The Application Features API supports operations to configure app feature settings.
You must have app provisioning enabled to configure provisioning features. See Update the default Provisioning Connection.
The following available provisioning features are supported by the indicated apps:
Feature |
Apps supported | Description |
---|---|---|
USER_PROVISIONING |
Google Workspace (google )Microsoft Office 365 ( office365 )Okta Org2Org ( okta_org2org )Slack ( slack )Zoom ( zoomus )Zscaler 2.0 ( zscalerbyz ) |
Similar to the app Provisioning > To App setting in the Admin Console, user profiles are pushed from Okta to the third-party app. You can configure rules for creating users, deactivating users, and syncing passwords. |
INBOUND_PROVISIONING |
Google Workspace (google )Microsoft Office 365 ( office365 )Okta Org2Org ( okta_org2org )Slack ( slack )Zoom ( zoomus ) |
Similar to the app Provisioning > To Okta provisioning setting in the Admin Console, user profiles are imported from the third-party app into Okta. You can schedule user import and configure rules for user creation and matching. |
Note: The Okta Org2Org (
okta_org2org
) app isn't available in Okta Developer Edition orgs. If you need to test this feature in your Developer Edition org, contact your Okta account team.
okta.apps.read
Lists all features for an application
Note: This request returns an error if provisioning isn't enabled for the application. To set up provisioning, see Update the default Provisioning Connection.
Success
Bad Request
Forbidden
Not Found
Too Many Requests
[- {
- "name": "USER_PROVISIONING",
- "status": "ENABLED",
- "description": "User provisioning settings from Okta to a downstream application",
- "capabilities": {
- "create": {
- "lifecycleCreate": {
- "status": "DISABLED"
}
}, - "update": {
- "profile": {
- "status": "DISABLED"
}, - "lifecycleDeactivate": {
- "status": "DISABLED"
}, - "password": {
- "status": "DISABLED",
- "seed": "RANDOM",
- "change": "KEEP_EXISTING"
}
}
}, - "_links": {
- "self": {
- "hints": {
- "allow": [
- "GET",
- "PUT"
]
}
}
}
}
]
okta.apps.read
Retrieves a Feature object for an application
Success
Forbidden
Not Found
Too Many Requests
{- "name": "USER_PROVISIONING",
- "status": "ENABLED",
- "description": "User provisioning settings from Okta to a downstream application",
- "capabilities": {
- "create": {
- "lifecycleCreate": {
- "status": "DISABLED"
}
}, - "update": {
- "profile": {
- "status": "DISABLED"
}, - "lifecycleDeactivate": {
- "status": "DISABLED"
}, - "password": {
- "status": "DISABLED",
- "seed": "RANDOM",
- "change": "KEEP_EXISTING"
}
}
}, - "_links": {
- "self": {
- "hints": {
- "allow": [
- "GET",
- "PUT"
]
}
}
}
}
okta.apps.manage
Updates a Feature object for an application
Note: This endpoint supports partial updates.
appId required | string Application ID Example: 0oafxqCAJWWGELFTYASJ | ||||||
featureName required | string (ApplicationFeatureType) Name of the Feature
Example: USER_PROVISIONING |
Defines the configurations for the USER_PROVISIONING feature
object (CapabilitiesCreateObject) Determines whether Okta assigns a new application account to each user managed by Okta. Okta doesn't create a new account if it detects that the username specified in Okta already exists in the application. The user's Okta username is assigned by default. | |||||||||||||||||||
object (CapabilitiesUpdateObject) Determines whether updates to a user's profile are pushed to the application | |||||||||||||||||||
|
Success
Bad Request
Forbidden
Not Found
Too Many Requests
{- "create": {
- "lifecycleCreate": {
- "status": "ENABLED"
}
}, - "update": {
- "lifecycleDeactivate": {
- "status": "ENABLED"
}, - "profile": {
- "status": "ENABLED"
}, - "password": {
- "status": "ENABLED",
- "seed": "RANDOM",
- "change": "CHANGE"
}
}
}
{- "name": "USER_PROVISIONING",
- "status": "ENABLED",
- "description": "User provisioning settings from Okta to a downstream application",
- "capabilities": {
- "create": {
- "lifecycleCreate": {
- "status": "ENABLED"
}
}, - "update": {
- "lifecycleDeactivate": {
- "status": "ENABLED"
}, - "profile": {
- "status": "ENABLED"
}, - "password": {
- "status": "ENABLED",
- "seed": "RANDOM",
- "change": "CHANGE"
}
}
}, - "_links": {
- "self": {
- "hints": {
- "allow": [
- "GET",
- "PUT"
]
}
}
}
}