Before you begin

On This Page

This guide shows you how to add Okta authentication to your API endpoints. When you've finished following the steps, clients will need a token generated by Okta to call your protected endpoints.

These steps apply to back-end APIs that are serving single-page apps or mobile apps that use Okta to sign users in. If you are building a web app that is served by a server framework, see Sign users in to your web app.

This guide assumes that you:

  • Have an Okta Developer Edition organization. Don't have one? Create one for free.
  • Have a project or application that you want to add authentication to.

If you don't have an existing app, or are new to building apps, start with this documentation:


If you need help or have an issue, post a question in our Developer Forum.