Push Providers

The Okta Push Providers API provides a centralized integration platform to fetch and manage push provider configurations. Okta administrators can use these APIs to provide their push provider credentials, for example from APNs and FCM, so that Okta can send push notifications to their own custom app authenticator applications.

The Push Providers API supports the following Authorization Schemes:

Notes:

  • Some of the curl code examples on this page include SSWS API token authentication. However, Okta recommends using scoped OAuth 2.0 and OIDC access tokens to authenticate with Okta management APIs. OAuth 2.0 and OIDC access tokens provide fine-grain control over the bearer's actions on specific endpoints. See Okta API authentication methods.
  • You can use the Push Providers API as part of the "Create a custom authenticator" flow. See the Custom authenticator integration guide.

List all push providers
Identity Engine
OAuth 2.0: okta.pushProviders.read

Lists all push providers

Request
query Parameters
type
string (ProviderType)

Filters push providers by providerType

Enum: "APNS" "FCM"
Responses
200

OK

403

Forbidden

429

Too Many Requests

get/api/v1/push-providers
Request samples
Response samples
application/json
{
  • "value": [
    • {
      },
    • {
      }
    ]
}

Create a push provider
Identity Engine
OAuth 2.0: okta.pushProviders.manage

Creates a new push provider. Each Push Provider must have a unique name.

Request
Request Body schema: application/json
required
name
string

Display name of the push provider

providerType
string (ProviderType)
object (APNSConfiguration)
fileName
string

(Optional) File name for Admin Console display

keyId
string

10-character Key ID obtained from the Apple developer account

teamId
string

10-character Team ID used to develop the iOS app

tokenSigningKey
string

APNs private authentication token signing key

Responses
200

OK

400

Bad Request

403

Forbidden

429

Too Many Requests

post/api/v1/push-providers
Request samples
application/json
{
  • "name": "APNs Example",
  • "providerType": "APNS",
  • "configuration": {
    • "keyId": "KEY_ID",
    • "teamId": "TEAM_ID",
    • "tokenSigningKey": "-----BEGIN PRIVATE KEY-----\\nPRIVATE_KEY\\n-----END PRIVATE KEY-----\\n",
    • "fileName": "fileName.p8"
    }
}
Response samples
application/json
{}

Retrieve a push provider
Identity Engine
OAuth 2.0: okta.pushProviders.read

Retrieves a push provider by pushProviderId

Request
path Parameters
pushProviderId
required
string

Id of the push provider

Responses
200

OK

403

Forbidden

404

Not Found

429

Too Many Requests

get/api/v1/push-providers/{pushProviderId}
Request samples
Response samples
application/json
{}

Replace a push provider
Identity Engine
OAuth 2.0: okta.pushProviders.manage

Replaces a push provider by pushProviderId

Request
path Parameters
pushProviderId
required
string

Id of the push provider

Request Body schema: application/json
required
name
string

Display name of the push provider

providerType
string (ProviderType)
object (APNSConfiguration)
fileName
string

(Optional) File name for Admin Console display

keyId
string

10-character Key ID obtained from the Apple developer account

teamId
string

10-character Team ID used to develop the iOS app

tokenSigningKey
string

APNs private authentication token signing key

Responses
200

OK

400

Bad Request

403

Forbidden

404

Not Found

429

Too Many Requests

put/api/v1/push-providers/{pushProviderId}
Request samples
application/json
{
  • "name": "APNs Example",
  • "providerType": "APNS",
  • "configuration": {
    • "keyId": "KEY_ID",
    • "teamId": "TEAM_ID",
    • "tokenSigningKey": "-----BEGIN PRIVATE KEY-----\\nPRIVATE_KEY\\n-----END PRIVATE KEY-----\\n",
    • "fileName": "fileName.p8"
    }
}
Response samples
application/json
{}

Delete a push provider
Identity Engine
OAuth 2.0: okta.pushProviders.manage

Deletes a push provider by pushProviderId. If the push provider is currently being used in the org by a custom authenticator, the delete will not be allowed.

Request
path Parameters
pushProviderId
required
string

Id of the push provider

Responses
204

No Content

403

Forbidden

404

Not Found

409

Conflict

429

Too Many Requests

delete/api/v1/push-providers/{pushProviderId}
Request samples
Response samples
application/json
{
  • "errorCode": "E0000006",
  • "errorSummary": "You do not have permission to perform the requested action",
  • "errorLink": "E0000006",
  • "errorId": "sampleNUSD_8fdkFd8fs8SDBK",
  • "errorCauses": [ ]
}