Trusted Origins

The Trusted Origins API provides operations to manage Trusted Origins and sources.

When external URLs are requested during sign-in, sign-out, or recovery operations, Okta checks those URLs against the allowed list of Trusted Origins. Trusted Origins also enable browser-based applications to access Okta APIs from JavaScript (CORS). If the origins aren't specified, the related operation (redirect or Okta API access) isn't permitted.

You can also configure Trusted Origins to allow iFrame embedding of Okta resources, such as Okta sign-in pages and the Okta End-User Dashboard, within that origin. This is an Early Access feature. To enable it, contact Okta Support.

Note: This Early Access feature is supported for Okta domains only. It isn't currently supported for custom domains.

List all Trusted Origins
OAuth 2.0: okta.trustedOrigins.read

Lists all trusted origins

Request
query Parameters
q
string
filter
string
after
string
limit
integer <int32>
Default: -1
Responses
200

Success

403

Forbidden

429

Too Many Requests

get/api/v1/trustedOrigins
Request samples
Response samples
application/json
[
  • {
    • "created": "2019-08-24T14:15:22Z",
    • "createdBy": "string",
    • "id": "string",
    • "lastUpdated": "2019-08-24T14:15:22Z",
    • "lastUpdatedBy": "string",
    • "name": "string",
    • "origin": "string",
    • "scopes": [
      ],
    • "status": "string",
    • "_links": {
      }
    }
]

Create a Trusted Origin
OAuth 2.0: okta.trustedOrigins.manage

Creates a trusted origin

Request
Request Body schema: application/json
required
createdBy
string
lastUpdatedBy
string
name
string
origin
string
Array of objects (TrustedOriginScope)
Array
allowedOktaApps
Array of strings (IframeEmbedScopeAllowedApps)
Items Value: "OKTA_ENDUSER"
type
string (TrustedOriginScopeType)
Enum: "CORS" "IFRAME_EMBED" "REDIRECT"
status
string
Responses
200

Success

400

Bad Request

403

Forbidden

429

Too Many Requests

post/api/v1/trustedOrigins
Request samples
application/json
{
  • "createdBy": "string",
  • "lastUpdatedBy": "string",
  • "name": "string",
  • "origin": "string",
  • "scopes": [
    • {
      }
    ],
  • "status": "string"
}
Response samples
application/json
{
  • "created": "2019-08-24T14:15:22Z",
  • "createdBy": "string",
  • "id": "string",
  • "lastUpdated": "2019-08-24T14:15:22Z",
  • "lastUpdatedBy": "string",
  • "name": "string",
  • "origin": "string",
  • "scopes": [
    • {
      }
    ],
  • "status": "string",
  • "_links": {
    • "self": {
      }
    }
}

Retrieve a Trusted Origin
OAuth 2.0: okta.trustedOrigins.read

Retrieves a trusted origin

Request
path Parameters
trustedOriginId
required
string

id of the Trusted Origin

Example: 7j2PkU1nyNIDe26ZNufR
Responses
200

Success

403

Forbidden

404

Not Found

429

Too Many Requests

get/api/v1/trustedOrigins/{trustedOriginId}
Request samples
Response samples
application/json
{
  • "created": "2019-08-24T14:15:22Z",
  • "createdBy": "string",
  • "id": "string",
  • "lastUpdated": "2019-08-24T14:15:22Z",
  • "lastUpdatedBy": "string",
  • "name": "string",
  • "origin": "string",
  • "scopes": [
    • {
      }
    ],
  • "status": "string",
  • "_links": {
    • "self": {
      }
    }
}

Replace a Trusted Origin
OAuth 2.0: okta.trustedOrigins.manage

Replaces a trusted origin

Request
path Parameters
trustedOriginId
required
string

id of the Trusted Origin

Example: 7j2PkU1nyNIDe26ZNufR
Request Body schema: application/json
required
createdBy
string
lastUpdatedBy
string
name
string
origin
string
Array of objects (TrustedOriginScope)
Array
allowedOktaApps
Array of strings (IframeEmbedScopeAllowedApps)
Items Value: "OKTA_ENDUSER"
type
string (TrustedOriginScopeType)
Enum: "CORS" "IFRAME_EMBED" "REDIRECT"
status
string
Responses
200

Success

400

Bad Request

403

Forbidden

404

Not Found

429

Too Many Requests

put/api/v1/trustedOrigins/{trustedOriginId}
Request samples
application/json
{
  • "createdBy": "string",
  • "lastUpdatedBy": "string",
  • "name": "string",
  • "origin": "string",
  • "scopes": [
    • {
      }
    ],
  • "status": "string"
}
Response samples
application/json
{
  • "created": "2019-08-24T14:15:22Z",
  • "createdBy": "string",
  • "id": "string",
  • "lastUpdated": "2019-08-24T14:15:22Z",
  • "lastUpdatedBy": "string",
  • "name": "string",
  • "origin": "string",
  • "scopes": [
    • {
      }
    ],
  • "status": "string",
  • "_links": {
    • "self": {
      }
    }
}

Delete a Trusted Origin
OAuth 2.0: okta.trustedOrigins.manage

Deletes a trusted origin

Request
path Parameters
trustedOriginId
required
string

id of the Trusted Origin

Example: 7j2PkU1nyNIDe26ZNufR
Responses
204

Success

403

Forbidden

404

Not Found

429

Too Many Requests

delete/api/v1/trustedOrigins/{trustedOriginId}
Request samples
Response samples
application/json
{
  • "errorCode": "E0000006",
  • "errorSummary": "You do not have permission to perform the requested action",
  • "errorLink": "E0000006",
  • "errorId": "sampleNUSD_8fdkFd8fs8SDBK",
  • "errorCauses": [ ]
}

Activate a Trusted Origin
OAuth 2.0: okta.trustedOrigins.manage

Activates a trusted origin

Request
path Parameters
trustedOriginId
required
string

id of the Trusted Origin

Example: 7j2PkU1nyNIDe26ZNufR
Responses
200

Success

403

Forbidden

404

Not Found

429

Too Many Requests

post/api/v1/trustedOrigins/{trustedOriginId}/lifecycle/activate
Request samples
Response samples
application/json
{
  • "created": "2019-08-24T14:15:22Z",
  • "createdBy": "string",
  • "id": "string",
  • "lastUpdated": "2019-08-24T14:15:22Z",
  • "lastUpdatedBy": "string",
  • "name": "string",
  • "origin": "string",
  • "scopes": [
    • {
      }
    ],
  • "status": "string",
  • "_links": {
    • "self": {
      }
    }
}

Deactivate a Trusted Origin
OAuth 2.0: okta.trustedOrigins.manage

Deactivates a trusted origin

Request
path Parameters
trustedOriginId
required
string

id of the Trusted Origin

Example: 7j2PkU1nyNIDe26ZNufR
Responses
200

Success

403

Forbidden

404

Not Found

429

Too Many Requests

post/api/v1/trustedOrigins/{trustedOriginId}/lifecycle/deactivate
Request samples
Response samples
application/json
{
  • "created": "2019-08-24T14:15:22Z",
  • "createdBy": "string",
  • "id": "string",
  • "lastUpdated": "2019-08-24T14:15:22Z",
  • "lastUpdatedBy": "string",
  • "name": "string",
  • "origin": "string",
  • "scopes": [
    • {
      }
    ],
  • "status": "string",
  • "_links": {
    • "self": {
      }
    }
}