The Authenticators Administration API provides operations to configure which Authenticators are available to end users for use when signing in to applications.
End users are required to use one or more Authenticators depending on the security requirements of the authentication policy.
Okta Identity Engine currently supports Authenticators for the following factors:
Knowledge-based:
Possession-based:
okta.authenticators.read
Lists all authenticators
Success
Forbidden
Too Many Requests
[- {
- "value": {
- "type": "email",
- "id": "aut1nbsPHh7jNjjyP0g4",
- "key": "okta_email",
- "status": "ACTIVE",
- "name": "Email",
- "created": "2020-07-26T21:05:23.000Z",
- "lastUpdated": "2020-07-28T21:45:52.000Z",
- "settings": {
- "allowedFor": "any",
- "tokenLifetimeInMinutes": 5
}, - "_links": {
- "self": {
- "hints": {
- "allow": [
- "GET",
- "PUT"
]
}
}, - "methods": {
- "hints": {
- "allow": [
- "GET"
]
}
}, - "deactivate": {
- "hints": {
- "allow": [
- "POST"
]
}
}
}
}
}, - {
- "value": {
- "type": "password",
- "id": "aut1nbtrJKKA9m45a0g4",
- "key": "okta_password",
- "status": "ACTIVE",
- "name": "Password",
- "created": "2020-07-26T21:05:23.000Z",
- "lastUpdated": "2020-07-26T21:05:23.000Z",
- "_links": {
- "self": {
- "hints": {
- "allow": [
- "GET",
- "PUT"
]
}
}, - "methods": {
- "hints": {
- "allow": [
- "GET"
]
}
}
}
}
}, - {
- "value": {
- "type": "phone",
- "id": "aut1nbuyD8m1ckAYc0g4",
- "key": "phone_number",
- "status": "INACTIVE",
- "name": "Phone",
- "created": "2020-07-26T21:05:23.000Z",
- "lastUpdated": "2020-07-29T00:21:29.000Z",
- "settings": {
- "allowedFor": "none"
}, - "_links": {
- "self": {
- "hints": {
- "allow": [
- "GET",
- "PUT"
]
}
}, - "methods": {
- "hints": {
- "allow": [
- "GET"
]
}
}, - "activate": {
- "hints": {
- "allow": [
- "POST"
]
}
}
}
}
}, - {
- "value": {
- "type": "security_key",
- "id": "aut1nd8PQhGcQtSxB0g4",
- "key": "webauthn",
- "status": "ACTIVE",
- "name": "Security Key or Biometric",
- "created": "2020-07-26T21:16:37.000Z",
- "lastUpdated": "2020-07-27T18:59:30.000Z",
- "_links": {
- "self": {
- "hints": {
- "allow": [
- "GET",
- "PUT"
]
}
}, - "methods": {
- "hints": {
- "allow": [
- "GET"
]
}
}, - "deactivate": {
- "hints": {
- "allow": [
- "POST"
]
}
}
}
}
}
]
okta.authenticators.manage
Creates an authenticator
OK
Bad Request
Forbidden
Too Many Requests
{- "key": "duo",
- "name": "Duo Security",
- "provider": {
- "type": "DUO",
- "configuration": {
- "userNameTemplate": {
- "template": "oktaId"
}, - "integrationKey": "testIntegrationKey",
- "secretKey": "testSecretKey",
}
}
}
{- "type": "app",
- "id": "aut9gnvcjUHIWb37J0g4",
- "key": "duo",
- "status": "ACTIVE",
- "name": "Duo Security",
- "created": "2022-07-15T21:14:02.000Z",
- "lastUpdated": "2022-07-15T21:14:02.000Z",
- "settings": { },
- "provider": {
- "type": "DUO",
- "configuration": {
- "userNameTemplate": {
- "template": "oktaId"
}
}
}, - "_links": {
- "self": {
- "hints": {
- "allow": [
- "GET",
- "PUT"
]
}
}, - "deactivate": {
- "hints": {
- "allow": [
- "POST"
]
}
}, - "methods": {
- "hints": {
- "allow": [
- "GET"
]
}
}
}
}
okta.authenticators.read
Retrieves an authenticator from your Okta organization by authenticatorId
OK
Forbidden
Not Found
Too Many Requests
{- "type": "app",
- "id": "aut9gnvcjUHIWb37J0g4",
- "key": "duo",
- "status": "ACTIVE",
- "name": "Duo Security",
- "created": "2022-07-15T21:14:02.000Z",
- "lastUpdated": "2022-07-15T21:14:02.000Z",
- "settings": { },
- "provider": {
- "type": "DUO",
- "configuration": {
- "userNameTemplate": {
- "template": "oktaId"
}
}
}, - "_links": {
- "self": {
- "hints": {
- "allow": [
- "GET",
- "PUT"
]
}
}, - "deactivate": {
- "hints": {
- "allow": [
- "POST"
]
}
}, - "methods": {
- "hints": {
- "allow": [
- "GET"
]
}
}
}
}
okta.authenticators.manage
Replaces the properties for an Authenticator identified by authenticatorId
OK
Bad Request
Forbidden
Not Found
Too Many Requests
{- "key": "duo",
- "name": "Duo Security",
- "provider": {
- "type": "DUO",
- "configuration": {
- "userNameTemplate": {
- "template": "oktaId"
}, - "integrationKey": "testIntegrationKey",
- "secretKey": "testSecretKey",
}
}
}
{- "type": "app",
- "id": "aut9gnvcjUHIWb37J0g4",
- "key": "duo",
- "status": "ACTIVE",
- "name": "Duo Security",
- "created": "2022-07-15T21:14:02.000Z",
- "lastUpdated": "2022-07-15T21:14:02.000Z",
- "settings": { },
- "provider": {
- "type": "DUO",
- "configuration": {
- "userNameTemplate": {
- "template": "oktaId"
}
}
}, - "_links": {
- "self": {
- "hints": {
- "allow": [
- "GET",
- "PUT"
]
}
}, - "deactivate": {
- "hints": {
- "allow": [
- "POST"
]
}
}, - "methods": {
- "hints": {
- "allow": [
- "GET"
]
}
}
}
}
okta.authenticators.manage
Activates an authenticator by authenticatorId
OK
Forbidden
Not Found
Too Many Requests
{- "type": "app",
- "id": "aut9gnvcjUHIWb37J0g4",
- "key": "duo",
- "status": "ACTIVE",
- "name": "Duo Security",
- "created": "2022-07-15T21:14:02.000Z",
- "lastUpdated": "2022-07-15T21:14:02.000Z",
- "settings": { },
- "provider": {
- "type": "DUO",
- "configuration": {
- "userNameTemplate": {
- "template": "oktaId"
}
}
}, - "_links": {
- "self": {
- "hints": {
- "allow": [
- "GET",
- "PUT"
]
}
}, - "deactivate": {
- "hints": {
- "allow": [
- "POST"
]
}
}, - "methods": {
- "hints": {
- "allow": [
- "GET"
]
}
}
}
}
okta.authenticators.manage
Deactivates an authenticator by authenticatorId
OK
Forbidden
Not Found
Too Many Requests
{- "type": "app",
- "id": "aut9gnvcjUHIWb37J0g4",
- "key": "duo",
- "status": "ACTIVE",
- "name": "Duo Security",
- "created": "2022-07-15T21:14:02.000Z",
- "lastUpdated": "2022-07-15T21:14:02.000Z",
- "settings": { },
- "provider": {
- "type": "DUO",
- "configuration": {
- "userNameTemplate": {
- "template": "oktaId"
}
}
}, - "_links": {
- "self": {
- "hints": {
- "allow": [
- "GET",
- "PUT"
]
}
}, - "deactivate": {
- "hints": {
- "allow": [
- "POST"
]
}
}, - "methods": {
- "hints": {
- "allow": [
- "GET"
]
}
}
}
}
okta.authenticators.read
Lists all Methods of an Authenticator identified by authenticatorId
Success
Forbidden
Not Found
Too Many Requests
[- {
- "status": "ACTIVE",
- "type": "cert",
- "_links": {
- "self": {
- "hints": {
- "allow": [
- "DELETE"
]
}, - "href": "string",
- "name": "string",
- "type": "string"
}, - "activate": {
- "hints": {
- "allow": [
- "DELETE"
]
}, - "href": "string",
- "name": "string",
- "type": "string"
}, - "deactivate": {
- "hints": {
- "allow": [
- "DELETE"
]
}, - "href": "string",
- "name": "string",
- "type": "string"
}
}
}
]
okta.authenticators.read
Retrieves a Method identified by methodType
of an Authenticator identified by authenticatorId
Success
Forbidden
Not Found
Too Many Requests
{- "status": "ACTIVE",
- "type": "sms",
- "_links": {
- "self": {
- "hints": {
- "allow": [
- "DELETE"
]
}, - "href": "string",
- "name": "string",
- "type": "string"
}, - "activate": {
- "hints": {
- "allow": [
- "DELETE"
]
}, - "href": "string",
- "name": "string",
- "type": "string"
}, - "deactivate": {
- "hints": {
- "allow": [
- "DELETE"
]
}, - "href": "string",
- "name": "string",
- "type": "string"
}
}
}
okta.authenticators.manage
Replaces a Method of methodType
for an Authenticator identified by authenticatorId
Success
Bad Request
Forbidden
Not Found
Too Many Requests
{- "status": "ACTIVE",
- "type": "sms"
}
{- "status": "ACTIVE",
- "type": "sms",
- "_links": {
- "self": {
- "hints": {
- "allow": [
- "DELETE"
]
}, - "href": "string",
- "name": "string",
- "type": "string"
}, - "activate": {
- "hints": {
- "allow": [
- "DELETE"
]
}, - "href": "string",
- "name": "string",
- "type": "string"
}, - "deactivate": {
- "hints": {
- "allow": [
- "DELETE"
]
}, - "href": "string",
- "name": "string",
- "type": "string"
}
}
}
okta.authenticators.manage
Activates a Method for an Authenticator identified by authenticatorId
and methodType
Success
Forbidden
Not Found
Too Many Requests
{- "status": "ACTIVE",
- "type": "sms",
- "_links": {
- "self": {
- "hints": {
- "allow": [
- "DELETE"
]
}, - "href": "string",
- "name": "string",
- "type": "string"
}, - "activate": {
- "hints": {
- "allow": [
- "DELETE"
]
}, - "href": "string",
- "name": "string",
- "type": "string"
}, - "deactivate": {
- "hints": {
- "allow": [
- "DELETE"
]
}, - "href": "string",
- "name": "string",
- "type": "string"
}
}
}
okta.authenticators.manage
Deactivates a Method for an Authenticator identified by authenticatorId
and methodType
Success
Forbidden
Not Found
Too Many Requests
{- "status": "ACTIVE",
- "type": "sms",
- "_links": {
- "self": {
- "hints": {
- "allow": [
- "DELETE"
]
}, - "href": "string",
- "name": "string",
- "type": "string"
}, - "activate": {
- "hints": {
- "allow": [
- "DELETE"
]
}, - "href": "string",
- "name": "string",
- "type": "string"
}, - "deactivate": {
- "hints": {
- "allow": [
- "DELETE"
]
}, - "href": "string",
- "name": "string",
- "type": "string"
}
}
}