Most Okta API endpoints require that you include an API token with your request. Currently, this API token takes the form of an SSWS token that you generate in the Admin Console. With OAuth for Okta, you are able to interact with Okta APIs using scoped OAuth 2.0 access tokens. Each access token enables the bearer to perform specific actions on specific Okta endpoints, with that ability controlled by which scopes the access token contains.
Scoped access tokens have a number of advantages, including:
- More access granularity
- Shorter token lifespans
- Can be generated and retrieved using an API
To use this guide, you need the following:
- An Okta Developer Edition Org. (Don't have one? Create an org for free.)
- The OAuth for Okta feature enabled for your Org. Contact Okta Support to enable this Early Access (EA) feature.
- Postman client to test requests with the access token. See Get Started with the Okta APIs for information on setting up Postman.
Note: At this time, OAuth for Okta works only with the APIs listed in the Scopes & supported endpoints section. We are actively working towards supporting additional APIs. Our goal is to cover all Okta public API endpoints.