On This Page
Okta allows you to create multiple custom OAuth 2.0 Authorization Servers that you can use to protect your own resource servers. Within each Authorization Server you can define your own OAuth 2.0 scopes, claims, and access policies.
If you have an Okta Developer Edition (opens new window) account, you already have a Custom Authorization Server created for you, called
default. For simple use cases this default Custom Authorization Server should suffice. If your application has requirements such as additional scopes, customizing rules for when to grant scopes, or you need additional Authorization Servers with different scopes and claims, then this guide is for you.
See Which Authorization Server should you use for more information on the types of Authorization Servers available to you and what you can use them for.
If you only need one Authorization Server, but you'd like to know more about customizing it, you can skip ahead and find out how to:
- Create Access Policies
- Create Rules for your Access Policies
- Create Scopes
- Create Claims
- Test your Authorization Server
If you need help or have an issue, post a question on the Okta Developer Forum (opens new window).