okta.users.read
Lists all users that do not have a status of 'DEPROVISIONED' (by default), up to the maximum (200 for most orgs), with pagination. A subset of users can be returned that match a supported filter expression or search criteria.
q | string Finds a user that matches firstName, lastName, and email properties |
after | string The cursor to use for pagination. It is an opaque string that specifies your current location in the list and is obtained from the |
limit | integer <int32> Default: 200 Specifies the number of results returned. Defaults to 10 if |
filter | string Filters users with a supported expression for a subset of properties |
search | string Searches for users with a supported filtering expression for most properties. Okta recommends using this parameter for search for best performance. |
sortBy | string |
sortOrder | string Sorting is done in ASCII sort order (that is, by ASCII character value), but isn't case sensitive. |
Success
Forbidden
Too Many Requests
[- {
- "id": "00u118oQYT4TBTemp0g4",
- "status": "ACTIVE",
- "created": "2022-04-04T15:56:05.000Z",
- "activated": null,
- "statusChanged": null,
- "lastLogin": "2022-05-04T19:50:52.000Z",
- "lastUpdated": "2022-05-05T18:15:44.000Z",
- "passwordChanged": "2022-04-04T16:00:22.000Z",
- "type": {
- "id": "oty1162QAr8hJjTaq0g4"
}, - "profile": {
- "firstName": "Alice",
- "lastName": "Smith",
- "mobilePhone": null,
- "secondEmail": null,
- "login": "alice.smith@example.com",
- "email": "alice.smith@example.com"
}, - "credentials": {
- "password": { },
- "provider": {
- "type": "OKTA",
- "name": "OKTA"
}
},
}
]
okta.users.manage
Creates a new user in your Okta organization with or without credentials
Legal Disclaimer
After a user is added to the Okta directory, they receive an activation email. As part of signing up for this service, you agreed not to use Okta's service/product to spam and/or send unsolicited messages. Please refrain from adding unrelated accounts to the directory as Okta is not responsible for, and disclaims any and all liability associated with, the activation email's content. You, and you alone, bear responsibility for the emails sent to any recipients.
object (UserCredentials) | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
| |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
groupIds | Array of strings | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
required | object (UserProfile) Specifies the default and custom profile properties for a user. The default user profile is based on the System for Cross-domain Identity Management: Core Schema.
The only permitted customizations of the default profile are to update permissions, change whether the You can extend user profiles with custom properties. You must first add the custom property to the user profile schema before you reference it. You can use the Profile Editor in the Admin console or the Schemas API to manage schema extensions. Custom attributes may contain HTML tags. It's the client's responsibility to escape or encode this data before displaying it. Use best-practices to prevent cross-site scripting. | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
| |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
object The ID of the user type. Add this value if you want to create a user with a non-default user type.
The user type determines which schema applies to that user. After a user has been created, the user can
only be assigned a different user type by an administrator through a full replacement ( | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Success
Bad Request
Forbidden
Too Many Requests
{- "credentials": {
- "password": {
- "hash": {
- "algorithm": "BCRYPT",
- "digestAlgorithm": "SHA256_HMAC",
- "iterationCount": 0,
- "keySize": 0,
- "salt": "string",
- "saltOrder": "string",
- "value": "string",
- "workFactor": 1
}, - "hook": {
- "type": "string"
}, - "value": "pa$$word"
}, - "provider": { },
- "recovery_question": {
- "answer": "string",
- "question": "string"
}
}, - "groupIds": [
- "string"
], - "profile": {
- "city": "string",
- "costCenter": "string",
- "countryCode": "st",
- "department": "string",
- "displayName": "string",
- "division": "string",
- "email": "user@example.com",
- "employeeNumber": "string",
- "firstName": "string",
- "honorificPrefix": "string",
- "honorificSuffix": "string",
- "lastName": "string",
- "locale": "string",
- "login": "string",
- "manager": "string",
- "managerId": "string",
- "middleName": "string",
- "mobilePhone": "string",
- "nickName": "string",
- "organization": "string",
- "postalAddress": "string",
- "preferredLanguage": "string",
- "primaryPhone": "string",
- "profileUrl": "string",
- "secondEmail": "user@example.com",
- "state": "string",
- "streetAddress": "string",
- "timezone": "string",
- "title": "string",
- "userType": "string",
- "zipCode": "string"
}, - "type": {
- "id": "string"
}
}
{- "activated": "2019-08-24T14:15:22Z",
- "created": "2019-08-24T14:15:22Z",
- "credentials": {
- "password": {
- "hash": {
- "algorithm": "BCRYPT",
- "digestAlgorithm": "SHA256_HMAC",
- "iterationCount": 0,
- "keySize": 0,
- "salt": "string",
- "saltOrder": "string",
- "value": "string",
- "workFactor": 1
}, - "hook": {
- "type": "string"
}
}, - "provider": {
- "name": "string",
- "type": "ACTIVE_DIRECTORY"
}, - "recovery_question": {
- "question": "string"
}
}, - "id": "string",
- "lastLogin": "2019-08-24T14:15:22Z",
- "lastUpdated": "2019-08-24T14:15:22Z",
- "passwordChanged": "2019-08-24T14:15:22Z",
- "profile": {
- "city": "string",
- "costCenter": "string",
- "countryCode": "st",
- "department": "string",
- "displayName": "string",
- "division": "string",
- "email": "user@example.com",
- "employeeNumber": "string",
- "firstName": "string",
- "honorificPrefix": "string",
- "honorificSuffix": "string",
- "lastName": "string",
- "locale": "string",
- "login": "string",
- "manager": "string",
- "managerId": "string",
- "middleName": "string",
- "mobilePhone": "string",
- "nickName": "string",
- "organization": "string",
- "postalAddress": "string",
- "preferredLanguage": "string",
- "primaryPhone": "string",
- "profileUrl": "string",
- "secondEmail": "user@example.com",
- "state": "string",
- "streetAddress": "string",
- "timezone": "string",
- "title": "string",
- "userType": "string",
- "zipCode": "string"
}, - "status": "ACTIVE",
- "statusChanged": "2019-08-24T14:15:22Z",
- "transitioningToStatus": "ACTIVE",
- "type": {
- "id": "string"
}, - "_embedded": {
- "property1": { },
- "property2": { }
}, - "_links": {
- "self": {
- "hints": {
- "allow": [
- "DELETE"
]
}, - "href": "string",
- "name": "string",
- "type": "string"
}, - "activate": {
- "hints": {
- "allow": [
- "DELETE"
]
}, - "href": "string",
- "name": "string",
- "type": "string"
}, - "resetPassword": {
- "hints": {
- "allow": [
- "DELETE"
]
}, - "href": "string",
- "name": "string",
- "type": "string"
}, - "resetFactors": {
- "hints": {
- "allow": [
- "DELETE"
]
}, - "href": "string",
- "name": "string",
- "type": "string"
}, - "expirePassword": {
- "hints": {
- "allow": [
- "DELETE"
]
}, - "href": "string",
- "name": "string",
- "type": "string"
}, - "forgotPassword": {
- "hints": {
- "allow": [
- "DELETE"
]
}, - "href": "string",
- "name": "string",
- "type": "string"
}, - "changeRecoveryQuestion": {
- "hints": {
- "allow": [
- "DELETE"
]
}, - "href": "string",
- "name": "string",
- "type": "string"
}, - "deactivate": {
- "hints": {
- "allow": [
- "DELETE"
]
}, - "href": "string",
- "name": "string",
- "type": "string"
}, - "reactivate": {
- "hints": {
- "allow": [
- "DELETE"
]
}, - "href": "string",
- "name": "string",
- "type": "string"
}, - "changePassword": {
- "hints": {
- "allow": [
- "DELETE"
]
}, - "href": "string",
- "name": "string",
- "type": "string"
}, - "schema": {
- "hints": {
- "allow": [
- "DELETE"
]
}, - "href": "string",
- "name": "string",
- "type": "string"
}, - "suspend": {
- "hints": {
- "allow": [
- "DELETE"
]
}, - "href": "string",
- "name": "string",
- "type": "string"
}, - "unsuspend": {
- "hints": {
- "allow": [
- "DELETE"
]
}, - "href": "string",
- "name": "string",
- "type": "string"
}, - "unlock": {
- "hints": {
- "allow": [
- "DELETE"
]
}, - "href": "string",
- "name": "string",
- "type": "string"
}, - "type": {
- "hints": {
- "allow": [
- "DELETE"
]
}, - "href": "string",
- "name": "string",
- "type": "string"
}
}
}
okta.users.read
Retrieves a user from your Okta organization
Success
Forbidden
Not Found
Too Many Requests
{- "activated": "2019-08-24T14:15:22Z",
- "created": "2019-08-24T14:15:22Z",
- "credentials": {
- "password": {
- "hash": {
- "algorithm": "BCRYPT",
- "digestAlgorithm": "SHA256_HMAC",
- "iterationCount": 0,
- "keySize": 0,
- "salt": "string",
- "saltOrder": "string",
- "value": "string",
- "workFactor": 1
}, - "hook": {
- "type": "string"
}
}, - "provider": {
- "name": "string",
- "type": "ACTIVE_DIRECTORY"
}, - "recovery_question": {
- "question": "string"
}
}, - "id": "string",
- "lastLogin": "2019-08-24T14:15:22Z",
- "lastUpdated": "2019-08-24T14:15:22Z",
- "passwordChanged": "2019-08-24T14:15:22Z",
- "profile": {
- "city": "string",
- "costCenter": "string",
- "countryCode": "st",
- "department": "string",
- "displayName": "string",
- "division": "string",
- "email": "user@example.com",
- "employeeNumber": "string",
- "firstName": "string",
- "honorificPrefix": "string",
- "honorificSuffix": "string",
- "lastName": "string",
- "locale": "string",
- "login": "string",
- "manager": "string",
- "managerId": "string",
- "middleName": "string",
- "mobilePhone": "string",
- "nickName": "string",
- "organization": "string",
- "postalAddress": "string",
- "preferredLanguage": "string",
- "primaryPhone": "string",
- "profileUrl": "string",
- "secondEmail": "user@example.com",
- "state": "string",
- "streetAddress": "string",
- "timezone": "string",
- "title": "string",
- "userType": "string",
- "zipCode": "string"
}, - "status": "ACTIVE",
- "statusChanged": "2019-08-24T14:15:22Z",
- "transitioningToStatus": "ACTIVE",
- "type": {
- "id": "string"
}, - "_embedded": {
- "property1": { },
- "property2": { },
- "blocks": [
- {
- "appliesTo": "ANY_DEVICES",
- "type": "DEVICE_BASED"
}
]
}, - "_links": {
- "self": {
- "hints": {
- "allow": [
- "DELETE"
]
}, - "href": "string",
- "name": "string",
- "type": "string"
}, - "activate": {
- "hints": {
- "allow": [
- "DELETE"
]
}, - "href": "string",
- "name": "string",
- "type": "string"
}, - "resetPassword": {
- "hints": {
- "allow": [
- "DELETE"
]
}, - "href": "string",
- "name": "string",
- "type": "string"
}, - "resetFactors": {
- "hints": {
- "allow": [
- "DELETE"
]
}, - "href": "string",
- "name": "string",
- "type": "string"
}, - "expirePassword": {
- "hints": {
- "allow": [
- "DELETE"
]
}, - "href": "string",
- "name": "string",
- "type": "string"
}, - "forgotPassword": {
- "hints": {
- "allow": [
- "DELETE"
]
}, - "href": "string",
- "name": "string",
- "type": "string"
}, - "changeRecoveryQuestion": {
- "hints": {
- "allow": [
- "DELETE"
]
}, - "href": "string",
- "name": "string",
- "type": "string"
}, - "deactivate": {
- "hints": {
- "allow": [
- "DELETE"
]
}, - "href": "string",
- "name": "string",
- "type": "string"
}, - "reactivate": {
- "hints": {
- "allow": [
- "DELETE"
]
}, - "href": "string",
- "name": "string",
- "type": "string"
}, - "changePassword": {
- "hints": {
- "allow": [
- "DELETE"
]
}, - "href": "string",
- "name": "string",
- "type": "string"
}, - "schema": {
- "hints": {
- "allow": [
- "DELETE"
]
}, - "href": "string",
- "name": "string",
- "type": "string"
}, - "suspend": {
- "hints": {
- "allow": [
- "DELETE"
]
}, - "href": "string",
- "name": "string",
- "type": "string"
}, - "unsuspend": {
- "hints": {
- "allow": [
- "DELETE"
]
}, - "href": "string",
- "name": "string",
- "type": "string"
}, - "unlock": {
- "hints": {
- "allow": [
- "DELETE"
]
}, - "href": "string",
- "name": "string",
- "type": "string"
}, - "type": {
- "hints": {
- "allow": [
- "DELETE"
]
}, - "href": "string",
- "name": "string",
- "type": "string"
}
}
}
okta.users.manage
Updates a user partially determined by the request parameters
object (UserCredentials) | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
| |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
object (UserProfile) Specifies the default and custom profile properties for a user. The default user profile is based on the System for Cross-domain Identity Management: Core Schema.
The only permitted customizations of the default profile are to update permissions, change whether the You can extend user profiles with custom properties. You must first add the custom property to the user profile schema before you reference it. You can use the Profile Editor in the Admin console or the Schemas API to manage schema extensions. Custom attributes may contain HTML tags. It's the client's responsibility to escape or encode this data before displaying it. Use best-practices to prevent cross-site scripting. | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
Success
Bad Request
Forbidden
Not Found
Too Many Requests
{- "credentials": {
- "password": {
- "hash": {
- "algorithm": "BCRYPT",
- "digestAlgorithm": "SHA256_HMAC",
- "iterationCount": 0,
- "keySize": 0,
- "salt": "string",
- "saltOrder": "string",
- "value": "string",
- "workFactor": 1
}, - "hook": {
- "type": "string"
}, - "value": "pa$$word"
}, - "provider": { },
- "recovery_question": {
- "answer": "string",
- "question": "string"
}
}, - "profile": {
- "city": "string",
- "costCenter": "string",
- "countryCode": "st",
- "department": "string",
- "displayName": "string",
- "division": "string",
- "email": "user@example.com",
- "employeeNumber": "string",
- "firstName": "string",
- "honorificPrefix": "string",
- "honorificSuffix": "string",
- "lastName": "string",
- "locale": "string",
- "login": "string",
- "manager": "string",
- "managerId": "string",
- "middleName": "string",
- "mobilePhone": "string",
- "nickName": "string",
- "organization": "string",
- "postalAddress": "string",
- "preferredLanguage": "string",
- "primaryPhone": "string",
- "profileUrl": "string",
- "secondEmail": "user@example.com",
- "state": "string",
- "streetAddress": "string",
- "timezone": "string",
- "title": "string",
- "userType": "string",
- "zipCode": "string"
}
}
{- "activated": "2019-08-24T14:15:22Z",
- "created": "2019-08-24T14:15:22Z",
- "credentials": {
- "password": {
- "hash": {
- "algorithm": "BCRYPT",
- "digestAlgorithm": "SHA256_HMAC",
- "iterationCount": 0,
- "keySize": 0,
- "salt": "string",
- "saltOrder": "string",
- "value": "string",
- "workFactor": 1
}, - "hook": {
- "type": "string"
}
}, - "provider": {
- "name": "string",
- "type": "ACTIVE_DIRECTORY"
}, - "recovery_question": {
- "question": "string"
}
}, - "id": "string",
- "lastLogin": "2019-08-24T14:15:22Z",
- "lastUpdated": "2019-08-24T14:15:22Z",
- "passwordChanged": "2019-08-24T14:15:22Z",
- "profile": {
- "city": "string",
- "costCenter": "string",
- "countryCode": "st",
- "department": "string",
- "displayName": "string",
- "division": "string",
- "email": "user@example.com",
- "employeeNumber": "string",
- "firstName": "string",
- "honorificPrefix": "string",
- "honorificSuffix": "string",
- "lastName": "string",
- "locale": "string",
- "login": "string",
- "manager": "string",
- "managerId": "string",
- "middleName": "string",
- "mobilePhone": "string",
- "nickName": "string",
- "organization": "string",
- "postalAddress": "string",
- "preferredLanguage": "string",
- "primaryPhone": "string",
- "profileUrl": "string",
- "secondEmail": "user@example.com",
- "state": "string",
- "streetAddress": "string",
- "timezone": "string",
- "title": "string",
- "userType": "string",
- "zipCode": "string"
}, - "status": "ACTIVE",
- "statusChanged": "2019-08-24T14:15:22Z",
- "transitioningToStatus": "ACTIVE",
- "type": {
- "id": "string"
}, - "_embedded": {
- "property1": { },
- "property2": { }
}, - "_links": {
- "self": {
- "hints": {
- "allow": [
- "DELETE"
]
}, - "href": "string",
- "name": "string",
- "type": "string"
}, - "activate": {
- "hints": {
- "allow": [
- "DELETE"
]
}, - "href": "string",
- "name": "string",
- "type": "string"
}, - "resetPassword": {
- "hints": {
- "allow": [
- "DELETE"
]
}, - "href": "string",
- "name": "string",
- "type": "string"
}, - "resetFactors": {
- "hints": {
- "allow": [
- "DELETE"
]
}, - "href": "string",
- "name": "string",
- "type": "string"
}, - "expirePassword": {
- "hints": {
- "allow": [
- "DELETE"
]
}, - "href": "string",
- "name": "string",
- "type": "string"
}, - "forgotPassword": {
- "hints": {
- "allow": [
- "DELETE"
]
}, - "href": "string",
- "name": "string",
- "type": "string"
}, - "changeRecoveryQuestion": {
- "hints": {
- "allow": [
- "DELETE"
]
}, - "href": "string",
- "name": "string",
- "type": "string"
}, - "deactivate": {
- "hints": {
- "allow": [
- "DELETE"
]
}, - "href": "string",
- "name": "string",
- "type": "string"
}, - "reactivate": {
- "hints": {
- "allow": [
- "DELETE"
]
}, - "href": "string",
- "name": "string",
- "type": "string"
}, - "changePassword": {
- "hints": {
- "allow": [
- "DELETE"
]
}, - "href": "string",
- "name": "string",
- "type": "string"
}, - "schema": {
- "hints": {
- "allow": [
- "DELETE"
]
}, - "href": "string",
- "name": "string",
- "type": "string"
}, - "suspend": {
- "hints": {
- "allow": [
- "DELETE"
]
}, - "href": "string",
- "name": "string",
- "type": "string"
}, - "unsuspend": {
- "hints": {
- "allow": [
- "DELETE"
]
}, - "href": "string",
- "name": "string",
- "type": "string"
}, - "unlock": {
- "hints": {
- "allow": [
- "DELETE"
]
}, - "href": "string",
- "name": "string",
- "type": "string"
}, - "type": {
- "hints": {
- "allow": [
- "DELETE"
]
}, - "href": "string",
- "name": "string",
- "type": "string"
}
}
}
okta.users.manage
Replaces a user's profile and/or credentials using strict-update semantics
object (UserCredentials) | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
| |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
object (UserProfile) Specifies the default and custom profile properties for a user. The default user profile is based on the System for Cross-domain Identity Management: Core Schema.
The only permitted customizations of the default profile are to update permissions, change whether the You can extend user profiles with custom properties. You must first add the custom property to the user profile schema before you reference it. You can use the Profile Editor in the Admin console or the Schemas API to manage schema extensions. Custom attributes may contain HTML tags. It's the client's responsibility to escape or encode this data before displaying it. Use best-practices to prevent cross-site scripting. | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
| |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
object The user type that determines the schema for the user's profile. The | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Success
Bad Request
Forbidden
Not Found
Too Many Requests
{- "credentials": {
- "password": {
- "hash": {
- "algorithm": "BCRYPT",
- "digestAlgorithm": "SHA256_HMAC",
- "iterationCount": 0,
- "keySize": 0,
- "salt": "string",
- "saltOrder": "string",
- "value": "string",
- "workFactor": 1
}, - "hook": {
- "type": "string"
}, - "value": "pa$$word"
}, - "provider": { },
- "recovery_question": {
- "answer": "string",
- "question": "string"
}
}, - "profile": {
- "city": "string",
- "costCenter": "string",
- "countryCode": "st",
- "department": "string",
- "displayName": "string",
- "division": "string",
- "email": "user@example.com",
- "employeeNumber": "string",
- "firstName": "string",
- "honorificPrefix": "string",
- "honorificSuffix": "string",
- "lastName": "string",
- "locale": "string",
- "login": "string",
- "manager": "string",
- "managerId": "string",
- "middleName": "string",
- "mobilePhone": "string",
- "nickName": "string",
- "organization": "string",
- "postalAddress": "string",
- "preferredLanguage": "string",
- "primaryPhone": "string",
- "profileUrl": "string",
- "secondEmail": "user@example.com",
- "state": "string",
- "streetAddress": "string",
- "timezone": "string",
- "title": "string",
- "userType": "string",
- "zipCode": "string"
}, - "type": {
- "id": "string"
}
}
{- "activated": "2019-08-24T14:15:22Z",
- "created": "2019-08-24T14:15:22Z",
- "credentials": {
- "password": {
- "hash": {
- "algorithm": "BCRYPT",
- "digestAlgorithm": "SHA256_HMAC",
- "iterationCount": 0,
- "keySize": 0,
- "salt": "string",
- "saltOrder": "string",
- "value": "string",
- "workFactor": 1
}, - "hook": {
- "type": "string"
}
}, - "provider": {
- "name": "string",
- "type": "ACTIVE_DIRECTORY"
}, - "recovery_question": {
- "question": "string"
}
}, - "id": "string",
- "lastLogin": "2019-08-24T14:15:22Z",
- "lastUpdated": "2019-08-24T14:15:22Z",
- "passwordChanged": "2019-08-24T14:15:22Z",
- "profile": {
- "city": "string",
- "costCenter": "string",
- "countryCode": "st",
- "department": "string",
- "displayName": "string",
- "division": "string",
- "email": "user@example.com",
- "employeeNumber": "string",
- "firstName": "string",
- "honorificPrefix": "string",
- "honorificSuffix": "string",
- "lastName": "string",
- "locale": "string",
- "login": "string",
- "manager": "string",
- "managerId": "string",
- "middleName": "string",
- "mobilePhone": "string",
- "nickName": "string",
- "organization": "string",
- "postalAddress": "string",
- "preferredLanguage": "string",
- "primaryPhone": "string",
- "profileUrl": "string",
- "secondEmail": "user@example.com",
- "state": "string",
- "streetAddress": "string",
- "timezone": "string",
- "title": "string",
- "userType": "string",
- "zipCode": "string"
}, - "status": "ACTIVE",
- "statusChanged": "2019-08-24T14:15:22Z",
- "transitioningToStatus": "ACTIVE",
- "type": {
- "id": "string"
}, - "_embedded": {
- "property1": { },
- "property2": { }
}, - "_links": {
- "self": {
- "hints": {
- "allow": [
- "DELETE"
]
}, - "href": "string",
- "name": "string",
- "type": "string"
}, - "activate": {
- "hints": {
- "allow": [
- "DELETE"
]
}, - "href": "string",
- "name": "string",
- "type": "string"
}, - "resetPassword": {
- "hints": {
- "allow": [
- "DELETE"
]
}, - "href": "string",
- "name": "string",
- "type": "string"
}, - "resetFactors": {
- "hints": {
- "allow": [
- "DELETE"
]
}, - "href": "string",
- "name": "string",
- "type": "string"
}, - "expirePassword": {
- "hints": {
- "allow": [
- "DELETE"
]
}, - "href": "string",
- "name": "string",
- "type": "string"
}, - "forgotPassword": {
- "hints": {
- "allow": [
- "DELETE"
]
}, - "href": "string",
- "name": "string",
- "type": "string"
}, - "changeRecoveryQuestion": {
- "hints": {
- "allow": [
- "DELETE"
]
}, - "href": "string",
- "name": "string",
- "type": "string"
}, - "deactivate": {
- "hints": {
- "allow": [
- "DELETE"
]
}, - "href": "string",
- "name": "string",
- "type": "string"
}, - "reactivate": {
- "hints": {
- "allow": [
- "DELETE"
]
}, - "href": "string",
- "name": "string",
- "type": "string"
}, - "changePassword": {
- "hints": {
- "allow": [
- "DELETE"
]
}, - "href": "string",
- "name": "string",
- "type": "string"
}, - "schema": {
- "hints": {
- "allow": [
- "DELETE"
]
}, - "href": "string",
- "name": "string",
- "type": "string"
}, - "suspend": {
- "hints": {
- "allow": [
- "DELETE"
]
}, - "href": "string",
- "name": "string",
- "type": "string"
}, - "unsuspend": {
- "hints": {
- "allow": [
- "DELETE"
]
}, - "href": "string",
- "name": "string",
- "type": "string"
}, - "unlock": {
- "hints": {
- "allow": [
- "DELETE"
]
}, - "href": "string",
- "name": "string",
- "type": "string"
}, - "type": {
- "hints": {
- "allow": [
- "DELETE"
]
}, - "href": "string",
- "name": "string",
- "type": "string"
}
}
}
okta.users.manage
Deletes a user permanently. This operation can only be performed on users that have a DEPROVISIONED
status. This action cannot be recovered!. Calling this on an ACTIVE
user will transition the user to DEPROVISIONED
.
No Content
Bad Request
Forbidden
Not Found
Too Many Requests
{- "errorCauses": [
- {
- "errorSummary": "string"
}
], - "errorCode": "string",
- "errorId": "string",
- "errorLink": "string",
- "errorSummary": "string"
}
okta.users.read
Lists all appLinks for all direct or indirect (via group membership) assigned applications
Success
Forbidden
Not Found
Too Many Requests
[- {
- "appAssignmentId": "string",
- "appInstanceId": "string",
- "appName": "string",
- "credentialsSetup": true,
- "hidden": true,
- "id": "string",
- "label": "string",
- "linkUrl": "string",
- "logoUrl": "string",
- "sortOrder": 0
}
]
okta.users.read
Lists information about how the user is blocked from accessing their account
Success
Forbidden
Not Found
Too Many Requests
[- {
- "type": "DEVICE_BASED",
- "appliesTo": "UNKNOWN_DEVICES"
}
]
okta.users.read
Lists all client resources for which the specified user has grants or tokens
Success
Forbidden
Not Found
Too Many Requests
[- {
- "client_id": "string",
- "client_name": "string",
- "client_uri": "string",
- "logo_uri": "string",
- "_links": {
- "self": {
- "hints": {
- "allow": [
- "DELETE"
]
}, - "href": "string",
- "name": "string",
- "type": "string"
}
}
}
]
okta.users.read
Lists all grants for a specified user and client
Success
Forbidden
Not Found
Too Many Requests
[- {
- "clientId": "string",
- "created": "2019-08-24T14:15:22Z",
- "createdBy": {
- "id": "string",
- "type": "User"
}, - "id": "string",
- "lastUpdated": "2019-08-24T14:15:22Z",
- "scopeId": "okta.users.read",
- "source": "ADMIN",
- "status": "ACTIVE",
- "userId": "string",
- "_embedded": {
- "scope": {
- "id": "okta.users.read"
}
}, - "_links": {
- "self": {
- "hints": {
- "allow": [
- "DELETE"
]
}, - "href": "string",
- "name": "string",
- "type": "string"
}, - "app": {
- "hints": {
- "allow": [
- "string"
]
}, - "href": "string",
- "title": "string",
- "type": "string"
}, - "client": {
- "hints": {
- "allow": [
- "string"
]
}, - "href": "string",
- "title": "string",
- "type": "string"
}
}
}
]
okta.users.manage
Revokes all grants for the specified user and client
No Content
Forbidden
Not Found
Too Many Requests
{- "errorCode": "E0000006",
- "errorSummary": "You do not have permission to perform the requested action",
- "errorLink": "E0000006",
- "errorId": "sampleNUSD_8fdkFd8fs8SDBK",
- "errorCauses": [ ]
}
okta.users.read
Lists all refresh tokens issued for the specified User and Client
Success
Forbidden
Not Found
Too Many Requests
[- {
- "clientId": "string",
- "created": "2019-08-24T14:15:22Z",
- "expiresAt": "2019-08-24T14:15:22Z",
- "id": "string",
- "issuer": "string",
- "lastUpdated": "2019-08-24T14:15:22Z",
- "scopes": [
- "string"
], - "status": "ACTIVE",
- "userId": "string",
- "_embedded": {
- "scopes": [
- {
- "description": "string",
- "displayName": "string",
- "id": "string",
- "name": "string",
- "_links": {
- "scope": {
- "hints": {
- "allow": [ ]
}, - "href": "string",
- "title": "string",
- "type": "string"
}
}
}
]
}, - "_links": {
- "self": {
- "hints": {
- "allow": [
- "DELETE"
]
}, - "href": "string",
- "name": "string",
- "type": "string"
}, - "app": {
- "hints": {
- "allow": [
- "string"
]
}, - "href": "string",
- "title": "string",
- "type": "string"
}, - "revoke": {
- "hints": {
- "allow": [
- "DELETE"
]
}, - "href": "string",
- "title": "string",
- "type": "string"
}, - "client": {
- "hints": {
- "allow": [
- "string"
]
}, - "href": "string",
- "title": "string",
- "type": "string"
}, - "user": {
- "hints": {
- "allow": [
- "string"
]
}, - "href": "string",
- "title": "string",
- "type": "string"
}, - "authorizationServer": {
- "hints": {
- "allow": [
- "string"
]
}, - "href": "string",
- "title": "string",
- "type": "string"
}
}
}
]
okta.users.manage
Revokes all refresh tokens issued for the specified User and Client
No Content
Forbidden
Not Found
Too Many Requests
{- "errorCode": "E0000006",
- "errorSummary": "You do not have permission to perform the requested action",
- "errorLink": "E0000006",
- "errorId": "sampleNUSD_8fdkFd8fs8SDBK",
- "errorCauses": [ ]
}
okta.users.read
Retrieves a refresh token issued for the specified User and Client
Success
Forbidden
Not Found
Too Many Requests
{- "clientId": "string",
- "created": "2019-08-24T14:15:22Z",
- "expiresAt": "2019-08-24T14:15:22Z",
- "id": "string",
- "issuer": "string",
- "lastUpdated": "2019-08-24T14:15:22Z",
- "scopes": [
- "string"
], - "status": "ACTIVE",
- "userId": "string",
- "_embedded": {
- "scopes": [
- {
- "description": "string",
- "displayName": "string",
- "id": "string",
- "name": "string",
- "_links": {
- "scope": {
- "hints": {
- "allow": [
- null
]
}, - "href": "string",
- "title": "string",
- "type": "string"
}
}
}
]
}, - "_links": {
- "self": {
- "hints": {
- "allow": [
- "DELETE"
]
}, - "href": "string",
- "name": "string",
- "type": "string"
}, - "app": {
- "hints": {
- "allow": [
- "string"
]
}, - "href": "string",
- "title": "string",
- "type": "string"
}, - "revoke": {
- "hints": {
- "allow": [
- "DELETE"
]
}, - "href": "string",
- "title": "string",
- "type": "string"
}, - "client": {
- "hints": {
- "allow": [
- "string"
]
}, - "href": "string",
- "title": "string",
- "type": "string"
}, - "user": {
- "hints": {
- "allow": [
- "string"
]
}, - "href": "string",
- "title": "string",
- "type": "string"
}, - "authorizationServer": {
- "hints": {
- "allow": [
- "string"
]
}, - "href": "string",
- "title": "string",
- "type": "string"
}
}
}
okta.users.manage
Revokes the specified refresh token
No Content
Forbidden
Not Found
Too Many Requests
{- "errorCode": "E0000006",
- "errorSummary": "You do not have permission to perform the requested action",
- "errorLink": "E0000006",
- "errorId": "sampleNUSD_8fdkFd8fs8SDBK",
- "errorCauses": [ ]
}
okta.users.manage
Changes a user's password by validating the user's current password. This operation can only be performed on users in STAGED
, ACTIVE
, PASSWORD_EXPIRED
, or RECOVERY
status that have a valid password credential
object (PasswordCredential) When a user has a valid password, imported hashed password, or password hook, and a response object contains
a password credential, then the password object is a bare object without the value property defined (for example, | |||||||||||
| |||||||||||
object (PasswordCredential) When a user has a valid password, imported hashed password, or password hook, and a response object contains
a password credential, then the password object is a bare object without the value property defined (for example, | |||||||||||
| |||||||||||
revokeSessions | boolean |
Success
Bad Request
Forbidden
Not Found
Too Many Requests
{- "newPassword": {
- "hash": {
- "algorithm": "BCRYPT",
- "digestAlgorithm": "SHA256_HMAC",
- "iterationCount": 0,
- "keySize": 0,
- "salt": "string",
- "saltOrder": "string",
- "value": "string",
- "workFactor": 1
}, - "hook": {
- "type": "string"
}, - "value": "pa$$word"
}, - "oldPassword": {
- "hash": {
- "algorithm": "BCRYPT",
- "digestAlgorithm": "SHA256_HMAC",
- "iterationCount": 0,
- "keySize": 0,
- "salt": "string",
- "saltOrder": "string",
- "value": "string",
- "workFactor": 1
}, - "hook": {
- "type": "string"
}, - "value": "pa$$word"
}, - "revokeSessions": true
}
{- "password": {
- "hash": {
- "algorithm": "BCRYPT",
- "digestAlgorithm": "SHA256_HMAC",
- "iterationCount": 0,
- "keySize": 0,
- "salt": "string",
- "saltOrder": "string",
- "value": "string",
- "workFactor": 1
}, - "hook": {
- "type": "string"
}
}, - "provider": {
- "name": "string",
- "type": "ACTIVE_DIRECTORY"
}, - "recovery_question": {
- "question": "string"
}
}
okta.users.manage
Changes a user's recovery question & answer credential by validating the user's current password. This operation can only be performed on users in STAGED, ACTIVE or RECOVERY status
that have a valid password credential
object (PasswordCredential) When a user has a valid password, imported hashed password, or password hook, and a response object contains
a password credential, then the password object is a bare object without the value property defined (for example, | |||||||||||
| |||||||||||
object (AuthenticationProvider) Specifies the authentication provider that validates the user's password credential. The user's current provider is managed by the Delegated Authentication settings for your organization. The provider object is read-only. | |||||||||||
object (RecoveryQuestionCredential) Specifies a secret question and answer that's validated (case insensitive) when a user forgets their password or unlocks their account. The answer property is write-only. | |||||||||||
Success
Bad Request
Forbidden
Not Found
Too Many Requests
{- "password": {
- "hash": {
- "algorithm": "BCRYPT",
- "digestAlgorithm": "SHA256_HMAC",
- "iterationCount": 0,
- "keySize": 0,
- "salt": "string",
- "saltOrder": "string",
- "value": "string",
- "workFactor": 1
}, - "hook": {
- "type": "string"
}, - "value": "pa$$word"
}, - "provider": { },
- "recovery_question": {
- "answer": "string",
- "question": "string"
}
}