API Service Integrations

This API provides operations to manage API service integration instances in your organization.

For a current list of available API service integrations, see the Okta Integration Network catalog.

See Add an API Service Integration for corresponding admin instructions using the Admin Console. If you want to build an API service integration, see API service integrations in the OIN.

List all API Service Integration instances
OAuth 2.0: `okta.oauthIntegrations.read`

Lists all API Service Integration instances with a pagination option

Request

query Parameters

after

string

The cursor to use for pagination. It is an opaque string that specifies your current location in the list and is obtained from the Link response header. See Pagination.

Responses

200

OK

401

Unauthorized

403

Forbidden

429

Too Many Requests

get/integrations/api/v1/api-services

Request samples

Response samples

200
401
403
429

application/json

[{"id": "0oa72lrepvp4WqEET1d9",
"type": "my_app_cie",
"name": "My App Cloud Identity Engine",
"createdAt": "2023-02-21T20:08:24.000Z",
"createdBy": "00uu3u0ujW1P6AfZC2d5",
"configGuideUrl": "https://{docDomain}/my-app-cie/configuration-guide",
"grantedScopes": ["okta.logs.read",
"okta.groups.read",
"okta.users.read"
],
"_links": {"self": {"href": "https://{yourOktaDomain}/integrations/api/v1/api-services/0oa72lrepvp4WqEET1d9",
"hints": {"allow": ["GET",
"DELETE"
]
}
},
"client": {"href": "https://{yourOktaDomain}/oauth2/v1/clients/0oa72lrepvp4WqEET1d9",
"hints": {"allow": ["GET"
]
}
},
"logo": {"name": "small",
"href": "https://{logoDomain}/{logoPath}/my_app_cie_small_logo"
}
}
}
]

Create an API Service Integration instance
OAuth 2.0: `okta.oauthIntegrations.manage`

Creates and authorizes an API Service Integration instance

Request

Request Body schema: application/json
required

type required	string The type of the API service integration. This string is an underscore-concatenated, lowercased API service integration name. For example, `my_api_log_integration`.
grantedScopes required	Array of strings The list of Okta management scopes granted to the API Service Integration instance. See Okta management OAuth 2.0 scopes.

Responses

201

Created

400

Bad Request

401

Unauthorized

403

Forbidden

429

Too Many Requests

post/integrations/api/v1/api-services

Request samples

application/json

{"type": "my_app_cie",
"grantedScopes": ["okta.logs.read",
"okta.groups.read",
"okta.users.read"
]
}

Response samples

201
400
401
403
429

application/json

{"id": "0oa72lrepvp4WqEET1d9",
"type": "my_app_cie",
"name": "My App Cloud Identity Engine",
"createdAt": "2023-02-21T20:08:24.000Z",
"createdBy": "00uu3u0ujW1P6AfZC2d5",
"clientSecret": "CkF69kXtag0q0P4pXU8OnP5IAzgGlwx6eqGy7Fmg",
"configGuideUrl": "https://{docDomain}/my-app-cie/configuration-guide",
"grantedScopes": ["okta.logs.read",
"okta.groups.read",
"okta.users.read"
],
"_links": {"self": {"href": "https://{yourOktaDomain}/integrations/api/v1/api-services/0oa72lrepvp4WqEET1d9",
"hints": {"allow": ["GET",
"DELETE"
]
}
},
"client": {"href": "https://{yourOktaDomain}/oauth2/v1/clients/0oa72lrepvp4WqEET1d9",
"hints": {"allow": ["GET"
]
}
},
"logo": {"name": "small",
"href": "https://{logoDomain}/{logoPath}/my_app_cie_small_logo"
}
}
}

Retrieve an API Service Integration instance
OAuth 2.0: `okta.oauthIntegrations.read`

Retrieves an API Service Integration instance by id

Request

path Parameters

apiServiceId

required

string

id of the API Service Integration instance

Example: 000lr2rLjZ6NsGn1P0g3

Responses

200

OK

401

Unauthorized

403

Forbidden

404

Not Found

429

Too Many Requests

get/integrations/api/v1/api-services/{apiServiceId}

Request samples

Response samples

200
401
403
404
429

application/json

{"id": "0oa72lrepvp4WqEET1d9",
"type": "my_app_cie",
"name": "My App Cloud Identity Engine",
"createdAt": "2023-02-21T20:08:24.000Z",
"createdBy": "00uu3u0ujW1P6AfZC2d5",
"configGuideUrl": "https://{docDomain}/my-app-cie/configuration-guide",
"grantedScopes": ["okta.logs.read",
"okta.groups.read",
"okta.users.read"
],
"_links": {"self": {"href": "https://{yourOktaDomain}/integrations/api/v1/api-services/0oa72lrepvp4WqEET1d9",
"hints": {"allow": ["GET",
"DELETE"
]
}
},
"client": {"href": "https://{yourOktaDomain}/oauth2/v1/clients/0oa72lrepvp4WqEET1d9",
"hints": {"allow": ["GET"
]
}
},
"logo": {"name": "small",
"href": "https://{logoDomain}/{logoPath}/my_app_cie_small_logo"
}
}
}

Delete an API Service Integration instance
OAuth 2.0: `okta.oauthIntegrations.manage`

Deletes an API Service Integration instance by id. This operation also revokes access to scopes that were previously granted to this API Service Integration instance.

Request

path Parameters

apiServiceId

required

string

id of the API Service Integration instance

Example: 000lr2rLjZ6NsGn1P0g3

Responses

204

No Content

401

Unauthorized

403

Forbidden

404

Not Found

429

Too Many Requests

delete/integrations/api/v1/api-services/{apiServiceId}

Request samples

Response samples

401
403
404
429

application/json

{"errorCode": "E0000011",
"errorSummary": "Invalid token provided",
"errorLink": "E0000011",
"errorId": "sampleQPivGUj_ND5v78vbYWW",
"errorCauses": [ ]
}

List all API Service Integration instance Secrets
OAuth 2.0: `okta.oauthIntegrations.read`

Lists all client secrets for an API Service Integration instance by apiServiceId

Request

path Parameters

apiServiceId

required

string

id of the API Service Integration instance

Example: 000lr2rLjZ6NsGn1P0g3

Responses

200

OK

401

Unauthorized

403

Forbidden

404

Not Found

429

Too Many Requests

get/integrations/api/v1/api-services/{apiServiceId}/credentials/secrets

Request samples

Response samples

200
401
403
404
429

application/json

[{"id": "ocs2f4zrZbs8nUa7p0g4",
"status": "INACTIVE",
"client_secret": "***DhOW",
"secret_hash": "yk4SVx4sUWVJVbHt6M-UPA",
"created": "2023-02-21T20:08:24.000Z",
"lastUpdated": "2023-02-21T20:08:24.000Z",
"_links": {"activate": {"href": "https://{yourOktaDomain}/integrations/api/v1/api-services/0oa1nkheCuDn82XVI0g4/credentials/secrets/ocs2f4zrZbs8nUa7p0g4/lifecycle/activate",
"hints": {"allow": ["POST"
]
}
},
"delete": {"href": "https://{yourOktaDomain}/integrations/api/v1/api-services/0oa1nkheCuDn82XVI0g4/credentials/secrets/ocs2f4zrZbs8nUa7p0g4",
"hints": {"allow": ["DELETE"
]
}
}
}
},
{"id": "ocs2f50kZB0cITmYU0g4",
"status": "ACTIVE",
"client_secret": "***MQGQ",
"secret_hash": "0WOOvBSzV9clc4Nr7Rbaug",
"created": "2023-04-06T21:32:33.000Z",
"lastUpdated": "2023-04-06T21:32:33.000Z",
"_links": {"deactivate": {"href": "https://{yourOktaDomain}/integrations/api/v1/api-services/0oa1nkheCuDn82XVI0g4/credentials/secrets/ocs2f50kZB0cITmYU0g4/lifecycle/deactivate",
"hints": {"allow": ["POST"
]
}
}
}
}
]

Create an API Service Integration instance Secret
OAuth 2.0: `okta.oauthIntegrations.manage`

Creates an API Service Integration instance Secret object with a new active client secret. You can create up to two Secret objects. An error is returned if you attempt to create more than two Secret objects.

Request

path Parameters

apiServiceId

required

string

id of the API Service Integration instance

Example: 000lr2rLjZ6NsGn1P0g3

Responses

201

Created

400

Bad Request

401

Unauthorized

403

Forbidden

429

Too Many Requests

post/integrations/api/v1/api-services/{apiServiceId}/credentials/secrets

Request samples

Response samples

201
400
401
403
429

application/json

{"id": "ocs2f50kZB0cITmYU0g4",
"status": "ACTIVE",
"client_secret": "DRUFXGF9XbLnS9k-Sla3x3POBiIxDreBCdZuFs5B",
"secret_hash": "FpCwXwSjTRQNtEI11I00-g",
"created": "2023-04-06T21:32:33.000Z",
"lastUpdated": "2023-04-06T21:32:33.000Z",
"_links": {"deactivate": {"href": "https://{yourOktaDomain}/integrations/api/v1/api-services/0oa1nkheCuDn82XVI0g4/credentials/secrets/ocs2f50kZB0cITmYU0g4/lifecycle/deactivate",
"hints": {"allow": ["POST"
]
}
}
}
}

Delete an API Service Integration instance Secret
OAuth 2.0: `okta.oauthIntegrations.manage`

Deletes an API Service Integration instance Secret by secretId. You can only delete an inactive Secret.

Request

path Parameters

apiServiceId required	string `id` of the API Service Integration instance Example: 000lr2rLjZ6NsGn1P0g3
secretId required	string `id` of the API Service Integration instance Secret Example: ocs2f4zrZbs8nUa7p0g4

Responses

204

No Content

401

Unauthorized

403

Forbidden

404

Not Found

429

Too Many Requests

delete/integrations/api/v1/api-services/{apiServiceId}/credentials/secrets/{secretId}

Request samples

Response samples

401
403
404
429

application/json

{"errorCode": "E0000011",
"errorSummary": "Invalid token provided",
"errorLink": "E0000011",
"errorId": "sampleQPivGUj_ND5v78vbYWW",
"errorCauses": [ ]
}

Activate an API Service Integration instance Secret
OAuth 2.0: `okta.oauthIntegrations.manage`

Activates an API Service Integration instance Secret by secretId

Request

path Parameters

apiServiceId required	string `id` of the API Service Integration instance Example: 000lr2rLjZ6NsGn1P0g3
secretId required	string `id` of the API Service Integration instance Secret Example: ocs2f4zrZbs8nUa7p0g4

Responses

200

OK

401

Unauthorized

403

Forbidden

404

Not Found

429

Too Many Requests

post/integrations/api/v1/api-services/{apiServiceId}/credentials/secrets/{secretId}/lifecycle/activate

Request samples

Response samples

200
401
403
404
429

application/json

{"id": "ocs2f50kZB0cITmYU0g4",
"status": "ACTIVE",
"client_secret": "***MQGQ",
"secret_hash": "0WOOvBSzV9clc4Nr7Rbaug",
"created": "2023-04-06T21:32:33.000Z",
"lastUpdated": "2023-04-06T21:32:33.000Z",
"_links": {"deactivate": {"href": "https://{yourOktaDomain}/integrations/api/v1/api-services/0oa1nkheCuDn82XVI0g4/credentials/secrets/ocs2f50kZB0cITmYU0g4/lifecycle/deactivate",
"hints": {"allow": ["POST"
]
}
}
}
}

Deactivate an API Service Integration instance Secret
OAuth 2.0: `okta.oauthIntegrations.manage`

Deactivates an API Service Integration instance Secret by secretId

Request

path Parameters

apiServiceId required	string `id` of the API Service Integration instance Example: 000lr2rLjZ6NsGn1P0g3
secretId required	string `id` of the API Service Integration instance Secret Example: ocs2f4zrZbs8nUa7p0g4

Responses

200

OK

401

Unauthorized

403

Forbidden

404

Not Found

429

Too Many Requests

post/integrations/api/v1/api-services/{apiServiceId}/credentials/secrets/{secretId}/lifecycle/deactivate

Request samples

Response samples

200
401
403
404
429

application/json

{"id": "ocs2f4zrZbs8nUa7p0g4",
"status": "INACTIVE",
"client_secret": "***DhOW",
"secret_hash": "yk4SVx4sUWVJVbHt6M-UPA",
"created": "2023-02-21T20:08:24.000Z",
"lastUpdated": "2023-02-21T20:08:24.000Z",
"_links": {"activate": {"href": "https://{yourOktaDomain}/integrations/api/v1/api-services/0oa1nkheCuDn82XVI0g4/credentials/secrets/ocs2f4zrZbs8nUa7p0g4/lifecycle/activate",
"hints": {"allow": ["POST"
]
}
},
"delete": {"href": "https://{yourOktaDomain}/integrations/api/v1/api-services/0oa1nkheCuDn82XVI0g4/credentials/secrets/ocs2f4zrZbs8nUa7p0g4",
"hints": {"allow": ["DELETE"
]
}
}
}
}

API Service Integrations

List all API Service Integration instancesOAuth 2.0: okta.oauthIntegrations.read

query Parameters

Create an API Service Integration instanceOAuth 2.0: okta.oauthIntegrations.manage

Request Body schema: application/jsonrequired

Retrieve an API Service Integration instanceOAuth 2.0: okta.oauthIntegrations.read

path Parameters

Delete an API Service Integration instanceOAuth 2.0: okta.oauthIntegrations.manage

path Parameters

List all API Service Integration instance SecretsOAuth 2.0: okta.oauthIntegrations.read

path Parameters

Create an API Service Integration instance SecretOAuth 2.0: okta.oauthIntegrations.manage

path Parameters

Delete an API Service Integration instance SecretOAuth 2.0: okta.oauthIntegrations.manage

path Parameters

Activate an API Service Integration instance SecretOAuth 2.0: okta.oauthIntegrations.manage

path Parameters

Deactivate an API Service Integration instance SecretOAuth 2.0: okta.oauthIntegrations.manage

path Parameters

List all API Service Integration instances
OAuth 2.0: `okta.oauthIntegrations.read`

Create an API Service Integration instance
OAuth 2.0: `okta.oauthIntegrations.manage`

Request Body schema: application/json
required

Retrieve an API Service Integration instance
OAuth 2.0: `okta.oauthIntegrations.read`

Delete an API Service Integration instance
OAuth 2.0: `okta.oauthIntegrations.manage`

List all API Service Integration instance Secrets
OAuth 2.0: `okta.oauthIntegrations.read`

Create an API Service Integration instance Secret
OAuth 2.0: `okta.oauthIntegrations.manage`

Delete an API Service Integration instance Secret
OAuth 2.0: `okta.oauthIntegrations.manage`

Activate an API Service Integration instance Secret
OAuth 2.0: `okta.oauthIntegrations.manage`

Deactivate an API Service Integration instance Secret
OAuth 2.0: `okta.oauthIntegrations.manage`