Attributes

Attributes control specific settings for OPA Users and Groups.

List all Attribute Conflicts for a Team

Lists all attribute conflicts for your Team

This endpoint requires the following role: resource_admin.

SecuritybearerAuth

Request

path Parameters

team_name

required

string

The name of your Team

query Parameters

count	integer <int32> The number of objects per page
descending	boolean The object order
offset	string The offset value for pagination. The rel="next" and rel="prev" `Link` headers define the offset for subsequent or previous pages.
prev	boolean The direction of paging

Responses

200

get/v1/teams/{team_name}/attributes/conflicts

Request samples

Response samples

application/json

{"list": [{"attribute_name": "unix_user_name",
"attribute_value": "Sec.Admin",
"id": "11faefa1-6b59-4a5a-9492-43195cd07385",
"is_service_user": false,
"user_name": "OPA.User.1"
},
{"attribute_name": "unix_user_name",
"attribute_value": "Sec.Admin",
"id": "11faefa1-6b59-4a5b-9492-43195cd07385",
"is_service_user": false,
"user_name": "OPA.User.2"
},
{"attribute_name": "unix_gid",
"attribute_value": 1001,
"id": "b06dfc59-ae9c-4q43-b583-96d09988fd84",
"user_name": "OPA.User.3"
},
{"attribute_name": "unix_gid",
"attribute_value": 1001,
"id": "ff2c0f25-b73d-4t20-8aeb-b6c39a68a204",
"is_service_user": true,
"user_name": "OPA.User.4"
}
]
}

List all Attributes for a Group

Lists all Attributes for a specified Group

This endpoint requires one of the following roles: resource_admin, delegated_resource_admin.

SecuritybearerAuth

Request

path Parameters

team_name required	string The name of your Team
group_name required	string The name of a Group

query Parameters

count	integer <int32> The number of objects per page
descending	boolean The object order
offset	string The offset value for pagination. The rel="next" and rel="prev" `Link` headers define the offset for subsequent or previous pages.
prev	boolean The direction of paging
conflicting	boolean When `true`, only return attributes that conflict with other attributes on your Team

Responses

200

get/v1/teams/{team_name}/groups/{group_name}/attributes

Request samples

Response samples

application/json

{"list": [{"id": "36844d7c-f311-4a42-866c-f32a5a41e213",
"attribute_name": "unix_group_name",
"attribute_value": "group_old",
"managed": false
},
{"id": "8eb50e3f-ef90-4215-b358-9318b35867de",
"attribute_name": "windows_group_name",
"attribute_value": "group_new",
"managed": false
}
]
}

Retrieve a Group Attribute

Retrieves an Attribute for a Group

This endpoint requires one of the following roles: resource_admin, delegated_resource_admin.

SecuritybearerAuth

Request

path Parameters

team_name required	string The name of your Team
group_name required	string The name of a Group
attribute_id required	string The UUID of an Attribute

Responses

200

get/v1/teams/{team_name}/groups/{group_name}/attributes/{attribute_id}

Request samples

Response samples

application/json

{"attribute_name": "unix_group_name",
"attribute_value": "group_old",
"id": "36844d7c-f311-4a42-866c-f32a5a41e213",
"managed": false
}

Update a Group Attribute

Updates an Attribute for a Group

This endpoint requires the following role: resource_admin.

SecuritybearerAuth

Request

path Parameters

team_name required	string The name of your Team
group_name required	string The name of a Group
attribute_id required	string The UUID of an Attribute

Request Body schema: application/json
required

attribute_name required	string (GroupAttributeName) The type of attribute Enum: "unix_gid" "unix_group_name" "windows_group_name"
required	unix_gid (integer) or unix_group_name (string) or windows_group_name (string)
One of: The associated Unix group ID [ 100 .. 2147483647 ] integer <int32> (unix_gid) [ 100 .. 2147483647 ]

Responses

204

No Content

put/v1/teams/{team_name}/groups/{group_name}/attributes/{attribute_id}

Request samples

application/json

{"attribute_name": "unix_group_name",
"attribute_value": "new_name"
}

List all Attributes for a User

Lists all Attributes for a specified user

This endpoint requires the following role: resource_admin.

SecuritybearerAuth

Request

path Parameters

team_name required	string The name of your Team
user_name required	string The username for an existing User

query Parameters

count	integer <int32> The number of objects per page
descending	boolean The object order
offset	string The offset value for pagination. The rel="next" and rel="prev" `Link` headers define the offset for subsequent or previous pages.
prev	boolean The direction of paging
conflicting	boolean When `true`, only return attributes that conflict with other attributes on your Team

Responses

200

get/v1/teams/{team_name}/users/{user_name}/attributes

Request samples

Response samples

application/json

{"list": [{"id": "11faefa1-6b59-4a52-9492-43195cd07385",
"attribute_name": "unix_user_name",
"attribute_value": "augusta_ada_king",
"managed": true
},
{"id": "11faefa1-6b59-4a52-9492-43195cd07385",
"attribute_name": "unix_uid",
"attribute_value": 1210,
"managed": true
},
{"id": "b06dfc59-ae9c-4243-b583-96d09988fd84",
"attribute_name": "unix_gid",
"attribute_value": 1210,
"managed": true
},
{"id": "ff2c0f25-b73d-4720-8aeb-b6c39a68a204",
"attribute_name": "windows_user_name",
"attribute_value": "augusta_ada_king",
"managed": true
}
]
}

Retrieve a User Attribute

Retrieves an Attribute for a User

This endpoint requires the following role: resource_admin.

SecuritybearerAuth

Request

path Parameters

team_name required	string The name of your Team
user_name required	string The username for an existing User
attribute_id required	string The UUID of an Attribute

Responses

200

get/v1/teams/{team_name}/users/{user_name}/attributes/{attribute_id}

Request samples

Response samples

application/json

{"attribute_name": "unix_user_name",
"attribute_value": "augusta_ada_king",
"id": "11faefa1-6b59-4a52-9492-43195cd07385",
"managed": true
}

Update a User Attribute

Updates an Attribute for a User

This endpoint requires the following role: resource_admin.

SecuritybearerAuth

Request

path Parameters

team_name required	string The name of your Team
user_name required	string The username for an existing User
attribute_id required	string The UUID of an Attribute

Request Body schema: application/json
required

attribute_name required	string (TeamUserAttributeName) The type of attribute Enum: "active_directory_identity" "active_directory_passwordless_identity" "gecos_field" "unix_gid" "unix_uid" "unix_user_name" "user_shell" "windows_user_name"
required	active_directory_identity (object) or active_directory_passwordless_identity (object) or gecos_field (object) or user_home_dir (object) or unix_gid (object) or unix_uid (object) or unix_user_name (object) or user_shell (object) or windows_user_name (object)
One of: The AD usernames accessible by the User. Users must manually enter their password. <= 256 characters object (active_directory_identity) <= 256 characters

Responses

204

No Content

put/v1/teams/{team_name}/users/{user_name}/attributes/{attribute_id}

Request samples

application/json

{"attribute_name": "unix_user_name",
"attribute_value": "ada_lovelace"
}

Social
CONTACT & LEGAL
MORE INFORMATION
okta.com
Products, case studies, resources
Help Center
Knowledgebase, roadmaps, and more
Trust
System status, security, compliance

Attributes

List all Attribute Conflicts for a Team

path Parameters

query Parameters

List all Attributes for a Group

path Parameters

query Parameters

Retrieve a Group Attribute

path Parameters

Update a Group Attribute

path Parameters

Request Body schema: application/jsonrequired

List all Attributes for a User

path Parameters

query Parameters

Retrieve a User Attribute

path Parameters

Update a User Attribute

path Parameters

Request Body schema: application/jsonrequired

Request Body schema: application/json
required

Request Body schema: application/json
required