openapi.city
Sign in

Okta API

Identity and access management

developer.okta.com/docs/reference ↗
Version
2.16.0
OpenAPI
3.0.0
Endpoints
341
Schemas
532
91
Quality
Updated
3 days ago
Identity identity authentication security
Use this API in your AI agent

Query structured spec data via REST or MCP. Get exactly what your agent needs.

Get API Key

Server URLs

https://your-subdomain.okta.com

Endpoints

Clear filters
GET POST PUT PATCH DELETE

Application 20 endpoints

GET /api/v1/apps

Enumerates apps added to your organization with pagination. A subset of apps can be returned that match a supported filter expression or query.

operationId: Application_listApps

Parameters

Name In Required Type Description
q query optional string
after query optional string

Specifies the pagination cursor for the next page of apps
limit query optional integer

Specifies the number of results for a page
filter query optional string

Filters apps by status, user.id, group.id or credentials.signing.kid expression
expand query optional string

Traverses users link relationship and optionally embeds Application User resource
includeNonDeleted query optional boolean

Responses

200

Success
GET /api/v1/apps
GET /api/v1/apps/{appId}

Fetches an application from your Okta organization by id.

operationId: Application_getById

Parameters

Name In Required Type Description
appId path required string
expand query optional string

Responses

200

Success
GET /api/v1/apps/{appId}
GET /api/v1/apps/{appId}/connections/default

Get default Provisioning Connection for application

operationId: Application_getDefaultProvisioningConnection

Parameters

Name In Required Type Description
appId path required string

Responses

200

Success
404

Not Found
GET /api/v1/apps/{appId}/connections/default
GET /api/v1/apps/{appId}/credentials/csrs

Enumerates Certificate Signing Requests for an application

operationId: Application_listCsrsForApplication

Parameters

Name In Required Type Description
appId path required string

Responses

200

Success
GET /api/v1/apps/{appId}/credentials/csrs
GET /api/v1/apps/{appId}/credentials/csrs/{csrId}
operationId: Application_getCredentialsCsrs

Parameters

Name In Required Type Description
appId path required string
csrId path required string

Responses

200

Success
GET /api/v1/apps/{appId}/credentials/csrs/{csrId}
GET /api/v1/apps/{appId}/credentials/keys

Enumerates key credentials for an application

operationId: Application_listKeyCredentials

Parameters

Name In Required Type Description
appId path required string

Responses

200

Success
GET /api/v1/apps/{appId}/credentials/keys
GET /api/v1/apps/{appId}/credentials/keys/{keyId}

Gets a specific application key credential by kid

operationId: Application_getKeyCredential

Parameters

Name In Required Type Description
appId path required string
keyId path required string

Responses

200

Success
GET /api/v1/apps/{appId}/credentials/keys/{keyId}
GET /api/v1/apps/{appId}/credentials/secrets

Enumerates the client’s collection of secrets

operationId: Application_listClientSecrets

Parameters

Name In Required Type Description
appId path required string

Responses

200

Success
GET /api/v1/apps/{appId}/credentials/secrets
GET /api/v1/apps/{appId}/credentials/secrets/{secretId}

Gets a specific client secret by secretId

operationId: Application_getClientSecret

Parameters

Name In Required Type Description
appId path required string
secretId path required string

Responses

200

Success
GET /api/v1/apps/{appId}/credentials/secrets/{secretId}
GET /api/v1/apps/{appId}/features

List Features for application

operationId: Application_listFeatures

Parameters

Name In Required Type Description
appId path required string

Responses

200

Success
404

Not Found
GET /api/v1/apps/{appId}/features
GET /api/v1/apps/{appId}/features/{name}

Fetches a Feature object for an application.

operationId: Application_getFeature

Parameters

Name In Required Type Description
appId path required string
name path required string

Responses

200

Success
404

Not Found
GET /api/v1/apps/{appId}/features/{name}
GET /api/v1/apps/{appId}/grants

Lists all scope consent grants for the application

operationId: Application_listScopeConsentGrants

Parameters

Name In Required Type Description
appId path required string
expand query optional string

Responses

200

Success
GET /api/v1/apps/{appId}/grants
GET /api/v1/apps/{appId}/grants/{grantId}

Fetches a single scope consent grant for the application

operationId: Application_getSingleScopeConsentGrant

Parameters

Name In Required Type Description
appId path required string
grantId path required string
expand query optional string

Responses

200

Success
GET /api/v1/apps/{appId}/grants/{grantId}
GET /api/v1/apps/{appId}/groups

Enumerates group assignments for an application.

operationId: Application_listGroupsAssigned

Parameters

Name In Required Type Description
appId path required string
q query optional string
after query optional string

Specifies the pagination cursor for the next page of assignments
limit query optional integer

Specifies the number of results for a page
expand query optional string

Responses

200

Success
GET /api/v1/apps/{appId}/groups
GET /api/v1/apps/{appId}/groups/{groupId}

Fetches an application group assignment

operationId: Application_getGroupAssignment

Parameters

Name In Required Type Description
appId path required string
groupId path required string
expand query optional string

Responses

200

Success
GET /api/v1/apps/{appId}/groups/{groupId}
GET /api/v1/apps/{appId}/sso/saml/metadata

Previews SAML metadata based on a specific key credential for an application

operationId: Application_previewSamlAppMetadata

Parameters

Name In Required Type Description
appId path required string
kid query required string

unique key identifier of an Application Key Credential

Responses

200

Success
GET /api/v1/apps/{appId}/sso/saml/metadata
GET /api/v1/apps/{appId}/tokens

Lists all tokens for the application

operationId: Application_listTokens

Parameters

Name In Required Type Description
appId path required string
expand query optional string
after query optional string
limit query optional integer

Responses

200

Success
GET /api/v1/apps/{appId}/tokens
GET /api/v1/apps/{appId}/tokens/{tokenId}

Gets a token for the specified application

operationId: Application_getToken

Parameters

Name In Required Type Description
appId path required string
tokenId path required string
expand query optional string

Responses

200

Success
GET /api/v1/apps/{appId}/tokens/{tokenId}
GET /api/v1/apps/{appId}/users

Enumerates all assigned application users for an application.

operationId: Application_listAssignedUsers

Parameters

Name In Required Type Description
appId path required string
q query optional string
query_scope query optional string
after query optional string

specifies the pagination cursor for the next page of assignments
limit query optional integer

specifies the number of results for a page
filter query optional string
expand query optional string

Responses

200

Success
GET /api/v1/apps/{appId}/users
GET /api/v1/apps/{appId}/users/{userId}

Fetches a specific user assignment for application by id.

operationId: Application_getSpecificUserAssignment

Parameters

Name In Required Type Description
appId path required string
userId path required string
expand query optional string

Responses

200

Success
GET /api/v1/apps/{appId}/users/{userId}

Authenticator 2 endpoints

GET /api/v1/authenticators

List Authenticators

operationId: Authenticator_listAllAvailable

Responses

200

Success
GET /api/v1/authenticators
GET /api/v1/authenticators/{authenticatorId}

Success

operationId: Authenticator_getSuccess

Parameters

Name In Required Type Description
authenticatorId path required string

Responses

200

Success
GET /api/v1/authenticators/{authenticatorId}

Authorizationserver 14 endpoints

GET /api/v1/authorizationServers

Success

operationId: AuthorizationServer_listServers

Parameters

Name In Required Type Description
q query optional string
limit query optional string
after query optional string

Responses

200

Success
GET /api/v1/authorizationServers
GET /api/v1/authorizationServers/{authServerId}

Success

operationId: AuthorizationServer_getById

Parameters

Name In Required Type Description
authServerId path required string

Responses

200

Success
GET /api/v1/authorizationServers/{authServerId}
GET /api/v1/authorizationServers/{authServerId}/claims

Success

operationId: AuthorizationServer_getClaims

Parameters

Name In Required Type Description
authServerId path required string

Responses

200

Success
GET /api/v1/authorizationServers/{authServerId}/claims
GET /api/v1/authorizationServers/{authServerId}/claims/{claimId}

Success

operationId: AuthorizationServer_getClaims

Parameters

Name In Required Type Description
authServerId path required string
claimId path required string

Responses

200

Success
GET /api/v1/authorizationServers/{authServerId}/claims/{claimId}
GET /api/v1/authorizationServers/{authServerId}/clients

Success

operationId: AuthorizationServer_listClients

Parameters

Name In Required Type Description
authServerId path required string

Responses

200

Success
GET /api/v1/authorizationServers/{authServerId}/clients
GET /api/v1/authorizationServers/{authServerId}/clients/{clientId}/tokens

Success

operationId: AuthorizationServer_getClientTokens

Parameters

Name In Required Type Description
authServerId path required string
clientId path required string
expand query optional string
after query optional string
limit query optional integer

Responses

200

Success
GET /api/v1/authorizationServers/{authServerId}/clients/{clientId}/tokens
GET /api/v1/authorizationServers/{authServerId}/clients/{clientId}/tokens/{tokenId}

Success

operationId: AuthorizationServer_getClientAuthToken

Parameters

Name In Required Type Description
authServerId path required string
clientId path required string
tokenId path required string
expand query optional string

Responses

200

Success
GET /api/v1/authorizationServers/{authServerId}/clients/{clientId}/tokens/{tokenId}
GET /api/v1/authorizationServers/{authServerId}/credentials/keys

Success

operationId: AuthorizationServer_listCredentialsKeys

Parameters

Name In Required Type Description
authServerId path required string

Responses

200

Success
GET /api/v1/authorizationServers/{authServerId}/credentials/keys
GET /api/v1/authorizationServers/{authServerId}/policies

Success

operationId: AuthorizationServer_getPoliciesSuccess

Parameters

Name In Required Type Description
authServerId path required string

Responses

200

Success
GET /api/v1/authorizationServers/{authServerId}/policies
GET /api/v1/authorizationServers/{authServerId}/policies/{policyId}

Success

operationId: AuthorizationServer_getPolicies

Parameters

Name In Required Type Description
authServerId path required string
policyId path required string

Responses

200

Success
GET /api/v1/authorizationServers/{authServerId}/policies/{policyId}
GET /api/v1/authorizationServers/{authServerId}/policies/{policyId}/rules

Enumerates all policy rules for the specified Custom Authorization Server and Policy.

operationId: AuthorizationServer_enumeratePolicyRules

Parameters

Name In Required Type Description
authServerId path required string
policyId path required string

Responses

200

Success
GET /api/v1/authorizationServers/{authServerId}/policies/{policyId}/rules
GET /api/v1/authorizationServers/{authServerId}/policies/{policyId}/rules/{ruleId}

Returns a Policy Rule by ID that is defined in the specified Custom Authorization Server and Policy.

operationId: AuthorizationServer_getPolicyRuleById

Parameters

Name In Required Type Description
authServerId path required string
policyId path required string
ruleId path required string

Responses

200

Success
GET /api/v1/authorizationServers/{authServerId}/policies/{policyId}/rules/{ruleId}
GET /api/v1/authorizationServers/{authServerId}/scopes

Success

operationId: AuthorizationServer_getScopes

Parameters

Name In Required Type Description
authServerId path required string
q query optional string
filter query optional string
cursor query optional string
limit query optional integer

Responses

200

Success
GET /api/v1/authorizationServers/{authServerId}/scopes
GET /api/v1/authorizationServers/{authServerId}/scopes/{scopeId}

Success

operationId: AuthorizationServer_getScopes

Parameters

Name In Required Type Description
authServerId path required string
scopeId path required string

Responses

200

Success
GET /api/v1/authorizationServers/{authServerId}/scopes/{scopeId}

Brand 11 endpoints

GET /api/v1/brands

List all the brands in your org.

operationId: Brand_getAllBrands

Responses

200

Success
GET /api/v1/brands
GET /api/v1/brands/{brandId}

Fetches a brand by brandId

operationId: Brand_getById

Parameters

Name In Required Type Description
brandId path required string

Responses

200

Success
404

Not Found
GET /api/v1/brands/{brandId}
GET /api/v1/brands/{brandId}/templates/email

List email templates in your organization with pagination.

operationId: Brand_listEmailTemplates

Parameters

Name In Required Type Description
brandId path required string
after query optional string

Specifies the pagination cursor for the next page of email templates.
limit query optional integer

Specifies the number of results returned (maximum 200)

Responses

200

Success
GET /api/v1/brands/{brandId}/templates/email
GET /api/v1/brands/{brandId}/templates/email/{templateName}

Fetch an email template by templateName

operationId: Brand_getEmailTemplate

Parameters

Name In Required Type Description
brandId path required string
templateName path required string

Responses

200

Success
GET /api/v1/brands/{brandId}/templates/email/{templateName}
GET /api/v1/brands/{brandId}/templates/email/{templateName}/customizations

List all email customizations for an email template

operationId: Brand_listEmailTemplateCustomizations

Parameters

Name In Required Type Description
brandId path required string
templateName path required string

Responses

200

Success
GET /api/v1/brands/{brandId}/templates/email/{templateName}/customizations
GET /api/v1/brands/{brandId}/templates/email/{templateName}/customizations/{customizationId}

Fetch an email customization by id.

operationId: Brand_getEmailTemplateCustomizationById

Parameters

Name In Required Type Description
brandId path required string
templateName path required string
customizationId path required string

Responses

200

Success
GET /api/v1/brands/{brandId}/templates/email/{templateName}/customizations/{customizationId}
GET /api/v1/brands/{brandId}/templates/email/{templateName}/customizations/{customizationId}/preview

Get a preview of an email template customization.

operationId: Brand_getEmailCustomizationPreview

Parameters

Name In Required Type Description
brandId path required string
templateName path required string
customizationId path required string

Responses

200

Success
GET /api/v1/brands/{brandId}/templates/email/{templateName}/customizations/{customizationId}/preview
GET /api/v1/brands/{brandId}/templates/email/{templateName}/default-content

Fetch the default content for an email template.

operationId: Brand_getEmailTemplateDefaultContent

Parameters

Name In Required Type Description
brandId path required string
templateName path required string

Responses

200

Success
GET /api/v1/brands/{brandId}/templates/email/{templateName}/default-content
GET /api/v1/brands/{brandId}/templates/email/{templateName}/default-content/preview

Fetch a preview of an email template’s default content by populating velocity references with the current user’s environment.

operationId: Brand_getEmailTemplateDefaultContentPreview

Parameters

Name In Required Type Description
brandId path required string
templateName path required string

Responses

200

Success
GET /api/v1/brands/{brandId}/templates/email/{templateName}/default-content/preview
GET /api/v1/brands/{brandId}/themes

List all the themes in your brand

operationId: Brand_getThemes

Parameters

Name In Required Type Description
brandId path required string

Responses

200

Success
GET /api/v1/brands/{brandId}/themes
GET /api/v1/brands/{brandId}/themes/{themeId}

Fetches a theme for a brand

operationId: Brand_getThemeById

Parameters

Name In Required Type Description
brandId path required string
themeId path required string

Responses

200

Success
GET /api/v1/brands/{brandId}/themes/{themeId}

Domain 2 endpoints

GET /api/v1/domains

List all verified custom Domains for the org.

operationId: Domain_listVerifiedCustom

Responses

200

Success
GET /api/v1/domains
GET /api/v1/domains/{domainId}

Fetches a Domain by id.

operationId: Domain_getById

Parameters

Name In Required Type Description
domainId path required string

Responses

200

Success
GET /api/v1/domains/{domainId}

Eventhook 2 endpoints

GET /api/v1/eventHooks

Success

operationId: EventHook_listSuccessEvents

Responses

200

Success
GET /api/v1/eventHooks
GET /api/v1/eventHooks/{eventHookId}

Success

operationId: EventHook_getSuccessEvent

Parameters

Name In Required Type Description
eventHookId path required string

Responses

200

Success
GET /api/v1/eventHooks/{eventHookId}

Feature 4 endpoints

GET /api/v1/features

Success

operationId: Feature_getSuccess

Responses

200

Success
GET /api/v1/features
GET /api/v1/features/{featureId}

Success

operationId: Feature_getSuccessById

Parameters

Name In Required Type Description
featureId path required string

Responses

200

Success
GET /api/v1/features/{featureId}
GET /api/v1/features/{featureId}/dependencies

Success

operationId: Feature_listDependencies

Parameters

Name In Required Type Description
featureId path required string

Responses

200

Success
GET /api/v1/features/{featureId}/dependencies
GET /api/v1/features/{featureId}/dependents

Success

operationId: Feature_listDependents

Parameters

Name In Required Type Description
featureId path required string

Responses

200

Success
GET /api/v1/features/{featureId}/dependents

Group 10 endpoints

GET /api/v1/groups

Enumerates groups in your organization with pagination. A subset of groups can be returned that match a supported filter expression or query.

operationId: Group_list

Parameters

Name In Required Type Description
q query optional string

Searches the name property of groups for matching value
filter query optional string

Filter expression for groups
after query optional string

Specifies the pagination cursor for the next page of groups
limit query optional integer

Specifies the number of group results in a page
expand query optional string

If specified, it causes additional metadata to be included in the response.
search query optional string

Searches for groups with a supported filtering expression for all attributes except for _embedded, _links, and objectClass

Responses

200

Success
GET /api/v1/groups
GET /api/v1/groups/rules

Lists all group rules for your organization.

operationId: Group_getAllRules

Parameters

Name In Required Type Description
limit query optional integer

Specifies the number of rule results in a page
after query optional string

Specifies the pagination cursor for the next page of rules
search query optional string

Specifies the keyword to search fules for
expand query optional string

If specified as groupIdToGroupNameMap, then show group names

Responses

200

Success
GET /api/v1/groups/rules
GET /api/v1/groups/rules/{ruleId}

Fetches a specific group rule by id from your organization

operationId: Group_getGroupRuleById

Parameters

Name In Required Type Description
ruleId path required string
expand query optional string

Responses

200

Success
GET /api/v1/groups/rules/{ruleId}
GET /api/v1/groups/{groupId}

Fetches a group from your organization.

operationId: Group_getRules

Parameters

Name In Required Type Description
groupId path required string

Responses

200

Success
GET /api/v1/groups/{groupId}
GET /api/v1/groups/{groupId}/apps

Enumerates all applications that are assigned to a group.

operationId: Group_listAssignedApps

Parameters

Name In Required Type Description
groupId path required string
after query optional string

Specifies the pagination cursor for the next page of apps
limit query optional integer

Specifies the number of app results for a page

Responses

200

Success
GET /api/v1/groups/{groupId}/apps
GET /api/v1/groups/{groupId}/roles

Success

operationId: Group_getRoleList

Parameters

Name In Required Type Description
groupId path required string
expand query optional string

Responses

200

Success
GET /api/v1/groups/{groupId}/roles
GET /api/v1/groups/{groupId}/roles/{roleId}

Success

operationId: Group_getRoleSuccess

Parameters

Name In Required Type Description
groupId path required string
roleId path required string

Responses

200

Success
GET /api/v1/groups/{groupId}/roles/{roleId}
GET /api/v1/groups/{groupId}/roles/{roleId}/targets/catalog/apps

Lists all App targets for an APP_ADMIN Role assigned to a Group. This methods return list may include full Applications or Instances. The response for an instance will have an ID value, while Application will not have an ID.

operationId: Group_getRoleTargetsCatalogApps

Parameters

Name In Required Type Description
groupId path required string
roleId path required string
after query optional string
limit query optional integer

Responses

200

Success
GET /api/v1/groups/{groupId}/roles/{roleId}/targets/catalog/apps
GET /api/v1/groups/{groupId}/roles/{roleId}/targets/groups

Success

operationId: Group_listRoleTargetsGroups

Parameters

Name In Required Type Description
groupId path required string
roleId path required string
after query optional string
limit query optional integer

Responses

200

Success
GET /api/v1/groups/{groupId}/roles/{roleId}/targets/groups
GET /api/v1/groups/{groupId}/users

Enumerates all users that are a member of a group.

operationId: Group_enumerateGroupMembers

Parameters

Name In Required Type Description
groupId path required string
after query optional string

Specifies the pagination cursor for the next page of users
limit query optional integer

Specifies the number of user results in a page

Responses

200

Success
GET /api/v1/groups/{groupId}/users

Groupschema 1 endpoints

GET /api/v1/meta/schemas/group/default

Fetches the group schema

operationId: GroupSchema_get

Responses

200

successful operation
GET /api/v1/meta/schemas/group/default

Identityprovider 11 endpoints

GET /api/v1/idps

Enumerates IdPs in your organization with pagination. A subset of IdPs can be returned that match a supported filter expression or query.

operationId: IdentityProvider_list

Parameters

Name In Required Type Description
q query optional string

Searches the name property of IdPs for matching value
after query optional string

Specifies the pagination cursor for the next page of IdPs
limit query optional integer

Specifies the number of IdP results in a page
type query optional string

Filters IdPs by type

Responses

200

Success
GET /api/v1/idps
GET /api/v1/idps/credentials/keys

Enumerates IdP key credentials.

operationId: IdentityProvider_enumerateIdpKeys

Parameters

Name In Required Type Description
after query optional string

Specifies the pagination cursor for the next page of keys
limit query optional integer

Specifies the number of key results in a page

Responses

200

Success
GET /api/v1/idps/credentials/keys
GET /api/v1/idps/credentials/keys/{keyId}

Gets a specific IdP Key Credential by kid

operationId: IdentityProvider_getKeyCredentialByIdp

Parameters

Name In Required Type Description
keyId path required string

Responses

200

Success
GET /api/v1/idps/credentials/keys/{keyId}
GET /api/v1/idps/{idpId}

Fetches an IdP by id.

operationId: IdentityProvider_getByIdp

Parameters

Name In Required Type Description
idpId path required string

Responses

200

Success
GET /api/v1/idps/{idpId}
GET /api/v1/idps/{idpId}/credentials/csrs

Enumerates Certificate Signing Requests for an IdP

operationId: IdentityProvider_listCsrsForCertificateSigningRequests

Parameters

Name In Required Type Description
idpId path required string

Responses

200

Success
GET /api/v1/idps/{idpId}/credentials/csrs
GET /api/v1/idps/{idpId}/credentials/csrs/{csrId}

Gets a specific Certificate Signing Request model by id

operationId: IdentityProvider_getCsrByIdp

Parameters

Name In Required Type Description
idpId path required string
csrId path required string

Responses

200

Success
GET /api/v1/idps/{idpId}/credentials/csrs/{csrId}
GET /api/v1/idps/{idpId}/credentials/keys

Enumerates signing key credentials for an IdP

operationId: IdentityProvider_listSigningKeyCredentials

Parameters

Name In Required Type Description
idpId path required string

Responses

200

Success
GET /api/v1/idps/{idpId}/credentials/keys
GET /api/v1/idps/{idpId}/credentials/keys/{keyId}

Gets a specific IdP Key Credential by kid

operationId: IdentityProvider_getSigningKeyCredentialByIdp

Parameters

Name In Required Type Description
idpId path required string
keyId path required string

Responses

200

Success
GET /api/v1/idps/{idpId}/credentials/keys/{keyId}
GET /api/v1/idps/{idpId}/users

Find all the users linked to an identity provider

operationId: IdentityProvider_getUser

Parameters

Name In Required Type Description
idpId path required string

Responses

200

Success
GET /api/v1/idps/{idpId}/users
GET /api/v1/idps/{idpId}/users/{userId}

Fetches a linked IdP user by ID

operationId: IdentityProvider_getLinkedUserById

Parameters

Name In Required Type Description
idpId path required string
userId path required string

Responses

200

Success
GET /api/v1/idps/{idpId}/users/{userId}
GET /api/v1/idps/{idpId}/users/{userId}/credentials/tokens

Fetches the tokens minted by the Social Authentication Provider when the user authenticates with Okta via Social Auth.

operationId: IdentityProvider_getSocialAuthTokens

Parameters

Name In Required Type Description
idpId path required string
userId path required string

Responses

200

Success
GET /api/v1/idps/{idpId}/users/{userId}/credentials/tokens

Inlinehook 2 endpoints

GET /api/v1/inlineHooks

Success

operationId: InlineHook_getSuccess

Parameters

Name In Required Type Description
type query optional string

Responses

200

Success
GET /api/v1/inlineHooks
GET /api/v1/inlineHooks/{inlineHookId}

Gets an inline hook by ID

operationId: InlineHook_getById

Parameters

Name In Required Type Description
inlineHookId path required string

Responses

200

Success
GET /api/v1/inlineHooks/{inlineHookId}

Linkedobject 2 endpoints

GET /api/v1/meta/schemas/user/linkedObjects

Success

operationId: LinkedObject_getUserLinkedObjects

Responses

200

Success
GET /api/v1/meta/schemas/user/linkedObjects
GET /api/v1/meta/schemas/user/linkedObjects/{linkedObjectName}

Success

operationId: LinkedObject_getUserLinkedObjects

Parameters

Name In Required Type Description
linkedObjectName path required string

Responses

200

Success
GET /api/v1/meta/schemas/user/linkedObjects/{linkedObjectName}

Log 1 endpoints

GET /api/v1/logs

The Okta System Log API provides read access to your organization’s system log. This API provides more functionality than the Events API

operationId: Log_getListEvents

Parameters

Name In Required Type Description
since query optional string
until query optional string
filter query optional string
q query optional string
limit query optional integer
sortOrder query optional string
after query optional string

Responses

200

Success
GET /api/v1/logs

Networkzone 2 endpoints

GET /api/v1/zones

Enumerates network zones added to your organization with pagination. A subset of zones can be returned that match a supported filter expression or query.

operationId: NetworkZone_listZones

Parameters

Name In Required Type Description
after query optional string

Specifies the pagination cursor for the next page of network zones
limit query optional integer

Specifies the number of results for a page
filter query optional string

Filters zones by usage or id expression

Responses

200

Success
GET /api/v1/zones
GET /api/v1/zones/{zoneId}

Fetches a network zone from your Okta organization by id.

operationId: NetworkZone_getById

Parameters

Name In Required Type Description
zoneId path required string

Responses

200

Success
GET /api/v1/zones/{zoneId}

Org 6 endpoints

GET /api/v1/org

Get settings of your organization.

operationId: Org_getSettings

Responses

200

Success
GET /api/v1/org
GET /api/v1/org/contacts

Gets Contact Types of your organization.

operationId: Org_listContactTypes

Responses

200

Success
GET /api/v1/org/contacts
GET /api/v1/org/contacts/{contactType}

Retrieves the URL of the User associated with the specified Contact Type.

operationId: Org_getContactUser

Parameters

Name In Required Type Description
contactType path required string

Responses

200

Success
GET /api/v1/org/contacts/{contactType}
GET /api/v1/org/preferences

Gets preferences of your organization.

operationId: Org_getOrgPreferences

Responses

200

Success
GET /api/v1/org/preferences
GET /api/v1/org/privacy/oktaCommunication

Gets Okta Communication Settings of your organization.

operationId: Org_getOktaCommunicationSettings

Responses

200

Success
GET /api/v1/org/privacy/oktaCommunication
GET /api/v1/org/privacy/oktaSupport

Gets Okta Support Settings of your organization.

operationId: Org_getOktaSupportSettings

Responses

200

Success
GET /api/v1/org/privacy/oktaSupport

Policy 4 endpoints

GET /api/v1/policies

Gets all policies with the specified type.

operationId: Policy_getAllWithType

Parameters

Name In Required Type Description
type query required string
status query optional string
expand query optional string

Responses

200

Success
GET /api/v1/policies
GET /api/v1/policies/{policyId}

Gets a policy.

operationId: Policy_getPolicy

Parameters

Name In Required Type Description
policyId path required string
expand query optional string

Responses

200

Success
GET /api/v1/policies/{policyId}
GET /api/v1/policies/{policyId}/rules

Enumerates all policy rules.

operationId: Policy_enumerateRules

Parameters

Name In Required Type Description
policyId path required string

Responses

200

Success
GET /api/v1/policies/{policyId}/rules
GET /api/v1/policies/{policyId}/rules/{ruleId}

Gets a policy rule.

operationId: Policy_getPolicyRule

Parameters

Name In Required Type Description
policyId path required string
ruleId path required string

Responses

200

Success
GET /api/v1/policies/{policyId}/rules/{ruleId}

Profilemapping 2 endpoints

GET /api/v1/mappings

Enumerates Profile Mappings in your organization with pagination.

operationId: ProfileMapping_listWithPagination

Parameters

Name In Required Type Description
after query optional string
limit query optional integer
sourceId query optional string
targetId query optional string

Responses

200

Success
GET /api/v1/mappings
GET /api/v1/mappings/{mappingId}

Fetches a single Profile Mapping referenced by its ID.

operationId: ProfileMapping_getById

Parameters

Name In Required Type Description
mappingId path required string

Responses

200

Success
GET /api/v1/mappings/{mappingId}

Session 1 endpoints

GET /api/v1/sessions/{sessionId}

Get details about a session.

operationId: Session_getDetails

Parameters

Name In Required Type Description
sessionId path required string

Responses

200

Success
GET /api/v1/sessions/{sessionId}

Subscription 2 endpoints

GET /api/v1/roles/{roleTypeOrRoleId}/subscriptions

When roleType List all subscriptions of a Role. Else when roleId List subscriptions of a Custom Role

operationId: Subscription_listRoleSubscriptions

Parameters

Name In Required Type Description
roleTypeOrRoleId path required string

Responses

200

Success
404

Not Found
GET /api/v1/roles/{roleTypeOrRoleId}/subscriptions
GET /api/v1/roles/{roleTypeOrRoleId}/subscriptions/{notificationType}

When roleType Get subscriptions of a Role with a specific notification type. Else when roleId Get subscription of a Custom Role with a specific notification type.

operationId: Subscription_getRoleSubscriptionsByNotificationType

Parameters

Name In Required Type Description
roleTypeOrRoleId path required string
notificationType path required string

Responses

200

Success
404

Not Found
GET /api/v1/roles/{roleTypeOrRoleId}/subscriptions/{notificationType}

Template 2 endpoints

GET /api/v1/templates/sms

Enumerates custom SMS templates in your organization. A subset of templates can be returned that match a template type.

operationId: Template_enumerateSmsTemplates

Parameters

Name In Required Type Description
templateType query optional string

Responses

200

Success
GET /api/v1/templates/sms
GET /api/v1/templates/sms/{templateId}

Fetches a specific template by id

operationId: Template_getById

Parameters

Name In Required Type Description
templateId path required string

Responses

200

Success
GET /api/v1/templates/sms/{templateId}

Threatinsight 1 endpoints

GET /api/v1/threats/configuration

Gets current ThreatInsight configuration

operationId: ThreatInsight_getCurrentConfiguration

Responses

200

Success
GET /api/v1/threats/configuration

Trustedorigin 2 endpoints

GET /api/v1/trustedOrigins

Success

operationId: TrustedOrigin_getList

Parameters

Name In Required Type Description
q query optional string
filter query optional string
after query optional string
limit query optional integer

Responses

200

Success
GET /api/v1/trustedOrigins
GET /api/v1/trustedOrigins/{trustedOriginId}

Success

operationId: TrustedOrigin_getSuccessById

Parameters

Name In Required Type Description
trustedOriginId path required string

Responses

200

Success
GET /api/v1/trustedOrigins/{trustedOriginId}

User 18 endpoints

GET /api/v1/users

Lists users that do not have a status of ‘DEPROVISIONED’ (by default), up to the maximum (200 for most orgs), with pagination in most cases. A subset of users can be returned that match a supported filter expression or search criteria.

operationId: User_listActiveUsers

Parameters

Name In Required Type Description
q query optional string

Finds a user that matches firstName, lastName, and email properties
after query optional string

Specifies the pagination cursor for the next page of users
limit query optional integer

Specifies the number of results returned
filter query optional string

Filters users with a supported expression for a subset of properties
search query optional string

Searches for users with a supported filtering expression for most properties
sortBy query optional string
sortOrder query optional string

Responses

200

Success
GET /api/v1/users
GET /api/v1/users/{userId}

Fetches a user from your Okta organization.

operationId: User_getOktaUser

Parameters

Name In Required Type Description
userId path required string

Responses

200

Success
GET /api/v1/users/{userId}
GET /api/v1/users/{userId}/appLinks

Fetches appLinks for all direct or indirect (via group membership) assigned applications.

operationId: User_listAssignedAppLinks

Parameters

Name In Required Type Description
userId path required string

Responses

200

Success
GET /api/v1/users/{userId}/appLinks
GET /api/v1/users/{userId}/clients

Lists all client resources for which the specified user has grants or tokens.

operationId: User_listClients

Parameters

Name In Required Type Description
userId path required string

Responses

200

Success
GET /api/v1/users/{userId}/clients
GET /api/v1/users/{userId}/clients/{clientId}/grants

Lists all grants for a specified user and client

operationId: User_listGrantsForClient

Parameters

Name In Required Type Description
userId path required string
clientId path required string
expand query optional string
after query optional string
limit query optional integer

Responses

200

Success
GET /api/v1/users/{userId}/clients/{clientId}/grants
GET /api/v1/users/{userId}/clients/{clientId}/tokens

Lists all refresh tokens issued for the specified User and Client.

operationId: User_listRefreshTokensForUserAndClient

Parameters

Name In Required Type Description
userId path required string
clientId path required string
expand query optional string
after query optional string
limit query optional integer

Responses

200

Success
GET /api/v1/users/{userId}/clients/{clientId}/tokens
GET /api/v1/users/{userId}/clients/{clientId}/tokens/{tokenId}

Gets a refresh token issued for the specified User and Client.

operationId: User_getClientRefreshToken

Parameters

Name In Required Type Description
userId path required string
clientId path required string
tokenId path required string
expand query optional string
limit query optional integer
after query optional string

Responses

200

Success
GET /api/v1/users/{userId}/clients/{clientId}/tokens/{tokenId}
GET /api/v1/users/{userId}/grants

Lists all grants for the specified user

operationId: User_listGrants

Parameters

Name In Required Type Description
userId path required string
scopeId query optional string
expand query optional string
after query optional string
limit query optional integer

Responses

200

Success
GET /api/v1/users/{userId}/grants
GET /api/v1/users/{userId}/grants/{grantId}

Gets a grant for the specified user

operationId: User_getGrantById

Parameters

Name In Required Type Description
userId path required string
grantId path required string
expand query optional string

Responses

200

Success
GET /api/v1/users/{userId}/grants/{grantId}
GET /api/v1/users/{userId}/groups

Fetches the groups of which the user is a member.

operationId: User_getMemberGroups

Parameters

Name In Required Type Description
userId path required string

Responses

200

Success
GET /api/v1/users/{userId}/groups
GET /api/v1/users/{userId}/idps

Lists the IdPs associated with the user.

operationId: User_listIdpsForUser

Parameters

Name In Required Type Description
userId path required string

Responses

200

Success
GET /api/v1/users/{userId}/idps
GET /api/v1/users/{userId}/linkedObjects/{relationshipName}

Get linked objects for a user, relationshipName can be a primary or associated relationship name

operationId: User_getLinkedObjects

Parameters

Name In Required Type Description
userId path required string
relationshipName path required string
after query optional string
limit query optional integer

Responses

200

Success
GET /api/v1/users/{userId}/linkedObjects/{relationshipName}
GET /api/v1/users/{userId}/roles

Lists all roles assigned to a user.

operationId: User_listAssignedRoles

Parameters

Name In Required Type Description
userId path required string
expand query optional string

Responses

200

Success
GET /api/v1/users/{userId}/roles
GET /api/v1/users/{userId}/roles/{roleId}

Gets role that is assigne to user.

operationId: User_getAssignedRole

Parameters

Name In Required Type Description
userId path required string
roleId path required string

Responses

200

Success
GET /api/v1/users/{userId}/roles/{roleId}
GET /api/v1/users/{userId}/roles/{roleId}/targets/catalog/apps

Lists all App targets for an APP_ADMIN Role assigned to a User. This methods return list may include full Applications or Instances. The response for an instance will have an ID value, while Application will not have an ID.

operationId: User_listAppTargetsForRole

Parameters

Name In Required Type Description
userId path required string
roleId path required string
after query optional string
limit query optional integer

Responses

200

Success
GET /api/v1/users/{userId}/roles/{roleId}/targets/catalog/apps
GET /api/v1/users/{userId}/roles/{roleId}/targets/groups

Success

operationId: User_listRoleTargetsGroups

Parameters

Name In Required Type Description
userId path required string
roleId path required string
after query optional string
limit query optional integer

Responses

200

Success
GET /api/v1/users/{userId}/roles/{roleId}/targets/groups
GET /api/v1/users/{userId}/subscriptions

List subscriptions of a User. Only lists subscriptions for current user. An AccessDeniedException message is sent if requests are made from other users.

operationId: User_listSubscriptions

Parameters

Name In Required Type Description
userId path required string

Responses

200

Success
404

Not Found
GET /api/v1/users/{userId}/subscriptions
GET /api/v1/users/{userId}/subscriptions/{notificationType}

Get the subscriptions of a User with a specific notification type. Only gets subscriptions for current user. An AccessDeniedException message is sent if requests are made from other users.

operationId: User_getSubscriptionByNotification

Parameters

Name In Required Type Description
userId path required string
notificationType path required string

Responses

200

Success
404

Not Found
GET /api/v1/users/{userId}/subscriptions/{notificationType}

Userfactor 5 endpoints

GET /api/v1/users/{userId}/factors

Enumerates all the enrolled factors for the specified user

operationId: UserFactor_enumerateEnrolled

Parameters

Name In Required Type Description
userId path required string

Responses

200

Success
GET /api/v1/users/{userId}/factors
GET /api/v1/users/{userId}/factors/catalog

Enumerates all the supported factors that can be enrolled for the specified user

operationId: UserFactor_enumerateSupportedFactors

Parameters

Name In Required Type Description
userId path required string

Responses

200

Success
GET /api/v1/users/{userId}/factors/catalog
GET /api/v1/users/{userId}/factors/questions

Enumerates all available security questions for a user’s question factor

operationId: UserFactor_enumerateSecurityQuestions

Parameters

Name In Required Type Description
userId path required string

Responses

200

Success
GET /api/v1/users/{userId}/factors/questions
GET /api/v1/users/{userId}/factors/{factorId}

Fetches a factor for the specified user

operationId: UserFactor_getFactor

Parameters

Name In Required Type Description
userId path required string
factorId path required string

Responses

200

Success
GET /api/v1/users/{userId}/factors/{factorId}
GET /api/v1/users/{userId}/factors/{factorId}/transactions/{transactionId}

Polls factors verification transaction for status.

operationId: UserFactor_pollFactorTransactionStatus

Parameters

Name In Required Type Description
userId path required string
factorId path required string
transactionId path required string

Responses

200

Success
GET /api/v1/users/{userId}/factors/{factorId}/transactions/{transactionId}

Userschema 2 endpoints

GET /api/v1/meta/schemas/apps/{appInstanceId}/default

Fetches the Schema for an App User

operationId: UserSchema_getUserSchema

Parameters

Name In Required Type Description
appInstanceId path required string

Responses

200

successful operation
GET /api/v1/meta/schemas/apps/{appInstanceId}/default
GET /api/v1/meta/schemas/user/{schemaId}

Fetches the schema for a Schema Id.

operationId: UserSchema_getSchemaById

Parameters

Name In Required Type Description
schemaId path required string

Responses

200

Success
GET /api/v1/meta/schemas/user/{schemaId}

Usertype 2 endpoints

GET /api/v1/meta/types/user

Fetches all User Types in your org

operationId: UserType_getAllUserTypes

Responses

200

Success
GET /api/v1/meta/types/user
GET /api/v1/meta/types/user/{typeId}

Fetches a User Type by ID. The special identifier default may be used to fetch the default User Type.

operationId: UserType_getById

Parameters

Name In Required Type Description
typeId path required string

Responses

200

Success
GET /api/v1/meta/types/user/{typeId}
Load more endpoints

Schemas

object AccessPolicy 
{
  "x-okta-tags": [
    "Policy"
  ],
  "x-okta-parent": "#/definitions/Policy"
}
object AccessPolicyConstraint 
{
  "type": "object",
  "properties": {
    "types": {
      "type": "array",
      "items": {
        "type": "string"
      }
    },
    "methods": {
      "type": "array",
      "items": {
        "type": "string"
      }
    },
    "reauthenticateIn": {
      "type": "string"
    }
  },
  "x-okta-tags": [
    "Policy"
  ]
}
object AccessPolicyConstraints 
{
  "type": "object",
  "properties": {
    "knowledge": {
      "$ref": "#/components/schemas/KnowledgeConstraint"
    },
    "possession": {
      "$ref": "#/components/schemas/PossessionConstraint"
    }
  },
  "x-okta-tags": [
    "Policy"
  ]
}
object AccessPolicyRule 
{
  "type": "object",
  "properties": {
    "name": {
      "type": "string"
    },
    "actions": {
      "$ref": "#/components/schemas/AccessPolicyRuleActions"
    },
    "conditions": {
      "$ref": "#/components/schemas/AccessPolicyRuleConditions"
    }
  },
  "x-okta-tags": [
    "Policy"
  ],
  "x-okta-parent": "#/definitions/PolicyRule"
}
object AccessPolicyRuleActions 
{
  "type": "object",
  "properties": {
    "appSignOn": {
      "$ref": "#/components/schemas/AccessPolicyRuleApplicationSignOn"
    }
  },
  "x-okta-tags": [
    "Policy"
  ],
  "x-okta-parent": "#/definitions/PolicyRuleActions"
}
object AccessPolicyRuleApplicationSignOn 
{
  "type": "object",
  "properties": {
    "access": {
      "type": "string"
    },
    "verificationMethod": {
      "$ref": "#/components/schemas/VerificationMethod"
    }
  },
  "x-okta-tags": [
    "Policy"
  ]
}
object AccessPolicyRuleConditions 
{
  "properties": {
    "device": {
      "$ref": "#/components/schemas/DeviceAccessPolicyRuleCondition"
    },
    "userType": {
      "$ref": "#/components/schemas/UserTypeCondition"
    },
    "elCondition": {
      "$ref": "#/components/schemas/AccessPolicyRuleCustomCondition"
    }
  },
  "x-okta-tags": [
    "Policy"
  ],
  "x-okta-parent": "#/definitions/PolicyRuleConditions"
}
object AccessPolicyRuleCustomCondition 
{
  "properties": {
    "condition": {
      "type": "string"
    }
  },
  "x-okta-tags": [
    "Policy"
  ]
}
object AcsEndpoint 
{
  "properties": {
    "url": {
      "type": "string"
    },
    "index": {
      "type": "integer"
    }
  },
  "x-okta-tags": [
    "Application"
  ]
}
object ActivateFactorRequest 
{
  "properties": {
    "passCode": {
      "type": "string"
    },
    "clientData": {
      "type": "string"
    },
    "stateToken": {
      "type": "string"
    },
    "attestation": {
      "type": "string"
    },
    "registrationData": {
      "type": "string"
    }
  },
  "x-okta-tags": [
    "UserFactor"
  ]
}
string AllowedForEnum 
{
  "enum": [
    "recovery",
    "sso",
    "any",
    "none"
  ],
  "type": "string",
  "x-okta-tags": [
    "Authenticator"
  ]
}
object AppAndInstanceConditionEvaluatorAppOrInstance 
{
  "type": "object",
  "properties": {
    "id": {
      "type": "string",
      "readOnly": true
    },
    "name": {
      "type": "string"
    },
    "type": {
      "enum": [
        "APP_TYPE",
        "APP"
      ],
      "type": "string"
    }
  },
  "x-okta-tags": [
    "Policy"
  ]
}
object AppAndInstancePolicyRuleCondition 
{
  "type": "object",
  "properties": {
    "exclude": {
      "type": "array",
      "items": {
        "$ref": "#/components/schemas/AppAndInstanceConditionEvaluatorAppOrInstance"
      }
    },
    "include": {
      "type": "array",
      "items": {
        "$ref": "#/components/schemas/AppAndInstanceConditionEvaluatorAppOrInstance"
      }
    }
  },
  "x-okta-tags": [
    "Policy"
  ]
}
object AppInstancePolicyRuleCondition 
{
  "type": "object",
  "properties": {
    "exclude": {
      "type": "array",
      "items": {
        "type": "string"
      }
    },
    "include": {
      "type": "array",
      "items": {
        "type": "string"
      }
    }
  },
  "x-okta-tags": [
    "Policy"
  ]
}
object AppLink 
{
  "type": "object",
  "properties": {
    "id": {
      "type": "string",
      "readOnly": true
    },
    "label": {
      "type": "string",
      "readOnly": true
    },
    "hidden": {
      "type": "boolean",
      "readOnly": true
    },
    "appName": {
      "type": "string",
      "readOnly": true
    },
    "linkUrl": {
      "type": "string",
      "readOnly": true
    },
    "logoUrl": {
      "type": "string",
      "readOnly": true
    },
    "sortOrder": {
      "type": "integer",
      "readOnly": true
    },
    "appInstanceId": {
      "type": "string",
      "readOnly": true
    },
    "appAssignmentId": {
      "type": "string",
      "readOnly": true
    },
    "credentialsSetup": {
      "type": "boolean",
      "readOnly": true
    }
  },
  "x-okta-tags": [
    "User"
  ]
}
object AppUser 
{
  "type": "object",
  "properties": {
    "id": {
      "type": "string"
    },
    "scope": {
      "type": "string"
    },
    "_links": {
      "type": "object",
      "readOnly": true,
      "additionalProperties": {
        "type": "object"
      }
    },
    "status": {
      "type": "string",
      "readOnly": true
    },
    "created": {
      "type": "string",
      "format": "date-time",
      "readOnly": true
    },
    "profile": {
      "type": "object",
      "additionalProperties": {
        "type": "object"
      }
    },
    "lastSync": {
      "type": "string",
      "format": "date-time",
      "readOnly": true
    },
    "_embedded": {
      "type": "object",
      "readOnly": true,
      "additionalProperties": {
        "type": "object"
      }
    },
    "syncState": {
      "type": "string",
      "readOnly": true
    },
    "externalId": {
      "type": "string",
      "readOnly": true
    },
    "credentials": {
      "$ref": "#/components/schemas/AppUserCredentials"
    },
    "lastUpdated": {
      "type": "string",
      "format": "date-time",
      "readOnly": true
    },
    "statusChanged": {
      "type": "string",
      "format": "date-time",
      "readOnly": true
    },
    "passwordChanged": {
      "type": "string",
      "format": "date-time",
      "readOnly": true
    }
  },
  "x-okta-crud": [
    {
      "alias": "update",
      "arguments": [
        {
          "dest": "appId",
          "parentSrc": "appId"
        },
        {
          "src": "id",
          "dest": "userId"
        },
        {
          "dest": "appUser",
          "self": true
        }
      ],
      "operationId": "updateApplicationUser"
    },
    {
      "alias": "delete",
      "arguments": [
        {
          "dest": "appId",
          "parentSrc": "appId"
        },
        {
          "src": "id",
          "dest": "userId"
        }
      ],
      "operationId": "deleteApplicationUser"
    }
  ],
  "x-okta-tags": [
    "Application"
  ]
}
object AppUserCredentials 
{
  "type": "object",
  "properties": {
    "password": {
      "$ref": "#/components/schemas/AppUserPasswordCredential"
    },
    "userName": {
      "type": "string"
    }
  },
  "x-okta-tags": [
    "Application"
  ]
}
object AppUserPasswordCredential 
{
  "properties": {
    "value": {
      "type": "string",
      "format": "password"
    }
  },
  "x-okta-tags": [
    "Application"
  ]
}
object Application 
{
  "type": "object",
  "properties": {
    "id": {
      "type": "string",
      "readOnly": true
    },
    "name": {
      "type": "string",
      "readOnly": true
    },
    "label": {
      "type": "string"
    },
    "_links": {
      "type": "object",
      "readOnly": true,
      "additionalProperties": {
        "type": "object"
      }
    },
    "status": {
      "enum": [
        "ACTIVE",
        "INACTIVE",
        "DELETED"
      ],
      "type": "string",
      "readOnly": true
    },
    "created": {
      "type": "string",
      "format": "date-time",
      "readOnly": true
    },
    "profile": {
      "type": "object",
      "additionalProperties": {
        "type": "object"
      }
    },
    "features": {
      "type": "array",
      "items": {
        "type": "string"
      }
    },
    "settings": {
      "$ref": "#/components/schemas/ApplicationSettings"
    },
    "_embedded": {
      "type": "object",
      "readOnly": true,
      "additionalProperties": {
        "type": "object"
      }
    },
    "licensing": {
      "$ref": "#/components/schemas/ApplicationLicensing"
    },
    "signOnMode": {
      "$ref": "#/components/schemas/ApplicationSignOnMode"
    },
    "visibility": {
      "$ref": "#/components/schemas/ApplicationVisibility"
    },
    "credentials": {
      "$ref": "#/components/schemas/ApplicationCredentials"
    },
    "lastUpdated": {
      "type": "string",
      "format": "date-time",
      "readOnly": true
    },
    "accessibility": {
      "$ref": "#/components/schemas/ApplicationAccessibility"
    }
  },
  "x-okta-crud": [
    {
      "alias": "read",
      "arguments": [
        {
          "src": "id",
          "dest": "appId"
        }
      ],
      "operationId": "getApplication"
    },
    {
      "alias": "update",
      "arguments": [
        {
          "src": "id",
          "dest": "appId"
        },
        {
          "dest": "application",
          "self": true
        }
      ],
      "operationId": "updateApplication"
    },
    {
      "alias": "delete",
      "arguments": [
        {
          "src": "id",
          "dest": "appId"
        }
      ],
      "operationId": "deleteApplication"
    }
  ],
  "x-okta-tags": [
    "Application"
  ],
  "x-okta-operations": [
    {
      "alias": "activate",
      "arguments": [
        {
          "src": "id",
          "dest": "appId"
        }
      ],
      "operationId": "activateApplication"
    },
    {
      "alias": "deactivate",
      "arguments": [
        {
          "src": "id",
          "dest": "appId"
        }
      ],
      "operationId": "deactivateApplication"
    },
    {
      "alias": "listApplicationUsers",
      "arguments": [
        {
          "src": "id",
          "dest": "appId"
        }
      ],
      "operationId": "listApplicationUsers"
    },
    {
      "alias": "assignUserToApplication",
      "arguments": [
        {
          "src": "id",
          "dest": "appId"
        }
      ],
      "operationId": "assignUserToApplication"
    },
    {
      "alias": "getApplicationUser",
      "arguments": [
        {
          "src": "id",
          "dest": "appId"
        }
      ],
      "operationId": "getApplicationUser"
    },
    {
      "alias": "createApplicationGroupAssignment",
      "arguments": [
        {
          "src": "id",
          "dest": "appId"
        }
      ],
      "operationId": "createApplicationGroupAssignment"
    },
    {
      "alias": "getApplicationGroupAssignment",
      "arguments": [
        {
          "src": "id",
          "dest": "appId"
        }
      ],
      "operationId": "getApplicationGroupAssignment"
    },
    {
      "alias": "cloneApplicationKey",
      "arguments": [
        {
          "src": "id",
          "dest": "appId"
        }
      ],
      "operationId": "cloneApplicationKey"
    },
    {
      "alias": "getApplicationKey",
      "arguments": [
        {
          "src": "id",
          "dest": "appId"
        }
      ],
      "operationId": "getApplicationKey"
    },
    {
      "alias": "listGroupAssignments",
      "arguments": [
        {
          "src": "id",
          "dest": "appId"
        }
      ],
      "operationId": "listApplicationGroupAssignments"
    },
    {
      "alias": "listKeys",
      "arguments": [
        {
          "src": "id",
          "dest": "appId"
        }
      ],
      "operationId": "listApplicationKeys"
    },
    {
      "alias": "generateKey",
      "arguments": [
        {
          "src": "id",
          "dest": "appId"
        }
      ],
      "operationId": "generateApplicationKey"
    },
    {
      "alias": "generateCsr",
      "arguments": [
        {
          "src": "id",
          "dest": "appId"
        }
      ],
      "operationId": "generateCsrForApplication"
    },
    {
      "alias": "getCsr",
      "arguments": [
        {
          "src": "id",
          "dest": "appId"
        }
      ],
      "operationId": "getCsrForApplication"
    },
    {
      "alias": "revokeCsr",
      "arguments": [
        {
          "src": "id",
          "dest": "appId"
        }
      ],
      "operationId": "revokeCsrFromApplication"
    },
    {
      "alias": "listCsrs",
      "arguments": [
        {
          "src": "id",
          "dest": "appId"
        }
      ],
      "operationId": "listCsrsForApplication"
    },
    {
      "alias": "publishCerCert",
      "arguments": [
        {
          "src": "id",
          "dest": "appId"
        }
      ],
      "operationId": "publishCerCert"
    },
    {
      "alias": "publishBinaryCerCert",
      "arguments": [
        {
          "src": "id",
          "dest": "appId"
        }
      ],
      "operationId": "publishBinaryCerCert"
    },
    {
      "alias": "publishDerCert",
      "arguments": [
        {
          "src": "id",
          "dest": "appId"
        }
      ],
      "operationId": "publishDerCert"
    },
    {
      "alias": "publishBinaryDerCert",
      "arguments": [
        {
          "src": "id",
          "dest": "appId"
        }
      ],
      "operationId": "publishBinaryDerCert"
    },
    {
      "alias": "publishBinaryPemCert",
      "arguments": [
        {
          "src": "id",
          "dest": "appId"
        }
      ],
      "operationId": "publishBinaryPemCert"
    },
    {
      "alias": "listOAuth2Tokens",
      "arguments": [
        {
          "src": "id",
          "dest": "appId"
        }
      ],
      "operationId": "listOAuth2TokensForApplication"
    },
    {
      "alias": "revokeOAuth2TokenForApplication",
      "arguments": [
        {
          "src": "id",
          "dest": "appId"
        }
      ],
      "operationId": "revokeOAuth2TokenForApplication"
    },
    {
      "alias": "getOAuth2Token",
      "arguments": [
        {
          "src": "id",
          "dest": "appId"
        }
      ],
      "operationId": "getOAuth2TokenForApplication"
    },
    {
      "alias": "revokeOAuth2Tokens",
      "arguments": [
        {
          "src": "id",
          "dest": "appId"
        }
      ],
      "operationId": "revokeOAuth2TokensForApplication"
    },
    {
      "alias": "listScopeConsentGrants",
      "arguments": [
        {
          "src": "id",
          "dest": "appId"
        }
      ],
      "operationId": "listScopeConsentGrants"
    },
    {
      "alias": "grantConsentToScope",
      "arguments": [
        {
          "src": "id",
          "dest": "appId"
        }
      ],
      "operationId": "grantConsentToScope"
    },
    {
      "alias": "revokeScopeConsentGrant",
      "arguments": [
        {
          "src": "id",
          "dest": "appId"
        }
      ],
      "operationId": "revokeScopeConsentGrant"
    },
    {
      "alias": "getScopeConsentGrant",
      "arguments": [
        {
          "src": "id",
          "dest": "appId"
        }
      ],
      "operationId": "getScopeConsentGrant"
    },
    {
      "alias": "uploadApplicationLogo",
      "operationId": "uploadApplicationLogo"
    },
    {
      "alias": "getFeatureForApplication",
      "arguments": [
        {
          "src": "id",
          "dest": "appId"
        }
      ],
      "operationId": "getFeatureForApplication"
    },
    {
      "alias": "updateFeatureForApplication",
      "arguments": [
        {
          "src": "id",
          "dest": "appId"
        }
      ],
      "operationId": "updateFeatureForApplication"
    },
    {
      "alias": "updateApplicationPolicy",
      "arguments": [
        {
          "src": "id",
          "dest": "appId"
        }
      ],
      "operationId": "updateApplicationPolicy"
    }
  ],
  "x-openapi-v3-discriminator": {
    "mapping": {
      "BOOKMARK": "#/definitions/BookmarkApplication",
      "SAML_1_1": "#/definitions/SamlApplication",
      "SAML_2_0": "#/definitions/SamlApplication",
      "AUTO_LOGIN": "#/definitions/AutoLoginApplication",
      "BASIC_AUTH": "#/definitions/BasicAuthApplication",
      "WS_FEDERATION": "#/definitions/WsFederationApplication",
      "BROWSER_PLUGIN": "#/definitions/BrowserPluginApplication",
      "OPENID_CONNECT": "#/definitions/OpenIdConnectApplication",
      "SECURE_PASSWORD_STORE": "#/definitions/SecurePasswordStoreApplication"
    },
    "propertyName": "signOnMode"
  }
}
object ApplicationAccessibility 
{
  "type": "object",
  "properties": {
    "selfService": {
      "type": "boolean"
    },
    "errorRedirectUrl": {
      "type": "string"
    },
    "loginRedirectUrl": {
      "type": "string"
    }
  },
  "x-okta-tags": [
    "Application"
  ]
}
object ApplicationCredentials 
{
  "type": "object",
  "properties": {
    "signing": {
      "$ref": "#/components/schemas/ApplicationCredentialsSigning"
    },
    "userNameTemplate": {
      "$ref": "#/components/schemas/ApplicationCredentialsUsernameTemplate"
    }
  },
  "x-okta-tags": [
    "Application"
  ]
}
object ApplicationCredentialsOAuthClient 
{
  "properties": {
    "client_id": {
      "type": "string"
    },
    "client_secret": {
      "type": "string"
    },
    "pkce_required": {
      "type": "boolean"
    },
    "autoKeyRotation": {
      "type": "boolean"
    },
    "token_endpoint_auth_method": {
      "$ref": "#/components/schemas/OAuthEndpointAuthenticationMethod"
    }
  },
  "x-okta-tags": [
    "Application"
  ]
}
string ApplicationCredentialsScheme 
{
  "enum": [
    "SHARED_USERNAME_AND_PASSWORD",
    "EXTERNAL_PASSWORD_SYNC",
    "EDIT_USERNAME_AND_PASSWORD",
    "EDIT_PASSWORD_ONLY",
    "ADMIN_SETS_CREDENTIALS"
  ],
  "type": "string",
  "x-okta-tags": [
    "Application"
  ]
}
object ApplicationCredentialsSigning 
{
  "type": "object",
  "properties": {
    "kid": {
      "type": "string"
    },
    "use": {
      "$ref": "#/components/schemas/ApplicationCredentialsSigningUse"
    },
    "lastRotated": {
      "type": "string",
      "format": "date-time",
      "readOnly": true
    },
    "nextRotation": {
      "type": "string",
      "format": "date-time",
      "readOnly": true
    },
    "rotationMode": {
      "type": "string"
    }
  },
  "x-okta-tags": [
    "Application"
  ]
}
string ApplicationCredentialsSigningUse 
{
  "enum": [
    "sig"
  ],
  "type": "string",
  "x-okta-tags": [
    "AuthorizationServer"
  ]
}
object ApplicationCredentialsUsernameTemplate 
{
  "type": "object",
  "properties": {
    "type": {
      "type": "string"
    },
    "suffix": {
      "type": "string"
    },
    "template": {
      "type": "string"
    },
    "pushStatus": {
      "type": "string"
    }
  },
  "x-okta-tags": [
    "Application"
  ]
}
object ApplicationFeature 
{
  "type": "object",
  "properties": {
    "name": {
      "type": "string"
    },
    "_links": {
      "type": "object",
      "readOnly": true,
      "additionalProperties": {
        "type": "object"
      }
    },
    "status": {
      "$ref": "#/components/schemas/EnabledStatus"
    },
    "description": {
      "type": "string"
    },
    "capabilities": {
      "$ref": "#/components/schemas/CapabilitiesObject"
    }
  },
  "x-okta-tags": [
    "Application"
  ],
  "x-okta-operations": [
    {
      "alias": "listFeaturesForApplication",
      "operationId": "listFeaturesForApplication"
    }
  ]
}
object ApplicationGroupAssignment 
{
  "type": "object",
  "properties": {
    "id": {
      "type": "string",
      "readOnly": true
    },
    "_links": {
      "type": "object",
      "readOnly": true,
      "additionalProperties": {
        "type": "object"
      }
    },
    "profile": {
      "type": "object",
      "additionalProperties": {
        "type": "object"
      }
    },
    "priority": {
      "type": "integer"
    },
    "_embedded": {
      "type": "object",
      "readOnly": true,
      "additionalProperties": {
        "type": "object"
      }
    },
    "lastUpdated": {
      "type": "string",
      "format": "date-time",
      "readOnly": true
    }
  },
  "x-okta-crud": [
    {
      "alias": "delete",
      "arguments": [
        {
          "dest": "appId",
          "parentSrc": "appId"
        },
        {
          "src": "id",
          "dest": "groupId"
        }
      ],
      "operationId": "deleteApplicationGroupAssignment"
    }
  ],
  "x-okta-tags": [
    "Application"
  ]
}
object ApplicationLicensing 
{
  "type": "object",
  "properties": {
    "seatCount": {
      "type": "integer"
    }
  },
  "x-okta-tags": [
    "Application"
  ]
}
array ApplicationListAppsResponse 
{
  "type": "array",
  "items": {
    "$ref": "#/components/schemas/Application"
  }
}
array ApplicationListAssignedUsersResponse 
{
  "type": "array",
  "items": {
    "$ref": "#/components/schemas/AppUser"
  }
}
array ApplicationListClientSecretsResponse 
{
  "type": "array",
  "items": {
    "$ref": "#/components/schemas/ClientSecret"
  }
}
array ApplicationListCsrsForApplicationResponse 
{
  "type": "array",
  "items": {
    "$ref": "#/components/schemas/Csr"
  }
}
array ApplicationListFeaturesResponse 
{
  "type": "array",
  "items": {
    "$ref": "#/components/schemas/ApplicationFeature"
  }
}
array ApplicationListGroupsAssignedResponse 
{
  "type": "array",
  "items": {
    "$ref": "#/components/schemas/ApplicationGroupAssignment"
  }
}
array ApplicationListKeyCredentialsResponse 
{
  "type": "array",
  "items": {
    "$ref": "#/components/schemas/JsonWebKey"
  }
}
array ApplicationListScopeConsentGrantsResponse 
{
  "type": "array",
  "items": {
    "$ref": "#/components/schemas/OAuth2ScopeConsentGrant"
  }
}
array ApplicationListTokensResponse 
{
  "type": "array",
  "items": {
    "$ref": "#/components/schemas/OAuth2Token"
  }
}
object ApplicationPreviewSamlAppMetadataResponse 
{
  "type": "object",
  "properties": {
    "EntityDescriptor": {
      "type": "object",
      "properties": {
        "entityID": {
          "xml": {
            "attribute": true
          },
          "type": "string"
        },
        "IDPSSODescriptor": {
          "type": "object",
          "properties": {
            "NameIDFormat": {
              "type": "array",
              "items": {
                "type": "string"
              }
            },
            "KeyDescriptor": {
              "type": "object",
              "properties": {
                "use": {
                  "xml": {
                    "attribute": true
                  },
                  "type": "string"
                },
                "KeyInfo": {
                  "type": "object",
                  "properties": {
                    "X509Data": {
                      "type": "object",
                      "properties": {
                        "X509Certificate": {
                          "type": "string"
                        }
                      }
                    }
                  }
                }
              }
            },
            "SingleLogoutService": {
              "type": "array",
              "items": {
                "type": "string"
              },
              "properties": {
                "Binding": {
                  "xml": {
                    "attribute": true
                  },
                  "type": "string"
                },
                "Location": {
                  "xml": {
                    "attribute": true
                  },
                  "type": "string"
                }
              }
            },
            "SingleSignOnService": {
              "type": "array",
              "items": {
                "type": "string"
              },
              "properties": {
                "Binding": {
                  "xml": {
                    "attribute": true
                  },
                  "type": "string"
                },
                "Location": {
                  "xml": {
                    "attribute": true
                  },
                  "type": "string"
                }
              }
            },
            "WantAuthnRequestsSigned": {
              "xml": {
                "attribute": true
              },
              "type": "boolean"
            },
            "protocolSupportEnumeration": {
              "xml": {
                "attribute": true
              },
              "type": "string"
            }
          }
        }
      }
    }
  }
}
object ApplicationSettings 
{
  "type": "object",
  "properties": {
    "app": {
      "$ref": "#/components/schemas/ApplicationSettingsApplication"
    },
    "notes": {
      "$ref": "#/components/schemas/ApplicationSettingsNotes"
    },
    "inlineHookId": {
      "type": "string"
    },
    "notifications": {
      "$ref": "#/components/schemas/ApplicationSettingsNotifications"
    },
    "implicitAssignment": {
      "type": "boolean"
    }
  },
  "x-okta-tags": [
    "Application"
  ]
}
object ApplicationSettingsApplication 
{
  "properties": {
    "url": {
      "type": "string"
    },
    "acsUrl": {
      "type": "string"
    },
    "orgName": {
      "type": "string"
    },
    "buttonField": {
      "type": "string"
    },
    "loginUrlRegex": {
      "type": "string"
    },
    "passwordField": {
      "type": "string"
    },
    "usernameField": {
      "type": "string"
    }
  },
  "x-okta-tags": [
    "Application"
  ]
}
object ApplicationSettingsNotes 
{
  "type": "object",
  "properties": {
    "admin": {
      "type": "string"
    },
    "enduser": {
      "type": "string"
    }
  },
  "x-okta-tags": [
    "Application"
  ]
}
object ApplicationSettingsNotifications 
{
  "type": "object",
  "properties": {
    "vpn": {
      "$ref": "#/components/schemas/ApplicationSettingsNotificationsVpn"
    }
  },
  "x-okta-tags": [
    "Application"
  ]
}
object ApplicationSettingsNotificationsVpn 
{
  "type": "object",
  "properties": {
    "helpUrl": {
      "type": "string"
    },
    "message": {
      "type": "string"
    },
    "network": {
      "$ref": "#/components/schemas/ApplicationSettingsNotificationsVpnNetwork"
    }
  },
  "x-okta-tags": [
    "Application"
  ]
}
object ApplicationSettingsNotificationsVpnNetwork 
{
  "type": "object",
  "properties": {
    "exclude": {
      "type": "array",
      "items": {
        "type": "string"
      }
    },
    "include": {
      "type": "array",
      "items": {
        "type": "string"
      }
    },
    "connection": {
      "type": "string"
    }
  },
  "x-okta-tags": [
    "Application"
  ]
}
string ApplicationSignOnMode 
{
  "enum": [
    "BOOKMARK",
    "BASIC_AUTH",
    "BROWSER_PLUGIN",
    "SECURE_PASSWORD_STORE",
    "AUTO_LOGIN",
    "WS_FEDERATION",
    "SAML_2_0",
    "OPENID_CONNECT",
    "SAML_1_1"
  ],
  "type": "string",
  "x-okta-tags": [
    "Application"
  ]
}
object ApplicationUpdateLogoRequest 
{
  "type": "object",
  "required": [
    "file"
  ],
  "properties": {
    "file": {
      "type": "string",
      "format": "binary"
    }
  }
}
object ApplicationVisibility 
{
  "type": "object",
  "properties": {
    "hide": {
      "$ref": "#/components/schemas/ApplicationVisibilityHide"
    },
    "appLinks": {
      "type": "object",
      "additionalProperties": {
        "type": "boolean"
      }
    },
    "autoLaunch": {
      "type": "boolean"
    },
    "autoSubmitToolbar": {
      "type": "boolean"
    }
  },
  "x-okta-tags": [
    "Application"
  ]
}
object ApplicationVisibilityHide 
{
  "type": "object",
  "properties": {
    "iOS": {
      "type": "boolean"
    },
    "web": {
      "type": "boolean"
    }
  },
  "x-okta-tags": [
    "Application"
  ]
}
object AssignRoleRequest 
{
  "properties": {
    "type": {
      "$ref": "#/components/schemas/RoleType"
    }
  },
  "x-okta-tags": [
    "Role"
  ]
}
Load more schemas

Versions

Version Endpoints Schemas Ingested Status
2.16.0 341 532 2026-05-25 current
2.16.0 341 532 2026-04-16