This guide shows you how to add Okta authentication to your API endpoints. When you've finished following the steps, clients will need a token generated by Okta to call your protected endpoints.
These steps apply to back-end APIs that are serving single-page apps or mobile apps that use Okta to sign users in. If you are building a web app that is served by a server framework, see Sign users in to your web app.
This guide assumes that you:
If you don't have an existing app, or are new to building apps, start with this documentation: