Trusted Origins

The Trusted Origins API provides operations to manage Trusted Origins and sources.

When external URLs are requested during sign-in, sign-out, or recovery operations, Okta checks those URLs against the allowed list of Trusted Origins. Trusted Origins also enable browser-based applications to access Okta APIs from JavaScript (CORS). If the origins aren't specified, the related operation (redirect or Okta API access) isn't permitted.

You can also configure Trusted Origins to allow iFrame embedding of Okta resources, such as Okta sign-in pages and the Okta End-User Dashboard, within that origin. This is an Early Access feature. To enable it, contact Okta Support.

Note: This Early Access feature is supported for Okta domains only. It isn't currently supported for custom domains.

List all Trusted Origins
OAuth 2.0: okta.trustedOrigins.read

Lists all trusted origins

Request
query Parameters
q
string
filter
string
after
string
limit
integer <int32>
Default: -1
Responses
200

Success

403

Forbidden

429

Too Many Requests

get/api/v1/trustedOrigins
Request samples 
Response samples 
application/json
[
  • {
    • "created": "2019-08-24T14:15:22Z",
    • "createdBy": "string",
    • "id": "string",
    • "lastUpdated": "2019-08-24T14:15:22Z",
    • "lastUpdatedBy": "string",
    • "name": "string",
    • "origin": "string",
    • "scopes": [
      ],
    • "status": "string",
    • "_links": {
      }
    }
]
Create a Trusted Origin
OAuth 2.0: okta.trustedOrigins.manage
Creates a trusted origin


Request 
Request Body schema: application/json
createdBy
string
 
lastUpdatedBy
string
 
name
string
 
origin
string
 
Array of objects (TrustedOriginScope) 
 
 Array 
allowedOktaApps
Array of strings (IframeEmbedScopeAllowedApps) 
Items Value: "OKTA_ENDUSER"  
type
string (TrustedOriginScopeType) 
 Enum: "CORS" "IFRAME_EMBED" "REDIRECT"  
status
string
 
Responses 
200
Success


400
Bad Request


403
Forbidden


429
Too Many Requests


post/api/v1/trustedOrigins
Request samples 
application/json
{
  • "createdBy": "string",
  • "lastUpdatedBy": "string",
  • "name": "string",
  • "origin": "string",
  • "scopes": [
    • {
      }
    ],
  • "status": "string"
}
Response samples 
application/json
{
  • "created": "2019-08-24T14:15:22Z",
  • "createdBy": "string",
  • "id": "string",
  • "lastUpdated": "2019-08-24T14:15:22Z",
  • "lastUpdatedBy": "string",
  • "name": "string",
  • "origin": "string",
  • "scopes": [
    • {
      }
    ],
  • "status": "string",
  • "_links": {
    • "self": {
      }
    }
}
Retrieve a Trusted Origin
OAuth 2.0: okta.trustedOrigins.read
Retrieves a trusted origin


Request 
path Parameters
trustedOriginId
required
string
id of the Trusted Origin


 
 Example:  7j2PkU1nyNIDe26ZNufR
Responses 
200
Success


403
Forbidden


404
Not Found


429
Too Many Requests


get/api/v1/trustedOrigins/{trustedOriginId}
Request samples 
Response samples 
application/json
{
  • "created": "2019-08-24T14:15:22Z",
  • "createdBy": "string",
  • "id": "string",
  • "lastUpdated": "2019-08-24T14:15:22Z",
  • "lastUpdatedBy": "string",
  • "name": "string",
  • "origin": "string",
  • "scopes": [
    • {
      }
    ],
  • "status": "string",
  • "_links": {
    • "self": {
      }
    }
}
Replace a Trusted Origin
OAuth 2.0: okta.trustedOrigins.manage
Replaces a trusted origin


Request 
path Parameters
trustedOriginId
required
string
id of the Trusted Origin


 
 Example:  7j2PkU1nyNIDe26ZNufR
Request Body schema: application/json
createdBy
string
 
lastUpdatedBy
string
 
name
string
 
origin
string
 
Array of objects (TrustedOriginScope) 
 
 Array 
allowedOktaApps
Array of strings (IframeEmbedScopeAllowedApps) 
Items Value: "OKTA_ENDUSER"  
type
string (TrustedOriginScopeType) 
 Enum: "CORS" "IFRAME_EMBED" "REDIRECT"  
status
string
 
Responses 
200
Success


400
Bad Request


403
Forbidden


404
Not Found


429
Too Many Requests


put/api/v1/trustedOrigins/{trustedOriginId}
Request samples 
application/json
{
  • "createdBy": "string",
  • "lastUpdatedBy": "string",
  • "name": "string",
  • "origin": "string",
  • "scopes": [
    • {
      }
    ],
  • "status": "string"
}
Response samples 
application/json
{
  • "created": "2019-08-24T14:15:22Z",
  • "createdBy": "string",
  • "id": "string",
  • "lastUpdated": "2019-08-24T14:15:22Z",
  • "lastUpdatedBy": "string",
  • "name": "string",
  • "origin": "string",
  • "scopes": [
    • {
      }
    ],
  • "status": "string",
  • "_links": {
    • "self": {
      }
    }
}
Delete a Trusted Origin
OAuth 2.0: okta.trustedOrigins.manage
Deletes a trusted origin


Request 
path Parameters
trustedOriginId
required
string
id of the Trusted Origin


 
 Example:  7j2PkU1nyNIDe26ZNufR
Responses 
204
Success


403
Forbidden


404
Not Found


429
Too Many Requests


delete/api/v1/trustedOrigins/{trustedOriginId}
Request samples 
Response samples 
application/json
{
  • "errorCode": "E0000006",
  • "errorSummary": "You do not have permission to perform the requested action",
  • "errorLink": "E0000006",
  • "errorId": "sampleNUSD_8fdkFd8fs8SDBK",
  • "errorCauses": [ ]
}
Activate a Trusted Origin
OAuth 2.0: okta.trustedOrigins.manage
Activates a trusted origin


Request 
path Parameters
trustedOriginId
required
string
id of the Trusted Origin


 
 Example:  7j2PkU1nyNIDe26ZNufR
Responses 
200
Success


403
Forbidden


404
Not Found


429
Too Many Requests


post/api/v1/trustedOrigins/{trustedOriginId}/lifecycle/activate
Request samples 
Response samples 
application/json
{
  • "created": "2019-08-24T14:15:22Z",
  • "createdBy": "string",
  • "id": "string",
  • "lastUpdated": "2019-08-24T14:15:22Z",
  • "lastUpdatedBy": "string",
  • "name": "string",
  • "origin": "string",
  • "scopes": [
    • {
      }
    ],
  • "status": "string",
  • "_links": {
    • "self": {
      }
    }
}
Deactivate a Trusted Origin
OAuth 2.0: okta.trustedOrigins.manage
Deactivates a trusted origin


Request 
path Parameters
trustedOriginId
required
string
id of the Trusted Origin


 
 Example:  7j2PkU1nyNIDe26ZNufR
Responses 
200
Success


403
Forbidden


404
Not Found


429
Too Many Requests


post/api/v1/trustedOrigins/{trustedOriginId}/lifecycle/deactivate
Request samples 
Response samples 
application/json
{
  • "created": "2019-08-24T14:15:22Z",
  • "createdBy": "string",
  • "id": "string",
  • "lastUpdated": "2019-08-24T14:15:22Z",
  • "lastUpdatedBy": "string",
  • "name": "string",
  • "origin": "string",
  • "scopes": [
    • {
      }
    ],
  • "status": "string",
  • "_links": {
    • "self": {
      }
    }
}