Package com.okta.sdk.resource.api

Class UserApi

java.lang.Object
com.okta.sdk.resource.api.UserApi
@Generated(value="org.openapitools.codegen.languages.JavaClientCodegen", date="2024-03-29T16:46:27.777599-05:00[America/Chicago]", comments="Generator version: 7.4.0") public class UserApi extends Object

  • Constructor Details

    • UserApi

      public UserApi()

    • UserApi

      public UserApi(ApiClient apiClient)

  • Method Details

    • getApiClient

      public ApiClient getApiClient()

    • setApiClient

      public void setApiClient(ApiClient apiClient)

    • activateUser

      public UserActivationToken activateUser(String userId, Boolean sendEmail) throws ApiException
      Activate a User Activates a user. This operation can only be performed on users with a `STAGED` or `DEPROVISIONED` status. Activation of a user is an asynchronous operation. The user will have the `transitioningToStatus` property with a value of `ACTIVE` during activation to indicate that the user hasn't completed the asynchronous operation. The user will have a status of `ACTIVE` when the activation process is complete. > **Multibrand and User activation**<br> If you want to send a branded User Activation email, change the subdomain of your request to the custom domain that's associated with the brand. For example, change `subdomain.okta.com` to `custom.domain.one`. See [Multibrand and custom domains](https://developer.okta.com/docs/concepts/brands/#multibrand-and-custom-domains). <br><br> > **Legal disclaimer**<br> After a user is added to the Okta directory, they receive an activation email. As part of signing up for this service, you agreed not to use Okta's service/product to spam and/or send unsolicited messages. Please refrain from adding unrelated accounts to the directory as Okta is not responsible for, and disclaims any and all liability associated with, the activation email's content. You, and you alone, bear responsibility for the emails sent to any recipients.
      Parameters:
      userId - (required)
      sendEmail - Sends an activation email to the user if true (required)
      Returns:
      UserActivationToken
      Throws:
      ApiException - if fails to make API call

    • activateUser

      public UserActivationToken activateUser(String userId, Boolean sendEmail, Map<String,String> additionalHeaders) throws ApiException
      Activate a User Activates a user. This operation can only be performed on users with a `STAGED` or `DEPROVISIONED` status. Activation of a user is an asynchronous operation. The user will have the `transitioningToStatus` property with a value of `ACTIVE` during activation to indicate that the user hasn't completed the asynchronous operation. The user will have a status of `ACTIVE` when the activation process is complete. > **Multibrand and User activation**<br> If you want to send a branded User Activation email, change the subdomain of your request to the custom domain that's associated with the brand. For example, change `subdomain.okta.com` to `custom.domain.one`. See [Multibrand and custom domains](https://developer.okta.com/docs/concepts/brands/#multibrand-and-custom-domains). <br><br> > **Legal disclaimer**<br> After a user is added to the Okta directory, they receive an activation email. As part of signing up for this service, you agreed not to use Okta's service/product to spam and/or send unsolicited messages. Please refrain from adding unrelated accounts to the directory as Okta is not responsible for, and disclaims any and all liability associated with, the activation email's content. You, and you alone, bear responsibility for the emails sent to any recipients.
      Parameters:
      userId - (required)
      sendEmail - Sends an activation email to the user if true (required)
      additionalHeaders - additionalHeaders for this call
      Returns:
      UserActivationToken
      Throws:
      ApiException - if fails to make API call

    • changePassword

      public UserCredentials changePassword(String userId, ChangePasswordRequest changePasswordRequest, Boolean strict) throws ApiException
      Change Password Changes a user's password by validating the user's current password. This operation can only be performed on users in `STAGED`, `ACTIVE`, `PASSWORD_EXPIRED`, or `RECOVERY` status that have a valid password credential
      Parameters:
      userId - (required)
      changePasswordRequest - (required)
      strict - (optional)
      Returns:
      UserCredentials
      Throws:
      ApiException - if fails to make API call

    • changePassword

      public UserCredentials changePassword(String userId, ChangePasswordRequest changePasswordRequest, Boolean strict, Map<String,String> additionalHeaders) throws ApiException
      Change Password Changes a user's password by validating the user's current password. This operation can only be performed on users in `STAGED`, `ACTIVE`, `PASSWORD_EXPIRED`, or `RECOVERY` status that have a valid password credential
      Parameters:
      userId - (required)
      changePasswordRequest - (required)
      strict - (optional)
      additionalHeaders - additionalHeaders for this call
      Returns:
      UserCredentials
      Throws:
      ApiException - if fails to make API call

    • changeRecoveryQuestion

      public UserCredentials changeRecoveryQuestion(String userId, UserCredentials userCredentials) throws ApiException
      Change Recovery Question Changes a user's recovery question & answer credential by validating the user's current password. This operation can only be performed on users in **STAGED**, **ACTIVE** or **RECOVERY** `status` that have a valid password credential
      Parameters:
      userId - (required)
      userCredentials - (required)
      Returns:
      UserCredentials
      Throws:
      ApiException - if fails to make API call

    • changeRecoveryQuestion

      public UserCredentials changeRecoveryQuestion(String userId, UserCredentials userCredentials, Map<String,String> additionalHeaders) throws ApiException
      Change Recovery Question Changes a user's recovery question & answer credential by validating the user's current password. This operation can only be performed on users in **STAGED**, **ACTIVE** or **RECOVERY** `status` that have a valid password credential
      Parameters:
      userId - (required)
      userCredentials - (required)
      additionalHeaders - additionalHeaders for this call
      Returns:
      UserCredentials
      Throws:
      ApiException - if fails to make API call

    • createUser

      public User createUser(CreateUserRequest body, Boolean activate, Boolean provider, UserNextLogin nextLogin) throws ApiException
      Create a User Creates a new user in your Okta organization with or without credentials<br> > **Legal Disclaimer**<br> After a user is added to the Okta directory, they receive an activation email. As part of signing up for this service, you agreed not to use Okta's service/product to spam and/or send unsolicited messages. Please refrain from adding unrelated accounts to the directory as Okta is not responsible for, and disclaims any and all liability associated with, the activation email's content. You, and you alone, bear responsibility for the emails sent to any recipients.
      Parameters:
      body - (required)
      activate - Executes activation lifecycle operation when creating the user (optional, default to true)
      provider - Indicates whether to create a user with a specified authentication provider (optional, default to false)
      nextLogin - With activate=true, set nextLogin to \"changePassword\" to have the password be EXPIRED, so user must change it the next time they log in. (optional)
      Returns:
      User
      Throws:
      ApiException - if fails to make API call

    • createUser

      public User createUser(CreateUserRequest body, Boolean activate, Boolean provider, UserNextLogin nextLogin, Map<String,String> additionalHeaders) throws ApiException
      Create a User Creates a new user in your Okta organization with or without credentials<br> > **Legal Disclaimer**<br> After a user is added to the Okta directory, they receive an activation email. As part of signing up for this service, you agreed not to use Okta's service/product to spam and/or send unsolicited messages. Please refrain from adding unrelated accounts to the directory as Okta is not responsible for, and disclaims any and all liability associated with, the activation email's content. You, and you alone, bear responsibility for the emails sent to any recipients.
      Parameters:
      body - (required)
      activate - Executes activation lifecycle operation when creating the user (optional, default to true)
      provider - Indicates whether to create a user with a specified authentication provider (optional, default to false)
      nextLogin - With activate=true, set nextLogin to \"changePassword\" to have the password be EXPIRED, so user must change it the next time they log in. (optional)
      additionalHeaders - additionalHeaders for this call
      Returns:
      User
      Throws:
      ApiException - if fails to make API call

    • deactivateUser

      public void deactivateUser(String userId, Boolean sendEmail) throws ApiException
      Deactivate a User Deactivates a user. This operation can only be performed on users that do not have a `DEPROVISIONED` status. While the asynchronous operation (triggered by HTTP header `Prefer: respond-async`) is proceeding the user's `transitioningToStatus` property is `DEPROVISIONED`. The user's status is `DEPROVISIONED` when the deactivation process is complete.
      Parameters:
      userId - (required)
      sendEmail - (optional, default to false)
      Throws:
      ApiException - if fails to make API call

    • deactivateUser

      public void deactivateUser(String userId, Boolean sendEmail, Map<String,String> additionalHeaders) throws ApiException
      Deactivate a User Deactivates a user. This operation can only be performed on users that do not have a `DEPROVISIONED` status. While the asynchronous operation (triggered by HTTP header `Prefer: respond-async`) is proceeding the user's `transitioningToStatus` property is `DEPROVISIONED`. The user's status is `DEPROVISIONED` when the deactivation process is complete.
      Parameters:
      userId - (required)
      sendEmail - (optional, default to false)
      additionalHeaders - additionalHeaders for this call
      Throws:
      ApiException - if fails to make API call

    • deleteLinkedObjectForUser

      public void deleteLinkedObjectForUser(String userId, String relationshipName) throws ApiException
      Delete a Linked Object Deletes linked objects for a user, relationshipName can be ONLY a primary relationship name
      Parameters:
      userId - (required)
      relationshipName - (required)
      Throws:
      ApiException - if fails to make API call

    • deleteLinkedObjectForUser

      public void deleteLinkedObjectForUser(String userId, String relationshipName, Map<String,String> additionalHeaders) throws ApiException
      Delete a Linked Object Deletes linked objects for a user, relationshipName can be ONLY a primary relationship name
      Parameters:
      userId - (required)
      relationshipName - (required)
      additionalHeaders - additionalHeaders for this call
      Throws:
      ApiException - if fails to make API call

    • deleteUser

      public void deleteUser(String userId, Boolean sendEmail) throws ApiException
      Delete a User Deletes a user permanently. This operation can only be performed on users that have a `DEPROVISIONED` status. **This action cannot be recovered!**. Calling this on an `ACTIVE` user will transition the user to `DEPROVISIONED`.
      Parameters:
      userId - (required)
      sendEmail - (optional, default to false)
      Throws:
      ApiException - if fails to make API call

    • deleteUser

      public void deleteUser(String userId, Boolean sendEmail, Map<String,String> additionalHeaders) throws ApiException
      Delete a User Deletes a user permanently. This operation can only be performed on users that have a `DEPROVISIONED` status. **This action cannot be recovered!**. Calling this on an `ACTIVE` user will transition the user to `DEPROVISIONED`.
      Parameters:
      userId - (required)
      sendEmail - (optional, default to false)
      additionalHeaders - additionalHeaders for this call
      Throws:
      ApiException - if fails to make API call

    • expirePassword

      public User expirePassword(String userId) throws ApiException
      Expire Password Expires a user's password and transitions the user to the status of `PASSWORD_EXPIRED` so that the user is required to change their password at their next login
      Parameters:
      userId - (required)
      Returns:
      User
      Throws:
      ApiException - if fails to make API call

    • expirePassword

      public User expirePassword(String userId, Map<String,String> additionalHeaders) throws ApiException
      Expire Password Expires a user's password and transitions the user to the status of `PASSWORD_EXPIRED` so that the user is required to change their password at their next login
      Parameters:
      userId - (required)
      additionalHeaders - additionalHeaders for this call
      Returns:
      User
      Throws:
      ApiException - if fails to make API call

    • expirePasswordAndGetTemporaryPassword

      public TempPassword expirePasswordAndGetTemporaryPassword(String userId, Boolean revokeSessions) throws ApiException
      Expire Password and Set Temporary Password Expires a user's password and transitions the user to the status of `PASSWORD_EXPIRED` so that the user is required to change their password at their next login, and also sets the user's password to a temporary password returned in the response
      Parameters:
      userId - (required)
      revokeSessions - When set to `true` (and the session is a user session), all user sessions are revoked except the current session. (optional, default to false)
      Returns:
      TempPassword
      Throws:
      ApiException - if fails to make API call

    • expirePasswordAndGetTemporaryPassword

      public TempPassword expirePasswordAndGetTemporaryPassword(String userId, Boolean revokeSessions, Map<String,String> additionalHeaders) throws ApiException
      Expire Password and Set Temporary Password Expires a user's password and transitions the user to the status of `PASSWORD_EXPIRED` so that the user is required to change their password at their next login, and also sets the user's password to a temporary password returned in the response
      Parameters:
      userId - (required)
      revokeSessions - When set to `true` (and the session is a user session), all user sessions are revoked except the current session. (optional, default to false)
      additionalHeaders - additionalHeaders for this call
      Returns:
      TempPassword
      Throws:
      ApiException - if fails to make API call

    • forgotPassword

      public ForgotPasswordResponse forgotPassword(String userId, Boolean sendEmail) throws ApiException
      Initiate Forgot Password Initiates the forgot password flow. Generates a one-time token (OTT) that can be used to reset a user's password.
      Parameters:
      userId - (required)
      sendEmail - (optional, default to true)
      Returns:
      ForgotPasswordResponse
      Throws:
      ApiException - if fails to make API call

    • forgotPassword

      public ForgotPasswordResponse forgotPassword(String userId, Boolean sendEmail, Map<String,String> additionalHeaders) throws ApiException
      Initiate Forgot Password Initiates the forgot password flow. Generates a one-time token (OTT) that can be used to reset a user's password.
      Parameters:
      userId - (required)
      sendEmail - (optional, default to true)
      additionalHeaders - additionalHeaders for this call
      Returns:
      ForgotPasswordResponse
      Throws:
      ApiException - if fails to make API call

    • forgotPasswordSetNewPassword

      public UserCredentials forgotPasswordSetNewPassword(String userId, UserCredentials userCredentials, Boolean sendEmail) throws ApiException
      Reset Password with Recovery Question Resets the user's password to the specified password if the provided answer to the recovery question is correct
      Parameters:
      userId - (required)
      userCredentials - (required)
      sendEmail - (optional, default to true)
      Returns:
      UserCredentials
      Throws:
      ApiException - if fails to make API call

    • forgotPasswordSetNewPassword

      public UserCredentials forgotPasswordSetNewPassword(String userId, UserCredentials userCredentials, Boolean sendEmail, Map<String,String> additionalHeaders) throws ApiException
      Reset Password with Recovery Question Resets the user's password to the specified password if the provided answer to the recovery question is correct
      Parameters:
      userId - (required)
      userCredentials - (required)
      sendEmail - (optional, default to true)
      additionalHeaders - additionalHeaders for this call
      Returns:
      UserCredentials
      Throws:
      ApiException - if fails to make API call

    • generateResetPasswordToken

      public ResetPasswordToken generateResetPasswordToken(String userId, Boolean sendEmail, Boolean revokeSessions) throws ApiException
      Generate a Reset Password Token Generates a one-time token (OTT) that can be used to reset a user's password. The OTT link can be automatically emailed to the user or returned to the API caller and distributed using a custom flow.
      Parameters:
      userId - (required)
      sendEmail - (required)
      revokeSessions - When set to `true` (and the session is a user session), all user sessions are revoked except the current session. (optional, default to false)
      Returns:
      ResetPasswordToken
      Throws:
      ApiException - if fails to make API call

    • generateResetPasswordToken

      public ResetPasswordToken generateResetPasswordToken(String userId, Boolean sendEmail, Boolean revokeSessions, Map<String,String> additionalHeaders) throws ApiException
      Generate a Reset Password Token Generates a one-time token (OTT) that can be used to reset a user's password. The OTT link can be automatically emailed to the user or returned to the API caller and distributed using a custom flow.
      Parameters:
      userId - (required)
      sendEmail - (required)
      revokeSessions - When set to `true` (and the session is a user session), all user sessions are revoked except the current session. (optional, default to false)
      additionalHeaders - additionalHeaders for this call
      Returns:
      ResetPasswordToken
      Throws:
      ApiException - if fails to make API call

    • getRefreshTokenForUserAndClient

      public OAuth2RefreshToken getRefreshTokenForUserAndClient(String userId, String clientId, String tokenId, String expand, Integer limit, String after) throws ApiException
      Retrieve a Refresh Token for a Client Retrieves a refresh token issued for the specified User and Client
      Parameters:
      userId - (required)
      clientId - `client_id` of the app (required)
      tokenId - `id` of Token (required)
      expand - (optional)
      limit - (optional, default to 20)
      after - (optional)
      Returns:
      OAuth2RefreshToken
      Throws:
      ApiException - if fails to make API call

    • getRefreshTokenForUserAndClient

      public OAuth2RefreshToken getRefreshTokenForUserAndClient(String userId, String clientId, String tokenId, String expand, Integer limit, String after, Map<String,String> additionalHeaders) throws ApiException
      Retrieve a Refresh Token for a Client Retrieves a refresh token issued for the specified User and Client
      Parameters:
      userId - (required)
      clientId - `client_id` of the app (required)
      tokenId - `id` of Token (required)
      expand - (optional)
      limit - (optional, default to 20)
      after - (optional)
      additionalHeaders - additionalHeaders for this call
      Returns:
      OAuth2RefreshToken
      Throws:
      ApiException - if fails to make API call

    • getUser

      public User getUser(String userId) throws ApiException
      Retrieve a User Retrieves a user from your Okta organization
      Parameters:
      userId - (required)
      Returns:
      User
      Throws:
      ApiException - if fails to make API call

    • getUser

      public User getUser(String userId, Map<String,String> additionalHeaders) throws ApiException
      Retrieve a User Retrieves a user from your Okta organization
      Parameters:
      userId - (required)
      additionalHeaders - additionalHeaders for this call
      Returns:
      User
      Throws:
      ApiException - if fails to make API call

    • getUserGrant

      public OAuth2ScopeConsentGrant getUserGrant(String userId, String grantId, String expand) throws ApiException
      Retrieve a User Grant Retrieves a grant for the specified user
      Parameters:
      userId - (required)
      grantId - `id` of the Grant (required)
      expand - (optional)
      Returns:
      OAuth2ScopeConsentGrant
      Throws:
      ApiException - if fails to make API call

    • getUserGrant

      public OAuth2ScopeConsentGrant getUserGrant(String userId, String grantId, String expand, Map<String,String> additionalHeaders) throws ApiException
      Retrieve a User Grant Retrieves a grant for the specified user
      Parameters:
      userId - (required)
      grantId - `id` of the Grant (required)
      expand - (optional)
      additionalHeaders - additionalHeaders for this call
      Returns:
      OAuth2ScopeConsentGrant
      Throws:
      ApiException - if fails to make API call

    • listAppLinks

      public List<AppLink> listAppLinks(String userId) throws ApiException
      List all Assigned Application Links Lists all appLinks for all direct or indirect (via group membership) assigned applications
      Parameters:
      userId - (required)
      Returns:
      List<AppLink>
      Throws:
      ApiException - if fails to make API call

    • listAppLinks

      public List<AppLink> listAppLinks(String userId, Map<String,String> additionalHeaders) throws ApiException
      List all Assigned Application Links Lists all appLinks for all direct or indirect (via group membership) assigned applications
      Parameters:
      userId - (required)
      additionalHeaders - additionalHeaders for this call
      Returns:
      List<AppLink>
      Throws:
      ApiException - if fails to make API call

    • listGrantsForUserAndClient

      public List<OAuth2ScopeConsentGrant> listGrantsForUserAndClient(String userId, String clientId, String expand, String after, Integer limit) throws ApiException
      List all Grants for a Client Lists all grants for a specified user and client
      Parameters:
      userId - (required)
      clientId - `client_id` of the app (required)
      expand - (optional)
      after - (optional)
      limit - (optional, default to 20)
      Returns:
      List<OAuth2ScopeConsentGrant>
      Throws:
      ApiException - if fails to make API call

    • listGrantsForUserAndClient

      public List<OAuth2ScopeConsentGrant> listGrantsForUserAndClient(String userId, String clientId, String expand, String after, Integer limit, Map<String,String> additionalHeaders) throws ApiException
      List all Grants for a Client Lists all grants for a specified user and client
      Parameters:
      userId - (required)
      clientId - `client_id` of the app (required)
      expand - (optional)
      after - (optional)
      limit - (optional, default to 20)
      additionalHeaders - additionalHeaders for this call
      Returns:
      List<OAuth2ScopeConsentGrant>
      Throws:
      ApiException - if fails to make API call

    • listLinkedObjectsForUser

      public List<Object> listLinkedObjectsForUser(String userId, String relationshipName, String after, Integer limit) throws ApiException
      List all Linked Objects Lists all linked objects for a user, relationshipName can be a primary or associated relationship name
      Parameters:
      userId - (required)
      relationshipName - (required)
      after - (optional)
      limit - (optional, default to -1)
      Returns:
      List<Object>
      Throws:
      ApiException - if fails to make API call

    • listLinkedObjectsForUser

      public List<Object> listLinkedObjectsForUser(String userId, String relationshipName, String after, Integer limit, Map<String,String> additionalHeaders) throws ApiException
      List all Linked Objects Lists all linked objects for a user, relationshipName can be a primary or associated relationship name
      Parameters:
      userId - (required)
      relationshipName - (required)
      after - (optional)
      limit - (optional, default to -1)
      additionalHeaders - additionalHeaders for this call
      Returns:
      List<Object>
      Throws:
      ApiException - if fails to make API call

    • listRefreshTokensForUserAndClient

      public List<OAuth2RefreshToken> listRefreshTokensForUserAndClient(String userId, String clientId, String expand, String after, Integer limit) throws ApiException
      List all Refresh Tokens for a Client Lists all refresh tokens issued for the specified User and Client
      Parameters:
      userId - (required)
      clientId - `client_id` of the app (required)
      expand - (optional)
      after - (optional)
      limit - (optional, default to 20)
      Returns:
      List<OAuth2RefreshToken>
      Throws:
      ApiException - if fails to make API call

    • listRefreshTokensForUserAndClient

      public List<OAuth2RefreshToken> listRefreshTokensForUserAndClient(String userId, String clientId, String expand, String after, Integer limit, Map<String,String> additionalHeaders) throws ApiException
      List all Refresh Tokens for a Client Lists all refresh tokens issued for the specified User and Client
      Parameters:
      userId - (required)
      clientId - `client_id` of the app (required)
      expand - (optional)
      after - (optional)
      limit - (optional, default to 20)
      additionalHeaders - additionalHeaders for this call
      Returns:
      List<OAuth2RefreshToken>
      Throws:
      ApiException - if fails to make API call

    • listUserBlocks

      public List<UserBlock> listUserBlocks(String userId) throws ApiException
      List all User Blocks Lists information about how the user is blocked from accessing their account
      Parameters:
      userId - (required)
      Returns:
      List<UserBlock>
      Throws:
      ApiException - if fails to make API call

    • listUserBlocks

      public List<UserBlock> listUserBlocks(String userId, Map<String,String> additionalHeaders) throws ApiException
      List all User Blocks Lists information about how the user is blocked from accessing their account
      Parameters:
      userId - (required)
      additionalHeaders - additionalHeaders for this call
      Returns:
      List<UserBlock>
      Throws:
      ApiException - if fails to make API call

    • listUserClients

      public List<OAuth2Client> listUserClients(String userId) throws ApiException
      List all Clients Lists all client resources for which the specified user has grants or tokens
      Parameters:
      userId - (required)
      Returns:
      List<OAuth2Client>
      Throws:
      ApiException - if fails to make API call

    • listUserClients

      public List<OAuth2Client> listUserClients(String userId, Map<String,String> additionalHeaders) throws ApiException
      List all Clients Lists all client resources for which the specified user has grants or tokens
      Parameters:
      userId - (required)
      additionalHeaders - additionalHeaders for this call
      Returns:
      List<OAuth2Client>
      Throws:
      ApiException - if fails to make API call

    • listUserGrants

      public List<OAuth2ScopeConsentGrant> listUserGrants(String userId, String scopeId, String expand, String after, Integer limit) throws ApiException
      List all User Grants Lists all grants for the specified user
      Parameters:
      userId - (required)
      scopeId - (optional)
      expand - (optional)
      after - (optional)
      limit - (optional, default to 20)
      Returns:
      List<OAuth2ScopeConsentGrant>
      Throws:
      ApiException - if fails to make API call

    • listUserGrants

      public List<OAuth2ScopeConsentGrant> listUserGrants(String userId, String scopeId, String expand, String after, Integer limit, Map<String,String> additionalHeaders) throws ApiException
      List all User Grants Lists all grants for the specified user
      Parameters:
      userId - (required)
      scopeId - (optional)
      expand - (optional)
      after - (optional)
      limit - (optional, default to 20)
      additionalHeaders - additionalHeaders for this call
      Returns:
      List<OAuth2ScopeConsentGrant>
      Throws:
      ApiException - if fails to make API call

    • listUserGroups

      public List<Group> listUserGroups(String userId) throws ApiException
      List all Groups Lists all groups of which the user is a member
      Parameters:
      userId - (required)
      Returns:
      List<Group>
      Throws:
      ApiException - if fails to make API call

    • listUserGroups

      public List<Group> listUserGroups(String userId, Map<String,String> additionalHeaders) throws ApiException
      List all Groups Lists all groups of which the user is a member
      Parameters:
      userId - (required)
      additionalHeaders - additionalHeaders for this call
      Returns:
      List<Group>
      Throws:
      ApiException - if fails to make API call

    • listUserIdentityProviders

      public List<IdentityProvider> listUserIdentityProviders(String userId) throws ApiException
      List all Identity Providers Lists the IdPs associated with the user
      Parameters:
      userId - (required)
      Returns:
      List<IdentityProvider>
      Throws:
      ApiException - if fails to make API call

    • listUserIdentityProviders

      public List<IdentityProvider> listUserIdentityProviders(String userId, Map<String,String> additionalHeaders) throws ApiException
      List all Identity Providers Lists the IdPs associated with the user
      Parameters:
      userId - (required)
      additionalHeaders - additionalHeaders for this call
      Returns:
      List<IdentityProvider>
      Throws:
      ApiException - if fails to make API call

    • listUsers

      public List<User> listUsers(String q, String after, Integer limit, String filter, String search, String sortBy, String sortOrder) throws ApiException
      List all Users Lists all users that do not have a status of 'DEPROVISIONED' (by default), up to the maximum (200 for most orgs), with pagination. A subset of users can be returned that match a supported filter expression or search criteria.
      Parameters:
      q - Finds a user that matches firstName, lastName, and email properties (optional)
      after - The cursor to use for pagination. It is an opaque string that specifies your current location in the list and is obtained from the `Link` response header. See [Pagination](/#pagination) for more information. (optional)
      limit - Specifies the number of results returned. Defaults to 10 if `q` is provided. (optional, default to 200)
      filter - Filters users with a supported expression for a subset of properties (optional)
      search - Searches for users with a supported filtering expression for most properties. Okta recommends using this parameter for search for best performance. (optional)
      sortBy - (optional)
      sortOrder - Sorting is done in ASCII sort order (that is, by ASCII character value), but isn't case sensitive. (optional)
      Returns:
      List<User>
      Throws:
      ApiException - if fails to make API call

    • listUsers

      public List<User> listUsers(String q, String after, Integer limit, String filter, String search, String sortBy, String sortOrder, Map<String,String> additionalHeaders) throws ApiException
      List all Users Lists all users that do not have a status of 'DEPROVISIONED' (by default), up to the maximum (200 for most orgs), with pagination. A subset of users can be returned that match a supported filter expression or search criteria.
      Parameters:
      q - Finds a user that matches firstName, lastName, and email properties (optional)
      after - The cursor to use for pagination. It is an opaque string that specifies your current location in the list and is obtained from the `Link` response header. See [Pagination](/#pagination) for more information. (optional)
      limit - Specifies the number of results returned. Defaults to 10 if `q` is provided. (optional, default to 200)
      filter - Filters users with a supported expression for a subset of properties (optional)
      search - Searches for users with a supported filtering expression for most properties. Okta recommends using this parameter for search for best performance. (optional)
      sortBy - (optional)
      sortOrder - Sorting is done in ASCII sort order (that is, by ASCII character value), but isn't case sensitive. (optional)
      additionalHeaders - additionalHeaders for this call
      Returns:
      List<User>
      Throws:
      ApiException - if fails to make API call

    • reactivateUser

      public UserActivationToken reactivateUser(String userId, Boolean sendEmail) throws ApiException
      Reactivate a User Reactivates a user. This operation can only be performed on users with a `PROVISIONED` status. This operation restarts the activation workflow if for some reason the user activation was not completed when using the activationToken from [Activate User](#activate-user).
      Parameters:
      userId - (required)
      sendEmail - Sends an activation email to the user if true (optional, default to false)
      Returns:
      UserActivationToken
      Throws:
      ApiException - if fails to make API call

    • reactivateUser

      public UserActivationToken reactivateUser(String userId, Boolean sendEmail, Map<String,String> additionalHeaders) throws ApiException
      Reactivate a User Reactivates a user. This operation can only be performed on users with a `PROVISIONED` status. This operation restarts the activation workflow if for some reason the user activation was not completed when using the activationToken from [Activate User](#activate-user).
      Parameters:
      userId - (required)
      sendEmail - Sends an activation email to the user if true (optional, default to false)
      additionalHeaders - additionalHeaders for this call
      Returns:
      UserActivationToken
      Throws:
      ApiException - if fails to make API call

    • replaceUser

      public User replaceUser(String userId, User user, Boolean strict) throws ApiException
      Replace a User Replaces a user's profile and/or credentials using strict-update semantics
      Parameters:
      userId - (required)
      user - (required)
      strict - (optional)
      Returns:
      User
      Throws:
      ApiException - if fails to make API call

    • replaceUser

      public User replaceUser(String userId, User user, Boolean strict, Map<String,String> additionalHeaders) throws ApiException
      Replace a User Replaces a user's profile and/or credentials using strict-update semantics
      Parameters:
      userId - (required)
      user - (required)
      strict - (optional)
      additionalHeaders - additionalHeaders for this call
      Returns:
      User
      Throws:
      ApiException - if fails to make API call

    • resetFactors

      public void resetFactors(String userId) throws ApiException
      Reset all Factors Resets all factors for the specified user. All MFA factor enrollments returned to the unenrolled state. The user's status remains ACTIVE. This link is present only if the user is currently enrolled in one or more MFA factors.
      Parameters:
      userId - (required)
      Throws:
      ApiException - if fails to make API call

    • resetFactors

      public void resetFactors(String userId, Map<String,String> additionalHeaders) throws ApiException
      Reset all Factors Resets all factors for the specified user. All MFA factor enrollments returned to the unenrolled state. The user's status remains ACTIVE. This link is present only if the user is currently enrolled in one or more MFA factors.
      Parameters:
      userId - (required)
      additionalHeaders - additionalHeaders for this call
      Throws:
      ApiException - if fails to make API call

    • revokeGrantsForUserAndClient

      public void revokeGrantsForUserAndClient(String userId, String clientId) throws ApiException
      Revoke all Grants for a Client Revokes all grants for the specified user and client
      Parameters:
      userId - (required)
      clientId - `client_id` of the app (required)
      Throws:
      ApiException - if fails to make API call

    • revokeGrantsForUserAndClient

      public void revokeGrantsForUserAndClient(String userId, String clientId, Map<String,String> additionalHeaders) throws ApiException
      Revoke all Grants for a Client Revokes all grants for the specified user and client
      Parameters:
      userId - (required)
      clientId - `client_id` of the app (required)
      additionalHeaders - additionalHeaders for this call
      Throws:
      ApiException - if fails to make API call

    • revokeTokenForUserAndClient

      public void revokeTokenForUserAndClient(String userId, String clientId, String tokenId) throws ApiException
      Revoke a Token for a Client Revokes the specified refresh token
      Parameters:
      userId - (required)
      clientId - `client_id` of the app (required)
      tokenId - `id` of Token (required)
      Throws:
      ApiException - if fails to make API call

    • revokeTokenForUserAndClient

      public void revokeTokenForUserAndClient(String userId, String clientId, String tokenId, Map<String,String> additionalHeaders) throws ApiException
      Revoke a Token for a Client Revokes the specified refresh token
      Parameters:
      userId - (required)
      clientId - `client_id` of the app (required)
      tokenId - `id` of Token (required)
      additionalHeaders - additionalHeaders for this call
      Throws:
      ApiException - if fails to make API call

    • revokeTokensForUserAndClient

      public void revokeTokensForUserAndClient(String userId, String clientId) throws ApiException
      Revoke all Refresh Tokens for a Client Revokes all refresh tokens issued for the specified User and Client
      Parameters:
      userId - (required)
      clientId - `client_id` of the app (required)
      Throws:
      ApiException - if fails to make API call

    • revokeTokensForUserAndClient

      public void revokeTokensForUserAndClient(String userId, String clientId, Map<String,String> additionalHeaders) throws ApiException
      Revoke all Refresh Tokens for a Client Revokes all refresh tokens issued for the specified User and Client
      Parameters:
      userId - (required)
      clientId - `client_id` of the app (required)
      additionalHeaders - additionalHeaders for this call
      Throws:
      ApiException - if fails to make API call

    • revokeUserGrant

      public void revokeUserGrant(String userId, String grantId) throws ApiException
      Revoke a User Grant Revokes one grant for a specified user
      Parameters:
      userId - (required)
      grantId - `id` of the Grant (required)
      Throws:
      ApiException - if fails to make API call

    • revokeUserGrant

      public void revokeUserGrant(String userId, String grantId, Map<String,String> additionalHeaders) throws ApiException
      Revoke a User Grant Revokes one grant for a specified user
      Parameters:
      userId - (required)
      grantId - `id` of the Grant (required)
      additionalHeaders - additionalHeaders for this call
      Throws:
      ApiException - if fails to make API call

    • revokeUserGrants

      public void revokeUserGrants(String userId) throws ApiException
      Revoke all User Grants Revokes all grants for a specified user
      Parameters:
      userId - (required)
      Throws:
      ApiException - if fails to make API call

    • revokeUserGrants

      public void revokeUserGrants(String userId, Map<String,String> additionalHeaders) throws ApiException
      Revoke all User Grants Revokes all grants for a specified user
      Parameters:
      userId - (required)
      additionalHeaders - additionalHeaders for this call
      Throws:
      ApiException - if fails to make API call

    • revokeUserSessions

      public void revokeUserSessions(String userId, Boolean oauthTokens) throws ApiException
      Revoke all User Sessions Revokes all active identity provider sessions of the user. This forces the user to authenticate on the next operation. Optionally revokes OpenID Connect and OAuth refresh and access tokens issued to the user.
      Parameters:
      userId - (required)
      oauthTokens - Revoke issued OpenID Connect and OAuth refresh and access tokens (optional, default to false)
      Throws:
      ApiException - if fails to make API call

    • revokeUserSessions

      public void revokeUserSessions(String userId, Boolean oauthTokens, Map<String,String> additionalHeaders) throws ApiException
      Revoke all User Sessions Revokes all active identity provider sessions of the user. This forces the user to authenticate on the next operation. Optionally revokes OpenID Connect and OAuth refresh and access tokens issued to the user.
      Parameters:
      userId - (required)
      oauthTokens - Revoke issued OpenID Connect and OAuth refresh and access tokens (optional, default to false)
      additionalHeaders - additionalHeaders for this call
      Throws:
      ApiException - if fails to make API call

    • setLinkedObjectForUser

      public void setLinkedObjectForUser(String userId, String primaryRelationshipName, String primaryUserId) throws ApiException
      Create a Linked Object for two Users Creates a Linked Object for two users
      Parameters:
      userId - (required)
      primaryRelationshipName - (required)
      primaryUserId - `id` of primary User (required)
      Throws:
      ApiException - if fails to make API call

    • setLinkedObjectForUser

      public void setLinkedObjectForUser(String userId, String primaryRelationshipName, String primaryUserId, Map<String,String> additionalHeaders) throws ApiException
      Create a Linked Object for two Users Creates a Linked Object for two users
      Parameters:
      userId - (required)
      primaryRelationshipName - (required)
      primaryUserId - `id` of primary User (required)
      additionalHeaders - additionalHeaders for this call
      Throws:
      ApiException - if fails to make API call

    • suspendUser

      public void suspendUser(String userId) throws ApiException
      Suspend a User Suspends a user. This operation can only be performed on users with an `ACTIVE` status. The user will have a status of `SUSPENDED` when the process is complete.
      Parameters:
      userId - (required)
      Throws:
      ApiException - if fails to make API call

    • suspendUser

      public void suspendUser(String userId, Map<String,String> additionalHeaders) throws ApiException
      Suspend a User Suspends a user. This operation can only be performed on users with an `ACTIVE` status. The user will have a status of `SUSPENDED` when the process is complete.
      Parameters:
      userId - (required)
      additionalHeaders - additionalHeaders for this call
      Throws:
      ApiException - if fails to make API call

    • unlockUser

      public void unlockUser(String userId) throws ApiException
      Unlock a User Unlocks a user with a `LOCKED_OUT` status or unlocks a user with an `ACTIVE` status that is blocked from unknown devices. Unlocked users have an `ACTIVE` status and can sign in with their current password.
      Parameters:
      userId - (required)
      Throws:
      ApiException - if fails to make API call

    • unlockUser

      public void unlockUser(String userId, Map<String,String> additionalHeaders) throws ApiException
      Unlock a User Unlocks a user with a `LOCKED_OUT` status or unlocks a user with an `ACTIVE` status that is blocked from unknown devices. Unlocked users have an `ACTIVE` status and can sign in with their current password.
      Parameters:
      userId - (required)
      additionalHeaders - additionalHeaders for this call
      Throws:
      ApiException - if fails to make API call

    • unsuspendUser

      public void unsuspendUser(String userId) throws ApiException
      Unsuspend a User Unsuspends a user and returns them to the `ACTIVE` state. This operation can only be performed on users that have a `SUSPENDED` status.
      Parameters:
      userId - (required)
      Throws:
      ApiException - if fails to make API call

    • unsuspendUser

      public void unsuspendUser(String userId, Map<String,String> additionalHeaders) throws ApiException
      Unsuspend a User Unsuspends a user and returns them to the `ACTIVE` state. This operation can only be performed on users that have a `SUSPENDED` status.
      Parameters:
      userId - (required)
      additionalHeaders - additionalHeaders for this call
      Throws:
      ApiException - if fails to make API call

    • updateUser

      public User updateUser(String userId, UpdateUserRequest user, Boolean strict) throws ApiException
      Update a User Updates a user partially determined by the request parameters
      Parameters:
      userId - (required)
      user - (required)
      strict - (optional)
      Returns:
      User
      Throws:
      ApiException - if fails to make API call

    • updateUser

      public User updateUser(String userId, UpdateUserRequest user, Boolean strict, Map<String,String> additionalHeaders) throws ApiException
      Update a User Updates a user partially determined by the request parameters
      Parameters:
      userId - (required)
      user - (required)
      strict - (optional)
      additionalHeaders - additionalHeaders for this call
      Returns:
      User
      Throws:
      ApiException - if fails to make API call

    • getObjectMapper

      protected static com.fasterxml.jackson.databind.ObjectMapper getObjectMapper()