Projects

An Okta Privileged Access project is a collection of resources that share settings.

List all projects in a resource group
Admin roles:
resource_admin
delegated_resource_admin

Lists all projects in the specified resource group

SecuritybearerAuth

Request

path Parameters

team_name required	string The name of your team
resource_group_id required	string The UUID of a resource group

Responses

200

get/v1/teams/{team_name}/resource_groups/{resource_group_id}/projects

Request samples

Response samples

application/json

{"list": [{"active_resource_count": 50,
"create_server_users": true,
"deleted_at": "2019-08-24T14:15:22Z",
"force_shared_ssh_users": true,
"gateway_selector": "REGION=WEST-EU,TEAM=MARKETING",
"id": "/regex/",
"name": "/regex/",
"next_unix_gid": 100,
"next_unix_uid": 100,
"persistent_server_user_accounts": null,
"require_preauth_for_creds": true,
"resource_group_id": "5f3159e9-e7ab-428e-8a87-c2ebffe407f6",
"server_account_management": true,
"shared_admin_user_name": "Server.Admin",
"shared_standard_user_name": "Server.User",
"ssh_certificate_type": "CERT_TYPE_ECDSA_256_01",
"stale_resource_count": 0,
"team": "Your_OPA_Team",
"user_on_demand_period": 4294967295
}
]
}

Create a project in a resource group
Admin roles:
resource_admin
delegated_resource_admin

Creates a project in the specified resource group

SecuritybearerAuth

Request

path Parameters

team_name required	string The name of your team
resource_group_id required	string The UUID of a resource group

Request Body schema: application/json

active_resource_count	integer <int32> The number of active resources within this project
create_server_users	boolean or null Whether to create server users for users in this project. Defaults to `false`. If `false`, you must ensure that accounts exist on the server for each user.
force_shared_ssh_users	boolean Whether to force the project to use a shared SSH account
gateway_selector	string A comma separated list of labels used to match to enrolled gateways. Labels should use the following format: `key=value`
name required	string <regex> [ 1 .. 255 ] characters ^[\w\-_.]+$ The name of the project
next_unix_gid	integer or null <int32> [ 100 .. 65535 ] The GID used when creating a server user
next_unix_uid	integer or null <int32> [ 100 .. 65535 ] The UID used when creating a server user
persistent_server_user_accounts	boolean or null Default: null If `true`, creates persistent user accounts and home folders on servers in this project for every user on your team. By default, on-demand accounts are only created when a user accesses a server.
require_preauth_for_creds	boolean or null If `true`, the project requires preauthorization before a user can access a server. Default is `false`.
resource_group_id	string The UUID of the resource group where the project is located
server_account_management	boolean Whether to manage existing local accounts on the server
shared_admin_user_name	string The shared username to use for root accounts
shared_standard_user_name	string The shared username to use for non-root accounts
ssh_certificate_type	string or null (SSHCertificateType) (Optional) The type of signature algorithm used for authentication keys. Default is `CERT_TYPE_ED25519_01`. Enum: "CERT_TYPE_ECDSA_256_01" "CERT_TYPE_ECDSA_384_01" "CERT_TYPE_ECDSA_521_01" "CERT_TYPE_ED25519_01" "CERT_TYPE_RSA_01" "CERT_TYPE_RSA_SHA2_256_01" "CERT_TYPE_RSA_SHA2_512_01"
stale_resource_count	integer <int32> The number of stale resources within this project

Responses

201

Created

post/v1/teams/{team_name}/resource_groups/{resource_group_id}/projects

Request samples

application/json

{"active_resource_count": 50,
"create_server_users": true,
"force_shared_ssh_users": true,
"gateway_selector": "REGION=WEST-EU,TEAM=MARKETING",
"name": "/regex/",
"next_unix_gid": 100,
"next_unix_uid": 100,
"persistent_server_user_accounts": null,
"require_preauth_for_creds": true,
"resource_group_id": "5f3159e9-e7ab-428e-8a87-c2ebffe407f6",
"server_account_management": true,
"shared_admin_user_name": "Server.Admin",
"shared_standard_user_name": "Server.User",
"ssh_certificate_type": "CERT_TYPE_ECDSA_256_01",
"stale_resource_count": 0
}

Response samples

application/json

{"active_resource_count": 50,
"create_server_users": true,
"deleted_at": "2019-08-24T14:15:22Z",
"force_shared_ssh_users": true,
"gateway_selector": "REGION=WEST-EU,TEAM=MARKETING",
"id": "/regex/",
"name": "/regex/",
"next_unix_gid": 100,
"next_unix_uid": 100,
"persistent_server_user_accounts": null,
"require_preauth_for_creds": true,
"resource_group_id": "5f3159e9-e7ab-428e-8a87-c2ebffe407f6",
"server_account_management": true,
"shared_admin_user_name": "Server.Admin",
"shared_standard_user_name": "Server.User",
"ssh_certificate_type": "CERT_TYPE_ECDSA_256_01",
"stale_resource_count": 0,
"team": "Your_OPA_Team",
"user_on_demand_period": 4294967295
}

Retrieve a project from a resource group
Admin roles:
resource_admin
delegated_resource_admin

Retrieves a project from a resource group

SecuritybearerAuth

Request

path Parameters

team_name required	string The name of your team
resource_group_id required	string The UUID of a resource group
project_id required	string The UUID of a project

Responses

200

get/v1/teams/{team_name}/resource_groups/{resource_group_id}/projects/{project_id}

Request samples

Response samples

application/json

{"active_resource_count": 50,
"create_server_users": true,
"deleted_at": "2019-08-24T14:15:22Z",
"force_shared_ssh_users": true,
"gateway_selector": "REGION=WEST-EU,TEAM=MARKETING",
"id": "/regex/",
"name": "/regex/",
"next_unix_gid": 100,
"next_unix_uid": 100,
"persistent_server_user_accounts": null,
"require_preauth_for_creds": true,
"resource_group_id": "5f3159e9-e7ab-428e-8a87-c2ebffe407f6",
"server_account_management": true,
"shared_admin_user_name": "Server.Admin",
"shared_standard_user_name": "Server.User",
"ssh_certificate_type": "CERT_TYPE_ECDSA_256_01",
"stale_resource_count": 0,
"team": "Your_OPA_Team",
"user_on_demand_period": 4294967295
}

Update a project in a resource group
Admin roles:
resource_admin
delegated_resource_admin

Updates a project in a resource group

SecuritybearerAuth

Request

path Parameters

team_name required	string The name of your team
resource_group_id required	string The UUID of a resource group
project_id required	string The UUID of a project

Request Body schema: application/json

active_resource_count	integer <int32> The number of active resources within this project
create_server_users	boolean or null Whether to create server users for users in this project. Defaults to `false`. If `false`, you must ensure that accounts exist on the server for each user.
force_shared_ssh_users	boolean Whether to force the project to use a shared SSH account
gateway_selector	string A comma separated list of labels used to match to enrolled gateways. Labels should use the following format: `key=value`
name required	string <regex> [ 1 .. 255 ] characters ^[\w\-_.]+$ The name of the project
next_unix_gid	integer or null <int32> [ 100 .. 65535 ] The GID used when creating a server user
next_unix_uid	integer or null <int32> [ 100 .. 65535 ] The UID used when creating a server user
persistent_server_user_accounts	boolean or null Default: null If `true`, creates persistent user accounts and home folders on servers in this project for every user on your team. By default, on-demand accounts are only created when a user accesses a server.
require_preauth_for_creds	boolean or null If `true`, the project requires preauthorization before a user can access a server. Default is `false`.
resource_group_id	string The UUID of the resource group where the project is located
server_account_management	boolean Whether to manage existing local accounts on the server
shared_admin_user_name	string The shared username to use for root accounts
shared_standard_user_name	string The shared username to use for non-root accounts
ssh_certificate_type	string or null (SSHCertificateType) (Optional) The type of signature algorithm used for authentication keys. Default is `CERT_TYPE_ED25519_01`. Enum: "CERT_TYPE_ECDSA_256_01" "CERT_TYPE_ECDSA_384_01" "CERT_TYPE_ECDSA_521_01" "CERT_TYPE_ED25519_01" "CERT_TYPE_RSA_01" "CERT_TYPE_RSA_SHA2_256_01" "CERT_TYPE_RSA_SHA2_512_01"
stale_resource_count	integer <int32> The number of stale resources within this project

Responses

200

put/v1/teams/{team_name}/resource_groups/{resource_group_id}/projects/{project_id}

Request samples

application/json

{"active_resource_count": 50,
"create_server_users": true,
"force_shared_ssh_users": true,
"gateway_selector": "REGION=WEST-EU,TEAM=MARKETING",
"name": "/regex/",
"next_unix_gid": 100,
"next_unix_uid": 100,
"persistent_server_user_accounts": null,
"require_preauth_for_creds": true,
"resource_group_id": "5f3159e9-e7ab-428e-8a87-c2ebffe407f6",
"server_account_management": true,
"shared_admin_user_name": "Server.Admin",
"shared_standard_user_name": "Server.User",
"ssh_certificate_type": "CERT_TYPE_ECDSA_256_01",
"stale_resource_count": 0
}

Response samples

application/json

{"active_resource_count": 50,
"create_server_users": true,
"deleted_at": "2019-08-24T14:15:22Z",
"force_shared_ssh_users": true,
"gateway_selector": "REGION=WEST-EU,TEAM=MARKETING",
"id": "/regex/",
"name": "/regex/",
"next_unix_gid": 100,
"next_unix_uid": 100,
"persistent_server_user_accounts": null,
"require_preauth_for_creds": true,
"resource_group_id": "5f3159e9-e7ab-428e-8a87-c2ebffe407f6",
"server_account_management": true,
"shared_admin_user_name": "Server.Admin",
"shared_standard_user_name": "Server.User",
"ssh_certificate_type": "CERT_TYPE_ECDSA_256_01",
"stale_resource_count": 0,
"team": "Your_OPA_Team",
"user_on_demand_period": 4294967295
}

Delete a project from a resource group
Admin roles:
resource_admin
delegated_resource_admin

Deletes a project from a resource group

SecuritybearerAuth

Request

path Parameters

team_name required	string The name of your team
resource_group_id required	string The UUID of a resource group
project_id required	string The UUID of a project

Responses

204

No Content

delete/v1/teams/{team_name}/resource_groups/{resource_group_id}/projects/{project_id}

Request samples

List all resources Checked Out in a project By an Admin
Admin roles:
end_user

Lists all the resources that are currently checked out within a specified resource group project.

SecuritybearerAuth

Request

path Parameters

team_name required	string The name of your team
resource_group_id required	string The UUID of a resource group
project_id required	string The UUID of a project

query Parameters

resource_type	string If specified, only returns resources with a matching type. Valid resource types: `server_account_password_login`, `managed_saas_app_account_password_login`, `okta_universal_directory_account_password_login`.
include_pending_checkin	boolean If specified, also returns resources that have already started the checkin process. These are not included by default.
count	integer <int32> The number of objects per page
descending	boolean The object order
offset	string The offset value for pagination. The rel="next" and rel="prev" `Link` headers define the offset for subsequent or previous pages.
prev	boolean The direction of paging

Responses

200

get/v1/teams/{team_name}/resource_groups/{resource_group_id}/projects/{project_id}/checked_out_resources

Request samples

Response samples

application/json

{"list": [{"checkin_by": "/regex/",
"checkin_start_at": "2019-08-24T14:15:22Z",
"checkin_type": "admin",
"checkout_at": "2019-08-24T14:15:22Z",
"checkout_expiry_at": "2019-08-24T14:15:22Z",
"resource_details": {"hostname": "string",
"server_id": "/regex/",
"_type": "string"
},
"resource_id": "string",
"resource_name": "string",
"resource_type": "managed_saas_app_account_password_login",
"checkout_by_username": "string",
"resource_status": "checked_out"
}
]
}

Check in a Resource by an Admin
Admin roles:
resource_admin
security_admin
delegated_resource_admin
delegated_security_admin

Enables admins to forcefully check in a resource. This is used when a resource is checked out but needs to be returned or made available regardless of the user who checked it out.

SecuritybearerAuth

Request

path Parameters

team_name required	string The name of your team
resource_group_id required	string The UUID of a resource group
project_id required	string The UUID of a project

Request Body schema: application/json

resource_id required	string The UUID or ORN of the resource
resource_type required	string (CheckoutResourceType) The type of resource that was checked out Enum: "managed_saas_app_account_password_login" "okta_universal_directory_account_password_login" "server_account_password_login"

Responses

204

No Content

post/v1/teams/{team_name}/resource_groups/{resource_group_id}/projects/{project_id}/checkin_resource

Request samples

application/json

{"resource_id": "string",
"resource_type": "managed_saas_app_account_password_login"
}

Retrieves the checkout settings configured for a project, specific to the Okta Universal Directory resource type
Admin roles:
resource_admin
security_admin
delegated_resource_admin
delegated_security_admin

Retrieves the checkout settings configured for a project, specific to the Okta Universal Directory resource type.

SecuritybearerAuth

Request

path Parameters

team_name required	string The name of your team
resource_group_id required	string The UUID of a resource group
project_id required	string The UUID of a project

Responses

200

get/v1/teams/{team_name}/resource_groups/{resource_group_id}/projects/{project_id}/okta_universal_directory_checkout_settings

Request samples

Update the checkout settings configured for a project, specific to to the Okta Universal Directory resource type
Admin roles:
security_admin
delegated_security_admin

Update the checkout settings configured for a project, specific to the Okta Universal Directory resource type.

SecuritybearerAuth

Request

path Parameters

team_name required	string The name of your team
resource_group_id required	string The UUID of a resource group
project_id required	string The UUID of a project

Responses

204

No Content

put/v1/teams/{team_name}/resource_groups/{resource_group_id}/projects/{project_id}/okta_universal_directory_checkout_settings

Request samples

Retrieves the checkout settings configured for a project, specific to the SaaS Application resource type
Admin roles:
resource_admin
security_admin
delegated_resource_admin
delegated_security_admin

Retrieves the checkout settings configured for a project, specific to the SaaS Application resource type.

SecuritybearerAuth

Request

path Parameters

team_name required	string The name of your team
resource_group_id required	string The UUID of a resource group
project_id required	string The UUID of a project

Responses

200

get/v1/teams/{team_name}/resource_groups/{resource_group_id}/projects/{project_id}/saas_app_checkout_settings

Request samples

Update the checkout settings configured for a project, specific to to the SaaS Application resource type
Admin roles:
security_admin
delegated_security_admin

Update the checkout settings configured for a project, specific to the SaaS Application resource type.

SecuritybearerAuth

Request

path Parameters

team_name required	string The name of your team
resource_group_id required	string The UUID of a resource group
project_id required	string The UUID of a project

Responses

204

No Content

put/v1/teams/{team_name}/resource_groups/{resource_group_id}/projects/{project_id}/saas_app_checkout_settings

Request samples

List all server accounts in a project
Admin roles:
resource_admin
delegated_resource_admin

Lists all server accounts in a resource group project

SecuritybearerAuth

Request

path Parameters

team_name required	string The name of your team
resource_group_id required	string The UUID of a resource group
project_id required	string The UUID of a project

Responses

200

get/v1/teams/{team_name}/resource_groups/{resource_group_id}/projects/{project_id}/server_accounts

Request samples

Response samples

application/json

{"list": [{"created_at": "2019-08-24T14:15:22Z",
"deleted_at": "2019-08-24T14:15:22Z",
"hostname": "string",
"id": "string",
"last_password_change_error_metadata": "string",
"last_password_change_error_report_timestamp": "2019-08-24T14:15:22Z",
"last_password_change_error_system_timestamp": "2019-08-24T14:15:22Z",
"last_password_change_error_type": "string",
"last_password_change_success_report_timestamp": "2019-08-24T14:15:22Z",
"last_password_change_system_timestamp": "2019-08-24T14:15:22Z",
"login": "string",
"managed": true,
"project_id": "string",
"server_id": "string",
"team_id": "string"
}
]
}

Retrieve a server account
Admin roles:
resource_admin
delegated_resource_admin

Retrieves a server account from a project in a resource group

SecuritybearerAuth

Request

path Parameters

team_name required	string The name of your team
resource_group_id required	string The UUID of a resource group
project_id required	string The UUID of a project
server_account_id required	string The UUID of a server account

Responses

200

get/v1/teams/{team_name}/resource_groups/{resource_group_id}/projects/{project_id}/server_accounts/{server_account_id}

Request samples

Response samples

application/json

{"items": {"created_at": "2019-08-24T14:15:22Z",
"deleted_at": "2019-08-24T14:15:22Z",
"hostname": "string",
"id": "string",
"last_password_change_error_metadata": "string",
"last_password_change_error_report_timestamp": "2019-08-24T14:15:22Z",
"last_password_change_error_system_timestamp": "2019-08-24T14:15:22Z",
"last_password_change_error_type": "string",
"last_password_change_success_report_timestamp": "2019-08-24T14:15:22Z",
"last_password_change_system_timestamp": "2019-08-24T14:15:22Z",
"login": "string",
"managed": true,
"project_id": "string",
"server_id": "string",
"team_id": "string"
}
}

Retrieves the checkout settings configured for a project, specific to the server resource type.
Admin roles:
resource_admin
security_admin
delegated_resource_admin
delegated_security_admin

Retrieves the checkout settings configured for a project, specific to the server resource type.

SecuritybearerAuth

Request

path Parameters

team_name required	string The name of your team
resource_group_id required	string The UUID of a resource group
project_id required	string The UUID of a project

Responses

200

get/v1/teams/{team_name}/resource_groups/{resource_group_id}/projects/{project_id}/server_checkout_settings

Request samples

Response samples

application/json

{"checkout_duration_in_seconds": 900,
"checkout_required": true,
"exclude_list": ["string"
],
"include_list": ["string"
]
}

Update the checkout settings configured for a project, specific to the server resource type
Admin roles:
security_admin
delegated_security_admin

Update the checkout settings configured for a project, specific to the server resource type

SecuritybearerAuth

Request

path Parameters

team_name required	string The name of your team
resource_group_id required	string The UUID of a resource group
project_id required	string The UUID of a project

Request Body schema: application/json

checkout_duration_in_seconds	integer <int32> [ 900 .. 86400 ] The duration in seconds for the checkout. If the checkout is enabled, the duration is the maximum time a user can access the resource before the checkout expires.
checkout_required required	boolean Indicates whether a checkout is mandatory for accessing resources within the project. If `true`, checkout is enforced for all applicable resources by default. If `false`, checkout is not required, and resources are accessible without it.
exclude_list	Array of strings If provided, only the account identifiers listed are excluded from the checkout requirement. This list is only considered if `checkout_required` is set to `true`. Only one of `include_list` and `exclude_list` can be specified in a request since they are mutually exclusive.
include_list	Array of strings If provided, only the account identifiers listed are required to perform a checkout to access the resource. This list is only considered if `checkout_required` is set to `true`. Only one of `include_list` and `exclude_list` can be specified in a request since they are mutually exclusive.

Responses

204

No Content

put/v1/teams/{team_name}/resource_groups/{resource_group_id}/projects/{project_id}/server_checkout_settings

Request samples

application/json

{"checkout_duration_in_seconds": 900,
"checkout_required": true,
"exclude_list": ["string"
],
"include_list": ["string"
]
}

List all server enrollment tokens in a project
Admin roles:
resource_admin
delegated_resource_admin

Lists all server enrollment tokens in a resource group project

SecuritybearerAuth

Request

path Parameters

team_name required	string The name of your team
resource_group_id required	string The UUID of a resource group
project_id required	string The UUID of a project

Responses

200

get/v1/teams/{team_name}/resource_groups/{resource_group_id}/projects/{project_id}/server_enrollment_tokens

Request samples

Response samples

application/json

{"list": [{"created_by_user": "string",
"description": "string",
"id": "/regex/",
"issued_at": "2019-08-24T14:15:22Z",
"token": {"property1": "string",
"property2": "string"
}
}
]
}

Create a server enrollment token
Admin roles:
resource_admin
delegated_resource_admin

Creates a server enrollment token for a project in a resource group

SecuritybearerAuth

Request

path Parameters

team_name required	string The name of your team
resource_group_id required	string The UUID of a resource group
project_id required	string The UUID of a project

Request Body schema: application/json

description

required

string [ 1 .. 512 ] characters

A human-readable description of the purpose of this server enrollment token

Responses

201

Created

post/v1/teams/{team_name}/resource_groups/{resource_group_id}/projects/{project_id}/server_enrollment_tokens

Request samples

application/json

{"description": "string"
}

Response samples

application/json

{"created_by_user": "string",
"description": "string",
"id": "/regex/",
"issued_at": "2019-08-24T14:15:22Z",
"token": {"property1": "string",
"property2": "string"
}
}

Retrieve a server enrollment token
Admin roles:
resource_admin
delegated_resource_admin

Retrieves a server enrollment token from a project in a resource group

SecuritybearerAuth

Request

path Parameters

team_name required	string The name of your team
resource_group_id required	string The UUID of a resource group
project_id required	string The UUID of a project
server_enrollment_token_id required	string The UUID of a server enrollment token

Responses

200

get/v1/teams/{team_name}/resource_groups/{resource_group_id}/projects/{project_id}/server_enrollment_tokens/{server_enrollment_token_id}

Request samples

Response samples

application/json

{"created_by_user": "string",
"description": "string",
"id": "/regex/",
"issued_at": "2019-08-24T14:15:22Z",
"token": {"property1": "string",
"property2": "string"
}
}

Delete a server enrollment token
Admin roles:
resource_admin
delegated_resource_admin

Deletes a server enrollment token from a project in a resource group

SecuritybearerAuth

Request

path Parameters

team_name required	string The name of your team
resource_group_id required	string The UUID of a resource group
project_id required	string The UUID of a project
server_enrollment_token_id required	string The UUID of a server enrollment token

Responses

204

No Content

delete/v1/teams/{team_name}/resource_groups/{resource_group_id}/projects/{project_id}/server_enrollment_tokens/{server_enrollment_token_id}

Request samples

Retrieve project password policy for server accounts
Admin roles:
resource_admin
delegated_resource_admin

Retrieves a password policy for a project in a resource group

SecuritybearerAuth

Request

path Parameters

team_name required	string The name of your team
resource_group_id required	string The UUID of a resource group
project_id required	string The UUID of a project

Responses

200

get/v1/teams/{team_name}/resource_groups/{resource_group_id}/projects/{project_id}/server_password_settings

Request samples

Response samples

application/json

{"character_options": {"upper_case": true,
"lower_case": true,
"digits": true,
"punctuation": true,
"require_from_each_set": true
},
"enable_periodic_rotation": true,
"managed_privileged_accounts_config": ["string"
],
"max_length_in_bytes": 0,
"min_length_in_bytes": 0,
"modified_at": "2019-08-24T14:15:22Z",
"periodic_rotation_duration_in_seconds": 0
}

Update project password policy for server accounts
Admin roles:
resource_admin
delegated_resource_admin

Updates a password policy for a project in a resource group

SecuritybearerAuth

Request

path Parameters

team_name required	string The name of your team
resource_group_id required	string The UUID of a resource group
project_id required	string The UUID of a project

Request Body schema: application/json

required

object

The specific characters rules required by the password policy

upper_case	boolean If `true`, passwords can include one or more uppercase characters
lower_case	boolean If `true`, passwords can include one or more lowercase characters
digits	boolean If `true`, passwords can include one or more numbers
punctuation	boolean If `true`, passwords can include one or more symbols.
require_from_each_set	boolean If `true`, passwords must contain at least one character from each set selected above.

enable_periodic_rotation

required

boolean

If true, rotates account passwords after a period of time has passed. You must also set the periodic_rotation_duration_in_seconds parameter.

managed_privileged_accounts_config

Array of strings

An array of managed accounts for password rotation

max_length_in_bytes

required

integer

The maximum length allowed for the password

min_length_in_bytes

required

integer

The minimum length allowed for the password

periodic_rotation_duration_in_seconds

integer

If enable_periodic_rotation is enabled, specifies how often the Okta Privileged Access platform rotates account passwords.

Responses

200

put/v1/teams/{team_name}/resource_groups/{resource_group_id}/projects/{project_id}/server_password_settings

Request samples

application/json

{"character_options": {"upper_case": true,
"lower_case": true,
"digits": true,
"punctuation": true,
"require_from_each_set": true
},
"enable_periodic_rotation": true,
"managed_privileged_accounts_config": ["string"
],
"max_length_in_bytes": 0,
"min_length_in_bytes": 0,
"periodic_rotation_duration_in_seconds": 0
}

Response samples

application/json

{"character_options": {"upper_case": true,
"lower_case": true,
"digits": true,
"punctuation": true,
"require_from_each_set": true
},
"enable_periodic_rotation": true,
"managed_privileged_accounts_config": ["string"
],
"max_length_in_bytes": 0,
"min_length_in_bytes": 0,
"modified_at": "2019-08-24T14:15:22Z",
"periodic_rotation_duration_in_seconds": 0
}

List all server accounts for a server
Admin roles:
resource_admin
delegated_resource_admin

Lists all server accounts for a server in a project

SecuritybearerAuth

Request

path Parameters

team_name required	string The name of your team
resource_group_id required	string The UUID of a resource group
project_id required	string The UUID of a project
server_id required	string The UUID of an enrolled server

Responses

200

get/v1/teams/{team_name}/resource_groups/{resource_group_id}/projects/{project_id}/servers/{server_id}/server_accounts

Request samples

Response samples

application/json

{"list": [{"created_at": "2019-08-24T14:15:22Z",
"deleted_at": "2019-08-24T14:15:22Z",
"hostname": "string",
"id": "string",
"last_password_change_error_metadata": "string",
"last_password_change_error_report_timestamp": "2019-08-24T14:15:22Z",
"last_password_change_error_system_timestamp": "2019-08-24T14:15:22Z",
"last_password_change_error_type": "string",
"last_password_change_success_report_timestamp": "2019-08-24T14:15:22Z",
"last_password_change_system_timestamp": "2019-08-24T14:15:22Z",
"login": "string",
"managed": true,
"project_id": "string",
"server_id": "string",
"team_id": "string"
}
]
}

Social
CONTACT & LEGAL
MORE INFORMATION
okta.com
Products, case studies, resources
Help Center
Knowledgebase, roadmaps, and more
Trust
System status, security, compliance

Projects

List all projects in a resource groupAdmin roles: resource_admindelegated_resource_admin

path Parameters

Create a project in a resource groupAdmin roles: resource_admindelegated_resource_admin

path Parameters

Request Body schema: application/json

Retrieve a project from a resource groupAdmin roles: resource_admindelegated_resource_admin

path Parameters

Update a project in a resource groupAdmin roles: resource_admindelegated_resource_admin

path Parameters

Request Body schema: application/json

Delete a project from a resource groupAdmin roles: resource_admindelegated_resource_admin

path Parameters

List all resources Checked Out in a project By an AdminAdmin roles: end_user

path Parameters

query Parameters

Check in a Resource by an AdminAdmin roles: resource_adminsecurity_admindelegated_resource_admindelegated_security_admin

path Parameters

Request Body schema: application/json

Retrieves the checkout settings configured for a project, specific to the Okta Universal Directory resource typeAdmin roles: resource_adminsecurity_admindelegated_resource_admindelegated_security_admin

path Parameters

Update the checkout settings configured for a project, specific to to the Okta Universal Directory resource typeAdmin roles: security_admindelegated_security_admin

path Parameters

Retrieves the checkout settings configured for a project, specific to the SaaS Application resource typeAdmin roles: resource_adminsecurity_admindelegated_resource_admindelegated_security_admin

path Parameters

Update the checkout settings configured for a project, specific to to the SaaS Application resource typeAdmin roles: security_admindelegated_security_admin

path Parameters

List all server accounts in a projectAdmin roles: resource_admindelegated_resource_admin

path Parameters

Retrieve a server accountAdmin roles: resource_admindelegated_resource_admin

path Parameters

Retrieves the checkout settings configured for a project, specific to the server resource type.Admin roles: resource_adminsecurity_admindelegated_resource_admindelegated_security_admin

path Parameters

Update the checkout settings configured for a project, specific to the server resource typeAdmin roles: security_admindelegated_security_admin

path Parameters

Request Body schema: application/json

List all server enrollment tokens in a projectAdmin roles: resource_admindelegated_resource_admin

path Parameters

Create a server enrollment tokenAdmin roles: resource_admindelegated_resource_admin

path Parameters

Request Body schema: application/json

Retrieve a server enrollment tokenAdmin roles: resource_admindelegated_resource_admin

path Parameters

Delete a server enrollment tokenAdmin roles: resource_admindelegated_resource_admin

path Parameters

Retrieve project password policy for server accountsAdmin roles: resource_admindelegated_resource_admin

path Parameters

Update project password policy for server accountsAdmin roles: resource_admindelegated_resource_admin

path Parameters

Request Body schema: application/json

List all server accounts for a serverAdmin roles: resource_admindelegated_resource_admin

path Parameters

List all projects in a resource group
Admin roles:
resource_admin
delegated_resource_admin

Create a project in a resource group
Admin roles:
resource_admin
delegated_resource_admin

Retrieve a project from a resource group
Admin roles:
resource_admin
delegated_resource_admin

Update a project in a resource group
Admin roles:
resource_admin
delegated_resource_admin

Delete a project from a resource group
Admin roles:
resource_admin
delegated_resource_admin

List all resources Checked Out in a project By an Admin
Admin roles:
end_user

Check in a Resource by an Admin
Admin roles:
resource_admin
security_admin
delegated_resource_admin
delegated_security_admin

Retrieves the checkout settings configured for a project, specific to the Okta Universal Directory resource type
Admin roles:
resource_admin
security_admin
delegated_resource_admin
delegated_security_admin

Update the checkout settings configured for a project, specific to to the Okta Universal Directory resource type
Admin roles:
security_admin
delegated_security_admin

Retrieves the checkout settings configured for a project, specific to the SaaS Application resource type
Admin roles:
resource_admin
security_admin
delegated_resource_admin
delegated_security_admin

Update the checkout settings configured for a project, specific to to the SaaS Application resource type
Admin roles:
security_admin
delegated_security_admin

List all server accounts in a project
Admin roles:
resource_admin
delegated_resource_admin

Retrieve a server account
Admin roles:
resource_admin
delegated_resource_admin

Retrieves the checkout settings configured for a project, specific to the server resource type.
Admin roles:
resource_admin
security_admin
delegated_resource_admin
delegated_security_admin

Update the checkout settings configured for a project, specific to the server resource type
Admin roles:
security_admin
delegated_security_admin

List all server enrollment tokens in a project
Admin roles:
resource_admin
delegated_resource_admin

Create a server enrollment token
Admin roles:
resource_admin
delegated_resource_admin

Retrieve a server enrollment token
Admin roles:
resource_admin
delegated_resource_admin

Delete a server enrollment token
Admin roles:
resource_admin
delegated_resource_admin

Retrieve project password policy for server accounts
Admin roles:
resource_admin
delegated_resource_admin

Update project password policy for server accounts
Admin roles:
resource_admin
delegated_resource_admin

List all server accounts for a server
Admin roles:
resource_admin
delegated_resource_admin