Note: This API is only available if you're subscribed to Okta Identity Governance. Contact your Customer Success Manager or Account Executive for more information.
The Directories Integration API provides operations to manage Active Directory (AD) objects in a connected on-premises directory through Okta.
You can add or remove users from groups based on their identity and access requirements. This ensures that changes made to user access in Okta are reflected in AD. When you use Okta Access Certifications to revoke a user's membership to an AD group, the removal is reflected in AD.
Okta can only manage group memberships for users and groups imported into Okta using the AD integration. You can't use this API to manage users and groups that weren't imported through AD integration or are outside of the integration's org unit scope.
Updates an Active Directory group membership directly in Active Directory
OK
Bad Request
Forbidden
Not Found
There are no connected agents.
Timed out waiting for agent
{- "id": "00g1xucgTZFrziXg10g4",
- "parameters": {
- "action": "ADD",
- "attribute": "member",
- "values": [
- "00u1bh5efGKMsSiLv0g4"
]
}
}{- "errorCode": "E0000001",
- "errorSummary": "Api validation failed: {0}",
- "errorLink": "E0000001",
- "errorId": "sampleiCF-8D5rLW6myqiPItW",
- "errorCauses": [ ]
}