okta-crud": [
    {
      "alias": "read",
      "arguments": [],
      "operationId": "getFeature"
    }
  ],
  "x-okta-tags": [
    "Feature"
  ],
  "x-okta-operations": [
    {
      "alias": "updateLifecycle",
      "arguments": [
        {
          "src": "id",
          "dest": "featureId"
        }
      ],
      "operationId": "updateFeatureLifecycle"
    },
    {
      "alias": "getDependents",
      "arguments": [
        {
          "src": "id",
          "dest": "featureId"
        }
      ],
      "operationId": "listFeatureDependents"
    },
    {
      "alias": "getDependencies",
      "arguments": [
        {
          "src": "id",
          "dest": "featureId"
        }
      ],
      "operationId": "listFeatureDependencies"
    }
  ]
}
array FeatureGetSuccessResponse 
{
  "type": "array",
  "items": {
    "$ref": "#/components/schemas/Feature"
  }
}
array FeatureListDependenciesResponse 
{
  "type": "array",
  "items": {
    "$ref": "#/components/schemas/Feature"
  }
}
array FeatureListDependentsResponse 
{
  "type": "array",
  "items": {
    "$ref": "#/components/schemas/Feature"
  }
}
object FeatureStage 
{
  "type": "object",
  "properties": {
    "state": {
      "$ref": "#/components/schemas/FeatureStageState"
    },
    "value": {
      "$ref": "#/components/schemas/FeatureStageValue"
    }
  },
  "x-okta-tags": [
    "Feature"
  ]
}
string FeatureStageState 
{
  "enum": [
    "OPEN",
    "CLOSED"
  ],
  "type": "string",
  "x-okta-tags": [
    "Feature"
  ]
}
string FeatureStageValue 
{
  "enum": [
    "EA",
    "BETA"
  ],
  "type": "string",
  "x-okta-tags": [
    "Feature"
  ]
}
string FeatureType 
{
  "enum": [
    "self-service"
  ],
  "type": "string",
  "x-okta-tags": [
    "Feature"
  ]
}
string FipsEnum 
{
  "enum": [
    "REQUIRED",
    "OPTIONAL"
  ],
  "type": "string",
  "x-okta-tags": [
    "Authenticator"
  ]
}
object ForgotPasswordResponse 
{
  "properties": {
    "resetPasswordUrl": {
      "type": "string",
      "readOnly": true
    }
  },
  "x-okta-tags": [
    "User"
  ]
}
object GrantTypePolicyRuleCondition 
{
  "type": "object",
  "properties": {
    "include": {
      "type": "array",
      "items": {
        "type": "string"
      }
    }
  },
  "x-okta-tags": [
    "Policy"
  ]
}
object Group 
{
  "type": "object",
  "properties": {
    "id": {
      "type": "string",
      "readOnly": true
    },
    "type": {
      "$ref": "#/components/schemas/GroupType"
    },
    "_links": {
      "type": "object",
      "readOnly": true,
      "additionalProperties": {
        "type": "object"
      }
    },
    "created": {
      "type": "string",
      "format": "date-time",
      "readOnly": true
    },
    "profile": {
      "$ref": "#/components/schemas/GroupProfile"
    },
    "_embedded": {
      "type": "object",
      "readOnly": true,
      "additionalProperties": {
        "type": "object"
      }
    },
    "lastUpdated": {
      "type": "string",
      "format": "date-time",
      "readOnly": true
    },
    "objectClass": {
      "type": "array",
      "items": {
        "type": "string"
      },
      "readOnly": true
    },
    "lastMembershipUpdated": {
      "type": "string",
      "format": "date-time",
      "readOnly": true
    }
  },
  "x-okta-crud": [
    {
      "alias": "update",
      "arguments": [
        {
          "src": "id",
          "dest": "groupId"
        },
        {
          "dest": "group",
          "self": true
        }
      ],
      "operationId": "updateGroup"
    },
    {
      "alias": "delete",
      "arguments": [
        {
          "src": "id",
          "dest": "groupId"
        }
      ],
      "operationId": "deleteGroup"
    }
  ],
  "x-okta-tags": [
    "Group"
  ],
  "x-okta-operations": [
    {
      "alias": "removeUser",
      "arguments": [
        {
          "src": "id",
          "dest": "groupId"
        }
      ],
      "operationId": "removeUserFromGroup"
    },
    {
      "alias": "listUsers",
      "arguments": [
        {
          "src": "id",
          "dest": "groupId"
        }
      ],
      "operationId": "listGroupUsers"
    },
    {
      "alias": "listApplications",
      "arguments": [
        {
          "src": "id",
          "dest": "groupId"
        }
      ],
      "operationId": "listAssignedApplicationsForGroup"
    },
    {
      "alias": "assignRole",
      "arguments": [
        {
          "src": "id",
          "dest": "groupId"
        }
      ],
      "operationId": "assignRoleToGroup"
    }
  ]
}
object GroupCondition 
{
  "properties": {
    "exclude": {
      "type": "array",
      "items": {
        "type": "string"
      }
    },
    "include": {
      "type": "array",
      "items": {
        "type": "string"
      }
    }
  },
  "x-okta-tags": [
    "Policy"
  ]
}
array GroupEnumerateGroupMembersResponse 
{
  "type": "array",
  "items": {
    "$ref": "#/components/schemas/User"
  }
}
array GroupGetAllRulesResponse 
{
  "type": "array",
  "items": {
    "$ref": "#/components/schemas/GroupRule"
  }
}
array GroupGetRoleListResponse 
{
  "type": "array",
  "items": {
    "$ref": "#/components/schemas/Role"
  }
}
array GroupGetRoleTargetsCatalogAppsResponse 
{
  "type": "array",
  "items": {
    "$ref": "#/components/schemas/CatalogApplication"
  }
}
array GroupListAssignedAppsResponse 
{
  "type": "array",
  "items": {
    "$ref": "#/components/schemas/Application"
  }
}
array GroupListResponse 
{
  "type": "array",
  "items": {
    "$ref": "#/components/schemas/Group"
  }
}
array GroupListRoleTargetsGroupsResponse 
{
  "type": "array",
  "items": {
    "$ref": "#/components/schemas/Group"
  }
}
object GroupPolicyRuleCondition 
{
  "type": "object",
  "properties": {
    "exclude": {
      "type": "array",
      "items": {
        "type": "string"
      }
    },
    "include": {
      "type": "array",
      "items": {
        "type": "string"
      }
    }
  },
  "x-okta-tags": [
    "Policy"
  ]
}
object GroupProfile 
{
  "type": "object",
  "properties": {
    "name": {
      "type": "string"
    },
    "description": {
      "type": "string"
    }
  },
  "x-okta-tags": [
    "Group"
  ],
  "x-okta-extensible": true
}
object GroupRule 
{
  "type": "object",
  "properties": {
    "id": {
      "type": "string",
      "readOnly": true
    },
    "name": {
      "type": "string"
    },
    "type": {
      "type": "string"
    },
    "status": {
      "$ref": "#/components/schemas/GroupRuleStatus"
    },
    "actions": {
      "$ref": "#/components/schemas/GroupRuleAction"
    },
    "created": {
      "type": "string",
      "format": "date-time",
      "readOnly": true
    },
    "conditions": {
      "$ref": "#/components/schemas/GroupRuleConditions"
    },
    "lastUpdated": {
      "type": "string",
      "format": "date-time",
      "readOnly": true
    }
  },
  "x-okta-crud": [
    {
      "alias": "update",
      "arguments": [
        {
          "src": "id",
          "dest": "ruleId"
        },
        {
          "dest": "groupRule",
          "self": true
        }
      ],
      "operationId": "updateGroupRule"
    },
    {
      "alias": "delete",
      "arguments": [
        {
          "src": "id",
          "dest": "ruleId"
        }
      ],
      "operationId": "deleteGroupRule"
    }
  ],
  "x-okta-tags": [
    "GroupRule"
  ],
  "x-okta-operations": [
    {
      "alias": "activate",
      "arguments": [
        {
          "src": "id",
          "dest": "ruleId"
        }
      ],
      "operationId": "activateGroupRule"
    },
    {
      "alias": "deactivate",
      "arguments": [
        {
          "src": "id",
          "dest": "ruleId"
        }
      ],
      "operationId": "deactivateGroupRule"
    }
  ]
}
object GroupRuleAction 
{
  "type": "object",
  "properties": {
    "assignUserToGroups": {
      "$ref": "#/components/schemas/GroupRuleGroupAssignment"
    }
  },
  "x-okta-tags": [
    "GroupRule"
  ]
}
object GroupRuleConditions 
{
  "type": "object",
  "properties": {
    "people": {
      "$ref": "#/components/schemas/GroupRulePeopleCondition"
    },
    "expression": {
      "$ref": "#/components/schemas/GroupRuleExpression"
    }
  },
  "x-okta-tags": [
    "GroupRule"
  ]
}
object GroupRuleExpression 
{
  "type": "object",
  "properties": {
    "type": {
      "type": "string"
    },
    "value": {
      "type": "string"
    }
  },
  "x-okta-tags": [
    "GroupRule"
  ]
}
object GroupRuleGroupAssignment 
{
  "type": "object",
  "properties": {
    "groupIds": {
      "type": "array",
      "items": {
        "type": "string"
      }
    }
  },
  "x-okta-tags": [
    "GroupRule"
  ]
}
object GroupRuleGroupCondition 
{
  "type": "object",
  "properties": {
    "exclude": {
      "type": "array",
      "items": {
        "type": "string"
      }
    },
    "include": {
      "type": "array",
      "items": {
        "type": "string"
      }
    }
  },
  "x-okta-tags": [
    "GroupRule"
  ]
}
object GroupRulePeopleCondition 
{
  "type": "object",
  "properties": {
    "users": {
      "$ref": "#/components/schemas/GroupRuleUserCondition"
    },
    "groups": {
      "$ref": "#/components/schemas/GroupRuleGroupCondition"
    }
  },
  "x-okta-tags": [
    "GroupRule"
  ]
}
string GroupRuleStatus 
{
  "enum": [
    "ACTIVE",
    "INACTIVE",
    "INVALID"
  ],
  "type": "string",
  "x-okta-tags": [
    "GroupRule"
  ]
}
object GroupRuleUserCondition 
{
  "type": "object",
  "properties": {
    "exclude": {
      "type": "array",
      "items": {
        "type": "string"
      }
    },
    "include": {
      "type": "array",
      "items": {
        "type": "string"
      }
    }
  },
  "x-okta-tags": [
    "GroupRule"
  ]
}
object GroupSchema 
{
  "type": "object",
  "properties": {
    "id": {
      "type": "string",
      "readOnly": true
    },
    "name": {
      "type": "string",
      "readOnly": true
    },
    "type": {
      "type": "string",
      "readOnly": true
    },
    "title": {
      "type": "string"
    },
    "_links": {
      "type": "object",
      "readOnly": true,
      "additionalProperties": {
        "type": "object"
      }
    },
    "$schema": {
      "type": "string",
      "readOnly": true
    },
    "created": {
      "type": "string",
      "readOnly": true
    },
    "properties": {
      "$ref": "#/components/schemas/UserSchemaProperties"
    },
    "definitions": {
      "$ref": "#/components/schemas/GroupSchemaDefinitions"
    },
    "description": {
      "type": "string"
    },
    "lastUpdated": {
      "type": "string",
      "readOnly": true
    }
  },
  "x-okta-tags": [
    "GroupSchema"
  ]
}
object GroupSchemaAttribute 
{
  "type": "object",
  "properties": {
    "enum": {
      "type": "array",
      "items": {
        "type": "string"
      }
    },
    "type": {
      "$ref": "#/components/schemas/UserSchemaAttributeType"
    },
    "items": {
      "$ref": "#/components/schemas/UserSchemaAttributeItems"
    },
    "oneOf": {
      "type": "array",
      "items": {
        "$ref": "#/components/schemas/UserSchemaAttributeEnum"
      }
    },
    "scope": {
      "$ref": "#/components/schemas/UserSchemaAttributeScope"
    },
    "title": {
      "type": "string"
    },
    "union": {
      "$ref": "#/components/schemas/UserSchemaAttributeUnion"
    },
    "master": {
      "$ref": "#/components/schemas/UserSchemaAttributeMaster"
    },
    "unique": {
      "type": "string"
    },
    "required": {
      "type": "boolean"
    },
    "maxLength": {
      "type": "integer"
    },
    "minLength": {
      "type": "integer"
    },
    "mutability": {
      "type": "string"
    },
    "description": {
      "type": "string"
    },
    "permissions": {
      "type": "array",
      "items": {
        "$ref": "#/components/schemas/UserSchemaAttributePermission"
      }
    },
    "externalName": {
      "type": "string"
    },
    "externalNamespace": {
      "type": "string"
    }
  },
  "x-okta-tags": [
    "GroupSchema"
  ]
}
object GroupSchemaBase 
{
  "type": "object",
  "properties": {
    "id": {
      "type": "string",
      "readOnly": true
    },
    "type": {
      "type": "string"
    },
    "required": {
      "type": "array",
      "items": {
        "type": "string"
      }
    },
    "properties": {
      "$ref": "#/components/schemas/GroupSchemaBaseProperties"
    }
  },
  "x-okta-tags": [
    "GroupSchema"
  ]
}
object GroupSchemaBaseProperties 
{
  "type": "object",
  "properties": {
    "name": {
      "$ref": "#/components/schemas/GroupSchemaAttribute"
    },
    "description": {
      "$ref": "#/components/schemas/GroupSchemaAttribute"
    }
  },
  "x-okta-tags": [
    "GroupSchema"
  ]
}
object GroupSchemaCustom 
{
  "type": "object",
  "properties": {
    "id": {
      "type": "string",
      "readOnly": true
    },
    "type": {
      "type": "string"
    },
    "required": {
      "type": "array",
      "items": {
        "type": "string"
      }
    },
    "properties": {
      "type": "object",
      "additionalProperties": {
        "$ref": "#/components/schemas/GroupSchemaAttribute"
      }
    }
  },
  "x-okta-tags": [
    "GroupSchema"
  ]
}
object GroupSchemaDefinitions 
{
  "type": "object",
  "properties": {
    "base": {
      "$ref": "#/components/schemas/GroupSchemaBase"
    },
    "custom": {
      "$ref": "#/components/schemas/GroupSchemaCustom"
    }
  },
  "x-okta-tags": [
    "GroupSchema"
  ]
}
string GroupType 
{
  "enum": [
    "OKTA_GROUP",
    "APP_GROUP",
    "BUILT_IN"
  ],
  "type": "string",
  "x-okta-tags": [
    "Group"
  ]
}
object HardwareUserFactor 
{
  "properties": {
    "profile": {
      "$ref": "#/components/schemas/HardwareUserFactorProfile"
    }
  },
  "x-okta-tags": [
    "UserFactor"
  ],
  "x-okta-parent": "#/definitions/UserFactor"
}
object HardwareUserFactorProfile 
{
  "properties": {
    "credentialId": {
      "type": "string"
    }
  },
  "x-okta-tags": [
    "UserFactor"
  ]
}
object IdentityProvider 
{
  "type": "object",
  "properties": {
    "id": {
      "type": "string",
      "readOnly": true
    },
    "name": {
      "type": "string"
    },
    "type": {
      "enum": [
        "SAML2",
        "GOOGLE",
        "FACEBOOK",
        "LINKEDIN",
        "MICROSOFT",
        "OIDC",
        "OKTA",
        "IWA",
        "AgentlessDSSO",
        "X509"
      ],
      "type": "string",
      "x-okta-known-values": [
        "SAML2",
        "GOOGLE",
        "FACEBOOK",
        "LINKEDIN",
        "MICROSOFT",
        "OIDC",
        "OKTA",
        "IWA",
        "AgentlessDSSO",
        "X509"
      ]
    },
    "_links": {
      "type": "object",
      "readOnly": true,
      "additionalProperties": {
        "type": "object"
      }
    },
    "policy": {
      "$ref": "#/components/schemas/IdentityProviderPolicy"
    },
    "status": {
      "enum": [
        "ACTIVE",
        "INACTIVE"
      ],
      "type": "string"
    },
    "created": {
      "type": "string",
      "format": "date-time",
      "readOnly": true
    },
    "protocol": {
      "$ref": "#/components/schemas/Protocol"
    },
    "issuerMode": {
      "enum": [
        "ORG_URL",
        "CUSTOM_URL",
        "DYNAMIC"
      ],
      "type": "string"
    },
    "lastUpdated": {
      "type": "string",
      "format": "date-time",
      "readOnly": true
    }
  },
  "x-okta-crud": [
    {
      "alias": "create",
      "arguments": [
        {
          "dest": "idpTrust",
          "self": true
        }
      ],
      "operationId": "createIdentityProvider"
    },
    {
      "alias": "read",
      "arguments": [],
      "operationId": "getIdentityProvider"
    },
    {
      "alias": "update",
      "arguments": [
        {
          "src": "id",
          "dest": "idpId"
        },
        {
          "dest": "idpTrust",
          "self": true
        }
      ],
      "operationId": "updateIdentityProvider"
    },
    {
      "alias": "delete",
      "arguments": [
        {
          "src": "id",
          "dest": "idpId"
        }
      ],
      "operationId": "deleteIdentityProvider"
    }
  ],
  "x-okta-tags": [
    "IdentityProvider"
  ],
  "x-okta-operations": [
    {
      "alias": "listSigningCsrs",
      "arguments": [
        {
          "src": "id",
          "dest": "idpId"
        }
      ],
      "operationId": "listCsrsForIdentityProvider"
    },
    {
      "alias": "generateCsr",
      "arguments": [
        {
          "src": "id",
          "dest": "idpId"
        }
      ],
      "operationId": "generateCsrForIdentityProvider"
    },
    {
      "alias": "deleteSigningCsr",
      "arguments": [
        {
          "src": "id",
          "dest": "idpId"
        }
      ],
      "operationId": "revokeCsrForIdentityProvider"
    },
    {
      "alias": "getSigningCsr",
      "arguments": [
        {
          "src": "id",
          "dest": "idpId"
        }
      ],
      "operationId": "getCsrForIdentityProvider"
    },
    {
      "alias": "listSigningKeys",
      "arguments": [
        {
          "src": "id",
          "dest": "idpId"
        }
      ],
      "operationId": "listIdentityProviderSigningKeys"
    },
    {
      "alias": "generateSigningKey",
      "arguments": [
        {
          "src": "id",
          "dest": "idpId"
        }
      ],
      "operationId": "generateIdentityProviderSigningKey"
    },
    {
      "alias": "getSigningKey",
      "arguments": [
        {
          "src": "id",
          "dest": "idpId"
        }
      ],
      "operationId": "getIdentityProviderSigningKey"
    },
    {
      "alias": "cloneKey",
      "arguments": [
        {
          "src": "id",
          "dest": "idpId"
        }
      ],
      "operationId": "cloneIdentityProviderKey"
    },
    {
      "alias": "activate",
      "arguments": [
        {
          "src": "id",
          "dest": "idpId"
        }
      ],
      "operationId": "activateIdentityProvider"
    },
    {
      "alias": "deactivate",
      "arguments": [
        {
          "src": "id",
          "dest": "idpId"
        }
      ],
      "operationId": "deactivateIdentityProvider"
    },
    {
      "alias": "listUsers",
      "arguments": [
        {
          "src": "id",
          "dest": "idpId"
        }
      ],
      "operationId": "listIdentityProviderApplicationUsers"
    },
    {
      "alias": "unlinkUser",
      "arguments": [
        {
          "src": "id",
          "dest": "idpId"
        }
      ],
      "operationId": "unlinkUserFromIdentityProvider"
    },
    {
      "alias": "getUser",
      "arguments": [
        {
          "src": "id",
          "dest": "idpId"
        }
      ],
      "operationId": "getIdentityProviderApplicationUser"
    },
    {
      "alias": "linkUser",
      "arguments": [
        {
          "src": "id",
          "dest": "idpId"
        }
      ],
      "operationId": "linkUserToIdentityProvider"
    },
    {
      "alias": "listSocialAuthTokens",
      "arguments": [
        {
          "src": "id",
          "dest": "idpId"
        }
      ],
      "operationId": "listSocialAuthTokens"
    }
  ]
}
object IdentityProviderApplicationUser 
{
  "type": "object",
  "properties": {
    "id": {
      "type": "string",
      "readOnly": true
    },
    "_links": {
      "type": "object",
      "readOnly": true,
      "additionalProperties": {
        "type": "object"
      }
    },
    "created": {
      "type": "string"
    },
    "profile": {
      "type": "object",
      "additionalProperties": {
        "type": "object"
      }
    },
    "_embedded": {
      "type": "object",
      "readOnly": true,
      "additionalProperties": {
        "type": "object"
      }
    },
    "externalId": {
      "type": "string"
    },
    "lastUpdated": {
      "type": "string"
    }
  },
  "x-okta-tags": [
    "IdentityProvider"
  ]
}
object IdentityProviderCredentials 
{
  "type": "object",
  "properties": {
    "trust": {
      "$ref": "#/components/schemas/IdentityProviderCredentialsTrust"
    },
    "client": {
      "$ref": "#/components/schemas/IdentityProviderCredentialsClient"
    },
    "signing": {
      "$ref": "#/components/schemas/IdentityProviderCredentialsSigning"
    }
  },
  "x-okta-tags": [
    "IdentityProvider"
  ]
}
object IdentityProviderCredentialsClient 
{
  "type": "object",
  "properties": {
    "client_id": {
      "type": "string"
    },
    "client_secret": {
      "type": "string"
    }
  },
  "x-okta-tags": [
    "IdentityProvider"
  ]
}
object IdentityProviderCredentialsSigning 
{
  "type": "object",
  "properties": {
    "kid": {
      "type": "string"
    },
    "teamId": {
      "type": "string"
    },
    "privateKey": {
      "type": "string"
    }
  },
  "x-okta-tags": [
    "IdentityProvider"
  ]
}
object IdentityProviderCredentialsTrust 
{
  "type": "object",
  "properties": {
    "kid": {
      "type": "string"
    },
    "issuer": {
      "type": "string"
    },
    "audience": {
      "type": "string"
    },
    "revocation": {
      "enum": [
        "CRL",
        "DELTA_CRL",
        "OCSP"
      ],
      "type": "string"
    },
    "revocationCacheLifetime": {
      "type": "integer"
    }
  },
  "x-okta-tags": [
    "IdentityProvider"
  ]
}
array IdentityProviderEnumerateIdpKeysResponse 
{
  "type": "array",
  "items": {
    "$ref": "#/components/schemas/JsonWebKey"
  }
}
array IdentityProviderGetSocialAuthTokensResponse 
{
  "type": "array",
  "items": {
    "$ref": "#/components/schemas/SocialAuthToken"
  }
}
array IdentityProviderGetUserResponse 
{
  "type": "array",
  "items": {
    "$ref": "#/components/schemas/IdentityProviderApplicationUser"
  }
}
array IdentityProviderListCsrsForCertificateSigningRequestsResponse 
{
  "type": "array",
  "items": {
    "$ref": "#/components/schemas/Csr"
  }
}
array IdentityProviderListResponse 
{
  "type": "array",
  "items": {
    "$ref": "#/components/schemas/IdentityProvider"
  }
}
array IdentityProviderListSigningKeyCredentialsResponse 
{
  "type": "array",
  "items": {
    "$ref": "#/components/schemas/JsonWebKey"
  }
}
object IdentityProviderPolicy 
{
  "type": "object",
  "properties": {
    "subject": {
      "$ref": "#/components/schemas/PolicySubject"
    },
    "accountLink": {
      "$ref": "#/components/schemas/PolicyAccountLink"
    },
    "maxClockSkew": {
      "type": "integer"
    },
    "provisioning": {
      "$ref": "#/components/schemas/Provisioning"
    }
  },
  "x-okta-tags": [
    "Policy"
  ],
  "x-okta-parent": "#/definitions/Policy"
}
object IdentityProviderPolicyRuleCondition 
{
  "type": "object",
  "properties": {
    "idpIds": {
      "type": "array",
      "items": {
        "type": "string"
      }
    },
    "provider": {
      "enum": [
        "ANY",
        "OKTA",
        "SPECIFIC_IDP"
      ],
      "type": "string"
    }
  },
  "x-okta-tags": [
    "Policy"
  ]
}
object IdpPolicyRuleAction 
{
  "type": "object",
  "properties": {
    "providers": {
      "type": "array",
      "items": {
        "$ref": "#/components/schemas/IdpPolicyRuleActionProvider"
      }
    }
  },
  "x-okta-tags": [
    "Policy"
  ]
}
object IdpPolicyRuleActionProvider 
{
  "type": "object",
  "properties": {
    "id": {
      "type": "string",
      "readOnly": true
    },
    "type": {
      "type": "string"
    }
  },
  "x-okta-tags": [
    "Policy"
  ]
}
string IframeEmbedScopeAllowedApps 
{
  "enum": [
    "OKTA_ENDUSER"
  ],
  "type": "string",
  "x-okta-tags": [
    "Role"
  ]
}
object ImageUploadResponse 
{
  "properties": {
    "url": {
      "type": "string",
      "readOnly": true
    }
  },
  "x-okta-tags": [
    "Brand"
  ]
}
object InactivityPolicyRuleCondition 
{
  "type": "object",
  "properties": {
    "unit": {
      "type": "string"
    },
    "number": {
      "type": "integer"
    }
  },
  "x-okta-tags": [
    "Policy"
  ]
}
object InlineHook 
{
  "type": "object",
  "properties": {
    "id": {
      "type": "string",
      "readOnly": true
    },
    "name": {
      "type": "string"
    },
    "type": {
      "$ref": "#/components/schemas/InlineHookType"
    },
    "_links": {
      "type": "object",
      "readOnly": true,
      "additionalProperties": {
        "type": "object"
      }
    },
    "status": {
      "$ref": "#/components/schemas/InlineHookStatus"
    },
    "channel": {
      "$ref": "#/components/schemas/InlineHookChannel"
    },
    "created": {
      "type": "string",
      "format": "date-time",
      "readOnly": true
    },
    "version": {
      "type": "string"
    },
    "lastUpdated": {
      "type": "string",
      "format": "date-time",
      "readOnly": true
    }
  },
  "x-okta-crud": [
    {
      "alias": "create",
      "arguments": [
        {
          "dest": "inlineHook",
          "self": true
        }
      ],
      "operationId": "createInlineHook"
    },
    {
      "alias": "read",
      "arguments": [],
      "operationId": "getInlineHook"
    },
    {
      "alias": "update",
      "arguments": [
        {
          "src": "id",
          "dest": "inlineHookId"
        },
        {
          "dest": "inlineHook",
          "self": true
        }
      ],
      "operationId": "updateInlineHook"
    },
    {
      "alias": "delete",
      "arguments": [
        {
          "src": "id",
          "dest": "inlineHookId"
        }
      ],
      "operationId": "deleteInlineHook"
    }
  ],
  "x-okta-tags": [
    "InlineHook"
  ],
  "x-okta-operations": [
    {
      "alias": "activate",
      "arguments": [
        {
          "src": "id",
          "dest": "inlineHookId"
        }
      ],
      "operationId": "activateInlineHook"
    },
    {
      "alias": "deactivate",
      "arguments": [
        {
          "src": "id",
          "dest": "inlineHookId"
        }
      ],
      "operationId": "deactivateInlineHook"
    },
    {
      "alias": "execute",
      "arguments": [
        {
          "src": "id",
          "dest": "inlineHookId"
        }
      ],
      "operationId": "executeInlineHook"
    }
  ]
}
object InlineHookChannel 
{
  "type": "object",
  "properties": {
    "type": {
      "enum": [
        "HTTP"
      ],
      "type": "string",
      "readOnly": false
    },
    "config": {
      "$ref": "#/components/schemas/InlineHookChannelConfig"
    },
    "version": {
      "type": "string",
      "readOnly": false
    }
  },
  "x-okta-tags": [
    "InlineHook"
  ]
}
object InlineHookChannelConfig 
{
  "type": "object",
  "properties": {
    "uri": {
      "type": "string"
    },
    "method": {
      "type": "string"
    },
    "headers": {
      "type": "array",
      "items": {
        "$ref": "#/components/schemas/InlineHookChannelConfigHeaders"
      }
    },
    "authScheme": {
      "$ref": "#/components/schemas/InlineHookChannelConfigAuthScheme"
    }
  },
  "x-okta-tags": [
    "InlineHook"
  ]
}
object InlineHookChannelConfigAuthScheme 
{
  "type": "object",
  "properties": {
    "key": {
      "type": "string"
    },
    "type": {
      "type": "string"
    },
    "value": {
      "type": "string"
    }
  },
  "x-okta-tags": [
    "InlineHook"
  ]
}
object InlineHookChannelConfigHeaders 
{
  "type": "object",
  "properties": {
    "key": {
      "type": "string"
    },
    "value": {
      "type": "string"
    }
  },
  "x-okta-tags": [
    "InlineHook"
  ]
}
array InlineHookGetSuccessResponse 
{
  "type": "array",
  "items": {
    "$ref": "#/components/schemas/InlineHook"
  }
}
object InlineHookPayload 
{
  "type": "object",
  "x-okta-tags": [
    "InlineHook"
  ],
  "x-okta-extensible": true
}
object InlineHookResponse 
{
  "type": "object",
  "properties": {
    "commands": {
      "type": "array",
      "items": {
        "$ref": "#/components/schemas/InlineHookResponseCommands"
      }
    }
  },
  "x-okta-tags": [
    "InlineHook"
  ]
}
object InlineHookResponseCommandValue 
{
  "properties": {
    "op": {
      "type": "string"
    },
    "path": {
      "type": "string"
    },
    "value": {
      "type": "string"
    }
  },
  "x-okta-tags": [
    "InlineHook"
  ]
}
object InlineHookResponseCommands 
{
  "properties": {
    "type": {
      "type": "string"
    },
    "value": {
      "type": "array",
      "items": {
        "$ref": "#/components/schemas/InlineHookResponseCommandValue"
      }
    }
  },
  "x-okta-tags": [
    "InlineHook"
  ]
}
string InlineHookStatus 
{
  "enum": [
    "ACTIVE",
    "INACTIVE"
  ],
  "type": "string",
  "x-okta-tags": [
    "InlineHook"
  ]
}
string InlineHookType 
{
  "enum": [
    "com.okta.oauth2.tokens.transform",
    "com.okta.import.transform",
    "com.okta.saml.tokens.transform",
    "com.okta.user.pre-registration",
    "com.okta.user.credential.password.import"
  ],
  "type": "string",
  "x-okta-tags": [
    "InlineHook"
  ]
}
object IonField 
{
  "type": "object",
  "properties": {
    "form": {
      "$ref": "#/components/schemas/IonForm"
    },
    "name": {
      "type": "string"
    },
    "type": {
      "type": "string"
    },
    "label": {
      "type": "string"
    },
    "value": {
      "type": "object",
      "additionalProperties": {
        "type": "object"
      }
    },
    "secret": {
      "type": "boolean"
    },
    "mutable": {
      "type": "boolean"
    },
    "visible": {
      "type": "boolean"
    },
    "required": {
      "type": "boolean"
    }
  },
  "x-okta-tags": [
    "Ion"
  ]
}
object IonForm 
{
  "type": "object",
  "properties": {
    "rel": {
      "type": "array",
      "items": {
        "type": "string"
      }
    },
    "href": {
      "type": "string"
    },
    "name": {
      "type": "string"
    },
    "value": {
      "type": "array",
      "items": {
        "$ref": "#/components/schemas/IonField"
      },
      "readOnly": true
    },
    "method": {
      "type": "string"
    },
    "accepts": {
      "type": "string"
    },
    "refresh": {
      "type": "integer"
    },
    "produces": {
      "type": "string"
    },
    "relatesTo": {
      "type": "array",
      "items": {
        "type": "string"
      }
    }
  },
  "x-okta-tags": [
    "Ion"
  ]
}
object JsonWebKey 
{
  "type": "object",
  "properties": {
    "e": {
      "type": "string",
      "readOnly": false
    },
    "n": {
      "type": "string",
      "readOnly": false
    },
    "alg": {
      "type": "string",
      "readOnly": false
    },
    "kid": {
      "type": "string",
      "readOnly": false
    },
    "kty": {
      "type": "string",
      "readOnly": false
    },
    "use": {
      "type": "string",
      "readOnly": false
    },
    "x5c": {
      "type": "array",
      "items": {
        "type": "string"
      },
      "readOnly": false
    },
    "x5t": {
      "type": "string",
      "readOnly": false
    },
    "x5u": {
      "type": "string",
      "readOnly": false
    },
    "_links": {
      "type": "object",
      "readOnly": true,
      "additionalProperties": {
        "type": "object"
      }
    },
    "status": {
      "type": "string",
      "readOnly": false
    },
    "created": {
      "type": "string",
      "format": "date-time",
      "readOnly": false
    },
    "key_ops": {
      "type": "array",
      "items": {
        "type": "string"
      },
      "readOnly": false
    },
    "x5t#S256": {
      "type": "string",
      "readOnly": false
    },
    "expiresAt": {
      "type": "string",
      "format": "date-time",
      "readOnly": false
    },
    "lastUpdated": {
      "type": "string",
      "format": "date-time",
      "readOnly": false
    }
  },
  "x-okta-tags": [
    "Application"
  ]
}
object JwkUse 
{
  "properties": {
    "use": {
      "enum": [
        "sig"
      ],
      "type": "string"
    }
  },
  "x-okta-tags": [
    "Application"
  ]
}
object KnowledgeConstraint 
{
  "x-okta-tags": [
    "Policy"
  ],
  "x-okta-parent": "#/definitions/AccessPolicyConstraint"
}
object LifecycleCreateSettingObject 
{
  "type": "object",
  "properties": {
    "status": {
      "$ref": "#/components/schemas/EnabledStatus"
    }
  },
  "x-okta-tags": [
    "Application"
  ]
}
object LifecycleDeactivateSettingObject 
{
  "type": "object",
  "properties": {
    "status": {
      "$ref": "#/components/schemas/EnabledStatus"
    }
  },
  "x-okta-tags": [
    "Application"
  ]
}
object LifecycleExpirationPolicyRuleCondition 
{
  "type": "object",
  "properties": {
    "unit": {
      "type": "string"
    },
    "number": {
      "type": "integer"
    },
    "lifecycleStatus": {
      "type": "string"
    }
  },
  "x-okta-tags": [
    "Policy"
  ]
}
object LinkedObject 
{
  "type": "object",
  "properties": {
    "_links": {
      "type": "object",
      "readOnly": true,
      "additionalProperties": {
        "type": "object"
      }
    },
    "primary": {
      "$ref": "#/components/schemas/LinkedObjectDetails"
    },
    "associated": {
      "$ref": "#/components/schemas/LinkedObjectDetails"
    }
  },
  "x-okta-crud": [
    {
      "alias": "create",
      "arguments": [
        {
          "dest": "linkedObjectDefinition",
          "self": true
        }
      ],
      "operationId": "addLinkedObjectDefinition"
    },
    {
      "alias": "read",
      "arguments": [],
      "operationId": "getLinkedObjectDefinition"
    },
    {
      "alias": "delete",
      "arguments": [
        {
          "dest": "linkedObjectName",
          "self": true
        }
      ],
      "operationId": "deleteLinkedObjectDefinition"
    }
  ],
  "x-okta-tags": [
    "LinkedObject"
  ]
}
object LinkedObjectDetails 
{
  "type": "object",
  "properties": {
    "name": {
      "type": "string"
    },
    "type": {
      "$ref": "#/components/schemas/LinkedObjectDetailsType"
    },
    "title": {
      "type": "string"
    },
    "description": {
      "type": "string"
    }
  },
  "x-okta-tags": [
    "LinkedObject"
  ]
}
string LinkedObjectDetailsType 
{
  "enum": [
    "USER"
  ],
  "type": "string",
  "x-okta-tags": [
    "LinkedObject"
  ]
}
array LinkedObjectGetUserLinkedObjectsResponse 
{
  "type": "array",
  "items": {
    "$ref": "#/components/schemas/LinkedObject"
  }
}
object LogActor 
{
  "type": "object",
  "properties": {
    "id": {
      "type": "string",
      "readOnly": true
    },
    "type": {
      "type": "string",
      "readOnly": true
    },
    "detail": {
      "type": "object",
      "readOnly": true,
      "additionalProperties": {
        "type": "object"
      }
    },
    "alternateId": {
      "type": "string",
      "readOnly": true
    },
    "displayName": {
      "type": "string",
      "readOnly": true
    }
  },
  "x-okta-tags": [
    "Log"
  ]
}
object LogAuthenticationContext 
{
  "type": "object",
  "properties": {
    "issuer": {
      "$ref": "#/components/schemas/LogIssuer"
    },
    "interface": {
      "type": "string",
      "readOnly": true
    },
    "credentialType": {
      "$ref": "#/components/schemas/LogCredentialType"
    },
    "externalSessionId": {
      "type": "string",
      "readOnly": true
    },
    "authenticationStep": {
      "type": "integer",
      "readOnly": true
    },
    "credentialProvider": {
      "$ref": "#/components/schemas/LogCredentialProvider"
    },
    "authenticationProvider": {
      "$ref": "#/components/schemas/LogAuthenticationProvider"
    }
  },
  "x-okta-tags": [
    "Log"
  ]
}
string LogAuthenticationProvider 
{
  "enum": [
    "OKTA_AUTHENTICATION_PROVIDER",
    "ACTIVE_DIRECTORY",
    "LDAP",
    "FEDERATION",
    "SOCIAL",
    "FACTOR_PROVIDER"
  ],
  "type": "string",
  "x-okta-tags": [
    "Log"
  ]
}
object LogClient 
{
  "type": "object",
  "properties": {
    "id": {
      "type": "string",
      "readOnly": true
    },
    "zone": {
      "type": "string",
      "readOnly": true
    },
    "device": {
      "type": "string",
      "readOnly": true
    },
    "ipAddress": {
      "type": "string",
      "readOnly": true
    },
    "userAgent": {
      "$ref": "#/components/schemas/LogUserAgent"
    },
    "geographicalContext": {
      "$ref": "#/components/schemas/LogGeographicalContext"
    }
  },
  "x-okta-tags": [
    "Log"
  ]
}
string LogCredentialProvider 
{
  "enum": [
    "OKTA_AUTHENTICATION_PROVIDER",
    "OKTA_CREDENTIAL_PROVIDER",
    "RSA",
    "SYMANTEC",
    "GOOGLE",
    "DUO",
    "YUBIKEY",
    "APPLE"
  ],
  "type": "string",
  "x-okta-tags": [
    "Log"
  ]
}
string LogCredentialType 
{
  "enum": [
    "OTP",
    "SMS",
    "PASSWORD",
    "ASSERTION",
    "IWA",
    "EMAIL",
    "OAUTH2",
    "JWT"
  ],
  "type": "string",
  "x-okta-tags": [
    "Log"
  ]
}
object LogDebugContext 
{
  "type": "object",
  "properties": {
    "debugData": {
      "type": "object",
      "readOnly": true,
      "additionalProperties": {
        "type": "object"
      }
    }
  },
  "x-okta-tags": [
    "Log"
  ]
}
object LogEvent 
{
  "type": "object",
  "properties": {
    "uuid": {
      "type": "string",
      "readOnly": true
    },
    "actor": {
      "$ref": "#/components/schemas/LogActor"
    },
    "client": {
      "$ref": "#/components/schemas/LogClient"
    },
    "target": {
      "type": "array",
      "items": {
        "$ref": "#/components/schemas/LogTarget"
      },
      "readOnly": true
    },
    "outcome": {
      "$ref": "#/components/schemas/LogOutcome"
    },
    "request": {
      "$ref": "#/components/schemas/LogRequest"
    },
    "version": {
      "type": "string",
      "readOnly": true
    },
    "severity": {
      "$ref": "#/components/schemas/LogSeverity"
    },
    "eventType": {
      "type": "string",
      "readOnly": true
    },
    "published": {
      "type": "string",
      "format": "date-time",
      "readOnly": true
    },
    "transaction": {
      "$ref": "#/components/schemas/LogTransaction"
    },
    "debugContext": {
      "$ref": "#/components/schemas/LogDebugContext"
    },
    "displayMessage": {
      "type": "string",
      "readOnly": true
    },
    "legacyEventType": {
      "type": "string",
      "readOnly": true
    },
    "securityContext": {
      "$ref": "#/components/schemas/LogSecurityContext"
    },
    "authenticationContext": {
      "$ref": "#/components/schemas/LogAuthenticationContext"
    }
  },
  "x-okta-tags": [
    "Log"
  ]
}
object LogGeographicalContext 
{
  "type": "object",
  "properties": {
    "city": {
      "type": "string",
      "readOnly": true
    },
    "state": {
      "type": "string",
      "readOnly": true
    },
    "country": {
      "type": "string",
      "readOnly": true
    },
    "postalCode": {
      "type": "string",
      "readOnly": true
    },
    "geolocation": {
      "$ref": "#/components/schemas/LogGeolocation"
    }
  },
  "x-okta-tags": [
    "Log"
  ]
}
object LogGeolocation 
{
  "type": "object",
  "properties": {
    "lat": {
      "type": "number",
      "format": "double",
      "readOnly": true
    },
    "lon": {
      "type": "number",
      "format": "double",
      "readOnly": true
    }
  },
  "x-okta-tags": [
    "Log"
  ]
}
array LogGetListEventsResponse 
{
  "type": "array",
  "items": {
    "$ref": "#/components/schemas/LogEvent"
  }
}
object LogIpAddress 
{
  "type": "object",
  "properties": {
    "ip": {
      "type": "string",
      "readOnly": true
    },
    "source": {
      "type": "string",
      "readOnly": true
    },
    "version": {
      "type": "string",
      "readOnly": true
    },
    "geographicalContext": {
      "$ref": "#/components/schemas/LogGeographicalContext"
    }
  },
  "x-okta-tags": [
    "Log"
  ]
}
object LogIssuer 
{
  "type": "object",
  "properties": {
    "id": {
      "type": "string",
      "readOnly": true
    },
    "type": {
      "type": "string",
      "readOnly": true
    }
  },
  "x-okta-tags": [
    "Log"
  ]
}
object LogOutcome 
{
  "type": "object",
  "properties": {
    "reason": {
      "type": "string",
      "readOnly": true
    },
    "result": {
      "type": "string",
      "readOnly": true
    }
  },
  "x-okta-tags": [
    "Log"
  ]
}
object LogRequest 
{
  "type": "object",
  "properties": {
    "ipChain": {
      "type": "array",
      "items": {
        "$ref": "#/components/schemas/LogIpAddress"
      },
      "readOnly": true
    }
  },
  "x-okta-tags": [
    "Log"
  ]
}
object LogSecurityContext 
{
  "type": "object",
  "properties": {
    "isp": {
      "type": "string",
      "readOnly": true
    },
    "asOrg": {
      "type": "string",
      "readOnly": true
    },
    "domain": {
      "type": "string",
      "readOnly": true
    },
    "isProxy": {
      "type": "boolean",
      "readOnly": true
    },
    "asNumber": {
      "type": "integer",
      "readOnly": true
    }
  },
  "x-okta-tags": [
    "Log"
  ]
}
string LogSeverity 
{
  "enum": [
    "DEBUG",
    "INFO",
    "WARN",
    "ERROR"
  ],
  "type": "string",
  "x-okta-tags": [
    "Log"
  ]
}
object LogTarget 
{
  "type": "object",
  "properties": {
    "id": {
      "type": "string",
      "readOnly": true
    },
    "type": {
      "type": "string",
      "readOnly": true
    },
    "alternateId": {
      "type": "string",
      "readOnly": true
    },
    "detailEntry": {
      "type": "object",
      "readOnly": true,
      "additionalProperties": {
        "type": "object"
      }
    },
    "displayName": {
      "type": "string",
      "readOnly": true
    }
  },
  "x-okta-tags": [
    "Log"
  ]
}
object LogTransaction 
{
  "type": "object",
  "properties": {
    "id": {
      "type": "string",
      "readOnly": true
    },
    "type": {
      "type": "string",
      "readOnly": true
    },
    "detail": {
      "type": "object",
      "readOnly": true,
      "additionalProperties": {
        "type": "object"
      }
    }
  },
  "x-okta-tags": [
    "Log"
  ]
}
object LogUserAgent 
{
  "type": "object",
  "properties": {
    "os": {
      "type": "string",
      "readOnly": true
    },
    "browser": {
      "type": "string",
      "readOnly": true
    },
    "rawUserAgent": {
      "type": "string",
      "readOnly": true
    }
  },
  "x-okta-tags": [
    "Log"
  ]
}
object MDMEnrollmentPolicyRuleCondition 
{
  "type": "object",
  "properties": {
    "enrollment": {
      "enum": [
        "OMM",
        "ANY_OR_NONE"
      ],
      "type": "string"
    },
    "blockNonSafeAndroid": {
      "type": "boolean"
    }
  },
  "x-okta-tags": [
    "Policy"
  ]
}
object MultifactorEnrollmentPolicy 
{
  "allOf": [
    {
      "$ref": "#/components/schemas/Policy"
    },
    {
      "type": "object",
      "properties": {
        "settings": {
          "$ref": "#/components/schemas/MultifactorEnrollmentPolicySettings"
        },
        "conditions": {
          "$ref": "#/components/schemas/PolicyRuleConditions"
        }
      }
    }
  ],
  "x-okta-tags": [
    "Policy"
  ],
  "x-okta-parent": "#/definitions/Policy"
}
object MultifactorEnrollmentPolicyAuthenticatorSettings 
{
  "type": "object",
  "properties": {
    "key": {
      "$ref": "#/components/schemas/MultifactorEnrollmentPolicyAuthenticatorType"
    },
    "enroll": {
      "type": "object",
      "properties": {
        "self": {
          "$ref": "#/components/schemas/MultifactorEnrollmentPolicyAuthenticatorStatus"
        }
      }
    },
    "constraints": {
      "type": "object",
      "minimum": 0,
      "properties": {
        "aaguidGroups": {
          "type": "array",
          "items": {
            "type": "string",
            "uniqueItems": true
          }
        }
      },
      "x-okta-lifecycle": {
        "features": [
          "WEBAUTHN_MDS_CATALOG_BASED_AAGUID_ALLOWLIST"
        ]
      }
    }
  },
  "x-okta-tags": [
    "Policy"
  ]
}
string MultifactorEnrollmentPolicyAuthenticatorStatus 
{
  "enum": [
    "NOT_ALLOWED",
    "OPTIONAL",
    "REQUIRED"
  ],
  "type": "string",
  "x-okta-tags": [
    "Policy"
  ]
}
string MultifactorEnrollmentPolicyAuthenticatorType 
{
  "enum": [
    "custom_app",
    "custom_otp",
    "duo",
    "external_idp",
    "google_otp",
    "okta_email",
    "okta_password",
    "okta_verify",
    "onprem_mfa",
    "phone_number",
    "rsa_token",
    "security_question",
    "symantec_vip",
    "webauthn",
    "yubikey_token"
  ],
  "type": "string",
  "x-okta-tags": [
    "Policy"
  ]
}
object MultifactorEnrollmentPolicySettings 
{
  "type": "object",
  "properties": {
    "type": {
      "$ref": "#/components/schemas/MultifactorEnrollmentPolicySettingsType"
    },
    "authenticators": {
      "type": "array",
      "items": {
        "$ref": "#/components/schemas/MultifactorEnrollmentPolicyAuthenticatorSettings"
      }
    }
  },
  "x-okta-tags": [
    "Policy"
  ]
}
string MultifactorEnrollmentPolicySettingsType 
{
  "enum": [
    "AUTHENTICATORS"
  ],
  "type": "string",
  "x-okta-tags": [
    "Policy"
  ]
}
object NetworkZone 
{
  "type": "object",
  "properties": {
    "id": {
      "type": "string",
      "readOnly": true
    },
    "asns": {
      "type": "array",
      "items": {
        "type": "string"
      }
    },
    "name": {
      "type": "string"
    },
    "type": {
      "$ref": "#/components/schemas/NetworkZoneType"
    },
    "usage": {
      "$ref": "#/components/schemas/NetworkZoneUsage"
    },
    "_links": {
      "type": "object",
      "readOnly": true,
      "additionalProperties": {
        "type": "object"
      }
    },
    "status": {
      "$ref": "#/components/schemas/NetworkZoneStatus"
    },
    "system": {
      "type": "boolean"
    },
    "created": {
      "type": "string",
      "format": "date-time",
      "readOnly": true
    },
    "proxies": {
      "type": "array",
      "items": {
        "$ref": "#/components/schemas/NetworkZoneAddress"
      }
    },
    "gateways": {
      "type": "array",
      "items": {
        "$ref": "#/components/schemas/NetworkZoneAddress"
      }
    },
    "locations": {
      "type": "array",
      "items": {
        "$ref": "#/components/schemas/NetworkZoneLocation"
      }
    },
    "proxyType": {
      "type": "string"
    },
    "lastUpdated": {
      "type": "string",
      "format": "date-time",
      "readOnly": true
    }
  },
  "x-okta-crud": [
    {
      "alias": "read",
      "arguments": [
        {
          "src": "id",
          "dest": "zoneId"
        }
      ],
      "operationId": "getNetworkZone"
    },
    {
      "alias": "update",
      "arguments": [
        {
          "src": "id",
          "dest": "zoneId"
        },
        {
          "dest": "zone",
          "self": true
        }
      ],
      "operationId": "updateNetworkZone"
    },
    {
      "alias": "delete",
      "arguments": [
        {
          "src": "id",
          "dest": "zoneId"
        }
      ],
      "operationId": "deleteNetworkZone"
    }
  ],
  "x-okta-tags": [
    "NetworkZone"
  ],
  "x-okta-operations": [
    {
      "alias": "activate",
      "arguments": [
        {
          "src": "id",
          "dest": "zoneId"
        }
      ],
      "operationId": "activateNetworkZone"
    },
    {
      "alias": "deactivate",
      "arguments": [
        {
          "src": "id",
          "dest": "zoneId"
        }
      ],
      "operationId": "deactivateNetworkZone"
    }
  ]
}
object NetworkZoneAddress 
{
  "type": "object",
  "properties": {
    "type": {
      "$ref": "#/components/schemas/NetworkZoneAddressType"
    },
    "value": {
      "type": "string"
    }
  },
  "x-okta-tags": [
    "NetworkZone"
  ]
}
string NetworkZoneAddressType 
{
  "enum": [
    "CIDR",
    "RANGE"
  ],
  "type": "string",
  "x-okta-tags": [
    "NetworkZone"
  ]
}
array NetworkZoneListZonesResponse 
{
  "type": "array",
  "items": {
    "$ref": "#/components/schemas/NetworkZone"
  }
}
object NetworkZoneLocation 
{
  "type": "object",
  "properties": {
    "region": {
      "type": "string"
    },
    "country": {
      "type": "string"
    }
  },
  "x-okta-tags": [
    "NetworkZone"
  ]
}
string NetworkZoneStatus 
{
  "enum": [
    "ACTIVE",
    "INACTIVE"
  ],
  "type": "string",
  "x-okta-tags": [
    "NetworkZone"
  ]
}
string NetworkZoneType 
{
  "enum": [
    "IP",
    "DYNAMIC"
  ],
  "type": "string",
  "x-okta-tags": [
    "NetworkZone"
  ]
}
string NetworkZoneUsage 
{
  "enum": [
    "POLICY",
    "BLOCKLIST"
  ],
  "type": "string",
  "x-okta-tags": [
    "NetworkZone"
  ]
}
string NotificationType 
{
  "enum": [
    "CONNECTOR_AGENT",
    "USER_LOCKED_OUT",
    "APP_IMPORT",
    "LDAP_AGENT",
    "AD_AGENT",
    "OKTA_ANNOUNCEMENT",
    "OKTA_ISSUE",
    "OKTA_UPDATE",
    "IWA_AGENT",
    "USER_DEPROVISION",
    "REPORT_SUSPICIOUS_ACTIVITY",
    "RATELIMIT_NOTIFICATION"
  ],
  "type": "string",
  "x-okta-tags": [
    "Subscription"
  ]
}
object OAuth2Actor 
{
  "type": "object",
  "properties": {
    "id": {
      "type": "string",
      "readOnly": true
    },
    "type": {
      "type": "string"
    }
  },
  "x-okta-tags": [
    "Application"
  ]
}
object OAuth2Claim 
{
  "type": "object",
  "properties": {
    "id": {
      "type": "string",
      "readOnly": true
    },
    "name": {
      "type": "string"
    },
    "value": {
      "type": "string"
    },
    "_links": {
      "type": "object",
      "readOnly": true,
      "additionalProperties": {
        "type": "object"
      }
    },
    "status": {
      "enum": [
        "ACTIVE",
        "INACTIVE"
      ],
      "type": "string"
    },
    "system": {
      "type": "boolean"
    },
    "claimType": {
      "enum": [
        "IDENTITY",
        "RESOURCE"
      ],
      "type": "string"
    },
    "valueType": {
      "enum": [
        "EXPRESSION",
        "GROUPS",
        "SYSTEM"
      ],
      "type": "string"
    },
    "conditions": {
      "$ref": "#/components/schemas/OAuth2ClaimConditions"
    },
    "group_filter_type": {
      "enum": [
        "STARTS_WITH",
        "EQUALS",
        "CONTAINS",
        "REGEX"
      ],
      "type": "string"
    },
    "alwaysIncludeInToken": {
      "type": "boolean"
    }
  },
  "x-okta-tags": [
    "Application"
  ]
}
object OAuth2ClaimConditions 
{
  "type": "object",
  "properties": {
    "scopes": {
      "type": "array",
      "items": {
        "type": "string"
      }
    }
  },
  "x-okta-tags": [
    "Application"
  ]
}
object OAuth2Client 
{
  "type": "object",
  "properties": {
    "_links": {
      "type": "object",
      "readOnly": true,
      "additionalProperties": {
        "type": "object"
      }
    },
    "logo_uri": {
      "type": "string",
      "readOnly": true
    },
    "client_id": {
      "type": "string",
      "readOnly": true
    },
    "client_uri": {
      "type": "string",
      "readOnly": true
    },
    "client_name": {
      "type": "string",
      "readOnly": true
    }
  },
  "x-okta-tags": [
    "Application"
  ]
}
object OAuth2RefreshToken 
{
  "type": "object",
  "properties": {
    "id": {
      "type": "string",
      "readOnly": true
    },
    "_links": {
      "type": "object",
      "readOnly": true,
      "additionalProperties": {
        "type": "object"
      }
    },
    "issuer": {
      "type": "string"
    },
    "scopes": {
      "type": "array",
      "items": {
        "type": "string"
      }
    },
    "status": {
      "enum": [
        "ACTIVE",
        "REVOKED"
      ],
      "type": "string"
    },
    "userId": {
      "type": "string"
    },
    "created": {
      "type": "string",
      "format": "date-time",
      "readOnly": true
    },
    "clientId": {
      "type": "string"
    },
    "_embedded": {
      "type": "object",
      "readOnly": true,
      "additionalProperties": {
        "type": "object"
      }
    },
    "createdBy": {
      "$ref": "#/components/schemas/OAuth2Actor"
    },
    "expiresAt": {
      "type": "string",
      "format": "date-time",
      "readOnly": true
    },
    "lastUpdated": {
      "type": "string",
      "format": "date-time",
      "readOnly": true
    }
  },
  "x-okta-tags": [
    "Application"
  ]
}
object OAuth2Scope 
{
  "type": "object",
  "properties": {
    "id": {
      "type": "string",
      "readOnly": true
    },
    "name": {
      "type": "string"
    },
    "system": {
      "type": "boolean"
    },
    "consent": {
      "enum": [
        "REQUIRED",
        "IMPLICIT",
        "ADMIN"
      ],
      "type": "string"
    },
    "default": {
      "type": "boolean"
    },
    "description": {
      "type": "string"
    },
    "displayName": {
      "type": "string"
    },
    "metadataPublish": {
      "enum": [
        "ALL_CLIENTS",
        "NO_CLIENTS"
      ],
      "type": "string"
    }
  },
  "x-okta-tags": [
    "Application"
  ]
}
object OAuth2ScopeConsentGrant 
{
  "type": "object",
  "properties": {
    "id": {
      "type": "string",
      "readOnly": true
    },
    "_links": {
      "type": "object",
      "readOnly": true,
      "additionalProperties": {
        "type": "object"
      }
    },
    "issuer": {
      "type": "string"
    },
    "source": {
      "$ref": "#/components/schemas/OAuth2ScopeConsentGrantSource"
    },
    "status": {
      "$ref": "#/components/schemas/OAuth2ScopeConsentGrantStatus"
    },
    "userId": {
      "type": "string"
    },
    "created": {
      "type": "string",
      "format": "date-time",
      "readOnly": true
    },
    "scopeId": {
      "type": "string"
    },
    "clientId": {
      "type": "string"
    },
    "_embedded": {
      "type": "object",
      "readOnly": true,
      "additionalProperties": {
        "type": "object"
      }
    },
    "createdBy": {
      "$ref": "#/components/schemas/OAuth2Actor"
    },
    "lastUpdated": {
      "type": "string",
      "format": "date-time",
      "readOnly": true
    }
  },
  "x-okta-tags": [
    "Application"
  ]
}
string OAuth2ScopeConsentGrantSource 
{
  "enum": [
    "END_USER",
    "ADMIN"
  ],
  "type": "string",
  "x-okta-tags": [
    "Application"
  ]
}
string OAuth2ScopeConsentGrantStatus 
{
  "enum": [
    "ACTIVE",
    "REVOKED"
  ],
  "type": "string",
  "x-okta-tags": [
    "Application"
  ]
}
object OAuth2ScopesMediationPolicyRuleCondition 
{
  "type": "object",
  "properties": {
    "include": {
      "type": "array",
      "items": {
        "type": "string"
      }
    }
  },
  "x-okta-tags": [
    "Application"
  ]
}
object OAuth2Token 
{
  "type": "object",
  "properties": {
    "id": {
      "type": "string",
      "readOnly": true
    },
    "_links": {
      "type": "object",
      "readOnly": true,
      "additionalProperties": {
        "type": "object"
      }
    },
    "issuer": {
      "type": "string"
    },
    "scopes": {
      "type": "array",
      "items": {
        "type": "string"
      }
    },
    "status": {
      "enum": [
        "ACTIVE",
        "REVOKED"
      ],
      "type": "string"
    },
    "userId": {
      "type": "string"
    },
    "created": {
      "type": "string",
      "format": "date-time",
      "readOnly": true
    },
    "clientId": {
      "type": "string"
    },
    "_embedded": {
      "type": "object",
      "readOnly": true,
      "additionalProperties": {
        "type": "object"
      }
    },
    "expiresAt": {
      "type": "string",
      "format": "date-time",
      "readOnly": true
    },
    "lastUpdated": {
      "type": "string",
      "format": "date-time",
      "readOnly": true
    }
  },
  "x-okta-tags": [
    "Application"
  ]
}
object OAuthApplicationCredentials 
{
  "properties": {
    "oauthClient": {
      "$ref": "#/components/schemas/ApplicationCredentialsOAuthClient"
    }
  },
  "x-okta-tags": [
    "Application"
  ],
  "x-okta-parent": "#/definitions/ApplicationCredentials"
}
object OAuthAuthorizationPolicy 
{
  "x-okta-tags": [
    "Policy"
  ],
  "x-okta-parent": "#/definitions/Policy"
}
string OAuthEndpointAuthenticationMethod 
{
  "enum": [
    "none",
    "client_secret_post",
    "client_secret_basic",
    "client_secret_jwt",
    "private_key_jwt"
  ],
  "type": "string",
  "x-okta-tags": [
    "Application"
  ]
}
string OAuthGrantType 
{
  "enum": [
    "authorization_code",
    "implicit",
    "password",
    "refresh_token",
    "client_credentials",
    "saml2_bearer",
    "device_code",
    "token_exchange",
    "interaction_code"
  ],
  "type": "string",
  "x-okta-tags": [
    "Application"
  ]
}
string OAuthResponseType 
{
  "enum": [
    "code",
    "token",
    "id_token"
  ],
  "type": "string",
  "x-okta-tags": [
    "Application"
  ]
}
object OktaSignOnPolicy 
{
  "type": "object",
  "properties": {
    "conditions": {
      "$ref": "#/components/schemas/OktaSignOnPolicyConditions"
    }
  },
  "x-okta-tags": [
    "Policy"
  ],
  "x-okta-parent": "#/definitions/Policy"
}
object OktaSignOnPolicyConditions 
{
  "properties": {
    "people": {
      "$ref": "#/components/schemas/PolicyPeopleCondition"
    }
  },
  "x-okta-tags": [
    "Policy"
  ],
  "x-okta-parent": "#/definitions/PolicyRuleConditions"
}
object OktaSignOnPolicyRule 
{
  "properties": {
    "name": {
      "type": "string"
    },
    "actions": {
      "$ref": "#/components/schemas/OktaSignOnPolicyRuleActions"
    },
    "conditions": {
      "$ref": "#/components/schemas/OktaSignOnPolicyRuleConditions"
    }
  },
  "x-okta-tags": [
    "Policy"
  ],
  "x-okta-parent": "#/definitions/PolicyRule"
}
object OktaSignOnPolicyRuleActions 
{
  "properties": {
    "signon": {
      "$ref": "#/components/schemas/OktaSignOnPolicyRuleSignonActions"
    }
  },
  "x-okta-tags": [
    "Policy"
  ],
  "x-okta-parent": "#/definitions/PolicyRuleActions"
}
object OktaSignOnPolicyRuleConditions 
{
  "properties": {
    "people": {
      "$ref": "#/components/schemas/PolicyPeopleCondition"
    },
    "network": {
      "$ref": "#/components/schemas/PolicyNetworkCondition"
    },
    "authContext": {
      "$ref": "#/components/schemas/PolicyRuleAuthContextCondition"
    }
  },
  "x-okta-tags": [
    "Policy"
  ],
  "x-okta-parent": "#/definitions/PolicyRuleConditions"
}
object OktaSignOnPolicyRuleSignonActions 
{
  "type": "object",
  "properties": {
    "access": {
      "enum": [
        "ALLOW",
        "DENY"
      ],
      "type": "string"
    },
    "session": {
      "$ref": "#/components/schemas/OktaSignOnPolicyRuleSignonSessionActions"
    },
    "requireFactor": {
      "type": "boolean",
      "default": false
    },
    "factorLifetime": {
      "type": "integer"
    },
    "factorPromptMode": {
      "enum": [
        "ALWAYS",
        "DEVICE",
        "SESSION"
      ],
      "type": "string"
    },
    "rememberDeviceByDefault": {
      "type": "boolean",
      "default": false
    }
  },
  "x-okta-tags": [
    "Policy"
  ]
}
object OktaSignOnPolicyRuleSignonSessionActions 
{
  "type": "object",
  "properties": {
    "usePersistentCookie": {
      "type": "boolean",
      "default": false
    },
    "maxSessionIdleMinutes": {
      "type": "integer",
      "default": 120
    },
    "maxSessionLifetimeMinutes": {
      "type": "integer",
      "default": 0
    }
  },
  "x-okta-tags": [
    "Policy"
  ]
}
object OpenIdConnectApplication 
{
  "properties": {
    "name": {
      "default": "oidc_client"
    },
    "settings": {
      "$ref": "#/components/schemas/OpenIdConnectApplicationSettings"
    },
    "credentials": {
      "$ref": "#/components/schemas/OAuthApplicationCredentials"
    }
  },
  "x-okta-tags": [
    "Application"
  ],
  "x-okta-parent": "#/definitions/Application",
  "x-okta-defined-as": {
    "name": "oidc_client"
  }
}
string OpenIdConnectApplicationConsentMethod 
{
  "enum": [
    "REQUIRED",
    "TRUSTED"
  ],
  "type": "string",
  "x-okta-tags": [
    "Application"
  ]
}
object OpenIdConnectApplicationIdpInitiatedLogin 
{
  "type": "object",
  "properties": {
    "mode": {
      "type": "string"
    },
    "default_scope": {
      "type": "array",
      "items": {
        "type": "string"
      }
    }
  },
  "x-okta-tags": [
    "Application"
  ]
}
string OpenIdConnectApplicationIssuerMode 
{
  "enum": [
    "CUSTOM_URL",
    "ORG_URL",
    "DYNAMIC"
  ],
  "type": "string",
  "x-okta-tags": [
    "Application"
  ]
}
object OpenIdConnectApplicationSettings 
{
  "properties": {
    "oauthClient": {
      "$ref": "#/components/schemas/OpenIdConnectApplicationSettingsClient"
    }
  },
  "x-okta-tags": [
    "Application"
  ],
  "x-okta-parent": "#/definitions/ApplicationSettings"
}
object OpenIdConnectApplicationSettingsClient 
{
  "properties": {
    "jwks": {
      "$ref": "#/components/schemas/OpenIdConnectApplicationSettingsClientKeys"
    },
    "tos_uri": {
      "type": "string"
    },
    "logo_uri": {
      "type": "string"
    },
    "client_uri": {
      "type": "string"
    },
    "policy_uri": {
      "type": "string"
    },
    "grant_types": {
      "type": "array",
      "items": {
        "$ref": "#/components/schemas/OAuthGrantType"
      }
    },
    "issuer_mode": {
      "$ref": "#/components/schemas/OpenIdConnectApplicationIssuerMode"
    },
    "redirect_uris": {
      "type": "array",
      "items": {
        "type": "string"
      }
    },
    "refresh_token": {
      "$ref": "#/components/schemas/OpenIdConnectApplicationSettingsRefreshToken"
    },
    "consent_method": {
      "$ref": "#/components/schemas/OpenIdConnectApplicationConsentMethod"
    },
    "response_types": {
      "type": "array",
      "items": {
        "$ref": "#/components/schemas/OAuthResponseType"
      }
    },
    "application_type": {
      "$ref": "#/components/schemas/OpenIdConnectApplicationType"
    },
    "wildcard_redirect": {
      "type": "string"
    },
    "initiate_login_uri": {
      "type": "string"
    },
    "idp_initiated_login": {
      "$ref": "#/components/schemas/OpenIdConnectApplicationIdpInitiatedLogin"
    },
    "post_logout_redirect_uris": {
      "type": "array",
      "items": {
        "type": "string"
      }
    }
  },
  "x-okta-tags": [
    "Application"
  ]
}
object OpenIdConnectApplicationSettingsClientKeys 
{
  "properties": {
    "keys": {
      "type": "array",
      "items": {
        "$ref": "#/components/schemas/JsonWebKey"
      }
    }
  },
  "x-okta-tags": [
    "Application"
  ]
}
object OpenIdConnectApplicationSettingsRefreshToken 
{
  "type": "object",
  "properties": {
    "leeway": {
      "type": "integer"
    },
    "rotation_type": {
      "$ref": "#/components/schemas/OpenIdConnectRefreshTokenRotationType"
    }
  },
  "x-okta-tags": [
    "Application"
  ]
}
string OpenIdConnectApplicationType 
{
  "enum": [
    "web",
    "native",
    "browser",
    "service"
  ],
  "type": "string",
  "x-okta-tags": [
    "Application"
  ]
}
string OpenIdConnectRefreshTokenRotationType 
{
  "enum": [
    "rotate",
    "static"
  ],
  "type": "string",
  "x-okta-tags": [
    "Application"
  ]
}
object Org2OrgApplication 
{
  "properties": {
    "name": {
      "default": "okta_org2org"
    },
    "settings": {
      "$ref": "#/components/schemas/Org2OrgApplicationSettings"
    }
  },
  "x-okta-tags": [
    "Application"
  ],
  "x-okta-parent": "#/definitions/SamlApplication",
  "x-okta-defined-as": {
    "name": "okta_org2org"
  }
}
object Org2OrgApplicationSettings 
{
  "properties": {
    "app": {
      "$ref": "#/components/schemas/Org2OrgApplicationSettingsApp"
    }
  },
  "x-okta-tags": [
    "Application"
  ],
  "x-okta-parent": "#/definitions/SamlApplicationSettings"
}
object Org2OrgApplicationSettingsApp 
{
  "properties": {
    "acsUrl": {
      "type": "string"
    },
    "baseUrl": {
      "type": "string"
    },
    "audRestriction": {
      "type": "string"
    }
  },
  "x-okta-tags": [
    "Application"
  ],
  "x-okta-parent": "#/definitions/ApplicationSettingsApplication"
}
string OrgContactType 
{
  "enum": [
    "BILLING",
    "TECHNICAL"
  ],
  "type": "string",
  "x-okta-tags": [
    "Org"
  ]
}
object OrgContactTypeObj 
{
  "type": "object",
  "properties": {
    "_links": {
      "additionalProperties": {
        "type": "object"
      }
    },
    "contactType": {
      "$ref": "#/components/schemas/OrgContactType"
    }
  },
  "x-okta-tags": [
    "Org"
  ]
}
object OrgContactUser 
{
  "type": "object",
  "properties": {
    "_links": {
      "type": "object",
      "readOnly": true,
      "additionalProperties": {
        "type": "object"
      }
    },
    "userId": {
      "type": "string"
    }
  },
  "x-okta-tags": [
    "Org"
  ],
  "x-okta-operations": [
    {
      "alias": "updateContactUser",
      "arguments": [
        {
          "src": "userId",
          "dest": "userId"
        }
      ],
      "operationId": "updateOrgContactUser"
    }
  ]
}
array OrgListContactTypesResponse 
{
  "type": "array",
  "items": {
    "$ref": "#/components/schemas/OrgContactTypeObj"
  }
}
object OrgOktaCommunicationSetting 
{
  "type": "object",
  "properties": {
    "_links": {
      "additionalProperties": {
        "type": "object"
      }
    },
    "optOutEmailUsers": {
      "type": "boolean",
      "readOnly": true
    }
  },
  "x-okta-tags": [
    "Org"
  ],
  "x-okta-operations": [
    {
      "alias": "optInUsersToOktaCommunicationEmails",
      "operationId": "optInUsersToOktaCommunicationEmails"
    },
    {
      "alias": "optOutUsersFromOktaCommunicationEmails",
      "operationId": "optOutUsersFromOktaCommunicationEmails"
    }
  ]
}
string OrgOktaSupportSetting 
{
  "enum": [
    "DISABLED",
    "ENABLED"
  ],
  "type": "string",
  "x-okta-tags": [
    "Org"
  ]
}
object OrgOktaSupportSettingsObj 
{
  "type": "object",
  "properties": {
    "_links": {
      "additionalProperties": {
        "type": "object"
      }
    },
    "support": {
      "$ref": "#/components/schemas/OrgOktaSupportSetting"
    },
    "expiration": {
      "type": "string",
      "format": "date-time",
      "readOnly": true
    }
  },
  "x-okta-tags": [
    "Org"
  ],
  "x-okta-operations": [
    {
      "alias": "extendOktaSupport",
      "operationId": "extendOktaSupport"
    },
    {
      "alias": "grantOktaSupport",
      "operationId": "grantOktaSupport"
    },
    {
      "alias": "revokeOktaSupport",
      "operationId": "revokeOktaSupport"
    }
  ]
}
object OrgPreferences 
{
  "type": "object",
  "properties": {
    "_links": {
      "additionalProperties": {
        "type": "object"
      }
    },
    "showEndUserFooter": {
      "type": "boolean",
      "readOnly": true
    }
  },
  "x-okta-tags": [
    "Org"
  ],
  "x-okta-operations": [
    {
      "alias": "hideEndUserFooter",
      "operationId": "hideOktaUIFooter"
    },
    {
      "alias": "showEndUserFooter",
      "operationId": "showOktaUIFooter"
    }
  ]
}
object OrgSetting 
{
  "type": "object",
  "properties": {
    "id": {
      "type": "string",
      "readOnly": true
    },
    "city": {
      "type": "string"
    },
    "state": {
      "type": "string"
    },
    "_links": {
      "additionalProperties": {
        "type": "object"
      }
    },
    "status": {
      "type": "string",
      "readOnly": true
    },
    "country": {
      "type": "string"
    },
    "created": {
      "type": "string",
      "format": "date-time",
      "readOnly": true
    },
    "website": {
      "type": "string"
    },
    "address1": {
      "type": "string"
    },
    "address2": {
      "type": "string"
    },
    "expiresAt": {
      "type": "string",
      "format": "date-time",
      "readOnly": true
    },
    "subdomain": {
      "type": "string",
      "readOnly": true
    },
    "postalCode": {
      "type": "string"
    },
    "companyName": {
      "type": "string"
    },
    "lastUpdated": {
      "type": "string",
      "format": "date-time",
      "readOnly": true
    },
    "phoneNumber": {
      "type": "string"
    },
    "supportPhoneNumber": {
      "type": "string"
    },
    "endUserSupportHelpURL": {
      "type": "string"
    }
  },
  "x-okta-crud": [
    {
      "alias": "read",
      "arguments": [
        {
          "dest": "orgSetting",
          "self": true
        }
      ],
      "operationId": "getOrgSettings"
    },
    {
      "alias": "update",
      "arguments": [
        {
          "dest": "orgSetting",
          "self": true
        }
      ],
      "operationId": "updateOrgSetting"
    }
  ],
  "x-okta-tags": [
    "Org"
  ],
  "x-okta-operations": [
    {
      "alias": "partialUpdate",
      "arguments": [
        {
          "dest": "orgSetting",
          "self": true
        }
      ],
      "operationId": "partialUpdateOrgSetting"
    },
    {
      "alias": "getContactTypes",
      "operationId": "getOrgContactTypes"
    },
    {
      "alias": "getOrgContactUser",
      "operationId": "getOrgContactUser"
    },
    {
      "alias": "getSupportSettings",
      "operationId": "getOrgOktaSupportSettings"
    },
    {
      "alias": "communicationSettings",
      "operationId": "getOktaCommunicationSettings"
    },
    {
      "alias": "orgPreferences",
      "operationId": "getOrgPreferences"
    },
    {
      "alias": "showFooter",
      "arguments": [
        {
          "dest": "orgSetting",
          "self": true
        }
      ],
      "operationId": "showOktaUIFooter"
    },
    {
      "alias": "hideFooter",
      "arguments": [
        {
          "dest": "orgSetting",
          "self": true
        }
      ],
      "operationId": "hideOktaUIFooter"
    },
    {
      "alias": "updateOrgLogo",
      "operationId": "updateOrgLogo"
    }
  ]
}
object PasswordCredential 
{
  "type": "object",
  "properties": {
    "hash": {
      "$ref": "#/components/schemas/PasswordCredentialHash"
    },
    "hook": {
      "$ref": "#/components/schemas/PasswordCredentialHook"
    },
    "value": {
      "type": "string",
      "format": "password"
    }
  },
  "x-okta-tags": [
    "User"
  ]
}
object PasswordCredentialHash 
{
  "type": "object",
  "properties": {
    "salt": {
      "type": "string"
    },
    "value": {
      "type": "string"
    },
    "algorithm": {
      "$ref": "#/components/schemas/PasswordCredentialHashAlgorithm"
    },
    "saltOrder": {
      "type": "string"
    },
    "workFactor": {
      "type": "integer"
    }
  },
  "x-okta-tags": [
    "User"
  ]
}
string PasswordCredentialHashAlgorithm 
{
  "enum": [
    "BCRYPT",
    "SHA-512",
    "SHA-256",
    "SHA-1",
    "MD5"
  ],
  "type": "string",
  "x-okta-tags": [
    "User"
  ]
}
object PasswordCredentialHook 
{
  "type": "object",
  "properties": {
    "type": {
      "type": "string"
    }
  },
  "x-okta-tags": [
    "User"
  ]
}
object PasswordDictionary 
{
  "type": "object",
  "properties": {
    "common": {
      "$ref": "#/components/schemas/PasswordDictionaryCommon"
    }
  },
  "x-okta-tags": [
    "Policy"
  ]
}
object PasswordDictionaryCommon 
{
  "type": "object",
  "properties": {
    "exclude": {
      "type": "boolean",
      "default": false
    }
  },
  "x-okta-tags": [
    "Policy"
  ]
}
object PasswordExpirationPolicyRuleCondition 
{
  "type": "object",
  "properties": {
    "unit": {
      "type": "string"
    },
    "number": {
      "type": "integer"
    }
  },
  "x-okta-tags": [
    "Policy"
  ]
}
object PasswordPolicy 
{
  "type": "object",
  "properties": {
    "settings": {
      "$ref": "#/components/schemas/PasswordPolicySettings"
    },
    "conditions": {
      "$ref": "#/components/schemas/PasswordPolicyConditions"
    }
  },
  "x-okta-tags": [
    "Policy"
  ],
  "x-okta-parent": "#/definitions/Policy"
}
object PasswordPolicyAuthenticationProviderCondition 
{
  "type": "object",
  "properties": {
    "include": {
      "type": "array",
      "items": {
        "type": "string"
      }
    },
    "provider": {
      "enum": [
        "ACTIVE_DIRECTORY",
        "ANY",
        "LDAP",
        "OKTA"
      ],
      "type": "string"
    }
  },
  "x-okta-tags": [
    "Policy"
  ]
}
object PasswordPolicyConditions 
{
  "properties": {
    "people": {
      "$ref": "#/components/schemas/PolicyPeopleCondition"
    },
    "authProvider": {
      "$ref": "#/components/schemas/PasswordPolicyAuthenticationProviderCondition"
    }
  },
  "x-okta-tags": [
    "Policy"
  ],
  "x-okta-parent": "#/definitions/PolicyRuleConditions"
}
object PasswordPolicyDelegationSettings 
{
  "type": "object",
  "properties": {
    "options": {
      "$ref": "#/components/schemas/PasswordPolicyDelegationSettingsOptions"
    }
  },
  "x-okta-tags": [
    "Policy"
  ]
}
object PasswordPolicyDelegationSettingsOptions 
{
  "type": "object",
  "properties": {
    "skipUnlock": {
      "type": "boolean"
    }
  },
  "x-okta-tags": [
    "Policy"
  ]
}
object PasswordPolicyPasswordSettings 
{
  "type": "object",
  "properties": {
    "age": {
      "$ref": "#/components/schemas/PasswordPolicyPasswordSettingsAge"
    },
    "lockout": {
      "$ref": "#/components/schemas/PasswordPolicyPasswordSettingsLockout"
    },
    "complexity": {
      "$ref": "#/components/schemas/PasswordPolicyPasswordSettingsComplexity"
    }
  },
  "x-okta-tags": [
    "Policy"
  ]
}
object PasswordPolicyPasswordSettingsAge 
{
  "type": "object",
  "properties": {
    "maxAgeDays": {
      "type": "integer",
      "default": 0
    },
    "historyCount": {
      "type": "integer",
      "default": 0
    },
    "minAgeMinutes": {
      "type": "integer",
      "default": 0
    },
    "expireWarnDays": {
      "type": "integer",
      "default": 0
    }
  },
  "x-okta-tags": [
    "Policy"
  ]
}
object PasswordPolicyPasswordSettingsComplexity 
{
  "type": "object",
  "properties": {
    "minLength": {
      "type": "integer",
      "default": 8
    },
    "minNumber": {
      "type": "integer",
      "default": 1
    },
    "minSymbol": {
      "type": "integer",
      "default": 1
    },
    "dictionary": {
      "$ref": "#/components/schemas/PasswordDictionary"
    },
    "minLowerCase": {
      "type": "integer",
      "default": 1
    },
    "minUpperCase": {
      "type": "integer",
      "default": 1
    },
    "excludeUsername": {
      "type": "boolean",
      "default": true
    },
    "excludeAttributes": {
      "type": "array",
      "items": {
        "type": "string"
      },
      "default": 1
    }
  },
  "x-okta-tags": [
    "Policy"
  ]
}
object PasswordPolicyPasswordSettingsLockout 
{
  "type": "object",
  "properties": {
    "maxAttempts": {
      "type": "integer"
    },
    "autoUnlockMinutes": {
      "type": "integer"
    },
    "showLockoutFailures": {
      "type": "boolean"
    },
    "userLockoutNotificationChannels": {
      "type": "array",
      "items": {
        "type": "string"
      }
    }
  },
  "x-okta-tags": [
    "Policy"
  ]
}
object PasswordPolicyRecoveryEmail 
{
  "type": "object",
  "properties": {
    "status": {
      "enum": [
        "ACTIVE",
        "INACTIVE"
      ],
      "type": "string",
      "readOnly": true
    },
    "properties": {
      "$ref": "#/components/schemas/PasswordPolicyRecoveryEmailProperties"
    }
  },
  "x-okta-tags": [
    "Policy"
  ]
}
object PasswordPolicyRecoveryEmailProperties 
{
  "type": "object",
  "properties": {
    "recoveryToken": {
      "$ref": "#/components/schemas/PasswordPolicyRecoveryEmailRecoveryToken"
    }
  },
  "x-okta-tags": [
    "Policy"
  ]
}
object PasswordPolicyRecoveryEmailRecoveryToken 
{
  "type": "object",
  "properties": {
    "tokenLifetimeMinutes": {
      "type": "integer",
      "default": 10080
    }
  },
  "x-okta-tags": [
    "Policy"
  ]
}
object PasswordPolicyRecoveryFactorSettings 
{
  "type": "object",
  "properties": {
    "status": {
      "enum": [
        "ACTIVE",
        "INACTIVE"
      ],
      "type": "string",
      "default": "INACTIVE"
    }
  },
  "x-okta-tags": [
    "Policy"
  ]
}
object PasswordPolicyRecoveryFactors 
{
  "type": "object",
  "properties": {
    "okta_sms": {
      "$ref": "#/components/schemas/PasswordPolicyRecoveryFactorSettings"
    },
    "okta_call": {
      "$ref": "#/components/schemas/PasswordPolicyRecoveryFactorSettings"
    },
    "okta_email": {
      "$ref": "#/components/schemas/PasswordPolicyRecoveryEmail"
    },
    "recovery_question": {
      "$ref": "#/components/schemas/PasswordPolicyRecoveryQuestion"
    }
  },
  "x-okta-tags": [
    "Policy"
  ]
}
object PasswordPolicyRecoveryQuestion 
{
  "type": "object",
  "properties": {
    "status": {
      "enum": [
        "ACTIVE",
        "INACTIVE"
      ],
      "type": "string",
      "readOnly": true
    },
    "properties": {
      "$ref": "#/components/schemas/PasswordPolicyRecoveryQuestionProperties"
    }
  },
  "x-okta-tags": [
    "Policy"
  ]
}
object PasswordPolicyRecoveryQuestionComplexity 
{
  "type": "object",
  "properties": {
    "minLength": {
      "type": "integer",
      "readOnly": true
    }
  },
  "x-okta-tags": [
    "Policy"
  ]
}
object PasswordPolicyRecoveryQuestionProperties 
{
  "type": "object",
  "properties": {
    "complexity": {
      "$ref": "#/components/schemas/PasswordPolicyRecoveryQuestionComplexity"
    }
  },
  "x-okta-tags": [
    "Policy"
  ]
}
object PasswordPolicyRecoverySettings 
{
  "type": "object",
  "properties": {
    "factors": {
      "$ref": "#/components/schemas/PasswordPolicyRecoveryFactors"
    }
  },
  "x-okta-tags": [
    "Policy"
  ]
}
object PasswordPolicyRule 
{
  "type": "object",
  "properties": {
    "name": {
      "type": "string"
    },
    "actions": {
      "$ref": "#/components/schemas/PasswordPolicyRuleActions"
    },
    "conditions": {
      "$ref": "#/components/schemas/PasswordPolicyRuleConditions"
    }
  },
  "x-okta-tags": [
    "Policy"
  ],
  "x-okta-parent": "#/definitions/PolicyRule"
}
object PasswordPolicyRuleAction 
{
  "type": "object",
  "properties": {
    "access": {
      "enum": [
        "ALLOW",
        "DENY"
      ],
      "type": "string",
      "readOnly": false
    }
  },
  "x-okta-tags": [
    "Policy"
  ]
}
object PasswordPolicyRuleActions 
{
  "properties": {
    "passwordChange": {
      "$ref": "#/components/schemas/PasswordPolicyRuleAction"
    },
    "selfServiceUnlock": {
      "$ref": "#/components/schemas/PasswordPolicyRuleAction"
    },
    "selfServicePasswordReset": {
      "$ref": "#/components/schemas/PasswordPolicyRuleAction"
    }
  },
  "x-okta-tags": [
    "Policy"
  ],
  "x-okta-parent": "#/definitions/PolicyRuleActions"
}
object PasswordPolicyRuleConditions 
{
  "properties": {
    "people": {
      "$ref": "#/components/schemas/PolicyPeopleCondition"
    },
    "network": {
      "$ref": "#/components/schemas/PolicyNetworkCondition"
    }
  },
  "x-okta-tags": [
    "Policy"
  ],
  "x-okta-parent": "#/definitions/PolicyRuleConditions"
}
object PasswordPolicySettings 
{
  "type": "object",
  "properties": {
    "password": {
      "$ref": "#/components/schemas/PasswordPolicyPasswordSettings"
    },
    "recovery": {
      "$ref": "#/components/schemas/PasswordPolicyRecoverySettings"
    },
    "delegation": {
      "$ref": "#/components/schemas/PasswordPolicyDelegationSettings"
    }
  },
  "x-okta-tags": [
    "Policy"
  ]
}
object PasswordSettingObject 
{
  "type": "object",
  "properties": {
    "seed": {
      "$ref": "#/components/schemas/SeedEnum"
    },
    "change": {
      "$ref": "#/components/schemas/ChangeEnum"
    },
    "status": {
      "$ref": "#/components/schemas/EnabledStatus"
    }
  },
  "x-okta-tags": [
    "Application"
  ]
}
object PlatformConditionEvaluatorPlatform 
{
  "type": "object",
  "properties": {
    "os": {
      "$ref": "#/components/schemas/PlatformConditionEvaluatorPlatformOperatingSystem"
    },
    "type": {
      "enum": [
        "DESKTOP",
        "MOBILE",
        "OTHER",
        "ANY"
      ],
      "type": "string"
    }
  },
  "x-okta-tags": [
    "Policy"
  ]
}
object PlatformConditionEvaluatorPlatformOperatingSystem 
{
  "type": "object",
  "properties": {
    "type": {
      "enum": [
        "ANDROID",
        "IOS",
        "WINDOWS",
        "OSX",
        "OTHER",
        "ANY"
      ],
      "type": "string"
    },
    "version": {
      "$ref": "#/components/schemas/PlatformConditionEvaluatorPlatformOperatingSystemVersion"
    },
    "expression": {
      "type": "string"
    }
  },
  "x-okta-tags": [
    "Policy"
  ]
}
object PlatformConditionEvaluatorPlatformOperatingSystemVersion 
{
  "type": "object",
  "properties": {
    "value": {
      "type": "string"
    },
    "matchType": {
      "enum": [
        "EXPRESSION",
        "SEMVER"
      ],
      "type": "string"
    }
  },
  "x-okta-tags": [
    "Policy"
  ]
}
object PlatformPolicyRuleCondition 
{
  "type": "object",
  "properties": {
    "exclude": {
      "type": "array",
      "items": {
        "$ref": "#/components/schemas/PlatformConditionEvaluatorPlatform"
      }
    },
    "include": {
      "type": "array",
      "items": {
        "$ref": "#/components/schemas/PlatformConditionEvaluatorPlatform"
      }
    }
  },
  "x-okta-tags": [
    "Policy"
  ]
}
object Policy 
{
  "type": "object",
  "properties": {
    "id": {
      "type": "string",
      "readOnly": true
    },
    "name": {
      "type": "string"
    },
    "type": {
      "$ref": "#/components/schemas/PolicyType"
    },
    "_links": {
      "type": "object",
      "readOnly": true,
      "additionalProperties": {
        "type": "object"
      }
    },
    "status": {
      "enum": [
        "ACTIVE",
        "INACTIVE"
      ],
      "type": "string"
    },
    "system": {
      "type": "boolean"
    },
    "created": {
      "type": "string",
      "format": "date-time",
      "readOnly": true
    },
    "priority": {
      "type": "integer"
    },
    "_embedded": {
      "type": "object",
      "readOnly": true,
      "additionalProperties": {
        "type": "object"
      }
    },
    "conditions": {
      "$ref": "#/components/schemas/PolicyRuleConditions"
    },
    "description": {
      "type": "string"
    },
    "lastUpdated": {
      "type": "string",
      "format": "date-time",
      "readOnly": true
    }
  },
  "x-okta-crud": [
    {
      "alias": "read",
      "arguments": [
        {
          "src": "id",
          "dest": "policyId"
        }
      ],
      "operationId": "getPolicy"
    },
    {
      "alias": "update",
      "arguments": [
        {
          "src": "id",
          "dest": "policyId"
        },
        {
          "dest": "policy",
          "self": true
        }
      ],
      "operationId": "updatePolicy"
    },
    {
      "alias": "delete",
      "arguments": [
        {
          "src": "id",
          "dest": "policyId"
        }
      ],
      "operationId": "deletePolicy"
    }
  ],
  "x-okta-tags": [
    "Policy"
  ],
  "x-okta-operations": [
    {
      "alias": "activate",
      "arguments": [
        {
          "src": "id",
          "dest": "policyId"
        }
      ],
      "operationId": "activatePolicy"
    },
    {
      "alias": "deactivate",
      "arguments": [
        {
          "src": "id",
          "dest": "policyId"
        }
      ],
      "operationId": "deactivatePolicy"
    },
    {
      "alias": "listPolicyRules",
      "arguments": [
        {
          "src": "id",
          "dest": "policyId"
        }
      ],
      "operationId": "listPolicyRules"
    },
    {
      "alias": "createRule",
      "arguments": [
        {
          "src": "id",
          "dest": "policyId"
        }
      ],
      "operationId": "createPolicyRule"
    },
    {
      "alias": "getPolicyRule",
      "arguments": [
        {
          "src": "id",
          "dest": "policyId"
        }
      ],
      "operationId": "getPolicyRule"
    }
  ],
  "x-openapi-v3-discriminator": {
    "mapping": {
      "PASSWORD": "#/definitions/PasswordPolicy",
      "MFA_ENROLL": "#/definitions/MultifactorEnrollmentPolicy",
      "OKTA_SIGN_ON": "#/definitions/OktaSignOnPolicy",
      "ACCESS_POLICY": "#/definitions/AccessPolicy",
      "IDP_DISCOVERY": "#/definitions/IdentityProviderPolicy",
      "PROFILE_ENROLLMENT": "#/definitions/ProfileEnrollmentPolicy",
      "OAUTH_AUTHORIZATION_POLICY": "#/definitions/OAuthAuthorizationPolicy"
    },
    "propertyName": "type"
  }
}
object PolicyAccountLink 
{
  "type": "object",
  "properties": {
    "action": {
      "enum": [
        "AUTO",
        "DISABLED"
      ],
      "type": "string"
    },
    "filter": {
      "$ref": "#/components/schemas/PolicyAccountLinkFilter"
    }
  },
  "x-okta-tags": [
    "Policy"
  ]
}
object PolicyAccountLinkFilter 
{
  "type": "object",
  "properties": {
    "groups": {
      "$ref": "#/components/schemas/PolicyAccountLinkFilterGroups"
    }
  },
  "x-okta-tags": [
    "Policy"
  ]
}
object PolicyAccountLinkFilterGroups 
{
  "type": "object",
  "properties": {
    "include": {
      "type": "array",
      "items": {
        "type": "string"
      }
    }
  },
  "x-okta-tags": [
    "Policy"
  ]
}
array PolicyEnumerateRulesResponse 
{
  "type": "array",
  "items": {
    "$ref": "#/components/schemas/PolicyRule"
  }
}
array PolicyGetAllWithTypeResponse 
{
  "type": "array",
  "items": {
    "$ref": "#/components/schemas/Policy"
  }
}
object PolicyNetworkCondition 
{
  "type": "object",
  "properties": {
    "exclude": {
      "type": "array",
      "items": {
        "type": "string"
      }
    },
    "include": {
      "type": "array",
      "items": {
        "type": "string"
      }
    },
    "connection": {
      "enum": [
        "ANYWHERE",
        "ZONE"
      ],
      "type": "string"
    }
  },
  "x-okta-tags": [
    "Policy"
  ]
}
object PolicyPeopleCondition 
{
  "type": "object",
  "properties": {
    "users": {
      "$ref": "#/components/schemas/UserCondition"
    },
    "groups": {
      "$ref": "#/components/schemas/GroupCondition"
    }
  },
  "x-okta-tags": [
    "Policy"
  ]
}
object PolicyRule 
{
  "type": "object",
  "properties": {
    "id": {
      "type": "string",
      "readOnly": true
    },
    "name": {
      "type": "string"
    },
    "type": {
      "enum": [
        "SIGN_ON",
        "PASSWORD"
      ],
      "type": "string"
    },
    "status": {
      "enum": [
        "ACTIVE",
        "INACTIVE"
      ],
      "type": "string",
      "default": "ACTIVE"
    },
    "system": {
      "type": "boolean",
      "default": false
    },
    "actions": {
      "$ref": "#/components/schemas/PolicyRuleActions"
    },
    "created": {
      "type": "string",
      "format": "date-time",
      "readOnly": true
    },
    "priority": {
      "type": "integer"
    },
    "conditions": {
      "$ref": "#/components/schemas/PolicyRuleConditions"
    },
    "lastUpdated": {
      "type": "string",
      "format": "date-time",
      "readOnly": true
    }
  },
  "x-okta-crud": [
    {
      "alias": "update",
      "arguments": [
        {
          "src": "id",
          "dest": "ruleId"
        },
        {
          "dest": "policyRule",
          "self": true
        },
        {
          "dest": "policyId",
          "parentSrc": "id"
        }
      ],
      "operationId": "updatePolicyRule"
    },
    {
      "alias": "delete",
      "arguments": [
        {
          "src": "id",
          "dest": "ruleId"
        },
        {
          "dest": "policyId",
          "parentSrc": "policyId"
        }
      ],
      "operationId": "deletePolicyRule"
    }
  ],
  "x-okta-tags": [
    "Policy"
  ],
  "x-okta-operations": [
    {
      "alias": "activate",
      "arguments": [
        {
          "src": "id",
          "dest": "ruleId"
        },
        {
          "dest": "policyId",
          "parentSrc": "policyId"
        }
      ],
      "operationId": "activatePolicyRule"
    },
    {
      "alias": "deactivate",
      "arguments": [
        {
          "src": "id",
          "dest": "ruleId"
        },
        {
          "dest": "policyId",
          "parentSrc": "policyId"
        }
      ],
      "operationId": "deactivatePolicyRule"
    }
  ],
  "x-openapi-v3-discriminator": {
    "mapping": {
      "SIGN_ON": "#/definitions/OktaSignOnPolicyRule",
      "PASSWORD": "#/definitions/PasswordPolicyRule",
      "ACCESS_POLICY": "#/definitions/AccessPolicyRule",
      "PROFILE_ENROLLMENT": "#/definitions/ProfileEnrollmentPolicyRule"
    },
    "propertyName": "type"
  }
}
object PolicyRuleActions 
{
  "type": "object",
  "properties": {
    "idp": {
      "$ref": "#/components/schemas/IdpPolicyRuleAction"
    },
    "enroll": {
      "$ref": "#/components/schemas/PolicyRuleActionsEnroll"
    },
    "signon": {
      "$ref": "#/components/schemas/OktaSignOnPolicyRuleSignonActions"
    },
    "passwordChange": {
      "$ref": "#/components/schemas/PasswordPolicyRuleAction"
    },
    "selfServiceUnlock": {
      "$ref": "#/components/schemas/PasswordPolicyRuleAction"
    },
    "selfServicePasswordReset": {
      "$ref": "#/components/schemas/PasswordPolicyRuleAction"
    }
  },
  "x-okta-tags": [
    "Policy"
  ]
}
object PolicyRuleActionsEnroll 
{
  "type": "object",
  "properties": {
    "self": {
      "$ref": "#/components/schemas/PolicyRuleActionsEnrollSelf"
    }
  },
  "x-okta-tags": [
    "Policy"
  ]
}
string PolicyRuleActionsEnrollSelf 
{
  "enum": [
    "CHALLENGE",
    "LOGIN",
    "NEVER"
  ],
  "type": "string",
  "x-okta-tags": [
    "Policy"
  ]
}
object PolicyRuleAuthContextCondition 
{
  "type": "object",
  "properties": {
    "authType": {
      "enum": [
        "ANY",
        "RADIUS"
      ],
      "type": "string"
    }
  },
  "x-okta-tags": [
    "Policy"
  ]
}
object PolicyRuleConditions 
{
  "type": "object",
  "properties": {
    "app": {
      "$ref": "#/components/schemas/AppAndInstancePolicyRuleCondition"
    },
    "apps": {
      "$ref": "#/components/schemas/AppInstancePolicyRuleCondition"
    },
    "risk": {
      "$ref": "#/components/schemas/RiskPolicyRuleCondition"
    },
    "users": {
      "$ref": "#/components/schemas/UserPolicyRuleCondition"
    },
    "device": {
      "$ref": "#/components/schemas/DevicePolicyRuleCondition"
    },
    "groups": {
      "$ref": "#/components/schemas/GroupPolicyRuleCondition"
    },
    "people": {
      "$ref": "#/components/schemas/PolicyPeopleCondition"
    },
    "scopes": {
      "$ref": "#/components/schemas/OAuth2ScopesMediationPolicyRuleCondition"
    },
    "clients": {
      "$ref": "#/components/schemas/ClientPolicyCondition"
    },
    "context": {
      "$ref": "#/components/schemas/ContextPolicyRuleCondition"
    },
    "network": {
      "$ref": "#/components/schemas/PolicyNetworkCondition"
    },
    "platform": {
      "$ref": "#/components/schemas/PlatformPolicyRuleCondition"
    },
    "riskScore": {
      "$ref": "#/components/schemas/RiskScorePolicyRuleCondition"
    },
    "grantTypes": {
      "$ref": "#/components/schemas/GrantTypePolicyRuleCondition"
    },
    "userStatus": {
      "$ref": "#/components/schemas/UserStatusPolicyRuleCondition"
    },
    "authContext": {
      "$ref": "#/components/schemas/PolicyRuleAuthContextCondition"
    },
    "authProvider": {
      "$ref": "#/components/schemas/PasswordPolicyAuthenticationProviderCondition"
    },
    "mdmEnrollment": {
      "$ref": "#/components/schemas/MDMEnrollmentPolicyRuleCondition"
    },
    "userIdentifier": {
      "$ref": "#/components/schemas/UserIdentifierPolicyRuleCondition"
    },
    "identityProvider": {
      "$ref": "#/components/schemas/IdentityProviderPolicyRuleCondition"
    },
    "beforeScheduledAction": {
      "$ref": "#/components/schemas/BeforeScheduledActionPolicyRuleCondition"
    }
  },
  "x-okta-tags": [
    "Policy"
  ]
}
object PolicySubject 
{
  "type": "object",
  "properties": {
    "filter": {
      "type": "string"
    },
    "format": {
      "type": "array",
      "items": {
        "type": "string"
      }
    },
    "matchType": {
      "$ref": "#/components/schemas/PolicySubjectMatchType"
    },
    "matchAttribute": {
      "type": "string"
    },
    "userNameTemplate": {
      "$ref": "#/components/schemas/PolicyUserNameTemplate"
    }
  },
  "x-okta-tags": [
    "Policy"
  ]
}
string PolicySubjectMatchType 
{
  "enum": [
    "USERNAME",
    "EMAIL",
    "USERNAME_OR_EMAIL",
    "CUSTOM_ATTRIBUTE"
  ],
  "type": "string",
  "x-okta-tags": [
    "Policy"
  ]
}
string PolicyType 
{
  "enum": [
    "OAUTH_AUTHORIZATION_POLICY",
    "OKTA_SIGN_ON",
    "PASSWORD",
    "IDP_DISCOVERY",
    "PROFILE_ENROLLMENT",
    "ACCESS_POLICY",
    "MFA_ENROLL"
  ],
  "type": "string",
  "x-okta-tags": [
    "Policy"
  ]
}
object PolicyUserNameTemplate 
{
  "type": "object",
  "properties": {
    "template": {
      "type": "string"
    }
  },
  "x-okta-tags": [
    "Policy"
  ]
}
object PossessionConstraint 
{
  "properties": {
    "deviceBound": {
      "type": "string"
    },
    "userPresence": {
      "type": "string"
    },
    "phishingResistant": {
      "type": "string"
    },
    "hardwareProtection": {
      "type": "string"
    }
  },
  "x-okta-tags": [
    "Policy"
  ],
  "x-okta-parent": "#/definitions/AccessPolicyConstraint"
}
object PreRegistrationInlineHook 
{
  "type": "object",
  "properties": {
    "inlineHookId": {
      "type": "string"
    }
  },
  "x-okta-tags": [
    "Policy"
  ]
}
object ProfileEnrollmentPolicy 
{
  "x-okta-tags": [
    "Policy"
  ],
  "x-okta-parent": "#/definitions/Policy"
}
object ProfileEnrollmentPolicyRule 
{
  "type": "object",
  "properties": {
    "name": {
      "type": "string"
    },
    "actions": {
      "$ref": "#/components/schemas/ProfileEnrollmentPolicyRuleActions"
    }
  },
  "x-okta-tags": [
    "Policy"
  ],
  "x-okta-parent": "#/definitions/PolicyRule"
}
object ProfileEnrollmentPolicyRuleAction 
{
  "type": "object",
  "properties": {
    "access": {
      "type": "string"
    },
    "uiSchemaId": {
      "type": "string"
    },
    "targetGroupIds": {
      "type": "array",
      "items": {
        "type": "string"
      }
    },
    "profileAttributes": {
      "type": "array",
      "items": {
        "$ref": "#/components/schemas/ProfileEnrollmentPolicyRuleProfileAttribute"
      }
    },
    "unknownUserAction": {
      "type": "string"
    },
    "activationRequirements": {
      "$ref": "#/components/schemas/ProfileEnrollmentPolicyRuleActivationRequirement"
    },
    "preRegistrationInlineHooks": {
      "type": "array",
      "items": {
        "$ref": "#/components/schemas/PreRegistrationInlineHook"
      }
    }
  },
  "x-okta-tags": [
    "Policy"
  ]
}
object ProfileEnrollmentPolicyRuleActions 
{
  "type": "object",
  "properties": {
    "profileEnrollment": {
      "$ref": "#/components/schemas/ProfileEnrollmentPolicyRuleAction"
    }
  },
  "x-okta-tags": [
    "Policy"
  ],
  "x-okta-parent": "#/definitions/PolicyRuleActions"
}
object ProfileEnrollmentPolicyRuleActivationRequirement 
{
  "type": "object",
  "properties": {
    "emailVerification": {
      "type": "boolean"
    }
  },
  "x-okta-tags": [
    "Policy"
  ]
}
object ProfileEnrollmentPolicyRuleProfileAttribute 
{
  "type": "object",
  "properties": {
    "name": {
      "type": "string"
    },
    "label": {
      "type": "string"
    },
    "required": {
      "type": "boolean"
    }
  },
  "x-okta-tags": [
    "Policy"
  ]
}
object ProfileMapping 
{
  "type": "object",
  "properties": {
    "id": {
      "type": "string",
      "readOnly": true
    },
    "_links": {
      "type": "object",
      "readOnly": true,
      "additionalProperties": {
        "type": "object"
      }
    },
    "source": {
      "$ref": "#/components/schemas/ProfileMappingSource"
    },
    "target": {
      "$ref": "#/components/schemas/ProfileMappingSource"
    },
    "properties": {
      "type": "object",
      "readOnly": true,
      "additionalProperties": {
        "$ref": "#/components/schemas/ProfileMappingProperty"
      }
    }
  },
  "x-okta-crud": [
    {
      "alias": "read",
      "arguments": [
        {
          "src": "id",
          "dest": "mappingId"
        }
      ],
      "operationId": "getProfileMapping"
    },
    {
      "alias": "update",
      "arguments": [
        {
          "src": "id",
          "dest": "mappingId"
        }
      ],
      "operationId": "updateProfileMapping"
    }
  ],
  "x-okta-tags": [
    "ProfileMapping"
  ]
}
array ProfileMappingListWithPaginationResponse 
{
  "type": "array",
  "items": {
    "$ref": "#/components/schemas/ProfileMapping"
  }
}
object ProfileMappingProperty 
{
  "type": "object",
  "properties": {
    "expression": {
      "type": "string"
    },
    "pushStatus": {
      "$ref": "#/components/schemas/ProfileMappingPropertyPushStatus"
    }
  },
  "x-okta-tags": [
    "ProfileMapping"
  ]
}
object ProfileMappingPropertyPushStatus 
{
  "enum": [
    "PUSH",
    "DONT_PUSH"
  ],
  "type": "object",
  "x-okta-tags": [
    "ProfileMapping"
  ]
}
object ProfileMappingSource 
{
  "type": "object",
  "properties": {
    "id": {
      "type": "string",
      "readOnly": true
    },
    "name": {
      "type": "string",
      "readOnly": true
    },
    "type": {
      "type": "string",
      "readOnly": true
    },
    "_links": {
      "type": "object",
      "readOnly": true,
      "additionalProperties": {
        "type": "object"
      }
    }
  },
  "x-okta-tags": [
    "ProfileMapping"
  ]
}
object ProfileSettingObject 
{
  "type": "object",
  "properties": {
    "status": {
      "$ref": "#/components/schemas/EnabledStatus"
    }
  },
  "x-okta-tags": [
    "Application"
  ]
}
object Protocol 
{
  "type": "object",
  "properties": {
    "type": {
      "enum": [
        "SAML2",
        "OIDC",
        "OAUTH2",
        "MTLS"
      ],
      "type": "string"
    },
    "issuer": {
      "$ref": "#/components/schemas/ProtocolEndpoint"
    },
    "scopes": {
      "type": "array",
      "items": {
        "type": "string"
      }
    },
    "settings": {
      "$ref": "#/components/schemas/ProtocolSettings"
    },
    "endpoints": {
      "$ref": "#/components/schemas/ProtocolEndpoints"
    },
    "algorithms": {
      "$ref": "#/components/schemas/ProtocolAlgorithms"
    },
    "relayState": {
      "$ref": "#/components/schemas/ProtocolRelayState"
    },
    "credentials": {
      "$ref": "#/components/schemas/IdentityProviderCredentials"
    }
  },
  "x-okta-tags": [
    "IdentityProvider"
  ]
}
object ProtocolAlgorithmType 
{
  "type": "object",
  "properties": {
    "signature": {
      "$ref": "#/components/schemas/ProtocolAlgorithmTypeSignature"
    }
  },
  "x-okta-tags": [
    "IdentityProvider"
  ]
}
object ProtocolAlgorithmTypeSignature 
{
  "type": "object",
  "properties": {
    "scope": {
      "enum": [
        "RESPONSE",
        "TOKEN",
        "ANY",
        "REQUEST",
        "NONE"
      ],
      "type": "string"
    },
    "algorithm": {
      "type": "string"
    }
  },
  "x-okta-tags": [
    "IdentityProvider"
  ]
}
object ProtocolAlgorithms 
{
  "type": "object",
  "properties": {
    "request": {
      "$ref": "#/components/schemas/ProtocolAlgorithmType"
    },
    "response": {
      "$ref": "#/components/schemas/ProtocolAlgorithmType"
    }
  },
  "x-okta-tags": [
    "IdentityProvider"
  ]
}
object ProtocolEndpoint 
{
  "type": "object",
  "properties": {
    "url": {
      "type": "string"
    },
    "type": {
      "enum": [
        "INSTANCE",
        "ORG"
      ],
      "type": "string"
    },
    "binding": {
      "enum": [
        "HTTP-POST",
        "HTTP-REDIRECT"
      ],
      "type": "string"
    },
    "destination": {
      "type": "string"
    }
  },
  "x-okta-tags": [
    "IdentityProvider"
  ]
}
object ProtocolEndpoints 
{
  "type": "object",
  "properties": {
    "acs": {
      "$ref": "#/components/schemas/ProtocolEndpoint"
    },
    "slo": {
      "$ref": "#/components/schemas/ProtocolEndpoint"
    },
    "sso": {
      "$ref": "#/components/schemas/ProtocolEndpoint"
    },
    "jwks": {
      "$ref": "#/components/schemas/ProtocolEndpoint"
    },
    "token": {
      "$ref": "#/components/schemas/ProtocolEndpoint"
    },
    "metadata": {
      "$ref": "#/components/schemas/ProtocolEndpoint"
    },
    "userInfo": {
      "$ref": "#/components/schemas/ProtocolEndpoint"
    },
    "authorization": {
      "$ref": "#/components/schemas/ProtocolEndpoint"
    }
  },
  "x-okta-tags": [
    "IdentityProvider"
  ]
}
object ProtocolRelayState 
{
  "type": "object",
  "properties": {
    "format": {
      "$ref": "#/components/schemas/ProtocolRelayStateFormat"
    }
  },
  "x-okta-tags": [
    "IdentityProvider"
  ]
}
string ProtocolRelayStateFormat 
{
  "enum": [
    "OPAQUE",
    "FROM_URL"
  ],
  "type": "string",
  "x-okta-tags": [
    "IdentityProvider"
  ]
}
object ProtocolSettings 
{
  "type": "object",
  "properties": {
    "nameFormat": {
      "type": "string"
    }
  },
  "x-okta-tags": [
    "IdentityProvider"
  ]
}
object Provisioning 
{
  "type": "object",
  "properties": {
    "action": {
      "enum": [
        "AUTO",
        "CALLOUT",
        "DISABLED"
      ],
      "type": "string"
    },
    "groups": {
      "$ref": "#/components/schemas/ProvisioningGroups"
    },
    "conditions": {
      "$ref": "#/components/schemas/ProvisioningConditions"
    },
    "profileMaster": {
      "type": "boolean"
    }
  },
  "x-okta-tags": [
    "IdentityProvider"
  ]
}
object ProvisioningConditions 
{
  "type": "object",
  "properties": {
    "suspended": {
      "$ref": "#/components/schemas/ProvisioningSuspendedCondition"
    },
    "deprovisioned": {
      "$ref": "#/components/schemas/ProvisioningDeprovisionedCondition"
    }
  },
  "x-okta-tags": [
    "IdentityProvider"
  ]
}
object ProvisioningConnection 
{
  "type": "object",
  "properties": {
    "_links": {
      "type": "object",
      "readOnly": true,
      "additionalProperties": {
        "type": "object"
      }
    },
    "status": {
      "$ref": "#/components/schemas/ProvisioningConnectionStatus"
    },
    "authScheme": {
      "$ref": "#/components/schemas/ProvisioningConnectionAuthScheme"
    }
  },
  "x-okta-tags": [
    "Application"
  ],
  "x-okta-operations": [
    {
      "alias": "getDefaultProvisioningConnectionForApplication",
      "operationId": "getDefaultProvisioningConnectionForApplication"
    },
    {
      "alias": "activateDefaultProvisioningConnectionForApplication",
      "operationId": "activateDefaultProvisioningConnectionForApplication"
    },
    {
      "alias": "deactivateDefaultProvisioningConnectionForApplication",
      "operationId": "deactivateDefaultProvisioningConnectionForApplication"
    }
  ]
}
string ProvisioningConnectionAuthScheme 
{
  "enum": [
    "TOKEN",
    "UNKNOWN"
  ],
  "type": "string",
  "x-okta-tags": [
    "Application"
  ]
}
object ProvisioningConnectionProfile 
{
  "type": "object",
  "properties": {
    "token": {
      "type": "string"
    },
    "authScheme": {
      "$ref": "#/components/schemas/ProvisioningConnectionAuthScheme"
    }
  },
  "x-okta-tags": [
    "Application"
  ],
  "x-okta-operations": [
    {
      "alias": "setDefaultProvisioningConnectionForApplication",
      "operationId": "setDefaultProvisioningConnectionForApplication"
    }
  ]
}
object ProvisioningConnectionRequest 
{
  "type": "object",
  "properties": {
    "profile": {
      "$ref": "#/components/schemas/ProvisioningConnectionProfile"
    }
  },
  "x-okta-tags": [
    "Application"
  ]
}
string ProvisioningConnectionStatus 
{
  "enum": [
    "DISABLED",
    "ENABLED",
    "UNKNOWN"
  ],
  "type": "string",
  "x-okta-tags": [
    "Application"
  ]
}
object ProvisioningDeprovisionedCondition 
{
  "type": "object",
  "properties": {
    "action": {
      "enum": [
        "NONE",
        "REACTIVATE"
      ],
      "type": "string"
    }
  },
  "x-okta-tags": [
    "IdentityProvider"
  ]
}
object ProvisioningGroups 
{
  "type": "object",
  "properties": {
    "action": {
      "enum": [
        "NONE",
        "APPEND",
        "SYNC",
        "ASSIGN"
      ],
      "type": "string"
    },
    "filter": {
      "type": "array",
      "items": {
        "type": "string"
      }
    },
    "assignments": {
      "type": "array",
      "items": {
        "type": "string"
      }
    },
    "sourceAttributeName": {
      "type": "string"
    }
  },
  "x-okta-tags": [
    "IdentityProvider"
  ]
}
object ProvisioningSuspendedCondition 
{
  "type": "object",
  "properties": {
    "action": {
      "enum": [
        "NONE",
        "UNSUSPEND"
      ],
      "type": "string"
    }
  },
  "x-okta-tags": [
    "IdentityProvider"
  ]
}
object PushUserFactor 
{
  "properties": {
    "profile": {
      "$ref": "#/components/schemas/PushUserFactorProfile"
    },
    "expiresAt": {
      "type": "string",
      "format": "date-time"
    },
    "factorResult": {
      "$ref": "#/components/schemas/FactorResultType"
    }
  },
  "x-okta-tags": [
    "UserFactor"
  ],
  "x-okta-parent": "#/definitions/UserFactor"
}
object PushUserFactorProfile 
{
  "properties": {
    "name": {
      "type": "string"
    },
    "version": {
      "type": "string"
    },
    "platform": {
      "type": "string"
    },
    "deviceType": {
      "type": "string"
    },
    "deviceToken": {
      "type": "string"
    },
    "credentialId": {
      "type": "string"
    }
  },
  "x-okta-tags": [
    "UserFactor"
  ]
}
object RecoveryQuestionCredential 
{
  "type": "object",
  "properties": {
    "answer": {
      "type": "string"
    },
    "question": {
      "type": "string"
    }
  },
  "x-okta-tags": [
    "User"
  ]
}
string RequiredEnum 
{
  "enum": [
    "ALWAYS",
    "HIGH_RISK_ONLY",
    "NEVER"
  ],
  "type": "string",
  "x-okta-tags": [
    "Authenticator"
  ]
}
object ResetPasswordToken 
{
  "type": "object",
  "properties": {
    "resetPasswordUrl": {
      "type": "string",
      "readOnly": true
    }
  },
  "x-okta-tags": [
    "User"
  ]
}
object ResponseLinks 
{
  "type": "object",
  "properties": {
    "_links": {
      "type": "object",
      "readOnly": true,
      "additionalProperties": {
        "type": "object"
      }
    }
  },
  "x-okta-tags": [
    "User"
  ]
}
object RiskPolicyRuleCondition 
{
  "type": "object",
  "properties": {
    "behaviors": {
      "type": "array",
      "items": {
        "type": "string"
      },
      "uniqueItems": true
    }
  },
  "x-okta-tags": [
    "Policy"
  ]
}
object RiskScorePolicyRuleCondition 
{
  "type": "object",
  "properties": {
    "level": {
      "type": "string"
    }
  },
  "x-okta-tags": [
    "Policy"
  ]
}
object Role 
{
  "type": "object",
  "properties": {
    "id": {
      "type": "string",
      "readOnly": true
    },
    "type": {
      "$ref": "#/components/schemas/RoleType"
    },
    "label": {
      "type": "string",
      "readOnly": true
    },
    "_links": {
      "type": "object",
      "readOnly": true,
      "additionalProperties": {
        "type": "object"
      }
    },
    "status": {
      "$ref": "#/components/schemas/RoleStatus"
    },
    "created": {
      "type": "string",
      "format": "date-time",
      "readOnly": true
    },
    "_embedded": {
      "type": "object",
      "readOnly": true,
      "additionalProperties": {
        "type": "object"
      }
    },
    "description": {
      "type": "string"
    },
    "lastUpdated": {
      "type": "string",
      "format": "date-time",
      "readOnly": true
    },
    "assignmentType": {
      "$ref": "#/components/schemas/RoleAssignmentType"
    }
  },
  "x-okta-tags": [
    "User"
  ],
  "x-okta-operations": [
    {
      "alias": "addAdminGroupTarget",
      "arguments": [
        {
          "src": "id",
          "dest": "roleId"
        },
        {
          "dest": "groupId",
          "parentSrc": "id"
        }
      ],
      "operationId": "addGroupTargetToGroupAdministratorRoleForGroup"
    },
    {
      "alias": "addAppInstanceTargetToAdminRole",
      "arguments": [
        {
          "src": "id",
          "dest": "roleId"
        },
        {
          "dest": "groupId",
          "parentSrc": "id"
        }
      ],
      "operationId": "addApplicationInstanceTargetToAppAdminRoleGivenToGroup"
    },
    {
      "alias": "addAppTargetToAdminRole",
      "arguments": [
        {
          "src": "id",
          "dest": "roleId"
        },
        {
          "dest": "groupId",
          "parentSrc": "id"
        }
      ],
      "operationId": "addApplicationTargetToAdminRoleGivenToGroup"
    },
    {
      "alias": "addAllAppsAsTargetToRole",
      "arguments": [
        {
          "src": "id",
          "dest": "roleId"
        },
        {
          "dest": "userId",
          "parentSrc": "id"
        }
      ],
      "operationId": "addAllAppsAsTargetToRole"
    },
    {
      "alias": "addAppTargetToAppAdminRoleForUser",
      "arguments": [
        {
          "src": "id",
          "dest": "roleId"
        },
        {
          "dest": "userId",
          "parentSrc": "id"
        }
      ],
      "operationId": "addApplicationTargetToAppAdminRoleForUser"
    },
    {
      "alias": "addAppTargetToAdminRoleForUser",
      "arguments": [
        {
          "src": "id",
          "dest": "roleId"
        },
        {
          "dest": "userId",
          "parentSrc": "id"
        }
      ],
      "operationId": "addApplicationTargetToAdminRoleForUser"
    }
  ]
}
string RoleAssignmentType 
{
  "enum": [
    "GROUP",
    "USER"
  ],
  "type": "string",
  "x-okta-tags": [
    "Role"
  ]
}
string RoleStatus 
{
  "enum": [
    "ACTIVE",
    "INACTIVE"
  ],
  "type": "string",
  "x-okta-tags": [
    "User"
  ]
}
string RoleType 
{
  "enum": [
    "SUPER_ADMIN",
    "ORG_ADMIN",
    "APP_ADMIN",
    "USER_ADMIN",
    "HELP_DESK_ADMIN",
    "READ_ONLY_ADMIN",
    "MOBILE_ADMIN",
    "API_ACCESS_MANAGEMENT_ADMIN",
    "REPORT_ADMIN",
    "GROUP_MEMBERSHIP_ADMIN",
    "CUSTOM"
  ],
  "type": "string",
  "x-okta-tags": [
    "Role"
  ]
}
object SamlApplication 
{
  "properties": {
    "settings": {
      "$ref": "#/components/schemas/SamlApplicationSettings"
    }
  },
  "x-okta-tags": [
    "Application"
  ],
  "x-okta-parent": "#/definitions/Application",
  "x-openapi-v3-discriminator": {
    "mapping": {
      "okta_org2org": "#/definitions/Org2OrgApplication"
    },
    "propertyName": "name"
  }
}
object SamlApplicationSettings 
{
  "properties": {
    "signOn": {
      "$ref": "#/components/schemas/SamlApplicationSettingsSignOn"
    }
  },
  "x-okta-tags": [
    "Application"
  ],
  "x-okta-parent": "#/definitions/ApplicationSettings"
}
object SamlApplicationSettingsSignOn 
{
  "properties": {
    "slo": {
      "$ref": "#/components/schemas/SingleLogout"
    },
    "audience": {
      "type": "string"
    },
    "spIssuer": {
      "type": "string"
    },
    "idpIssuer": {
      "type": "string"
    },
    "recipient": {
      "type": "string"
    },
    "ssoAcsUrl": {
      "type": "string"
    },
    "destination": {
      "type": "string"
    },
    "inlineHooks": {
      "type": "array",
      "items": {
        "$ref": "#/components/schemas/SignOnInlineHook"
      }
    },
    "acsEndpoints": {
      "type": "array",
      "items": {
        "$ref": "#/components/schemas/AcsEndpoint"
      }
    },
    "spCertificate": {
      "$ref": "#/components/schemas/SpCertificate"
    },
    "responseSigned": {
      "type": "boolean"
    },
    "assertionSigned": {
      "type": "boolean"
    },
    "digestAlgorithm": {
      "type": "string"
    },
    "honorForceAuthn": {
      "type": "boolean"
    },
    "audienceOverride": {
      "type": "string"
    },
    "defaultRelayState": {
      "type": "string"
    },
    "recipientOverride": {
      "type": "string"
    },
    "requestCompressed": {
      "type": "boolean"
    },
    "ssoAcsUrlOverride": {
      "type": "string"
    },
    "signatureAlgorithm": {
      "type": "string"
    },
    "attributeStatements": {
      "type": "array",
      "items": {
        "$ref": "#/components/schemas/SamlAttributeStatement"
      }
    },
    "destinationOverride": {
      "type": "string"
    },
    "subjectNameIdFormat": {
      "type": "string"
    },
    "authnContextClassRef": {
      "type": "string"
    },
    "subjectNameIdTemplate": {
      "type": "string"
    },
    "samlSignedRequestEnabled": {
      "type": "boolean"
    },
    "allowMultipleAcsEndpoints": {
      "type": "boolean"
    }
  },
  "x-okta-tags": [
    "Application"
  ]
}
object SamlAttributeStatement 
{
  "properties": {
    "name": {
      "type": "string"
    },
    "type": {
      "type": "string"
    },
    "values": {
      "type": "array",
      "items": {
        "type": "string"
      }
    },
    "namespace": {
      "type": "string"
    },
    "filterType": {
      "type": "string"
    },
    "filterValue": {
      "type": "string"
    }
  },
  "x-okta-tags": [
    "Application"
  ]
}
object ScheduledUserLifecycleAction 
{
  "type": "object",
  "properties": {
    "status": {
      "enum": [
        "ACTIVE",
        "INACTIVE",
        "PENDING",
        "DELETED",
        "EXPIRED_PASSWORD",
        "ACTIVATING",
        "SUSPENDED",
        "DELETING"
      ],
      "type": "string"
    }
  },
  "x-okta-tags": [
    "Policy"
  ]
}
object SchemeApplicationCredentials 
{
  "properties": {
    "scheme": {
      "$ref": "#/components/schemas/ApplicationCredentialsScheme"
    },
    "signing": {
      "$ref": "#/components/schemas/ApplicationCredentialsSigning"
    },
    "password": {
      "$ref": "#/components/schemas/PasswordCredential"
    },
    "userName": {
      "type": "string"
    },
    "revealPassword": {
      "type": "boolean"
    }
  },
  "x-okta-tags": [
    "Application"
  ],
  "x-okta-parent": "#/definitions/ApplicationCredentials"
}
object Scope 
{
  "type": "object",
  "properties": {
    "type": {
      "$ref": "#/components/schemas/ScopeType"
    },
    "stringValue": {
      "type": "string"
    },
    "allowedOktaApps": {
      "type": "array",
      "items": {
        "$ref": "#/components/schemas/IframeEmbedScopeAllowedApps"
      }
    }
  },
  "x-okta-tags": [
    "Role"
  ]
}
string ScopeType 
{
  "enum": [
    "CORS",
    "REDIRECT",
    "IFRAME_EMBED"
  ],
  "type": "string",
  "x-okta-tags": [
    "Role"
  ]
}
object SecurePasswordStoreApplication 
{
  "properties": {
    "name": {
      "default": "template_sps"
    },
    "settings": {
      "$ref": "#/components/schemas/SecurePasswordStoreApplicationSettings"
    },
    "credentials": {
      "$ref": "#/components/schemas/SchemeApplicationCredentials"
    }
  },
  "x-okta-tags": [
    "Application"
  ],
  "x-okta-parent": "#/definitions/Application",
  "x-okta-defined-as": {
    "name": "template_sps"
  }
}
object SecurePasswordStoreApplicationSettings 
{
  "properties": {
    "app": {
      "$ref": "#/components/schemas/SecurePasswordStoreApplicationSettingsApplication"
    }
  },
  "x-okta-tags": [
    "Application"
  ],
  "x-okta-parent": "#/definitions/ApplicationSettings"
}
object SecurePasswordStoreApplicationSettingsApplication 
{
  "properties": {
    "url": {
      "type": "string"
    },
    "passwordField": {
      "type": "string"
    },
    "usernameField": {
      "type": "string"
    },
    "optionalField1": {
      "type": "string"
    },
    "optionalField2": {
      "type": "string"
    },
    "optionalField3": {
      "type": "string"
    },
    "optionalField1Value": {
      "type": "string"
    },
    "optionalField2Value": {
      "type": "string"
    },
    "optionalField3Value": {
      "type": "string"
    }
  },
  "x-okta-tags": [
    "Application"
  ],
  "x-okta-parent": "#/definitions/ApplicationSettingsApplication"
}
object SecurityQuestion 
{
  "properties": {
    "answer": {
      "type": "string"
    },
    "question": {
      "type": "string"
    },
    "questionText": {
      "type": "string"
    }
  },
  "x-okta-tags": [
    "UserFactor"
  ]
}
object SecurityQuestionUserFactor 
{
  "properties": {
    "profile": {
      "$ref": "#/components/schemas/SecurityQuestionUserFactorProfile"
    }
  },
  "x-okta-tags": [
    "UserFactor"
  ],
  "x-okta-parent": "#/definitions/UserFactor"
}
object SecurityQuestionUserFactorProfile 
{
  "properties": {
    "answer": {
      "type": "string"
    },
    "question": {
      "type": "string"
    },
    "questionText": {
      "type": "string"
    }
  },
  "x-okta-tags": [
    "UserFactor"
  ]
}
string SeedEnum 
{
  "enum": [
    "OKTA",
    "RANDOM"
  ],
  "type": "string",
  "x-okta-tags": [
    "Application"
  ]
}
object Session 
{
  "type": "object",
  "properties": {
    "id": {
      "type": "string",
      "readOnly": true
    },
    "amr": {
      "type": "array",
      "items": {
        "$ref": "#/components/schemas/SessionAuthenticationMethod"
      },
      "readOnly": true
    },
    "idp": {
      "$ref": "#/components/schemas/SessionIdentityProvider"
    },
    "login": {
      "type": "string",
      "readOnly": true
    },
    "_links": {
      "type": "object",
      "readOnly": true,
      "additionalProperties": {
        "type": "object"
      }
    },
    "status": {
      "$ref": "#/components/schemas/SessionStatus"
    },
    "userId": {
      "type": "string",
      "readOnly": true
    },
    "createdAt": {
      "type": "string",
      "format": "date-time",
      "readOnly": true
    },
    "expiresAt": {
      "type": "string",
      "format": "date-time",
      "readOnly": true
    },
    "lastFactorVerification": {
      "type": "string",
      "format": "date-time",
      "readOnly": true
    },
    "lastPasswordVerification": {
      "type": "string",
      "format": "date-time",
      "readOnly": true
    }
  },
  "x-okta-crud": [
    {
      "alias": "read",
      "arguments": [
        {
          "src": "id",
          "dest": "sessionId"
        }
      ],
      "operationId": "getSession"
    },
    {
      "alias": "delete",
      "arguments": [
        {
          "src": "id",
          "dest": "sessionId"
        }
      ],
      "operationId": "endSession"
    }
  ],
  "x-okta-tags": [
    "Session"
  ],
  "x-okta-operations": [
    {
      "alias": "refresh",
      "arguments": [
        {
          "src": "id",
          "dest": "sessionId"
        }
      ],
      "operationId": "refreshSession"
    }
  ]
}
string SessionAuthenticationMethod 
{
  "enum": [
    "pwd",
    "swk",
    "hwk",
    "otp",
    "sms",
    "tel",
    "geo",
    "fpt",
    "kba",
    "mfa",
    "mca",
    "sc"
  ],
  "type": "string",
  "x-okta-tags": [
    "Session"
  ]
}
object SessionIdentityProvider 
{
  "type": "object",
  "properties": {
    "id": {
      "type": "string",
      "readOnly": true
    },
    "type": {
      "$ref": "#/components/schemas/SessionIdentityProviderType"
    }
  },
  "x-okta-tags": [
    "Session"
  ]
}
string SessionIdentityProviderType 
{
  "enum": [
    "ACTIVE_DIRECTORY",
    "LDAP",
    "OKTA",
    "FEDERATION",
    "SOCIAL"
  ],
  "type": "string",
  "x-okta-tags": [
    "Session"
  ]
}
string SessionStatus 
{
  "enum": [
    "ACTIVE",
    "MFA_ENROLL",
    "MFA_REQUIRED"
  ],
  "type": "string",
  "x-okta-tags": [
    "Session"
  ]
}
string SignInPageTouchPointVariant 
{
  "enum": [
    "OKTA_DEFAULT",
    "BACKGROUND_SECONDARY_COLOR",
    "BACKGROUND_IMAGE"
  ],
  "type": "string",
  "x-okta-tags": [
    "Brand"
  ]
}
object SignOnInlineHook 
{
  "properties": {
    "id": {
      "type": "string"
    }
  },
  "x-okta-tags": [
    "Application"
  ]
}
object SingleLogout 
{
  "properties": {
    "issuer": {
      "type": "string"
    },
    "enabled": {
      "type": "boolean"
    },
    "logoutUrl": {
      "type": "string"
    }
  },
  "x-okta-tags": [
    "Application"
  ]
}
object SmsTemplate 
{
  "type": "object",
  "properties": {
    "id": {
      "type": "string",
      "readOnly": true
    },
    "name": {
      "type": "string"
    },
    "type": {
      "$ref": "#/components/schemas/SmsTemplateType"
    },
    "created": {
      "type": "string",
      "format": "date-time",
      "readOnly": true
    },
    "template": {
      "type": "string"
    },
    "lastUpdated": {
      "type": "string",
      "format": "date-time",
      "readOnly": true
    },
    "translations": {
      "$ref": "#/components/schemas/SmsTemplateTranslations"
    }
  },
  "x-okta-crud": [
    {
      "alias": "create",
      "arguments": [
        {
          "dest": "smsTemplate",
          "self": true
        }
      ],
      "operationId": "createSmsTemplate"
    },
    {
      "alias": "read",
      "arguments": [],
      "operationId": "getSmsTemplate"
    },
    {
      "alias": "update",
      "arguments": [
        {
          "src": "id",
          "dest": "templateId"
        },
        {
          "dest": "smsTemplate",
          "self": true
        }
      ],
      "operationId": "updateSmsTemplate"
    },
    {
      "alias": "delete",
      "arguments": [
        {
          "src": "id",
          "dest": "templateId"
        }
      ],
      "operationId": "deleteSmsTemplate"
    }
  ],
  "x-okta-tags": [
    "Template"
  ],
  "x-okta-operations": [
    {
      "alias": "partialUpdate",
      "arguments": [
        {
          "src": "id",
          "dest": "templateId"
        },
        {
          "dest": "smsTemplate",
          "self": true
        }
      ],
      "operationId": "partialUpdateSmsTemplate"
    }
  ]
}
object SmsTemplateTranslations 
{
  "type": "object",
  "x-okta-tags": [
    "Template"
  ],
  "x-okta-extensible": true
}
string SmsTemplateType 
{
  "enum": [
    "SMS_VERIFY_CODE"
  ],
  "type": "string",
  "x-okta-tags": [
    "Template"
  ]
}
object SmsUserFactor 
{
  "properties": {
    "profile": {
      "$ref": "#/components/schemas/SmsUserFactorProfile"
    }
  },
  "x-okta-tags": [
    "UserFactor"
  ],
  "x-okta-parent": "#/definitions/UserFactor"
}
object SmsUserFactorProfile 
{
  "properties": {
    "phoneNumber": {
      "type": "string"
    }
  },
  "x-okta-tags": [
    "UserFactor"
  ]
}
object SocialAuthToken 
{
  "type": "object",
  "properties": {
    "id": {
      "type": "string",
      "readOnly": true
    },
    "token": {
      "type": "string"
    },
    "scopes": {
      "type": "array",
      "items": {
        "type": "string"
      }
    },
    "expiresAt": {
      "type": "string",
      "format": "date-time",
      "readOnly": true
    },
    "tokenType": {
      "type": "string"
    },
    "tokenAuthScheme": {
      "type": "string"
    }
  },
  "x-okta-tags": [
    "IdentityProvider"
  ]
}
object SpCertificate 
{
  "properties": {
    "x5c": {
      "type": "array",
      "items": {
        "type": "string"
      },
      "readOnly": false
    }
  },
  "x-okta-tags": [
    "Application"
  ]
}
object Subscription 
{
  "type": "object",
  "properties": {
    "_links": {
      "type": "object",
      "readOnly": true,
      "additionalProperties": {
        "type": "object"
      }
    },
    "status": {
      "$ref": "#/components/schemas/SubscriptionStatus"
    },
    "channels": {
      "type": "array",
      "items": {
        "type": "string"
      }
    },
    "notificationType": {
      "$ref": "#/components/schemas/NotificationType"
    }
  },
  "x-okta-tags": [
    "Role"
  ],
  "x-okta-operations": [
    {
      "alias": "listRoleSubscriptions",
      "operationId": "listRoleSubscriptions"
    },
    {
      "alias": "getRoleSubscriptionByNotificationType",
      "operationId": "getRoleSubscriptionByNotificationType"
    },
    {
      "alias": "getUserSubscriptionByNotificationType",
      "operationId": "getUserSubscriptionByNotificationType"
    },
    {
      "alias": "listUserSubscriptions",
      "operationId": "listUserSubscriptions"
    },
    {
      "alias": "subscribeUserSubscriptionByNotificationType",
      "operationId": "subscribeUserSubscriptionByNotificationType"
    },
    {
      "alias": "unsubscribeRoleSubscriptionByNotificationType",
      "operationId": "unsubscribeRoleSubscriptionByNotificationType"
    },
    {
      "alias": "subscribeRoleSubscriptionByNotificationType",
      "operationId": "subscribeRoleSubscriptionByNotificationType"
    },
    {
      "alias": "unsubscribeUserSubscriptionByNotificationType",
      "operationId": "unsubscribeUserSubscriptionByNotificationType"
    }
  ]
}
array SubscriptionListRoleSubscriptionsResponse 
{
  "type": "array",
  "items": {
    "$ref": "#/components/schemas/Subscription"
  }
}
string SubscriptionStatus 
{
  "enum": [
    "subscribed",
    "unsubscribed"
  ],
  "type": "string",
  "x-okta-tags": [
    "Role"
  ]
}
object SwaApplication 
{
  "properties": {
    "name": {
      "default": "template_swa"
    },
    "settings": {
      "$ref": "#/components/schemas/SwaApplicationSettings"
    }
  },
  "x-okta-tags": [
    "Application"
  ],
  "x-okta-parent": "#/definitions/BrowserPluginApplication",
  "x-okta-defined-as": {
    "name": "template_swa"
  }
}
object SwaApplicationSettings 
{
  "properties": {
    "app": {
      "$ref": "#/components/schemas/SwaApplicationSettingsApplication"
    }
  },
  "x-okta-tags": [
    "Application"
  ],
  "x-okta-parent": "#/definitions/ApplicationSettings"
}
object SwaApplicationSettingsApplication 
{
  "properties": {
    "url": {
      "type": "string"
    },
    "checkbox": {
      "type": "string"
    },
    "buttonField": {
      "type": "string"
    },
    "redirectUrl": {
      "type": "string"
    },
    "loginUrlRegex": {
      "type": "string"
    },
    "passwordField": {
      "type": "string"
    },
    "usernameField": {
      "type": "string"
    }
  },
  "x-okta-tags": [
    "Application"
  ],
  "x-okta-parent": "#/definitions/ApplicationSettingsApplication"
}
object SwaThreeFieldApplication 
{
  "properties": {
    "name": {
      "default": "template_swa3field"
    },
    "settings": {
      "$ref": "#/components/schemas/SwaThreeFieldApplicationSettings"
    }
  },
  "x-okta-tags": [
    "Application"
  ],
  "x-okta-parent": "#/definitions/BrowserPluginApplication",
  "x-okta-defined-as": {
    "name": "template_swa3field"
  }
}
object SwaThreeFieldApplicationSettings 
{
  "properties": {
    "app": {
      "$ref": "#/components/schemas/SwaThreeFieldApplicationSettingsApplication"
    }
  },
  "x-okta-tags": [
    "Application"
  ],
  "x-okta-parent": "#/definitions/ApplicationSettings"
}
object SwaThreeFieldApplicationSettingsApplication 
{
  "properties": {
    "targetURL": {
      "type": "string"
    },
    "loginUrlRegex": {
      "type": "string"
    },
    "buttonSelector": {
      "type": "string"
    },
    "extraFieldValue": {
      "type": "string"
    },
    "passwordSelector": {
      "type": "string"
    },
    "userNameSelector": {
      "type": "string"
    },
    "extraFieldSelector": {
      "type": "string"
    }
  },
  "x-okta-tags": [
    "Application"
  ],
  "x-okta-parent": "#/definitions/ApplicationSettingsApplication"
}
object TempPassword 
{
  "properties": {
    "tempPassword": {
      "type": "string",
      "readOnly": true
    }
  },
  "x-okta-tags": [
    "User"
  ]
}
array TemplateEnumerateSmsTemplatesResponse 
{
  "type": "array",
  "items": {
    "$ref": "#/components/schemas/SmsTemplate"
  }
}
object Theme 
{
  "properties": {
    "_links": {
      "type": "object",
      "readOnly": true,
      "additionalProperties": {
        "type": "object"
      }
    },
    "backgroundImage": {
      "type": "string",
      "readOnly": true
    },
    "primaryColorHex": {
      "type": "string"
    },
    "secondaryColorHex": {
      "type": "string"
    },
    "primaryColorContrastHex": {
      "type": "string"
    },
    "secondaryColorContrastHex": {
      "type": "string"
    },
    "errorPageTouchPointVariant": {
      "$ref": "#/components/schemas/ErrorPageTouchPointVariant"
    },
    "signInPageTouchPointVariant": {
      "$ref": "#/components/schemas/SignInPageTouchPointVariant"
    },
    "emailTemplateTouchPointVariant": {
      "$ref": "#/components/schemas/EmailTemplateTouchPointVariant"
    },
    "endUserDashboardTouchPointVariant": {
      "$ref": "#/components/schemas/EndUserDashboardTouchPointVariant"
    }
  },
  "x-okta-crud": [
    {
      "alias": "read",
      "operationId": "getBrandTheme"
    },
    {
      "alias": "update",
      "operationId": "updateBrandTheme"
    }
  ],
  "x-okta-tags": [
    "Brand"
  ],
  "x-okta-operations": [
    {
      "alias": "uploadBrandThemeLogo",
      "operationId": "uploadBrandThemeLogo"
    },
    {
      "alias": "deleteBrandThemeLogo",
      "operationId": "deleteBrandThemeLogo"
    },
    {
      "alias": "updateBrandThemeFavicon",
      "operationId": "uploadBrandThemeFavicon"
    },
    {
      "alias": "deleteBrandThemeFavicon",
      "operationId": "deleteBrandThemeFavicon"
    },
    {
      "alias": "updateBrandThemeBackgroundImage",
      "operationId": "uploadBrandThemeBackgroundImage"
    },
    {
      "alias": "deleteBrandThemeBackgroundImage",
      "operationId": "deleteBrandThemeBackgroundImage"
    }
  ]
}
object ThemeResponse 
{
  "properties": {
    "id": {
      "type": "string",
      "readOnly": true
    },
    "logo": {
      "type": "string",
      "readOnly": true
    },
    "_links": {
      "type": "object",
      "readOnly": true,
      "additionalProperties": {
        "type": "object"
      }
    },
    "favicon": {
      "type": "string",
      "readOnly": true
    },
    "backgroundImage": {
      "type": "string",
      "readOnly": true
    },
    "primaryColorHex": {
      "type": "string"
    },
    "secondaryColorHex": {
      "type": "string"
    },
    "primaryColorContrastHex": {
      "type": "string"
    },
    "secondaryColorContrastHex": {
      "type": "string"
    },
    "errorPageTouchPointVariant": {
      "$ref": "#/components/schemas/ErrorPageTouchPointVariant"
    },
    "signInPageTouchPointVariant": {
      "$ref": "#/components/schemas/SignInPageTouchPointVariant"
    },
    "emailTemplateTouchPointVariant": {
      "$ref": "#/components/schemas/EmailTemplateTouchPointVariant"
    },
    "endUserDashboardTouchPointVariant": {
      "$ref": "#/components/schemas/EndUserDashboardTouchPointVariant"
    }
  },
  "x-okta-tags": [
    "Brand"
  ]
}
object ThreatInsightConfiguration 
{
  "properties": {
    "_links": {
      "type": "object",
      "readOnly": true,
      "additionalProperties": {
        "type": "object"
      }
    },
    "action": {
      "type": "string"
    },
    "created": {
      "type": "string",
      "format": "date-time",
      "readOnly": true
    },
    "lastUpdated": {
      "type": "string",
      "format": "date-time",
      "readOnly": true
    },
    "excludeZones": {
      "type": "array",
      "items": {
        "type": "string"
      }
    }
  },
  "x-okta-crud": [
    {
      "alias": "read",
      "arguments": [],
      "operationId": "getCurrentConfiguration"
    },
    {
      "alias": "update",
      "arguments": [
        {
          "dest": "threatInsightConfiguration",
          "self": true
        }
      ],
      "operationId": "updateConfiguration"
    }
  ],
  "x-okta-tags": [
    "ThreatInsight"
  ]
}
object TokenAuthorizationServerPolicyRuleAction 
{
  "type": "object",
  "properties": {
    "inlineHook": {
      "$ref": "#/components/schemas/TokenAuthorizationServerPolicyRuleActionInlineHook"
    },
    "refreshTokenWindowMinutes": {
      "type": "integer"
    },
    "accessTokenLifetimeMinutes": {
      "type": "integer"
    },
    "refreshTokenLifetimeMinutes": {
      "type": "integer"
    }
  },
  "x-okta-tags": [
    "AuthorizationServerPolicy"
  ]
}
object TokenAuthorizationServerPolicyRuleActionInlineHook 
{
  "type": "object",
  "properties": {
    "id": {
      "type": "string"
    }
  },
  "x-okta-tags": [
    "AuthorizationServerPolicy"
  ]
}
object TokenUserFactor 
{
  "properties": {
    "profile": {
      "$ref": "#/components/schemas/TokenUserFactorProfile"
    }
  },
  "x-okta-tags": [
    "UserFactor"
  ],
  "x-okta-parent": "#/definitions/UserFactor"
}
object TokenUserFactorProfile 
{
  "properties": {
    "credentialId": {
      "type": "string"
    }
  },
  "x-okta-tags": [
    "UserFactor"
  ]
}
object TotpUserFactor 
{
  "properties": {
    "profile": {
      "$ref": "#/components/schemas/TotpUserFactorProfile"
    }
  },
  "x-okta-tags": [
    "UserFactor"
  ],
  "x-okta-parent": "#/definitions/UserFactor"
}
object TotpUserFactorProfile 
{
  "properties": {
    "credentialId": {
      "type": "string"
    }
  },
  "x-okta-tags": [
    "UserFactor"
  ]
}
object TrustedOrigin 
{
  "type": "object",
  "properties": {
    "id": {
      "type": "string",
      "readOnly": true
    },
    "name": {
      "type": "string"
    },
    "_links": {
      "type": "object",
      "readOnly": true,
      "additionalProperties": {
        "type": "object"
      }
    },
    "origin": {
      "type": "string"
    },
    "scopes": {
      "type": "array",
      "items": {
        "$ref": "#/components/schemas/Scope"
      }
    },
    "status": {
      "type": "string"
    },
    "created": {
      "type": "string",
      "format": "date-time",
      "readOnly": true
    },
    "createdBy": {
      "type": "string"
    },
    "lastUpdated": {
      "type": "string",
      "format": "date-time",
      "readOnly": true
    },
    "lastUpdatedBy": {
      "type": "string"
    }
  },
  "x-okta-crud": [
    {
      "alias": "create",
      "arguments": [
        {
          "dest": "trustedOrigin",
          "self": true
        }
      ],
      "operationId": "createOrigin"
    },
    {
      "alias": "read",
      "arguments": [],
      "operationId": "getOrigin"
    },
    {
      "alias": "update",
      "arguments": [
        {
          "src": "id",
          "dest": "trustedOriginId"
        },
        {
          "dest": "trustedOrigin",
          "self": true
        }
      ],
      "operationId": "updateOrigin"
    },
    {
      "alias": "delete",
      "arguments": [
        {
          "src": "id",
          "dest": "trustedOriginId"
        }
      ],
      "operationId": "deleteOrigin"
    }
  ],
  "x-okta-tags": [
    "TrustedOrigin"
  ]
}
array TrustedOriginGetListResponse 
{
  "type": "array",
  "items": {
    "$ref": "#/components/schemas/TrustedOrigin"
  }
}
object U2fUserFactor 
{
  "properties": {
    "profile": {
      "$ref": "#/components/schemas/U2fUserFactorProfile"
    }
  },
  "x-okta-tags": [
    "UserFactor"
  ],
  "x-okta-parent": "#/definitions/UserFactor"
}
object U2fUserFactorProfile 
{
  "properties": {
    "credentialId": {
      "type": "string"
    }
  },
  "x-okta-tags": [
    "UserFactor"
  ]
}
object User 
{
  "type": "object",
  "properties": {
    "id": {
      "type": "string",
      "readOnly": true
    },
    "type": {
      "$ref": "#/components/schemas/UserType"
    },
    "_links": {
      "type": "object",
      "readOnly": true,
      "additionalProperties": {
        "type": "object"
      }
    },
    "status": {
      "$ref": "#/components/schemas/UserStatus"
    },
    "created": {
      "type": "string",
      "format": "date-time",
      "readOnly": true
    },
    "profile": {
      "$ref": "#/components/schemas/UserProfile"
    },
    "_embedded": {
      "type": "object",
      "readOnly": true,
      "additionalProperties": {
        "type": "object"
      }
    },
    "activated": {
      "type": "string",
      "format": "date-time",
      "readOnly": true
    },
    "lastLogin": {
      "type": "string",
      "format": "date-time",
      "readOnly": true
    },
    "credentials": {
      "$ref": "#/components/schemas/UserCredentials"
    },
    "lastUpdated": {
      "type": "string",
      "format": "date-time",
      "readOnly": true
    },
    "statusChanged": {
      "type": "string",
      "format": "date-time",
      "readOnly": true
    },
    "passwordChanged": {
      "type": "string",
      "format": "date-time",
      "readOnly": true
    },
    "transitioningToStatus": {
      "$ref": "#/components/schemas/UserStatus"
    }
  },
  "x-okta-crud": [
    {
      "alias": "create",
      "arguments": [
        {
          "dest": "user",
          "self": true
        }
      ],
      "operationId": "createUser"
    },
    {
      "alias": "read",
      "arguments": [],
      "operationId": "getUser"
    },
    {
      "alias": "update",
      "arguments": [
        {
          "src": "id",
          "dest": "userId"
        },
        {
          "dest": "user",
          "self": true
        }
      ],
      "operationId": "updateUser"
    },
    {
      "alias": "delete",
      "arguments": [
        {
          "src": "id",
          "dest": "userId"
        },
        {
          "dest": "user",
          "self": true
        }
      ],
      "operationId": "deactivateOrDeleteUser"
    }
  ],
  "x-okta-tags": [
    "User"
  ],
  "x-okta-operations": [
    {
      "alias": "listAppLinks",
      "arguments": [
        {
          "src": "id",
          "dest": "userId"
        }
      ],
      "operationId": "listAppLinks"
    },
    {
      "alias": "changePassword",
      "arguments": [
        {
          "src": "id",
          "dest": "userId"
        }
      ],
      "operationId": "changePassword"
    },
    {
      "alias": "changeRecoveryQuestion",
      "arguments": [
        {
          "src": "id",
          "dest": "userId"
        }
      ],
      "operationId": "changeRecoveryQuestion"
    },
    {
      "alias": "forgotPasswordSetNewPassword",
      "arguments": [
        {
          "src": "id",
          "dest": "userId"
        }
      ],
      "operationId": "forgotPasswordSetNewPassword"
    },
    {
      "alias": "forgotPasswordGenerateOneTimeToken",
      "arguments": [
        {
          "src": "id",
          "dest": "userId"
        }
      ],
      "operationId": "forgotPasswordGenerateOneTimeToken"
    },
    {
      "alias": "assignRole",
      "arguments": [
        {
          "src": "id",
          "dest": "userId"
        }
      ],
      "operationId": "assignRoleToUser"
    },
    {
      "alias": "getRole",
      "arguments": [
        {
          "src": "id",
          "dest": "userId"
        }
      ],
      "operationId": "getUserRole"
    },
    {
      "alias": "removeRole",
      "arguments": [
        {
          "src": "id",
          "dest": "userId"
        }
      ],
      "operationId": "removeRoleFromUser"
    },
    {
      "alias": "listGroupTargets",
      "arguments": [
        {
          "src": "id",
          "dest": "userId"
        }
      ],
      "operationId": "listGroupTargetsForRole"
    },
    {
      "alias": "removeGroupTarget",
      "arguments": [
        {
          "src": "id",
          "dest": "userId"
        }
      ],
      "operationId": "removeGroupTargetFromRole"
    },
    {
      "alias": "addGroupTarget",
      "arguments": [
        {
          "src": "id",
          "dest": "userId"
        }
      ],
      "operationId": "addGroupTargetToRole"
    },
    {
      "alias": "listAssignedRoles",
      "arguments": [
        {
          "src": "id",
          "dest": "userId"
        }
      ],
      "operationId": "listAssignedRolesForUser"
    },
    {
      "alias": "addAllAppsAsTarget",
      "arguments": [
        {
          "src": "id",
          "dest": "userId"
        }
      ],
      "operationId": "addAllAppsAsTargetToRole"
    },
    {
      "alias": "listGroups",
      "arguments": [
        {
          "src": "id",
          "dest": "userId"
        }
      ],
      "operationId": "listUserGroups"
    },
    {
      "alias": "listGrants",
      "arguments": [
        {
          "src": "id",
          "dest": "userId"
        }
      ],
      "operationId": "listUserGrants"
    },
    {
      "alias": "revokeGrants",
      "arguments": [
        {
          "src": "id",
          "dest": "userId"
        }
      ],
      "operationId": "revokeUserGrants"
    },
    {
      "alias": "revokeGrant",
      "arguments": [
        {
          "src": "id",
          "dest": "userId"
        }
      ],
      "operationId": "revokeUserGrant"
    },
    {
      "alias": "revokeGrantsForUserAndClient",
      "arguments": [
        {
          "src": "id",
          "dest": "userId"
        }
      ],
      "operationId": "revokeGrantsForUserAndClient"
    },
    {
      "alias": "listRefreshTokensForUserAndClient",
      "arguments": [
        {
          "src": "id",
          "dest": "userId"
        }
      ],
      "operationId": "listRefreshTokensForUserAndClient"
    },
    {
      "alias": "revokeTokenForUserAndClient",
      "arguments": [
        {
          "src": "id",
          "dest": "userId"
        }
      ],
      "operationId": "revokeTokenForUserAndClient"
    },
    {
      "alias": "getRefreshTokenForUserAndClient",
      "arguments": [
        {
          "src": "id",
          "dest": "userId"
        }
      ],
      "operationId": "getRefreshTokenForUserAndClient"
    },
    {
      "alias": "revokeTokensForUserAndClient",
      "arguments": [
        {
          "src": "id",
          "dest": "userId"
        }
      ],
      "operationId": "revokeTokensForUserAndClient"
    },
    {
      "alias": "listClients",
      "arguments": [
        {
          "src": "id",
          "dest": "userId"
        }
      ],
      "operationId": "listUserClients"
    },
    {
      "alias": "activate",
      "arguments": [
        {
          "src": "id",
          "dest": "userId"
        }
      ],
      "operationId": "activateUser"
    },
    {
      "alias": "reactivate",
      "arguments": [
        {
          "src": "id",
          "dest": "userId"
        }
      ],
      "operationId": "reactivateUser"
    },
    {
      "alias": "deactivate",
      "arguments": [
        {
          "src": "id",
          "dest": "userId"
        }
      ],
      "operationId": "deactivateUser"
    },
    {
      "alias": "suspend",
      "arguments": [
        {
          "src": "id",
          "dest": "userId"
        }
      ],
      "operationId": "suspendUser"
    },
    {
      "alias": "unsuspend",
      "arguments": [
        {
          "src": "id",
          "dest": "userId"
        }
      ],
      "operationId": "unsuspendUser"
    },
    {
      "alias": "resetPassword",
      "arguments": [
        {
          "src": "id",
          "dest": "userId"
        }
      ],
      "operationId": "resetPassword"
    },
    {
      "alias": "expirePassword",
      "arguments": [
        {
          "src": "id",
          "dest": "userId"
        }
      ],
      "operationId": "expirePassword"
    },
    {
      "alias": "expirePasswordAndGetTemporaryPassword",
      "arguments": [
        {
          "src": "id",
          "dest": "userId"
        }
      ],
      "operationId": "expirePasswordAndGetTemporaryPassword"
    },
    {
      "alias": "unlock",
      "arguments": [
        {
          "src": "id",
          "dest": "userId"
        }
      ],
      "operationId": "unlockUser"
    },
    {
      "alias": "resetFactors",
      "arguments": [
        {
          "src": "id",
          "dest": "userId"
        }
      ],
      "operationId": "resetFactors"
    },
    {
      "alias": "deleteFactor",
      "arguments": [
        {
          "src": "id",
          "dest": "userId"
        }
      ],
      "operationId": "deleteFactor"
    },
    {
      "alias": "addToGroup",
      "arguments": [
        {
          "src": "id",
          "dest": "userId"
        }
      ],
      "description": "Adds a user to a group with 'OKTA_GROUP' type",
      "operationId": "addUserToGroup"
    },
    {
      "alias": "enrollFactor",
      "arguments": [
        {
          "src": "id",
          "dest": "userId"
        }
      ],
      "operationId": "enrollFactor"
    },
    {
      "alias": "listSupportedFactors",
      "arguments": [
        {
          "src": "id",
          "dest": "userId"
        }
      ],
      "operationId": "listSupportedFactors"
    },
    {
      "alias": "listFactors",
      "arguments": [
        {
          "src": "id",
          "dest": "userId"
        }
      ],
      "operationId": "listFactors"
    },
    {
      "alias": "listSupportedSecurityQuestions",
      "arguments": [
        {
          "src": "id",
          "dest": "userId"
        }
      ],
      "operationId": "listSupportedSecurityQuestions"
    },
    {
      "alias": "getFactor",
      "arguments": [
        {
          "src": "id",
          "dest": "userId"
        }
      ],
      "operationId": "getFactor"
    },
    {
      "alias": "setLinkedObject",
      "arguments": [
        {
          "src": "id",
          "dest": "associatedUserId"
        }
      ],
      "operationId": "setLinkedObjectForUser"
    },
    {
      "alias": "listIdentityProviders",
      "arguments": [
        {
          "src": "id",
          "dest": "userId"
        }
      ],
      "operationId": "listUserIdentityProviders"
    },
    {
      "alias": "getLinkedObjects",
      "arguments": [
        {
          "src": "id",
          "dest": "userId"
        }
      ],
      "operationId": "getLinkedObjectsForUser"
    },
    {
      "alias": "clearSessions",
      "arguments": [
        {
          "src": "id",
          "dest": "userId"
        }
      ],
      "operationId": "clearUserSessions"
    },
    {
      "alias": "removeLinkedObject",
      "arguments": [
        {
          "src": "id",
          "dest": "userId"
        }
      ],
      "operationId": "removeLinkedObjectForUser"
    }
  ]
}
object UserActivationToken 
{
  "type": "object",
  "properties": {
    "activationUrl": {
      "type": "string",
      "readOnly": true
    },
    "activationToken": {
      "type": "string",
      "readOnly": true
    }
  },
  "x-okta-tags": [
    "User"
  ]
}
object UserCondition 
{
  "properties": {
    "exclude": {
      "type": "array",
      "items": {
        "type": "string"
      }
    },
    "include": {
      "type": "array",
      "items": {
        "type": "string"
      }
    }
  },
  "x-okta-tags": [
    "Policy"
  ]
}
object UserCredentials 
{
  "type": "object",
  "properties": {
    "password": {
      "$ref": "#/components/schemas/PasswordCredential"
    },
    "provider": {
      "$ref": "#/components/schemas/AuthenticationProvider"
    },
    "recovery_question": {
      "$ref": "#/components/schemas/RecoveryQuestionCredential"
    }
  },
  "x-okta-tags": [
    "User"
  ]
}
object UserFactor 
{
  "type": "object",
  "properties": {
    "id": {
      "type": "string",
      "readOnly": true
    },
    "_links": {
      "type": "object",
      "readOnly": true,
      "additionalProperties": {
        "type": "object"
      }
    },
    "status": {
      "$ref": "#/components/schemas/FactorStatus"
    },
    "verify": {
      "$ref": "#/components/schemas/VerifyFactorRequest"
    },
    "created": {
      "type": "string",
      "format": "date-time",
      "readOnly": true
    },
    "provider": {
      "$ref": "#/components/schemas/FactorProvider"
    },
    "_embedded": {
      "type": "object",
      "readOnly": true,
      "additionalProperties": {
        "type": "object"
      }
    },
    "factorType": {
      "$ref": "#/components/schemas/FactorType"
    },
    "lastUpdated": {
      "type": "string",
      "format": "date-time",
      "readOnly": true
    }
  },
  "x-okta-crud": [
    {
      "alias": "delete",
      "arguments": [
        {
          "src": "id",
          "dest": "factorId"
        },
        {
          "dest": "userId",
          "parentSrc": "id"
        }
      ],
      "operationId": "deleteFactor"
    }
  ],
  "x-okta-tags": [
    "UserFactor"
  ],
  "x-okta-operations": [
    {
      "alias": "activate",
      "arguments": [
        {
          "src": "id",
          "dest": "factorId"
        },
        {
          "dest": "userId",
          "parentSrc": "id"
        }
      ],
      "operationId": "activateFactor"
    },
    {
      "alias": "verify",
      "arguments": [
        {
          "src": "id",
          "dest": "factorId"
        },
        {
          "dest": "userId",
          "parentSrc": "id"
        }
      ],
      "operationId": "verifyFactor"
    }
  ],
  "x-openapi-v3-discriminator": {
    "mapping": {
      "sms": "#/definitions/SmsUserFactor",
      "u2f": "#/definitions/U2fUserFactor",
      "web": "#/definitions/WebUserFactor",
      "call": "#/definitions/CallUserFactor",
      "hotp": "#/definitions/CustomHotpUserFactor",
      "push": "#/definitions/PushUserFactor",
      "email": "#/definitions/EmailUserFactor",
      "token": "#/definitions/TokenUserFactor",
      "question": "#/definitions/SecurityQuestionUserFactor",
      "webauthn": "#/definitions/WebAuthnUserFactor",
      "token:hotp": "#/definitions/CustomHotpUserFactor",
      "token:hardware": "#/definitions/HardwareUserFactor",
      "token:software:totp": "#/definitions/TotpUserFactor"
    },
    "propertyName": "factorType"
  }
}
array UserFactorEnumerateEnrolledResponse 
{
  "type": "array",
  "items": {
    "$ref": "#/components/schemas/UserFactor"
  }
}
array UserFactorEnumerateSecurityQuestionsResponse 
{
  "type": "array",
  "items": {
    "$ref": "#/components/schemas/SecurityQuestion"
  }
}
array UserFactorEnumerateSupportedFactorsResponse 
{
  "type": "array",
  "items": {
    "$ref": "#/components/schemas/UserFactor"
  }
}
array UserGetLinkedObjectsResponse 
{
  "type": "array",
  "items": {
    "$ref": "#/components/schemas/ResponseLinks"
  }
}
array UserGetMemberGroupsResponse 
{
  "type": "array",
  "items": {
    "$ref": "#/components/schemas/Group"
  }
}
object UserIdString 
{
  "type": "object",
  "properties": {
    "userId": {
      "type": "string"
    }
  },
  "x-okta-tags": [
    "Org"
  ],
  "x-okta-parent": "#/definitions/OrgContactUser"
}
object UserIdentifierConditionEvaluatorPattern 
{
  "type": "object",
  "properties": {
    "value": {
      "type": "string"
    },
    "matchType": {
      "enum": [
        "SUFFIX",
        "EXPRESSION",
        "STARTS_WITH",
        "EQUALS",
        "CONTAINS"
      ],
      "type": "string"
    }
  },
  "x-okta-tags": [
    "Policy"
  ]
}
object UserIdentifierPolicyRuleCondition 
{
  "type": "object",
  "properties": {
    "type": {
      "enum": [
        "IDENTIFIER",
        "ATTRIBUTE"
      ],
      "type": "string"
    },
    "patterns": {
      "type": "array",
      "items": {
        "$ref": "#/components/schemas/UserIdentifierConditionEvaluatorPattern"
      }
    },
    "attribute": {
      "type": "string"
    }
  },
  "x-okta-tags": [
    "Policy"
  ]
}
object UserIdentityProviderLinkRequest 
{
  "type": "object",
  "properties": {
    "externalId": {
      "type": "string"
    }
  },
  "x-okta-tags": [
    "Policy"
  ]
}
object UserLifecycleAttributePolicyRuleCondition 
{
  "type": "object",
  "properties": {
    "attributeName": {
      "type": "string"
    },
    "matchingValue": {
      "type": "string"
    }
  },
  "x-okta-tags": [
    "Policy"
  ]
}
array UserListActiveUsersResponse 
{
  "type": "array",
  "items": {
    "$ref": "#/components/schemas/User"
  }
}
array UserListAppTargetsForRoleResponse 
{
  "type": "array",
  "items": {
    "$ref": "#/components/schemas/CatalogApplication"
  }
}
array UserListAssignedAppLinksResponse 
{
  "type": "array",
  "items": {
    "$ref": "#/components/schemas/AppLink"
  }
}
array UserListAssignedRolesResponse 
{
  "type": "array",
  "items": {
    "$ref": "#/components/schemas/Role"
  }
}
array UserListClientsResponse 
{
  "type": "array",
  "items": {
    "$ref": "#/components/schemas/OAuth2Client"
  }
}
array UserListGrantsForClientResponse 
{
  "type": "array",
  "items": {
    "$ref": "#/components/schemas/OAuth2ScopeConsentGrant"
  }
}
array UserListGrantsResponse 
{
  "type": "array",
  "items": {
    "$ref": "#/components/schemas/OAuth2ScopeConsentGrant"
  }
}
array UserListIdpsForUserResponse 
{
  "type": "array",
  "items": {
    "$ref": "#/components/schemas/IdentityProvider"
  }
}
array UserListRefreshTokensForUserAndClientResponse 
{
  "type": "array",
  "items": {
    "$ref": "#/components/schemas/OAuth2RefreshToken"
  }
}
array UserListRoleTargetsGroupsResponse 
{
  "type": "array",
  "items": {
    "$ref": "#/components/schemas/Group"
  }
}
array UserListSubscriptionsResponse 
{
  "type": "array",
  "items": {
    "$ref": "#/components/schemas/Subscription"
  }
}
string UserNextLogin 
{
  "enum": [
    "changePassword"
  ],
  "type": "string",
  "x-okta-tags": [
    "User"
  ]
}
object UserPolicyRuleCondition 
{
  "type": "object",
  "properties": {
    "exclude": {
      "type": "array",
      "items": {
        "type": "string"
      }
    },
    "include": {
      "type": "array",
      "items": {
        "type": "string"
      }
    },
    "inactivity": {
      "$ref": "#/components/schemas/InactivityPolicyRuleCondition"
    },
    "passwordExpiration": {
      "$ref": "#/components/schemas/PasswordExpirationPolicyRuleCondition"
    },
    "lifecycleExpiration": {
      "$ref": "#/components/schemas/LifecycleExpirationPolicyRuleCondition"
    },
    "userLifecycleAttribute": {
      "$ref": "#/components/schemas/UserLifecycleAttributePolicyRuleCondition"
    }
  },
  "x-okta-tags": [
    "Policy"
  ]
}
object UserProfile 
{
  "type": "object",
  "properties": {
    "city": {
      "type": "string"
    },
    "email": {
      "type": "string"
    },
    "login": {
      "type": "string"
    },
    "state": {
      "type": "string"
    },
    "title": {
      "type": "string"
    },
    "locale": {
      "type": "string"
    },
    "manager": {
      "type": "string"
    },
    "zipCode": {
      "type": "string"
    },
    "division": {
      "type": "string"
    },
    "lastName": {
      "type": "string"
    },
    "nickName": {
      "type": "string"
    },
    "timezone": {
      "type": "string"
    },
    "userType": {
      "type": "string"
    },
    "firstName": {
      "type": "string"
    },
    "managerId": {
      "type": "string"
    },
    "costCenter": {
      "type": "string"
    },
    "department": {
      "type": "string"
    },
    "middleName": {
      "type": "string"
    },
    "profileUrl": {
      "type": "string"
    },
    "countryCode": {
      "type": "string"
    },
    "displayName": {
      "type": "string"
    },
    "mobilePhone": {
      "type": "string"
    },
    "secondEmail": {
      "type": "string"
    },
    "organization": {
      "type": "string"
    },
    "primaryPhone": {
      "type": "string"
    },
    "postalAddress": {
      "type": "string"
    },
    "streetAddress": {
      "type": "string"
    },
    "employeeNumber": {
      "type": "string"
    },
    "honorificPrefix": {
      "type": "string"
    },
    "honorificSuffix": {
      "type": "string"
    },
    "preferredLanguage": {
      "type": "string"
    }
  },
  "x-okta-tags": [
    "User"
  ],
  "x-okta-extensible": true
}
object UserSchema 
{
  "type": "object",
  "properties": {
    "id": {
      "type": "string",
      "readOnly": true
    },
    "name": {
      "type": "string",
      "readOnly": true
    },
    "type": {
      "type": "string",
      "readOnly": true
    },
    "title": {
      "type": "string"
    },
    "_links": {
      "type": "object",
      "readOnly": true,
      "additionalProperties": {
        "type": "object"
      }
    },
    "$schema": {
      "type": "string",
      "readOnly": true
    },
    "created": {
      "type": "string",
      "readOnly": true
    },
    "properties": {
      "$ref": "#/components/schemas/UserSchemaProperties"
    },
    "definitions": {
      "$ref": "#/components/schemas/UserSchemaDefinitions"
    },
    "lastUpdated": {
      "type": "string",
      "readOnly": true
    }
  },
  "x-okta-tags": [
    "UserSchema"
  ]
}
object UserSchemaAttribute 
{
  "type": "object",
  "properties": {
    "enum": {
      "type": "array",
      "items": {
        "type": "string"
      }
    },
    "type": {
      "$ref": "#/components/schemas/UserSchemaAttributeType"
    },
    "items": {
      "$ref": "#/components/schemas/UserSchemaAttributeItems"
    },
    "oneOf": {
      "type": "array",
      "items": {
        "$ref": "#/components/schemas/UserSchemaAttributeEnum"
      }
    },
    "scope": {
      "$ref": "#/components/schemas/UserSchemaAttributeScope"
    },
    "title": {
      "type": "string"
    },
    "union": {
      "$ref": "#/components/schemas/UserSchemaAttributeUnion"
    },
    "master": {
      "$ref": "#/components/schemas/UserSchemaAttributeMaster"
    },
    "unique": {
      "type": "string"
    },
    "pattern": {
      "type": "string"
    },
    "required": {
      "type": "boolean"
    },
    "maxLength": {
      "type": "integer"
    },
    "minLength": {
      "type": "integer"
    },
    "mutability": {
      "type": "string"
    },
    "description": {
      "type": "string"
    },
    "permissions": {
      "type": "array",
      "items": {
        "$ref": "#/components/schemas/UserSchemaAttributePermission"
      }
    },
    "externalName": {
      "type": "string"
    },
    "externalNamespace": {
      "type": "string"
    }
  },
  "x-okta-tags": [
    "UserSchema"
  ]
}
object UserSchemaAttributeEnum 
{
  "type": "object",
  "properties": {
    "const": {
      "type": "string"
    },
    "title": {
      "type": "string"
    }
  },
  "x-okta-tags": [
    "UserSchema"
  ]
}
object UserSchemaAttributeItems 
{
  "type": "object",
  "properties": {
    "enum": {
      "type": "array",
      "items": {
        "type": "string"
      }
    },
    "type": {
      "type": "string"
    },
    "oneOf": {
      "type": "array",
      "items": {
        "$ref": "#/components/schemas/UserSchemaAttributeEnum"
      }
    }
  },
  "x-okta-tags": [
    "UserSchema"
  ]
}
object UserSchemaAttributeMaster 
{
  "type": "object",
  "properties": {
    "type": {
      "$ref": "#/components/schemas/UserSchemaAttributeMasterType"
    },
    "priority": {
      "type": "array",
      "items": {
        "$ref": "#/components/schemas/UserSchemaAttributeMasterPriority"
      }
    }
  },
  "x-okta-tags": [
    "UserSchema"
  ]
}
object UserSchemaAttributeMasterPriority 
{
  "type": "object",
  "properties": {
    "type": {
      "type": "string"
    },
    "value": {
      "type": "string"
    }
  },
  "x-okta-tags": [
    "UserSchema"
  ]
}
string UserSchemaAttributeMasterType 
{
  "enum": [
    "PROFILE_MASTER",
    "OKTA",
    "OVERRIDE"
  ],
  "type": "string",
  "x-okta-tags": [
    "UserSchema"
  ]
}
object UserSchemaAttributePermission 
{
  "type": "object",
  "properties": {
    "action": {
      "type": "string"
    },
    "principal": {
      "type": "string"
    }
  },
  "x-okta-tags": [
    "UserSchema"
  ]
}
object UserSchemaAttributeScope 
{
  "enum": [
    "SELF",
    "NONE"
  ],
  "type": "object",
  "x-okta-tags": [
    "UserSchema"
  ]
}
string UserSchemaAttributeType 
{
  "enum": [
    "string",
    "boolean",
    "number",
    "integer",
    "array"
  ],
  "type": "string",
  "x-okta-tags": [
    "UserSchema"
  ]
}
object UserSchemaAttributeUnion 
{
  "enum": [
    "DISABLE",
    "ENABLE"
  ],
  "type": "object",
  "x-okta-tags": [
    "UserSchema"
  ]
}
object UserSchemaBase 
{
  "type": "object",
  "properties": {
    "id": {
      "type": "string",
      "readOnly": true
    },
    "type": {
      "type": "string"
    },
    "required": {
      "type": "array",
      "items": {
        "type": "string"
      }
    },
    "properties": {
      "$ref": "#/components/schemas/UserSchemaBaseProperties"
    }
  },
  "x-okta-tags": [
    "UserSchema"
  ]
}
object UserSchemaBaseProperties 
{
  "type": "object",
  "properties": {
    "city": {
      "$ref": "#/components/schemas/UserSchemaAttribute"
    },
    "email": {
      "$ref": "#/components/schemas/UserSchemaAttribute"
    },
    "login": {
      "$ref": "#/components/schemas/UserSchemaAttribute"
    },
    "state": {
      "$ref": "#/components/schemas/UserSchemaAttribute"
    },
    "title": {
      "$ref": "#/components/schemas/UserSchemaAttribute"
    },
    "locale": {
      "$ref": "#/components/schemas/UserSchemaAttribute"
    },
    "manager": {
      "$ref": "#/components/schemas/UserSchemaAttribute"
    },
    "zipCode": {
      "$ref": "#/components/schemas/UserSchemaAttribute"
    },
    "division": {
      "$ref": "#/components/schemas/UserSchemaAttribute"
    },
    "lastName": {
      "$ref": "#/components/schemas/UserSchemaAttribute"
    },
    "nickName": {
      "$ref": "#/components/schemas/UserSchemaAttribute"
    },
    "timezone": {
      "$ref": "#/components/schemas/UserSchemaAttribute"
    },
    "userType": {
      "$ref": "#/components/schemas/UserSchemaAttribute"
    },
    "firstName": {
      "$ref": "#/components/schemas/UserSchemaAttribute"
    },
    "managerId": {
      "$ref": "#/components/schemas/UserSchemaAttribute"
    },
    "costCenter": {
      "$ref": "#/components/schemas/UserSchemaAttribute"
    },
    "department": {
      "$ref": "#/components/schemas/UserSchemaAttribute"
    },
    "middleName": {
      "$ref": "#/components/schemas/UserSchemaAttribute"
    },
    "profileUrl": {
      "$ref": "#/components/schemas/UserSchemaAttribute"
    },
    "countryCode": {
      "$ref": "#/components/schemas/UserSchemaAttribute"
    },
    "displayName": {
      "$ref": "#/components/schemas/UserSchemaAttribute"
    },
    "mobilePhone": {
      "$ref": "#/components/schemas/UserSchemaAttribute"
    },
    "secondEmail": {
      "$ref": "#/components/schemas/UserSchemaAttribute"
    },
    "organization": {
      "$ref": "#/components/schemas/UserSchemaAttribute"
    },
    "primaryPhone": {
      "$ref": "#/components/schemas/UserSchemaAttribute"
    },
    "postalAddress": {
      "$ref": "#/components/schemas/UserSchemaAttribute"
    },
    "streetAddress": {
      "$ref": "#/components/schemas/UserSchemaAttribute"
    },
    "employeeNumber": {
      "$ref": "#/components/schemas/UserSchemaAttribute"
    },
    "honorificPrefix": {
      "$ref": "#/components/schemas/UserSchemaAttribute"
    },
    "honorificSuffix": {
      "$ref": "#/components/schemas/UserSchemaAttribute"
    },
    "preferredLanguage": {
      "$ref": "#/components/schemas/UserSchemaAttribute"
    }
  },
  "x-okta-tags": [
    "UserSchema"
  ]
}
object UserSchemaDefinitions 
{
  "type": "object",
  "properties": {
    "base": {
      "$ref": "#/components/schemas/UserSchemaBase"
    },
    "custom": {
      "$ref": "#/components/schemas/UserSchemaPublic"
    }
  },
  "x-okta-tags": [
    "UserSchema"
  ]
}
object UserSchemaProperties 
{
  "type": "object",
  "properties": {
    "profile": {
      "$ref": "#/components/schemas/UserSchemaPropertiesProfile"
    }
  },
  "x-okta-tags": [
    "UserSchema"
  ]
}
object UserSchemaPropertiesProfile 
{
  "type": "object",
  "properties": {
    "allOf": {
      "type": "array",
      "items": {
        "$ref": "#/components/schemas/UserSchemaPropertiesProfileItem"
      }
    }
  },
  "x-okta-tags": [
    "UserSchema"
  ]
}
object UserSchemaPropertiesProfileItem 
{
  "type": "object",
  "properties": {
    "$ref": {
      "type": "string"
    }
  },
  "x-okta-tags": [
    "UserSchema"
  ]
}
object UserSchemaPublic 
{
  "type": "object",
  "properties": {
    "id": {
      "type": "string",
      "readOnly": true
    },
    "type": {
      "type": "string"
    },
    "required": {
      "type": "array",
      "items": {
        "type": "string"
      }
    },
    "properties": {
      "type": "object",
      "additionalProperties": {
        "$ref": "#/components/schemas/UserSchemaAttribute"
      }
    }
  },
  "x-okta-tags": [
    "UserSchema"
  ]
}
string UserStatus 
{
  "enum": [
    "ACTIVE",
    "DEPROVISIONED",
    "LOCKED_OUT",
    "PASSWORD_EXPIRED",
    "PROVISIONED",
    "RECOVERY",
    "STAGED",
    "SUSPENDED"
  ],
  "type": "string",
  "x-okta-tags": [
    "User"
  ]
}
object UserStatusPolicyRuleCondition 
{
  "type": "object",
  "properties": {
    "value": {
      "enum": [
        "ACTIVE",
        "INACTIVE",
        "PENDING",
        "DELETED",
        "EXPIRED_PASSWORD",
        "ACTIVATING",
        "SUSPENDED",
        "DELETING"
      ],
      "type": "string"
    }
  },
  "x-okta-tags": [
    "Policy"
  ]
}
object UserType 
{
  "type": "object",
  "properties": {
    "id": {
      "type": "string"
    },
    "name": {
      "type": "string"
    },
    "_links": {
      "type": "object",
      "readOnly": true,
      "additionalProperties": {
        "type": "object"
      }
    },
    "created": {
      "type": "string",
      "format": "date-time",
      "readOnly": true
    },
    "default": {
      "type": "boolean",
      "readOnly": true
    },
    "createdBy": {
      "type": "string",
      "readOnly": true
    },
    "description": {
      "type": "string"
    },
    "displayName": {
      "type": "string"
    },
    "lastUpdated": {
      "type": "string",
      "format": "date-time",
      "readOnly": true
    },
    "lastUpdatedBy": {
      "type": "string",
      "readOnly": true
    }
  },
  "x-okta-crud": [
    {
      "alias": "create",
      "arguments": [
        {
          "dest": "userType",
          "self": true
        }
      ],
      "operationId": "createUserType"
    },
    {
      "alias": "update",
      "arguments": [
        {
          "src": "id",
          "dest": "typeId"
        },
        {
          "dest": "userType",
          "self": true
        }
      ],
      "operationId": "updateUserType"
    },
    {
      "alias": "read",
      "arguments": [
        {
          "src": "id",
          "dest": "typeId"
        }
      ],
      "operationId": "getUserType"
    },
    {
      "alias": "delete",
      "arguments": [
        {
          "src": "id",
          "dest": "typeId"
        }
      ],
      "operationId": "deleteUserType"
    }
  ],
  "x-okta-tags": [
    "UserType"
  ],
  "x-okta-operations": [
    {
      "alias": "replaceUserType",
      "arguments": [
        {
          "src": "id",
          "dest": "roleId"
        }
      ],
      "operationId": "replaceUserType"
    }
  ]
}
object UserTypeCondition 
{
  "properties": {
    "exclude": {
      "type": "array",
      "items": {
        "type": "string"
      }
    },
    "include": {
      "type": "array",
      "items": {
        "type": "string"
      }
    }
  },
  "x-okta-tags": [
    "Policy"
  ]
}
array UserTypeGetAllUserTypesResponse 
{
  "type": "array",
  "items": {
    "$ref": "#/components/schemas/UserType"
  }
}
string UserVerificationEnum 
{
  "enum": [
    "REQUIRED",
    "PREFERRED"
  ],
  "type": "string",
  "x-okta-tags": [
    "Authenticator"
  ]
}
object VerificationMethod 
{
  "type": "object",
  "properties": {
    "type": {
      "type": "string"
    },
    "factorMode": {
      "type": "string"
    },
    "constraints": {
      "type": "array",
      "items": {
        "$ref": "#/components/schemas/AccessPolicyConstraints"
      }
    },
    "inactivityPeriod": {
      "type": "string"
    },
    "reauthenticateIn": {
      "type": "string"
    }
  },
  "x-okta-tags": [
    "Policy"
  ]
}
object VerifyFactorRequest 
{
  "properties": {
    "answer": {
      "type": "string"
    },
    "passCode": {
      "type": "string"
    },
    "clientData": {
      "type": "string"
    },
    "stateToken": {
      "type": "string"
    },
    "attestation": {
      "type": "string"
    },
    "nextPassCode": {
      "type": "string"
    },
    "activationToken": {
      "type": "string"
    },
    "registrationData": {
      "type": "string"
    }
  },
  "x-okta-tags": [
    "UserFactor"
  ]
}
object VerifyUserFactorResponse 
{
  "type": "object",
  "properties": {
    "_links": {
      "type": "object",
      "readOnly": true,
      "additionalProperties": {
        "type": "object"
      }
    },
    "_embedded": {
      "type": "object",
      "readOnly": true,
      "additionalProperties": {
        "type": "object"
      }
    },
    "expiresAt": {
      "type": "string",
      "format": "date-time",
      "readOnly": true
    },
    "factorResult": {
      "enum": [
        "SUCCESS",
        "EXPIRED",
        "CHALLENGE",
        "WAITING",
        "FAILED",
        "REJECTED",
        "TIMEOUT",
        "TIME_WINDOW_EXCEEDED",
        "PASSCODE_REPLAYED",
        "ERROR"
      ],
      "type": "string"
    },
    "factorResultMessage": {
      "type": "string"
    }
  },
  "x-okta-tags": [
    "UserFactor"
  ]
}
object WebAuthnUserFactor 
{
  "properties": {
    "profile": {
      "$ref": "#/components/schemas/WebAuthnUserFactorProfile"
    }
  },
  "x-okta-tags": [
    "UserFactor"
  ],
  "x-okta-parent": "#/definitions/UserFactor"
}
object WebAuthnUserFactorProfile 
{
  "properties": {
    "credentialId": {
      "type": "string"
    },
    "authenticatorName": {
      "type": "string"
    }
  },
  "x-okta-tags": [
    "UserFactor"
  ]
}
object WebUserFactor 
{
  "properties": {
    "profile": {
      "$ref": "#/components/schemas/WebUserFactorProfile"
    }
  },
  "x-okta-tags": [
    "UserFactor"
  ],
  "x-okta-parent": "#/definitions/UserFactor"
}
object WebUserFactorProfile 
{
  "properties": {
    "credentialId": {
      "type": "string"
    }
  },
  "x-okta-tags": [
    "UserFactor"
  ]
}
object WsFederationApplication 
{
  "properties": {
    "name": {
      "default": "template_wsfed"
    },
    "settings": {
      "$ref": "#/components/schemas/WsFederationApplicationSettings"
    }
  },
  "x-okta-tags": [
    "Application"
  ],
  "x-okta-parent": "#/definitions/Application",
  "x-okta-defined-as": {
    "name": "template_wsfed"
  }
}
object WsFederationApplicationSettings 
{
  "properties": {
    "app": {
      "$ref": "#/components/schemas/WsFederationApplicationSettingsApplication"
    }
  },
  "x-okta-tags": [
    "Application"
  ],
  "x-okta-parent": "#/definitions/ApplicationSettings"
}
object WsFederationApplicationSettingsApplication 
{
  "properties": {
    "realm": {
      "type": "string"
    },
    "siteURL": {
      "type": "string"
    },
    "groupName": {
      "type": "string"
    },
    "wReplyURL": {
      "type": "string"
    },
    "groupFilter": {
      "type": "string"
    },
    "nameIDFormat": {
      "type": "string"
    },
    "wReplyOverride": {
      "type": "boolean"
    },
    "groupValueFormat": {
      "type": "string"
    },
    "usernameAttribute": {
      "type": "string"
    },
    "attributeStatements": {
      "type": "string"
    },
    "audienceRestriction": {
      "type": "string"
    },
    "authnContextClassRef": {
      "type": "string"
    }
  },
  "x-okta-tags": [
    "Application"
  ],
  "x-okta-parent": "#/definitions/ApplicationSettingsApplication"
}