Authenticators

The MyAccount Authenticators API provides operations to list all available authenticators and enrollments.

API versioning

A valid API version in the Accept header is required to access the API. Current version: 1.0.0

Accept: application/json; okta-version=1.0.0

List all authenticators
OAuth 2.0: `okta.myAccount.authenticators.read`

Lists all of the authenticators for the current user

Request

query Parameters

expand

string

Optional additional items to return in the _embedded object. Currently supports the value enrollments.

Example: expand=enrollments

Responses

200

Authenticators

403

Forbidden

429

Too Many Requests

get/idp/myaccount/authenticators

Request samples

Response samples

application/json

[{"id": "aut3ji50IyerHHpCa0g5",
"key": "okta_email",
"name": "Email",
"enrollable": true,
"_links": {"self": {"href": "https://sampleorg.okta.com/idp/myaccount/authenticators/aut3ji50IyerHHpCa0g5",
"hints": {"allow": ["GET"
]
}
},
"enroll": {"href": "https://sampleorg.okta.com/idp/authenticators/setup/aut3ji50IyerHHpCa0g5",
"hints": {"allow": ["GET"
]
}
},
"enrollments": {"href": "https://sampleorg.okta.com/idp/myaccount/authenticators/aut3ji50IyerHHpCa0g5/enrollments",
"hints": {"allow": ["GET"
]
}
}
}
},
{"id": "aut3ji4zFcHpwBlic0g5",
"key": "okta_password",
"name": "Password",
"enrollable": true,
"_links": {"self": {"href": "https://sampleorg.okta.com/idp/myaccount/authenticators/aut3ji4zFcHpwBlic0g5",
"hints": {"allow": ["GET"
]
}
},
"enroll": {"href": "https://sampleorg.okta.com/idp/authenticators/setup/aut3ji4zFcHpwBlic0g5/enrollments",
"hints": {"allow": ["GET"
]
}
},
"enrollments": {"href": "https://sampleorg.okta.com/idp/myaccount/authenticators/aut3ji4zFcHpwBlic0g5/enrollments",
"hints": {"allow": ["GET"
]
}
}
}
},
{"id": "aut3jiaiZukD4Ta0Z0g5",
"key": "webauthn",
"name": "Security Key or Biometric",
"enrollable": true,
"_links": {"self": {"href": "https://sampleorg.okta.com/idp/myaccount/authenticators/aut3jiaiZukD4Ta0Z0g5",
"hints": {"allow": ["GET"
]
}
},
"enroll": {"href": "https://sampleorg.okta.com/idp/authenticators/setup/aut3jiaiZukD4Ta0Z0g5",
"hints": {"allow": ["GET"
]
}
},
"enrollments": {"href": "https://sampleorg.okta.com/idp/myaccount/authenticators/aut3jiaiZukD4Ta0Z0g5/enrollments",
"hints": {"allow": ["GET"
]
}
}
}
}
]

Retrieve an authenticator
Identity Engine
OAuth 2.0: `okta.myAccount.authenticators.read`

Retrieves an authenticator by authenticatorId

Request

path Parameters

authenticatorId

required

string

id of the authenticator

Example: aut9gnvcjUHIWb37J0g4

query Parameters

expand

string

Optional additional items to return in the _embedded object. Currently supports the value enrollments.

Example: expand=enrollments

Responses

200

Authenticator

403

Forbidden

404

Not Found

429

Too Many Requests

get/idp/myaccount/authenticators/{authenticatorId}

Request samples

Response samples

application/json

{"id": "aut3jiaiZukD4Ta0Z0g5",
"key": "okta_password",
"name": "Okta password",
"enrollable": true,
"_links": {"self": {"href": "https://sampleorg.okta.com/idp/myaccount/authenticators/aut3jiaiZukD4Ta0Z0g5",
"hints": {"allow": ["GET"
]
}
},
"enroll": {"href": "https://sampleorg.okta.com/idp/authenticators/setup/aut3jiaiZukD4Ta0Z0g5",
"hints": {"allow": ["GET"
]
}
},
"enrollments": {"href": "https://sampleorg.okta.com/idp/myaccount/authenticators/aut3jiaiZukD4Ta0Z0g5/enrollments",
"hints": {"allow": ["GET"
]
}
}
}
}

List all enrollments
Identity Engine
OAuth 2.0: `okta.myAccount.authenticators.read`

Lists all enrollments the current user has for an authenticator

Request

path Parameters

authenticatorId

required

string

id of the authenticator

Example: aut9gnvcjUHIWb37J0g4

Responses

200

Enrollments

403

Forbidden

404

Not Found

429

Too Many Requests

get/idp/myaccount/authenticators/{authenticatorId}/enrollments

Request samples

Response samples

application/json

[{"id": "fwf3jiatpzkqerFkA0g5",
"name": "MacBook Touch ID",
"created": "2023-08-10T20:12:01.000Z",
"canReset": false,
"canUnenroll": true,
"links": {"self": {"href": "https://sampleorg.okta.com/idp/myaccount/authenticators/aut3jiaiZukD4Ta0Z0g5/enrollments/fwf3jiatpzkqerFkA0g5",
"hints": {"allow": ["GET"
]
}
},
"authenticator": {"href": "https://sampleorg.okta.com/idp/myaccount/authenticators/aut3jiaiZukD4Ta0Z0g5",
"hints": {"allow": ["GET"
]
}
},
"unenroll": {"href": "https://sampleorg.okta.com/idp/authenticators/aut3jiaiZukD4Ta0Z0g5/unenroll",
"hints": {"allow": ["GET"
]
}
}
}
},
{"id": "fwf3jiaukymSFdBBS0g5",
"name": "YubiKey 5",
"created": "2023-08-10T20:12:03.000Z",
"canReset": false,
"canUnenroll": true,
"links": {"self": {"href": "https://sampleorg.okta.com/idp/myaccount/authenticators/aut3jiaiZukD4Ta0Z0g5/enrollments/fwf3jiaukymSFdBBS0g5",
"hints": {"allow": ["GET"
]
}
},
"authenticator": {"href": "https://sampleorg.okta.com/idp/myaccount/authenticators/aut3jiaiZukD4Ta0Z0g5",
"hints": {"allow": ["GET"
]
}
},
"unenroll": {"href": "https://sampleorg.okta.com/idp/authenticators/aut3jiaiZukD4Ta0Z0g5/unenroll",
"hints": {"allow": ["GET"
]
}
}
}
}
]

Retrieve an enrollment
Identity Engine
OAuth 2.0: `okta.myAccount.authenticators.read`

Retrieves an enrollment by enrollmentId

Request

path Parameters

authenticatorId required	string `id` of the authenticator Example: aut9gnvcjUHIWb37J0g4
enrollmentId required	string `id` of the authenticator enrollment Example: ufs2bysphxKODSZKWVCT

Responses

200

Enrollment

403

Forbidden

404

Not Found

429

Too Many Requests

get/idp/myaccount/authenticators/{authenticatorId}/enrollments/{enrollmentId}

Request samples

Response samples

application/json

{"id": "pasfs1tgsKqEha3JwZKq",
"name": "Okta password",
"created": "2023-05-01T14:24:54.000Z",
"lastChallenged": "2023-06-01T13:44:54.000Z",
"canReset": true,
"canUnenroll": false,
"_links": {"self": {"href": "https://sampleorg.okta.com/idp/myaccount/authenticators/aut7liEC2BWqGZ8tosym/enrollments/pasfs1tgsKqEha3JwZKq",
"hints": {"allow": ["GET"
]
}
},
"authenticator": {"href": "https://sampleorg.okta.com/idp/myaccount/authenticators/aut7liEC2BWqGZ8tosym",
"hints": {"allow": ["GET"
]
}
},
"modify": {"href": "https://sampleorg.okta.com/idp/authenticators/aut7liEC2BWqGZ8tosym/modify",
"hints": {"allow": ["GET"
]
}
}
}
}

Social
CONTACT & LEGAL
MORE INFORMATION
okta.com
Products, case studies, resources
Help Center
Knowledgebase, roadmaps, and more
Trust
System status, security, compliance

Authenticators

API versioning

List all authenticatorsOAuth 2.0: okta.myAccount.authenticators.read

query Parameters

Retrieve an authenticatorIdentity EngineOAuth 2.0: okta.myAccount.authenticators.read

path Parameters

query Parameters

List all enrollmentsIdentity EngineOAuth 2.0: okta.myAccount.authenticators.read

path Parameters

Retrieve an enrollmentIdentity EngineOAuth 2.0: okta.myAccount.authenticators.read

path Parameters

List all authenticators
OAuth 2.0: `okta.myAccount.authenticators.read`

Retrieve an authenticator
Identity Engine
OAuth 2.0: `okta.myAccount.authenticators.read`

List all enrollments
Identity Engine
OAuth 2.0: `okta.myAccount.authenticators.read`

Retrieve an enrollment
Identity Engine
OAuth 2.0: `okta.myAccount.authenticators.read`