The Schemas API provides operations to manage custom User profiles as well as endpoints to discover the structure of the Log Stream configuration.
Okta's Universal Directory allows administrators to define custom User profiles for Okta Users and Applications. Okta adopts a subset of JSON Schema Draft 4 as the schema language to describe and validate extensible User profiles. For Log Stream Schemas, Okta uses JSON Schema Draft 2020-12. JSON Schema is a lightweight declarative format for describing the structure, constraints, and validation of JSON documents.
Note: Okta implements only a subset of JSON Schema Draft 4 and JSON Schema Draft 2020-12. This document describes which parts apply to Okta, and any extensions Okta has made to JSON Schema Draft 4 and JSON Schema Draft 2020-12.
You can enforce uniqueness for custom properties in Okta user profiles or the Okta group profile, such as an employee identification number. You can declare a maximum of five unique properties for each user type and five unique properties in the Okta group profile. Different user types can have the same or different unique properties (up to the limit of five per type).
Unique properties in Okta user profiles share a single namespace across all user types in an org. If user types A and B both contain the property ice cream
and you identify it as unique in both profiles, then if a user of type A has the value chocolate
, no other users of type A or B (or any other user type that declares ice cream
as unique) can have that value.
Properties that aren't unique also aren't tracked for uniqueness. Suppose the property candy
is unique in type E and not unique in type F. If a user of type E has the value caramel
for the candy
property, no other users of type E can also have the value caramel
, but any number of users of type F can already have or later be assigned the value caramel
. Furthermore, because candy
is not unique in type F, any values users of type F may have are not considered when enforcing uniqueness for users of type E. No matter how many users of type F already have the value cotton
, it might be assigned to a user of type E as long as no other such user already has that value.
If you attempt to create or update a user with a duplicate value for a custom user property with a uniqueness restriction, the user creation or update operation fails. The user isn't created or updated until you enter a unique value. Similarly, creating or updating a group fails when the request contains a value for a unique custom group property that is duplicated by another group.
null
values don't enter into the uniqueness calculation. If the unique property isn't also specified as being required, you can also omit the value entirely. Multiple users or groups can omit the property and not violate uniqueness.
To enforce uniqueness for custom properties, you can either add new unique custom properties or update existing custom properties to be unique.
You can use the add property to user profile schema request or the add property to group profile schema request to add one or more unique custom user or group properties. Specify "unique": true
on the properties to be marked as unique. The response shows the properties with "unique": "UNIQUE_VALIDATED"
and uniqueness is then enforced on those properties.
You can use the update user profile schema property request or the update group profile schema property request to mark existing custom user or group properties as unique by specifying "unique": true
on the properties to be marked as unique.
After the request to mark existing custom properties as unique is submitted, an asynchronous validation check is performed to make sure that there are no existing duplicate entries. If you have a significant number of users or groups, the validation can take some time.
A uniqueness status of "unique": "PENDING_UNIQUENESS"
indicates that the validation check is still in progress. Use the Universal Directory page in the Admin Console (Directory > Directory Integrations) to track the status of the validation check. After the validation completes, if you submit a retrieve user schema request or a retreive group schema request, the property's uniqueness status changes to UNIQUE_VALIDATED
if no duplicate records are found, and uniqueness is then enforced on that property. Otherwise, if duplicate records are found, the unique
attribute of the schema property isn't shown in the get schema request and uniqueness isn't enforced on the schema property.
You can use the update user profile schema property request or the update group profile schema property request to change existing unique custom user or group properties to be non-unique by specifying "unique": false
on the properties to be changed to non-unique. The response shows the properties without the unique
attribute and the uniqueness constraint is then removed on those properties.
Note: If multiple user types declare a property as unique and you remove the uniqueness constraint on one type, there may be a delay before users of other types that declare the property as unique can be assigned values formerly held by users of the first type.
okta.schemas.read
Retrieves the default Schema for an App User.
The User Types feature does not extend to apps. All users assigned to a given app use the same App User Schema. Therefore, unlike the User Schema operations, the App User Schema operations all specify default
and don't accept a Schema ID.
successful operation
Forbidden
Not Found
Too Many Requests
{- "$schema": "string",
- "created": "string",
- "definitions": {
- "base": {
- "id": "string",
- "properties": {
- "city": {
- "description": "string",
- "enum": [
- "string"
], - "externalName": "string",
- "externalNamespace": "string",
- "format": "country-code",
- "master": {
- "priority": [
- {
- "type": null,
- "value": null
}
], - "type": "OKTA"
}, - "maxLength": 0,
- "minLength": 0,
- "mutability": "IMMUTABLE",
- "oneOf": [
- {
- "const": "string",
- "title": "string"
}
], - "pattern": "string",
- "permissions": [
- {
- "action": "string",
- "principal": "string"
}
], - "required": true,
- "scope": "NONE",
- "title": "string",
- "type": "array",
- "unique": true
}, - "costCenter": {
- "description": "string",
- "enum": [
- "string"
], - "externalName": "string",
- "externalNamespace": "string",
- "format": "country-code",
- "master": {
- "priority": [
- {
- "type": null,
- "value": null
}
], - "type": "OKTA"
}, - "maxLength": 0,
- "minLength": 0,
- "mutability": "IMMUTABLE",
- "oneOf": [
- {
- "const": "string",
- "title": "string"
}
], - "pattern": "string",
- "permissions": [
- {
- "action": "string",
- "principal": "string"
}
], - "required": true,
- "scope": "NONE",
- "title": "string",
- "type": "array",
- "unique": true
}, - "countryCode": {
- "description": "string",
- "enum": [
- "string"
], - "externalName": "string",
- "externalNamespace": "string",
- "format": "country-code",
- "master": {
- "priority": [
- {
- "type": null,
- "value": null
}
], - "type": "OKTA"
}, - "maxLength": 0,
- "minLength": 0,
- "mutability": "IMMUTABLE",
- "oneOf": [
- {
- "const": "string",
- "title": "string"
}
], - "pattern": "string",
- "permissions": [
- {
- "action": "string",
- "principal": "string"
}
], - "required": true,
- "scope": "NONE",
- "title": "string",
- "type": "array",
- "unique": true
}, - "department": {
- "description": "string",
- "enum": [
- "string"
], - "externalName": "string",
- "externalNamespace": "string",
- "format": "country-code",
- "master": {
- "priority": [
- {
- "type": null,
- "value": null
}
], - "type": "OKTA"
}, - "maxLength": 0,
- "minLength": 0,
- "mutability": "IMMUTABLE",
- "oneOf": [
- {
- "const": "string",
- "title": "string"
}
], - "pattern": "string",
- "permissions": [
- {
- "action": "string",
- "principal": "string"
}
], - "required": true,
- "scope": "NONE",
- "title": "string",
- "type": "array",
- "unique": true
}, - "displayName": {
- "description": "string",
- "enum": [
- "string"
], - "externalName": "string",
- "externalNamespace": "string",
- "format": "country-code",
- "master": {
- "priority": [
- {
- "type": null,
- "value": null
}
], - "type": "OKTA"
}, - "maxLength": 0,
- "minLength": 0,
- "mutability": "IMMUTABLE",
- "oneOf": [
- {
- "const": "string",
- "title": "string"
}
], - "pattern": "string",
- "permissions": [
- {
- "action": "string",
- "principal": "string"
}
], - "required": true,
- "scope": "NONE",
- "title": "string",
- "type": "array",
- "unique": true
}, - "division": {
- "description": "string",
- "enum": [
- "string"
], - "externalName": "string",
- "externalNamespace": "string",
- "format": "country-code",
- "master": {
- "priority": [
- {
- "type": null,
- "value": null
}
], - "type": "OKTA"
}, - "maxLength": 0,
- "minLength": 0,
- "mutability": "IMMUTABLE",
- "oneOf": [
- {
- "const": "string",
- "title": "string"
}
], - "pattern": "string",
- "permissions": [
- {
- "action": "string",
- "principal": "string"
}
], - "required": true,
- "scope": "NONE",
- "title": "string",
- "type": "array",
- "unique": true
}, - "email": {
- "description": "string",
- "enum": [
- "string"
], - "externalName": "string",
- "externalNamespace": "string",
- "format": "country-code",
- "master": {
- "priority": [
- {
- "type": null,
- "value": null
}
], - "type": "OKTA"
}, - "maxLength": 0,
- "minLength": 0,
- "mutability": "IMMUTABLE",
- "oneOf": [
- {
- "const": "string",
- "title": "string"
}
], - "pattern": "string",
- "permissions": [
- {
- "action": "string",
- "principal": "string"
}
], - "required": true,
- "scope": "NONE",
- "title": "string",
- "type": "array",
- "unique": true
}, - "employeeNumber": {
- "description": "string",
- "enum": [
- "string"
], - "externalName": "string",
- "externalNamespace": "string",
- "format": "country-code",
- "master": {
- "priority": [
- {
- "type": null,
- "value": null
}
], - "type": "OKTA"
}, - "maxLength": 0,
- "minLength": 0,
- "mutability": "IMMUTABLE",
- "oneOf": [
- {
- "const": "string",
- "title": "string"
}
], - "pattern": "string",
- "permissions": [
- {
- "action": "string",
- "principal": "string"
}
], - "required": true,
- "scope": "NONE",
- "title": "string",
- "type": "array",
- "unique": true
}, - "firstName": {
- "description": "string",
- "enum": [
- "string"
], - "externalName": "string",
- "externalNamespace": "string",
- "format": "country-code",
- "master": {
- "priority": [
- {
- "type": null,
- "value": null
}
], - "type": "OKTA"
}, - "maxLength": 0,
- "minLength": 0,
- "mutability": "IMMUTABLE",
- "oneOf": [
- {
- "const": "string",
- "title": "string"
}
], - "pattern": "string",
- "permissions": [
- {
- "action": "string",
- "principal": "string"
}
], - "required": true,
- "scope": "NONE",
- "title": "string",
- "type": "array",
- "unique": true
}, - "honorificPrefix": {
- "description": "string",
- "enum": [
- "string"
], - "externalName": "string",
- "externalNamespace": "string",
- "format": "country-code",
- "master": {
- "priority": [
- {
- "type": null,
- "value": null
}
], - "type": "OKTA"
}, - "maxLength": 0,
- "minLength": 0,
- "mutability": "IMMUTABLE",
- "oneOf": [
- {
- "const": "string",
- "title": "string"
}
], - "pattern": "string",
- "permissions": [
- {
- "action": "string",
- "principal": "string"
}
], - "required": true,
- "scope": "NONE",
- "title": "string",
- "type": "array",
- "unique": true
}, - "honorificSuffix": {
- "description": "string",
- "enum": [
- "string"
], - "externalName": "string",
- "externalNamespace": "string",
- "format": "country-code",
- "master": {
- "priority": [
- {
- "type": null,
- "value": null
}
], - "type": "OKTA"
}, - "maxLength": 0,
- "minLength": 0,
- "mutability": "IMMUTABLE",
- "oneOf": [
- {
- "const": "string",
- "title": "string"
}
], - "pattern": "string",
- "permissions": [
- {
- "action": "string",
- "principal": "string"
}
], - "required": true,
- "scope": "NONE",
- "title": "string",
- "type": "array",
- "unique": true
}, - "lastName": {
- "description": "string",
- "enum": [
- "string"
], - "externalName": "string",
- "externalNamespace": "string",
- "format": "country-code",
- "master": {
- "priority": [
- {
- "type": null,
- "value": null
}
], - "type": "OKTA"
}, - "maxLength": 0,
- "minLength": 0,
- "mutability": "IMMUTABLE",
- "oneOf": [
- {
- "const": "string",
- "title": "string"
}
], - "pattern": "string",
- "permissions": [
- {
- "action": "string",
- "principal": "string"
}
], - "required": true,
- "scope": "NONE",
- "title": "string",
- "type": "array",
- "unique": true
}, - "locale": {
- "description": "string",
- "enum": [
- "string"
], - "externalName": "string",
- "externalNamespace": "string",
- "format": "country-code",
- "master": {
- "priority": [
- {
- "type": null,
- "value": null
}
], - "type": "OKTA"
}, - "maxLength": 0,
- "minLength": 0,
- "mutability": "IMMUTABLE",
- "oneOf": [
- {
- "const": "string",
- "title": "string"
}
], - "pattern": "string",
- "permissions": [
- {
- "action": "string",
- "principal": "string"
}
], - "required": true,
- "scope": "NONE",
- "title": "string",
- "type": "array",
- "unique": true
}, - "login": {
- "description": "string",
- "enum": [
- "string"
], - "externalName": "string",
- "externalNamespace": "string",
- "format": "country-code",
- "master": {
- "priority": [
- {
- "type": null,
- "value": null
}
], - "type": "OKTA"
}, - "maxLength": 0,
- "minLength": 0,
- "mutability": "IMMUTABLE",
- "oneOf": [
- {
- "const": "string",
- "title": "string"
}
], - "pattern": "string",
- "permissions": [
- {
- "action": "string",
- "principal": "string"
}
], - "required": true,
- "scope": "NONE",
- "title": "string",
- "type": "array",
- "unique": true
}, - "manager": {
- "description": "string",
- "enum": [
- "string"
], - "externalName": "string",
- "externalNamespace": "string",
- "format": "country-code",
- "master": {
- "priority": [
- {
- "type": null,
- "value": null
}
], - "type": "OKTA"
}, - "maxLength": 0,
- "minLength": 0,
- "mutability": "IMMUTABLE",
- "oneOf": [
- {
- "const": "string",
- "title": "string"
}
], - "pattern": "string",
- "permissions": [
- {
- "action": "string",
- "principal": "string"
}
], - "required": true,
- "scope": "NONE",
- "title": "string",
- "type": "array",
- "unique": true
}, - "managerId": {
- "description": "string",
- "enum": [
- "string"
], - "externalName": "string",
- "externalNamespace": "string",
- "format": "country-code",
- "master": {
- "priority": [
- {
- "type": null,
- "value": null
}
], - "type": "OKTA"
}, - "maxLength": 0,
- "minLength": 0,
- "mutability": "IMMUTABLE",
- "oneOf": [
- {
- "const": "string",
- "title": "string"
}
], - "pattern": "string",
- "permissions": [
- {
- "action": "string",
- "principal": "string"
}
], - "required": true,
- "scope": "NONE",
- "title": "string",
- "type": "array",
- "unique": true
}, - "middleName": {
- "description": "string",
- "enum": [
- "string"
], - "externalName": "string",
- "externalNamespace": "string",
- "format": "country-code",
- "master": {
- "priority": [
- {
- "type": null,
- "value": null
}
], - "type": "OKTA"
}, - "maxLength": 0,
- "minLength": 0,
- "mutability": "IMMUTABLE",
- "oneOf": [
- {
- "const": "string",
- "title": "string"
}
], - "pattern": "string",
- "permissions": [
- {
- "action": "string",
- "principal": "string"
}
], - "required": true,
- "scope": "NONE",
- "title": "string",
- "type": "array",
- "unique": true
}, - "mobilePhone": {
- "description": "string",
- "enum": [
- "string"
], - "externalName": "string",
- "externalNamespace": "string",
- "format": "country-code",
- "master": {
- "priority": [
- {
- "type": null,
- "value": null
}
], - "type": "OKTA"
}, - "maxLength": 0,
- "minLength": 0,
- "mutability": "IMMUTABLE",
- "oneOf": [
- {
- "const": "string",
- "title": "string"
}
], - "pattern": "string",
- "permissions": [
- {
- "action": "string",
- "principal": "string"
}
], - "required": true,
- "scope": "NONE",
- "title": "string",
- "type": "array",
- "unique": true
}, - "nickName": {
- "description": "string",
- "enum": [
- "string"
], - "externalName": "string",
- "externalNamespace": "string",
- "format": "country-code",
- "master": {
- "priority": [
- {
- "type": null,
- "value": null
}
], - "type": "OKTA"
}, - "maxLength": 0,
- "minLength": 0,
- "mutability": "IMMUTABLE",
- "oneOf": [
- {
- "const": "string",
- "title": "string"
}
], - "pattern": "string",
- "permissions": [
- {
- "action": "string",
- "principal": "string"
}
], - "required": true,
- "scope": "NONE",
- "title": "string",
- "type": "array",
- "unique": true
}, - "organization": {
- "description": "string",
- "enum": [
- "string"
], - "externalName": "string",
- "externalNamespace": "string",
- "format": "country-code",
- "master": {
- "priority": [
- {
- "type": null,
- "value": null
}
], - "type": "OKTA"
}, - "maxLength": 0,
- "minLength": 0,
- "mutability": "IMMUTABLE",
- "oneOf": [
- {
- "const": "string",
- "title": "string"
}
], - "pattern": "string",
- "permissions": [
- {
- "action": "string",
- "principal": "string"
}
], - "required": true,
- "scope": "NONE",
- "title": "string",
- "type": "array",
- "unique": true
}, - "postalAddress": {
- "description": "string",
- "enum": [
- "string"
], - "externalName": "string",
- "externalNamespace": "string",
- "format": "country-code",
- "master": {
- "priority": [
- {
- "type": null,
- "value": null
}
], - "type": "OKTA"
}, - "maxLength": 0,
- "minLength": 0,
- "mutability": "IMMUTABLE",
- "oneOf": [
- {
- "const": "string",
- "title": "string"
}
], - "pattern": "string",
- "permissions": [
- {
- "action": "string",
- "principal": "string"
}
], - "required": true,
- "scope": "NONE",
- "title": "string",
- "type": "array",
- "unique": true
}, - "preferredLanguage": {
- "description": "string",
- "enum": [
- "string"
], - "externalName": "string",
- "externalNamespace": "string",
- "format": "country-code",
- "master": {
- "priority": [
- {
- "type": null,
- "value": null
}
], - "type": "OKTA"
}, - "maxLength": 0,
- "minLength": 0,
- "mutability": "IMMUTABLE",
- "oneOf": [
- {
- "const": "string",
- "title": "string"
}
], - "pattern": "string",
- "permissions": [
- {
- "action": "string",
- "principal": "string"
}
], - "required": true,
- "scope": "NONE",
- "title": "string",
- "type": "array",
- "unique": true
}, - "primaryPhone": {
- "description": "string",
- "enum": [
- "string"
], - "externalName": "string",
- "externalNamespace": "string",
- "format": "country-code",
- "master": {
- "priority": [
- {
- "type": null,
- "value": null
}
], - "type": "OKTA"
}, - "maxLength": 0,
- "minLength": 0,
- "mutability": "IMMUTABLE",
- "oneOf": [
- {
- "const": "string",
- "title": "string"
}
], - "pattern": "string",
- "permissions": [
- {
- "action": "string",
- "principal": "string"
}
], - "required": true,
- "scope": "NONE",
- "title": "string",
- "type": "array",
- "unique": true
}, - "profileUrl": {
- "description": "string",
- "enum": [
- "string"
], - "externalName": "string",
- "externalNamespace": "string",
- "format": "country-code",
- "master": {
- "priority": [
- {
- "type": null,
- "value": null
}
], - "type": "OKTA"
}, - "maxLength": 0,
- "minLength": 0,
- "mutability": "IMMUTABLE",
- "oneOf": [
- {
- "const": "string",
- "title": "string"
}
], - "pattern": "string",
- "permissions": [
- {
- "action": "string",
- "principal": "string"
}
], - "required": true,
- "scope": "NONE",
- "title": "string",
- "type": "array",
- "unique": true
}, - "secondEmail": {
- "description": "string",
- "enum": [
- "string"
], - "externalName": "string",
- "externalNamespace": "string",
- "format": "country-code",
- "master": {
- "priority": [
- {
- "type": null,
- "value": null
}
], - "type": "OKTA"
}, - "maxLength": 0,
- "minLength": 0,
- "mutability": "IMMUTABLE",
- "oneOf": [
- {
- "const": "string",
- "title": "string"
}
], - "pattern": "string",
- "permissions": [
- {
- "action": "string",
- "principal": "string"
}
], - "required": true,
- "scope": "NONE",
- "title": "string",
- "type": "array",
- "unique": true
}, - "state": {
- "description": "string",
- "enum": [
- "string"
], - "externalName": "string",
- "externalNamespace": "string",
- "format": "country-code",
- "master": {
- "priority": [
- {
- "type": null,
- "value": null
}
], - "type": "OKTA"
}, - "maxLength": 0,
- "minLength": 0,
- "mutability": "IMMUTABLE",
- "oneOf": [
- {
- "const": "string",
- "title": "string"
}
], - "pattern": "string",
- "permissions": [
- {
- "action": "string",
- "principal": "string"
}
], - "required": true,
- "scope": "NONE",
- "title": "string",
- "type": "array",
- "unique": true
}, - "streetAddress": {
- "description": "string",
- "enum": [
- "string"
], - "externalName": "string",
- "externalNamespace": "string",
- "format": "country-code",
- "master": {
- "priority": [
- {
- "type": null,
- "value": null
}
], - "type": "OKTA"
}, - "maxLength": 0,
- "minLength": 0,
- "mutability": "IMMUTABLE",
- "oneOf": [
- {
- "const": "string",
- "title": "string"
}
], - "pattern": "string",
- "permissions": [
- {
- "action": "string",
- "principal": "string"
}
], - "required": true,
- "scope": "NONE",
- "title": "string",
- "type": "array",
- "unique": true
}, - "timezone": {
- "description": "string",
- "enum": [
- "string"
], - "externalName": "string",
- "externalNamespace": "string",
- "format": "country-code",
- "master": {
- "priority": [
- {
- "type": null,
- "value": null
}
], - "type": "OKTA"
}, - "maxLength": 0,
- "minLength": 0,
- "mutability": "IMMUTABLE",
- "oneOf": [
- {
- "const": "string",
- "title": "string"
}
], - "pattern": "string",
- "permissions": [
- {
- "action": "string",
- "principal": "string"
}
], - "required": true,
- "scope": "NONE",
- "title": "string",
- "type": "array",
- "unique": true
}, - "title": {
- "description": "string",
- "enum": [
- "string"
], - "externalName": "string",
- "externalNamespace": "string",
- "format": "country-code",
- "master": {
- "priority": [
- {
- "type": null,
- "value": null
}
], - "type": "OKTA"
}, - "maxLength": 0,
- "minLength": 0,
- "mutability": "IMMUTABLE",
- "oneOf": [
- {
- "const": "string",
- "title": "string"
}
], - "pattern": "string",
- "permissions": [
- {
- "action": "string",
- "principal": "string"
}
], - "required": true,
- "scope": "NONE",
- "title": "string",
- "type": "array",
- "unique": true
}, - "userType": {
- "description": "string",
- "enum": [
- "string"
], - "externalName": "string",
- "externalNamespace": "string",
- "format": "country-code",
- "master": {
- "priority": [
- {
- "type": null,
- "value": null
}
], - "type": "OKTA"
}, - "maxLength": 0,
- "minLength": 0,
- "mutability": "IMMUTABLE",
- "oneOf": [
- {
- "const": "string",
- "title": "string"
}
], - "pattern": "string",
- "permissions": [
- {
- "action": "string",
- "principal": "string"
}
], - "required": true,
- "scope": "NONE",
- "title": "string",
- "type": "array",
- "unique": true
}, - "zipCode": {
- "description": "string",
- "enum": [
- "string"
], - "externalName": "string",
- "externalNamespace": "string",
- "format": "country-code",
- "master": {
- "priority": [
- {
- "type": null,
- "value": null
}
], - "type": "OKTA"
}, - "maxLength": 0,
- "minLength": 0,
- "mutability": "IMMUTABLE",
- "oneOf": [
- {
- "const": "string",
- "title": "string"
}
], - "pattern": "string",
- "permissions": [
- {
- "action": "string",
- "principal": "string"
}
], - "required": true,
- "scope": "NONE",
- "title": "string",
- "type": "array",
- "unique": true
}
}, - "required": [
- "string"
], - "type": "string"
}, - "custom": {
- "id": "string",
- "properties": {
- "property1": {
- "description": "string",
- "enum": [
- "string"
], - "externalName": "string",
- "externalNamespace": "string",
- "format": "country-code",
- "master": {
- "priority": [
- {
- "type": null,
- "value": null
}
], - "type": "OKTA"
}, - "maxLength": 0,
- "minLength": 0,
- "mutability": "IMMUTABLE",
- "oneOf": [
- {
- "const": "string",
- "title": "string"
}
], - "pattern": "string",
- "permissions": [
- {
- "action": "string",
- "principal": "string"
}
], - "required": true,
- "scope": "NONE",
- "title": "string",
- "type": "array",
- "unique": true
}, - "property2": {
- "description": "string",
- "enum": [
- "string"
], - "externalName": "string",
- "externalNamespace": "string",
- "format": "country-code",
- "master": {
- "priority": [
- {
- "type": null,
- "value": null
}
], - "type": "OKTA"
}, - "maxLength": 0,
- "minLength": 0,
- "mutability": "IMMUTABLE",
- "oneOf": [
- {
- "const": "string",
- "title": "string"
}
], - "pattern": "string",
- "permissions": [
- {
- "action": "string",
- "principal": "string"
}
], - "required": true,
- "scope": "NONE",
- "title": "string",
- "type": "array",
- "unique": true
}
}, - "required": [
- "string"
], - "type": "string"
}
}, - "id": "string",
- "lastUpdated": "string",
- "name": "string",
- "properties": {
- "profile": {
- "allOf": [
- {
- "$ref": "string"
}
]
}
}, - "title": "string",
- "type": "string",
- "_links": {
- "self": {
- "hints": {
- "allow": [
- "DELETE"
]
}, - "href": "string",
- "name": "string",
- "templated": true,
- "type": "string"
}
}
}
okta.schemas.manage
Updates the App User Schema. This updates, adds, or removes one or more custom profile properties or the nullability of a base property in the App User Schema for an app. Changing a base property's nullability (for example, the value of its required
field) is allowed only if it is nullable in the default predefined Schema for the App.
The User Types feature does not extend to apps. All users assigned to a given app use the same App User Schema. Therefore, unlike the User Schema operations, the App User Schema operations all specify default
and don't accept a Schema ID.
object User Profile subschemas The Profile object for a User is defined by a composite Schema of base and custom properties using a JSON path to reference subschemas. The | |||||||||||||
| |||||||||||||
object User Object Properties | |||||||||||||
| |||||||||||||
title | string User-defined display name for the Schema |
successful operation
Bad Request
Forbidden
Not Found
Too Many Requests
{- "definitions": {
- "custom": {
- "id": "#custom",
- "type": "object",
- "properties": {
- "twitterUserName": {
- "title": "Twitter username",
- "externalName": "twitterUserName",
- "description": "User's username for twitter.com",
- "type": "string",
- "required": false,
- "minLength": 1,
- "maxLength": 20
}
}, - "required": [ ]
}
}
}
{- "name": "Example App",
- "title": "Example App User",
- "lastUpdated": "2017-07-18T23:18:43.000Z",
- "created": "2017-07-18T22:35:30.000Z",
- "definitions": {
- "base": {
- "id": "#base",
- "type": "object",
- "properties": {
- "userName": {
- "title": "Username",
- "type": "string",
- "required": true,
- "scope": "NONE",
- "maxLength": 100
}
}, - "required": [
- "userName"
]
}, - "custom": {
- "id": "#custom",
- "type": "object",
- "properties": {
- "twitterUserName": {
- "title": "Twitter username",
- "externalName": "twitterUserName",
- "description": "User's username for twitter.com",
- "type": "string",
- "scope": "NONE",
- "minLength": 1,
- "maxLength": 20
}
}, - "required": [ ]
}
}, - "type": "object",
- "properties": {
- "profile": {
- "allOf": [
- {
- "$ref": "#/definitions/base"
}, - {
- "$ref": "#/definitions/custom"
}
]
}
}
}
okta.schemas.read
Retrieves the Group Schema
The User Types feature does not extend to groups. All groups use the same Group Schema. Unlike User Schema operations, Group Schema operations all specify default
and don't accept a Schema ID.
successful operation
Forbidden
Too Many Requests
{- "_links": {
- "self": {
- "method": "GET",
- "rel": "self"
}
}, - "created": "2021-01-30T00:18:24.000Z",
- "definitions": {
- "base": {
- "id": "#base",
- "properties": { },
- "required": [
- "name"
], - "type": "object"
}, - "custom": {
- "id": "#custom",
- "properties": {
- "groupContact": {
- "description": "Group administrative contact",
- "master": {
- "type": "PROFILE_MASTER"
}, - "mutability": "READ_WRITE",
- "permissions": [
- {
- "action": "READ_WRITE",
- "principal": "SELF"
}
], - "scope": "NONE",
- "title": "Group administrative contact",
- "type": "string"
}
}, - "required": [ ],
- "type": "object"
}
}, - "description": "Okta group profile template",
- "lastUpdated": "2021-02-25T23:05:31.000Z",
- "name": "group",
- "properties": {
- "profile": {
- "allOf": [
- {
- "$ref": "#/definitions/custom"
}, - {
- "$ref": "#/definitions/base"
}
]
}
}, - "title": "Okta group",
- "type": "object"
}
okta.schemas.manage
Updates the Group Profile schema. This updates, adds, or removes one or more custom profile properties in a Group Schema. Currently Okta does not support changing base Group Profile properties.
The User Types feature does not extend to groups. All groups use the same Group Schema. Unlike User Schema operations, Group Schema operations all specify default
and don't accept a Schema ID.
Note: Since POST is interpreted as a partial update, you must set properties explicitly to null to remove them from the Schema.
successful operation
Bad Request
Forbidden
Too Many Requests
{- "definitions": {
- "custom": {
- "id": "#custom",
- "type": "object",
- "properties": {
- "groupContact": {
- "title": "Group administrative contact",
- "description": "Group administrative contact",
- "type": "string",
- "required": false,
- "minLength": 1,
- "maxLength": 20,
- "permissions": [
- {
- "principal": "SELF",
- "action": "READ_WRITE"
}
]
}
}, - "required": [ ]
}
}
}
{- "Response with a subset of properties for brevity": {
- "$ref": "#/components/examples/GroupSchemaResponse"
}
}
okta.logStreams.read
Lists the Schema for all Log Stream types visible for this org
successful operation
Forbidden
Too Many Requests
[- {
- "title": "AWS EventBridge",
- "type": "object",
- "properties": {
- "settings": {
- "description": "Configuration properties specific to AWS EventBridge",
- "type": "object",
- "properties": {
- "accountId": {
- "title": "AWS Account ID",
- "description": "Your Amazon AWS Account ID.",
- "type": "string",
- "writeOnce": true,
- "pattern": "^\\d{12}$"
}, - "eventSourceName": {
- "title": "AWS Event Source Name",
- "description": "An alphanumeric name (no spaces) to identify this event source in AWS EventBridge.",
- "type": "string",
- "writeOnce": true,
- "pattern": "^[\\.\\-_A-Za-z0-9]{1,75}$"
}, - "region": {
- "title": "AWS Region",
- "description": "The destination AWS region for your system log events.",
- "type": "string",
- "writeOnce": true,
- "oneOf": [
- {
- "title": "US East (Ohio)",
- "const": "us-east-2"
}, - {
- "title": "US East (N. Virginia)",
- "const": "us-east-1"
}, - {
- "title": "US West (N. California)",
- "const": "us-west-1"
}, - {
- "title": "US West (Oregon)",
- "const": "us-west-2"
}, - {
- "title": "Canada (Central)",
- "const": "ca-central-1"
}, - {
- "title": "Europe (Frankfurt)",
- "const": "eu-central-1"
}, - {
- "title": "Europe (Ireland)",
- "const": "eu-west-1"
}, - {
- "title": "Europe (London)",
- "const": "eu-west-2"
}, - {
- "title": "Europe (Paris)",
- "const": "eu-west-3"
}, - {
- "title": "Europe (Milan)",
- "const": "eu-south-1"
}, - {
- "title": "Europe (Stockholm)",
- "const": "eu-north-1"
}
]
}
}, - "required": [
- "eventSourceName",
- "accountId",
- "region"
], - "errorMessage": {
- "properties": {
- "accountId": "Account number must be 12 digits.",
- "eventSourceName": "Event source name can use numbers, letters, the symbols \".\", \"-\" or \"_\". It must use fewer than 76 characters."
}
}
}, - "name": {
- "title": "Name",
- "description": "A name for this log stream in Okta",
- "type": "string",
- "writeOnce": false,
- "pattern": "^.{1,100}$"
}
}, - "required": [
- "name",
- "settings"
], - "errorMessage": {
- "properties": {
- "name": "Name can't exceed 100 characters."
}
}
}, - {
- "title": "Splunk Cloud",
- "type": "object",
- "properties": {
- "settings": {
- "description": "Configuration properties specific to Splunk Cloud",
- "type": "object",
- "properties": {
- "host": {
- "title": "Host",
- "description": "The domain for your Splunk Cloud instance without http or https. For example: acme.splunkcloud.com",
- "type": "string",
- "writeOnce": false,
- "pattern": "^([a-z0-9]+(-[a-z0-9]+)*){1,100}\\.splunkcloud(gc|fed)?\\.com$"
}, - "token": {
- "title": "HEC Token",
- "description": "The token from your Splunk Cloud HTTP Event Collector (HEC).",
- "type": "string",
- "writeOnce": false,
- "pattern": "[0-9a-fA-F]{8}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{12}"
}
}, - "required": [
- "host",
- "token"
], - "errorMessage": {
- "properties": {
- "host": "Host should be a domain without http or https. For example: acme.splunkcloud.com"
}
}
}, - "name": {
- "title": "Name",
- "description": "A name for this log stream in Okta",
- "type": "string",
- "writeOnce": false,
- "pattern": "^.{1,100}$"
}
}, - "required": [
- "name",
- "settings"
], - "errorMessage": {
- "properties": {
- "name": "Name can't exceed 100 characters."
}
}
}
]
okta.logStreams.read
Retrieves the Schema for a Log Stream type. The logStreamType
element in the URL specifies the Log Stream type, which is either aws_eventbridge
or splunk_cloud_logstreaming
. Use the aws_eventbridge
literal to retrieve the AWS EventBridge type schema, and use the splunk_cloud_logstreaming
literal retrieve the Splunk Cloud type schema.
logStreamType required | string (LogStreamType) Specifies the streaming provider used Supported providers:
Select the provider type to see provider-specific configurations in the |
successful operation
Forbidden
Not Found
Too Many Requests
{- "title": "AWS EventBridge",
- "type": "object",
- "properties": {
- "settings": {
- "description": "Configuration properties specific to AWS EventBridge",
- "type": "object",
- "properties": {
- "accountId": {
- "title": "AWS Account ID",
- "description": "Your Amazon AWS Account ID.",
- "type": "string",
- "writeOnce": true,
- "pattern": "^\\d{12}$"
}, - "eventSourceName": {
- "title": "AWS Event Source Name",
- "description": "An alphanumeric name (no spaces) to identify this event source in AWS EventBridge.",
- "type": "string",
- "writeOnce": true,
- "pattern": "^[\\.\\-_A-Za-z0-9]{1,75}$"
}, - "region": {
- "title": "AWS Region",
- "description": "The destination AWS region for your system log events.",
- "type": "string",
- "writeOnce": true,
- "oneOf": [
- {
- "title": "US East (Ohio)",
- "const": "us-east-2"
}, - {
- "title": "US East (N. Virginia)",
- "const": "us-east-1"
}, - {
- "title": "US West (N. California)",
- "const": "us-west-1"
}, - {
- "title": "US West (Oregon)",
- "const": "us-west-2"
}, - {
- "title": "Canada (Central)",
- "const": "ca-central-1"
}, - {
- "title": "Europe (Frankfurt)",
- "const": "eu-central-1"
}, - {
- "title": "Europe (Ireland)",
- "const": "eu-west-1"
}, - {
- "title": "Europe (London)",
- "const": "eu-west-2"
}, - {
- "title": "Europe (Paris)",
- "const": "eu-west-3"
}, - {
- "title": "Europe (Milan)",
- "const": "eu-south-1"
}, - {
- "title": "Europe (Stockholm)",
- "const": "eu-north-1"
}
]
}
}, - "required": [
- "eventSourceName",
- "accountId",
- "region"
], - "errorMessage": {
- "properties": {
- "accountId": "Account number must be 12 digits.",
- "eventSourceName": "Event source name can use numbers, letters, the symbols \".\", \"-\" or \"_\". It must use fewer than 76 characters."
}
}
}, - "name": {
- "title": "Name",
- "description": "A name for this log stream in Okta",
- "type": "string",
- "writeOnce": false,
- "pattern": "^.{1,100}$"
}
}, - "required": [
- "name",
- "settings"
], - "errorMessage": {
- "properties": {
- "name": "Name can't exceed 100 characters."
}
}
}
okta.schemas.read
Retrieves the Schema for a User Type
Success
Forbidden
Not Found
Too Many Requests
{- "name": "user",
- "title": "Default Okta User",
- "lastUpdated": "2015-09-05T10:40:45.000Z",
- "created": "2015-02-02T10:27:36.000Z",
- "definitions": {
- "base": {
- "id": "#base",
- "type": "object",
- "properties": {
- "login": {
- "title": "Username",
- "type": "string",
- "required": true,
- "minLength": 5,
- "maxLength": 100,
- "permissions": [
- {
- "principal": "SELF",
- "action": "READ_WRITE"
}
]
}, - "firstName": {
- "title": "First name",
- "type": "string",
- "required": true,
- "minLength": 1,
- "maxLength": 50,
- "permissions": [
- {
- "principal": "SELF",
- "action": "READ_WRITE"
}
]
}, - "lastName": {
- "title": "Last name",
- "type": "string",
- "required": true,
- "minLength": 1,
- "maxLength": 50,
- "permissions": [
- {
- "principal": "SELF",
- "action": "READ_WRITE"
}
]
}, - "email": {
- "title": "Primary email",
- "type": "string",
- "required": true,
- "format": "email",
- "permissions": [
- {
- "principal": "SELF",
- "action": "READ_WRITE"
}
]
}
}, - "required": [
- "login",
- "firstName",
- "lastName",
- "email"
]
}, - "custom": {
- "id": "#custom",
- "type": "object",
- "properties": {
- "twitterUserName": {
- "title": "Twitter username",
- "description": "User's username for twitter.com",
- "type": "string",
- "required": false,
- "minLength": 1,
- "maxLength": 20,
- "permissions": [
- {
- "principal": "SELF",
- "action": "READ_WRITE"
}
]
}
}, - "required": [ ]
}
}, - "type": "object",
- "properties": {
- "profile": {
- "allOf": [
- {
- "$ref": "#/definitions/base"
}, - {
- "$ref": "#/definitions/custom"
}
]
}
}
}
okta.schemas.manage
Updates a User Schema. This updates, adds, or removes one or more profile properties in a User Schema.
Unlike custom User Profile properties, limited changes are allowed to base User Profile properties (permissions, nullability of the firstName
and lastName
properties, or pattern for login
). A property cannot be removed from the default Schema if it is being referenced as a matchAttribute in SAML2 IdPs. Currently, all validation of SAML assertions is only performed against the default user type.
object User Profile subschemas The Profile object for a User is defined by a composite Schema of base and custom properties using a JSON path to reference subschemas. The | |||||||||||||
| |||||||||||||
object User Object Properties | |||||||||||||
| |||||||||||||
title | string User-defined display name for the Schema |
Success
Bad Request
Forbidden
Not Found
Too Many Requests
{- "definitions": {
- "custom": {
- "id": "#custom",
- "type": "object",
- "properties": {
- "twitterUserName": {
- "title": "Twitter username",
- "description": "Twitter Username",
- "type": "string",
- "required": false,
- "minLength": 1,
- "maxLength": 20,
- "permissions": [
- {
- "principal": "SELF",
- "action": "READ_WRITE"
}
]
}
}, - "required": [ ]
}
}
}
{- "name": "user",
- "title": "Default Okta User",
- "lastUpdated": "2015-09-05T10:40:45.000Z",
- "created": "2015-02-02T10:27:36.000Z",
- "definitions": {
- "base": {
- "id": "#base",
- "type": "object",
- "properties": {
- "login": {
- "title": "Username",
- "type": "string",
- "required": true,
- "minLength": 5,
- "maxLength": 100,
- "permissions": [
- {
- "principal": "SELF",
- "action": "READ_WRITE"
}
]
}, - "firstName": {
- "title": "First name",
- "type": "string",
- "required": true,
- "minLength": 1,
- "maxLength": 50,
- "permissions": [
- {
- "principal": "SELF",
- "action": "READ_WRITE"
}
]
}, - "lastName": {
- "title": "Last name",
- "type": "string",
- "required": true,
- "minLength": 1,
- "maxLength": 50,
- "permissions": [
- {
- "principal": "SELF",
- "action": "READ_WRITE"
}
]
}, - "email": {
- "title": "Primary email",
- "type": "string",
- "required": true,
- "format": "email",
- "permissions": [
- {
- "principal": "SELF",
- "action": "READ_WRITE"
}
]
}
}, - "required": [
- "login",
- "firstName",
- "lastName",
- "email"
]
}, - "custom": {
- "id": "#custom",
- "type": "object",
- "properties": {
- "twitterUserName": {
- "title": "Twitter username",
- "description": "User's username for twitter.com",
- "type": "string",
- "required": false,
- "minLength": 1,
- "maxLength": 20,
- "permissions": [
- {
- "principal": "SELF",
- "action": "READ_WRITE"
}
]
}
}, - "required": [ ]
}
}, - "type": "object",
- "properties": {
- "profile": {
- "allOf": [
- {
- "$ref": "#/definitions/base"
}, - {
- "$ref": "#/definitions/custom"
}
]
}
}
}