The Risk Providers API enables you to manage the Risk Providers within Okta. See Third-party risk provider integration for guidance on integrating third-party risk providers with Okta.
Note: This API will be deprecated on December 31, 2024. Use the SSF Receiver API instead to receive security-related events and other data-subject signals. Also, use the SSF Security Event Tokens API for third-party security event providers.
okta.riskProviders.read
Lists all risk provider objects
OK
Forbidden
Too Many Requests
[- {
- "id": "00rp12r4skkjkjgsn",
- "action": "log_only",
- "name": "Risk-Partner-X",
- "clientId": "00ckjsfgjkdkjdkkljjsd",
- "created": "2021-01-05 22:18:30",
- "lastUpdated": "2021-01-05 22:18:30",
- "_links": {
- "self": {
- "hints": {
- "allow": [
- "GET",
- "PUT"
]
}
}
}
}
]
okta.riskProviders.manage
Creates a risk provider object. You can create a maximum of three risk provider objects.
name required | string <= 50 characters Name of the risk provider | ||||||||
clientId required | string The ID of the OAuth 2.0 service app that's used to send risk events to Okta | ||||||||
action required | string (RiskProviderAction) Default: "log_only" Action taken by Okta during authentication attempts based on the risk events sent by this provider
|
Created
Bad Request
Forbidden
Too Many Requests
{- "name": "Risk-Partner-X",
- "action": "log_only",
- "clientId": "00ckjsfgjkdkjdkkljjsd"
}
{- "id": "00rp12r4skkjkjgsn",
- "action": "log_only",
- "name": "Risk-Partner-X",
- "clientId": "00ckjsfgjkdkjdkkljjsd",
- "created": "2021-01-05 22:18:30",
- "lastUpdated": "2021-01-05 22:18:30",
- "_links": {
- "self": {
- "hints": {
- "allow": [
- "GET",
- "PUT"
]
}
}
}
}
okta.riskProviders.read
Retrieves a risk provider object by ID
OK
Forbidden
Not Found
Too Many Requests
{- "id": "00rp12r4skkjkjgsn",
- "action": "log_only",
- "name": "Risk-Partner-X",
- "clientId": "00ckjsfgjkdkjdkkljjsd",
- "created": "2021-01-05 22:18:30",
- "lastUpdated": "2021-01-05 22:18:30",
- "_links": {
- "self": {
- "hints": {
- "allow": [
- "GET",
- "PUT"
]
}
}
}
}
okta.riskProviders.manage
Replaces the properties for a given risk provider object ID
name required | string <= 50 characters Name of the risk provider | ||||||||
clientId required | string The ID of the OAuth 2.0 service app that's used to send risk events to Okta | ||||||||
action required | string (RiskProviderAction) Default: "log_only" Action taken by Okta during authentication attempts based on the risk events sent by this provider
|
OK
Bad Request
Forbidden
Not Found
Too Many Requests
{- "name": "Risk-Partner-Y",
- "action": "enforce_and_log",
- "clientId": "00ckjsfgjkdkjdkkljjsd"
}
{- "id": "00rp12r4skkjkjgsn",
- "action": "enforce_and_log",
- "name": "Risk-Partner-Y",
- "clientId": "00ckjsfgjkdkjdkkljjsd",
- "created": "2021-01-05 22:18:30",
- "lastUpdated": "2021-01-05 23:18:30",
- "_links": {
- "self": {
- "hints": {
- "allow": [
- "GET",
- "PUT"
]
}
}
}
}
okta.riskProviders.manage
Deletes a risk provider object by its ID
No Content
Forbidden
Not Found
Too Many Requests
{- "errorCode": "E0000006",
- "errorSummary": "You do not have permission to perform the requested action",
- "errorLink": "E0000006",
- "errorId": "sampleNUSD_8fdkFd8fs8SDBK",
- "errorCauses": [ ]
}