Class: GeneratedApiClient

GeneratedApiClient


new GeneratedApiClient()

Auto-Generated API client, implements the operations as defined in the OpenaAPI JSON spec

Methods


activateApplication(appId)

Activates an inactive application.
Parameters:
Name Type Description
appId String

activateAuthorizationServer(authServerId)

Success
Parameters:
Name Type Description
authServerId String

activateAuthorizationServerPolicy(authServerId, policyId)

Activate Authorization Server Policy
Parameters:
Name Type Description
authServerId String
policyId String

activateAuthorizationServerPolicyRule(authServerId, policyId, ruleId)

Activate Authorization Server Policy Rule
Parameters:
Name Type Description
authServerId String
policyId String
ruleId String

activateEventHook(eventHookId)

Success
Parameters:
Name Type Description
eventHookId String
Returns:
Type
Promise.<EventHook>

activateFactor(userId, factorId, activateFactorRequest)

The `sms` and `token:software:totp` factor types require activation to complete the enrollment process.
Parameters:
Name Type Description
userId String
factorId String
activateFactorRequest ActivateFactorRequest
Returns:
Type
Promise.<UserFactor>

activateGroupRule(ruleId)

Activates a specific group rule by id from your organization
Parameters:
Name Type Description
ruleId String

activateIdentityProvider(idpId)

Activates an inactive IdP.
Parameters:
Name Type Description
idpId String
Returns:
Type
Promise.<IdentityProvider>

activateInlineHook(inlineHookId)

Activates the Inline Hook matching the provided id
Parameters:
Name Type Description
inlineHookId String
Returns:
Type
Promise.<InlineHook>

activateNetworkZone(zoneId)

Activate Network Zone
Parameters:
Name Type Description
zoneId String
Returns:
Type
Promise.<NetworkZone>

activateOrigin(trustedOriginId)

Success
Parameters:
Name Type Description
trustedOriginId String
Returns:
Type
Promise.<TrustedOrigin>

activatePolicy(policyId)

Activates a policy.
Parameters:
Name Type Description
policyId String

activatePolicyRule(policyId, ruleId)

Activates a policy rule.
Parameters:
Name Type Description
policyId String
ruleId String

activateUser(userId, queryParams)

Activates a user. This operation can only be performed on users with a `STAGED` status. Activation of a user is an asynchronous operation. The user will have the `transitioningToStatus` property with a value of `ACTIVE` during activation to indicate that the user hasn't completed the asynchronous operation. The user will have a status of `ACTIVE` when the activation process is complete.
Parameters:
Name Type Description
userId String
queryParams Object Map of query parameters to add to this request
Properties
Name Type Argument Description
sendEmail String <optional>
Returns:
Type
Promise.<UserActivationToken>

addAllAppsAsTargetToRole(userId, roleId)

Success
Parameters:
Name Type Description
userId String
roleId String

addApplicationInstanceTargetToAppAdminRoleGivenToGroup(groupId, roleId, appName, applicationId)

Add App Instance Target to App Administrator Role given to a Group
Parameters:
Name Type Description
groupId String
roleId String
appName String
applicationId String

addApplicationTargetToAdminRoleForUser(userId, roleId, appName)

Success
Parameters:
Name Type Description
userId String
roleId String
appName String

addApplicationTargetToAdminRoleGivenToGroup(groupId, roleId, appName)

Success
Parameters:
Name Type Description
groupId String
roleId String
appName String

addApplicationTargetToAppAdminRoleForUser(userId, roleId, appName, applicationId)

Add App Instance Target to App Administrator Role given to a User
Parameters:
Name Type Description
userId String
roleId String
appName String
applicationId String

addGroupTargetToGroupAdministratorRoleForGroup(groupId, roleId, targetGroupId)

Convenience method for /api/v1/groups/{groupId}/roles/{roleId}/targets/groups/{targetGroupId}
Parameters:
Name Type Description
groupId String
roleId String
targetGroupId String

addGroupTargetToRole(userId, roleId, groupId)

Success
Parameters:
Name Type Description
userId String
roleId String
groupId String

addLinkedObjectDefinition(linkedObject)

Success
Parameters:
Name Type Description
linkedObject LinkedObject
Returns:
Type
Promise.<LinkedObject>

addUserToGroup(groupId, userId)

Adds a user to a group with 'OKTA_GROUP' type.
Parameters:
Name Type Description
groupId String
userId String

assignRoleToGroup(groupId, assignRoleRequest, queryParams)

Assigns a Role to a Group
Parameters:
Name Type Description
groupId String
assignRoleRequest AssignRoleRequest
queryParams Object Map of query parameters to add to this request
Properties
Name Type Argument Description
disableNotifications String <optional>
Returns:
Type
Promise.<Role>

assignRoleToUser(userId, assignRoleRequest, queryParams)

Assigns a role to a user.
Parameters:
Name Type Description
userId String
assignRoleRequest AssignRoleRequest
queryParams Object Map of query parameters to add to this request
Properties
Name Type Argument Description
disableNotifications String <optional>
Returns:
Type
Promise.<Role>

assignUserToApplication(appId, appUser)

Assigns an user to an application with [credentials](#application-user-credentials-object) and an app-specific [profile](#application-user-profile-object). Profile mappings defined for the application are first applied before applying any profile properties specified in the request.
Parameters:
Name Type Description
appId String
appUser AppUser
Returns:
Type
Promise.<AppUser>

changePassword(userId, changePasswordRequest, queryParams)

Changes a user's password by validating the user's current password. This operation can only be performed on users in `STAGED`, `ACTIVE`, `PASSWORD_EXPIRED`, or `RECOVERY` status that have a valid password credential
Parameters:
Name Type Description
userId String
changePasswordRequest ChangePasswordRequest
queryParams Object Map of query parameters to add to this request
Properties
Name Type Argument Description
strict String <optional>
Returns:
Type
Promise.<UserCredentials>

changeRecoveryQuestion(userId, userCredentials)

Changes a user's recovery question & answer credential by validating the user's current password. This operation can only be performed on users in **STAGED**, **ACTIVE** or **RECOVERY** `status` that have a valid password credential
Parameters:
Name Type Description
userId String
userCredentials UserCredentials
Returns:
Type
Promise.<UserCredentials>

clearUserSessions(userId, queryParams)

Removes all active identity provider sessions. This forces the user to authenticate on the next operation. Optionally revokes OpenID Connect and OAuth refresh and access tokens issued to the user.
Parameters:
Name Type Description
userId String
queryParams Object Map of query parameters to add to this request
Properties
Name Type Argument Description
oauthTokens String <optional>

cloneApplicationKey(appId, keyId, queryParams)

Clones a X.509 certificate for an application key credential from a source application to target application.
Parameters:
Name Type Description
appId String
keyId String
queryParams Object Map of query parameters to add to this request
Properties
Name Type Argument Description
targetAid String <optional>
Returns:
Type
Promise.<JsonWebKey>

cloneIdentityProviderKey(idpId, keyId, queryParams)

Clones a X.509 certificate for an IdP signing key credential from a source IdP to target IdP
Parameters:
Name Type Description
idpId String
keyId String
queryParams Object Map of query parameters to add to this request
Properties
Name Type Argument Description
targetIdpId String <optional>
Returns:
Type
Promise.<JsonWebKey>

createApplication(application, queryParams)

Adds a new application to your Okta organization.
Parameters:
Name Type Description
application Application
queryParams Object Map of query parameters to add to this request
Properties
Name Type Argument Description
activate String <optional>
Returns:
Type
Promise.<Application>

createApplicationGroupAssignment(appId, groupId, applicationGroupAssignment)

Assigns a group to an application
Parameters:
Name Type Description
appId String
groupId String
applicationGroupAssignment ApplicationGroupAssignment
Returns:
Type
Promise.<ApplicationGroupAssignment>

createAuthorizationServer(authorizationServer)

Success
Parameters:
Name Type Description
authorizationServer AuthorizationServer
Returns:
Type
Promise.<AuthorizationServer>

createAuthorizationServerPolicy(authServerId, authorizationServerPolicy)

Success
Parameters:
Name Type Description
authServerId String
authorizationServerPolicy AuthorizationServerPolicy
Returns:
Type
Promise.<AuthorizationServerPolicy>

createAuthorizationServerPolicyRule(policyId, authServerId, authorizationServerPolicyRule)

Creates a policy rule for the specified Custom Authorization Server and Policy.
Parameters:
Name Type Description
policyId String
authServerId String
authorizationServerPolicyRule AuthorizationServerPolicyRule
Returns:
Type
Promise.<AuthorizationServerPolicyRule>

createCertificate(domainId, domainCertificate)

Creates the Certificate for the Domain.
Parameters:
Name Type Description
domainId String
domainCertificate DomainCertificate

createDomain(domain)

Creates your domain.
Parameters:
Name Type Description
domain Domain
Returns:
Type
Promise.<Domain>

createEventHook(eventHook)

Success
Parameters:
Name Type Description
eventHook EventHook
Returns:
Type
Promise.<EventHook>

createGroup(group)

Adds a new group with `OKTA_GROUP` type to your organization.
Parameters:
Name Type Description
group Group
Returns:
Type
Promise.<Group>

createGroupRule(groupRule)

Creates a group rule to dynamically add users to the specified group if they match the condition
Parameters:
Name Type Description
groupRule GroupRule
Returns:
Type
Promise.<GroupRule>

createIdentityProvider(identityProvider)

Adds a new IdP to your organization.
Parameters:
Name Type Description
identityProvider IdentityProvider
Returns:
Type
Promise.<IdentityProvider>

createIdentityProviderKey(jsonWebKey)

Adds a new X.509 certificate credential to the IdP key store.
Parameters:
Name Type Description
jsonWebKey JsonWebKey
Returns:
Type
Promise.<JsonWebKey>

createInlineHook(inlineHook)

Success
Parameters:
Name Type Description
inlineHook InlineHook
Returns:
Type
Promise.<InlineHook>

createNetworkZone(networkZone)

Adds a new network zone to your Okta organization.
Parameters:
Name Type Description
networkZone NetworkZone
Returns:
Type
Promise.<NetworkZone>

createOAuth2Claim(authServerId, oAuth2Claim)

Success
Parameters:
Name Type Description
authServerId String
oAuth2Claim OAuth2Claim
Returns:
Type
Promise.<OAuth2Claim>

createOAuth2Scope(authServerId, oAuth2Scope)

Success
Parameters:
Name Type Description
authServerId String
oAuth2Scope OAuth2Scope
Returns:
Type
Promise.<OAuth2Scope>

createOrigin(trustedOrigin)

Success
Parameters:
Name Type Description
trustedOrigin TrustedOrigin
Returns:
Type
Promise.<TrustedOrigin>

createPolicy(policy, queryParams)

Creates a policy.
Parameters:
Name Type Description
policy Policy
queryParams Object Map of query parameters to add to this request
Properties
Name Type Argument Description
activate String <optional>
Returns:
Type
Promise.<Policy>

createPolicyRule(policyId, policyRule)

Creates a policy rule.
Parameters:
Name Type Description
policyId String
policyRule PolicyRule
Returns:
Type
Promise.<PolicyRule>

createSession(createSessionRequest)

Creates a new session for a user with a valid session token. Use this API if, for example, you want to set the session cookie yourself instead of allowing Okta to set it, or want to hold the session ID in order to delete a session via the API instead of visiting the logout URL.
Parameters:
Name Type Description
createSessionRequest CreateSessionRequest
Returns:
Type
Promise.<Session>

createSmsTemplate(smsTemplate)

Adds a new custom SMS template to your organization.
Parameters:
Name Type Description
smsTemplate SmsTemplate
Returns:
Type
Promise.<SmsTemplate>

createUser(createUserRequest, queryParams)

Creates a new user in your Okta organization with or without credentials.
Parameters:
Name Type Description
createUserRequest CreateUserRequest
queryParams Object Map of query parameters to add to this request
Properties
Name Type Argument Description
activate String <optional>
provider String <optional>
nextLogin String <optional>
Returns:
Type
Promise.<User>

createUserType(userType)

Creates a new User Type. A default User Type is automatically created along with your org, and you may add another 9 User Types for a maximum of 10.
Parameters:
Name Type Description
userType UserType
Returns:
Type
Promise.<UserType>

deactivateApplication(appId)

Deactivates an active application.
Parameters:
Name Type Description
appId String

deactivateAuthorizationServer(authServerId)

Success
Parameters:
Name Type Description
authServerId String

deactivateAuthorizationServerPolicy(authServerId, policyId)

Deactivate Authorization Server Policy
Parameters:
Name Type Description
authServerId String
policyId String

deactivateAuthorizationServerPolicyRule(authServerId, policyId, ruleId)

Deactivate Authorization Server Policy Rule
Parameters:
Name Type Description
authServerId String
policyId String
ruleId String

deactivateEventHook(eventHookId)

Success
Parameters:
Name Type Description
eventHookId String
Returns:
Type
Promise.<EventHook>

deactivateGroupRule(ruleId)

Deactivates a specific group rule by id from your organization
Parameters:
Name Type Description
ruleId String

deactivateIdentityProvider(idpId)

Deactivates an active IdP.
Parameters:
Name Type Description
idpId String
Returns:
Type
Promise.<IdentityProvider>

deactivateInlineHook(inlineHookId)

Deactivates the Inline Hook matching the provided id
Parameters:
Name Type Description
inlineHookId String
Returns:
Type
Promise.<InlineHook>

deactivateNetworkZone(zoneId)

Deactivates a network zone.
Parameters:
Name Type Description
zoneId String
Returns:
Type
Promise.<NetworkZone>

deactivateOrDeleteUser(userId, queryParams)

Deletes a user permanently. This operation can only be performed on users that have a `DEPROVISIONED` status. **This action cannot be recovered!**
Parameters:
Name Type Description
userId String
queryParams Object Map of query parameters to add to this request
Properties
Name Type Argument Description
sendEmail String <optional>

deactivateOrigin(trustedOriginId)

Success
Parameters:
Name Type Description
trustedOriginId String
Returns:
Type
Promise.<TrustedOrigin>

deactivatePolicy(policyId)

Deactivates a policy.
Parameters:
Name Type Description
policyId String

deactivatePolicyRule(policyId, ruleId)

Deactivates a policy rule.
Parameters:
Name Type Description
policyId String
ruleId String

deactivateUser(userId, queryParams)

Deactivates a user. This operation can only be performed on users that do not have a `DEPROVISIONED` status. Deactivation of a user is an asynchronous operation. The user will have the `transitioningToStatus` property with a value of `DEPROVISIONED` during deactivation to indicate that the user hasn't completed the asynchronous operation. The user will have a status of `DEPROVISIONED` when the deactivation process is complete.
Parameters:
Name Type Description
userId String
queryParams Object Map of query parameters to add to this request
Properties
Name Type Argument Description
sendEmail String <optional>

deleteApplication(appId)

Removes an inactive application.
Parameters:
Name Type Description
appId String

deleteApplicationGroupAssignment(appId, groupId)

Removes a group assignment from an application.
Parameters:
Name Type Description
appId String
groupId String

deleteApplicationUser(appId, userId, queryParams)

Removes an assignment for a user from an application.
Parameters:
Name Type Description
appId String
userId String
queryParams Object Map of query parameters to add to this request
Properties
Name Type Argument Description
sendEmail String <optional>

deleteAuthorizationServer(authServerId)

Success
Parameters:
Name Type Description
authServerId String

deleteAuthorizationServerPolicy(authServerId, policyId)

Success
Parameters:
Name Type Description
authServerId String
policyId String

deleteAuthorizationServerPolicyRule(policyId, authServerId, ruleId)

Deletes a Policy Rule defined in the specified Custom Authorization Server and Policy.
Parameters:
Name Type Description
policyId String
authServerId String
ruleId String

deleteDomain(domainId)

Deletes a Domain by `id`.
Parameters:
Name Type Description
domainId String

deleteEventHook(eventHookId)

Success
Parameters:
Name Type Description
eventHookId String

deleteFactor(userId, factorId)

Unenrolls an existing factor for the specified user, allowing the user to enroll a new factor.
Parameters:
Name Type Description
userId String
factorId String

deleteGroup(groupId)

Removes a group with `OKTA_GROUP` type from your organization.
Parameters:
Name Type Description
groupId String

deleteGroupRule(ruleId, queryParams)

Removes a specific group rule by id from your organization
Parameters:
Name Type Description
ruleId String
queryParams Object Map of query parameters to add to this request
Properties
Name Type Argument Description
removeUsers String <optional>

deleteIdentityProvider(idpId)

Removes an IdP from your organization.
Parameters:
Name Type Description
idpId String

deleteIdentityProviderKey(keyId)

Deletes a specific IdP Key Credential by `kid` if it is not currently being used by an Active or Inactive IdP.
Parameters:
Name Type Description
keyId String

deleteInlineHook(inlineHookId)

Deletes the Inline Hook matching the provided id. Once deleted, the Inline Hook is unrecoverable. As a safety precaution, only Inline Hooks with a status of INACTIVE are eligible for deletion.
Parameters:
Name Type Description
inlineHookId String

deleteLinkedObjectDefinition(linkedObjectName)

Success
Parameters:
Name Type Description
linkedObjectName String

deleteNetworkZone(zoneId)

Removes network zone.
Parameters:
Name Type Description
zoneId String

deleteOAuth2Claim(authServerId, claimId)

Success
Parameters:
Name Type Description
authServerId String
claimId String

deleteOAuth2Scope(authServerId, scopeId)

Success
Parameters:
Name Type Description
authServerId String
scopeId String

deleteOrigin(trustedOriginId)

Success
Parameters:
Name Type Description
trustedOriginId String

deletePolicy(policyId)

Removes a policy.
Parameters:
Name Type Description
policyId String

deletePolicyRule(policyId, ruleId)

Removes a policy rule.
Parameters:
Name Type Description
policyId String
ruleId String

deleteSmsTemplate(templateId)

Removes an SMS template.
Parameters:
Name Type Description
templateId String

deleteUserType(typeId)

Deletes a User Type permanently. This operation is not permitted for the default type, nor for any User Type that has existing users
Parameters:
Name Type Description
typeId String

endSession(sessionId)

Convenience method for /api/v1/sessions/{sessionId}
Parameters:
Name Type Description
sessionId String

enrollFactor(userId, userFactor, queryParams)

Enrolls a user with a supported factor.
Parameters:
Name Type Description
userId String
userFactor UserFactor
queryParams Object Map of query parameters to add to this request
Properties
Name Type Argument Description
updatePhone String <optional>
templateId String <optional>
tokenLifetimeSeconds String <optional>
activate String <optional>
Returns:
Type
Promise.<UserFactor>

executeInlineHook(inlineHookId, inlineHookPayload)

Executes the Inline Hook matching the provided inlineHookId using the request body as the input. This will send the provided data through the Channel and return a response if it matches the correct data contract. This execution endpoint should only be used for testing purposes.
Parameters:
Name Type Description
inlineHookId String
inlineHookPayload InlineHookPayload
Returns:
Type
Promise.<InlineHookResponse>

expirePassword(userId)

This operation transitions the user to the status of `PASSWORD_EXPIRED` so that the user is required to change their password at their next login.
Parameters:
Name Type Description
userId String
Returns:
Type
Promise.<User>

expirePasswordAndGetTemporaryPassword(userId)

This operation transitions the user to the status of `PASSWORD_EXPIRED` and the user's password is reset to a temporary password that is returned.
Parameters:
Name Type Description
userId String
Returns:
Type
Promise.<TempPassword>

extendOktaSupport()

Extends the length of time that Okta Support can access your org by 24 hours. This means that 24 hours are added to the remaining access time.
Returns:
Type
Promise.<OrgOktaSupportSettingsObj>

forgotPasswordGenerateOneTimeToken(userId, queryParams)

Generates a one-time token (OTT) that can be used to reset a user's password
Parameters:
Name Type Description
userId String
queryParams Object Map of query parameters to add to this request
Properties
Name Type Argument Description
sendEmail String <optional>
Returns:
Type
Promise.<ForgotPasswordResponse>

forgotPasswordSetNewPassword(userId, userCredentials, queryParams)

Sets a new password for a user by validating the user's answer to their current recovery question
Parameters:
Name Type Description
userId String
userCredentials UserCredentials
queryParams Object Map of query parameters to add to this request
Properties
Name Type Argument Description
sendEmail String <optional>
Returns:
Type
Promise.<ForgotPasswordResponse>

generateApplicationKey(appId, queryParams)

Generates a new X.509 certificate for an application key credential
Parameters:
Name Type Description
appId String
queryParams Object Map of query parameters to add to this request
Properties
Name Type Argument Description
validityYears String <optional>
Returns:
Type
Promise.<JsonWebKey>

generateCsrForApplication(appId, csrMetadata)

Generates a new key pair and returns the Certificate Signing Request for it.
Parameters:
Name Type Description
appId String
csrMetadata CsrMetadata
Returns:
Type
Promise.<Csr>

generateCsrForIdentityProvider(idpId, csrMetadata)

Generates a new key pair and returns a Certificate Signing Request for it.
Parameters:
Name Type Description
idpId String
csrMetadata CsrMetadata
Returns:
Type
Promise.<Csr>

generateIdentityProviderSigningKey(idpId, queryParams)

Generates a new X.509 certificate for an IdP signing key credential to be used for signing assertions sent to the IdP
Parameters:
Name Type Description
idpId String
queryParams Object Map of query parameters to add to this request
Properties
Name Type Argument Description
validityYears String <optional>
Returns:
Type
Promise.<JsonWebKey>

getApplication(appId, queryParams)

Fetches an application from your Okta organization by `id`.
Parameters:
Name Type Description
appId String
queryParams Object Map of query parameters to add to this request
Properties
Name Type Argument Description
expand String <optional>
Returns:
Type
Promise.<Application>

getApplicationGroupAssignment(appId, groupId, queryParams)

Fetches an application group assignment
Parameters:
Name Type Description
appId String
groupId String
queryParams Object Map of query parameters to add to this request
Properties
Name Type Argument Description
expand String <optional>
Returns:
Type
Promise.<ApplicationGroupAssignment>

getApplicationKey(appId, keyId)

Gets a specific application key credential by kid
Parameters:
Name Type Description
appId String
keyId String
Returns:
Type
Promise.<JsonWebKey>

getApplicationUser(appId, userId, queryParams)

Fetches a specific user assignment for application by `id`.
Parameters:
Name Type Description
appId String
userId String
queryParams Object Map of query parameters to add to this request
Properties
Name Type Argument Description
expand String <optional>
Returns:
Type
Promise.<AppUser>

getApplicationUserSchema(appInstanceId)

Fetches the Schema for an App User
Parameters:
Name Type Description
appInstanceId String
Returns:
Type
Promise.<UserSchema>

getAuthorizationServer(authServerId)

Success
Parameters:
Name Type Description
authServerId String
Returns:
Type
Promise.<AuthorizationServer>

getAuthorizationServerPolicy(authServerId, policyId)

Success
Parameters:
Name Type Description
authServerId String
policyId String
Returns:
Type
Promise.<AuthorizationServerPolicy>

getAuthorizationServerPolicyRule(policyId, authServerId, ruleId)

Returns a Policy Rule by ID that is defined in the specified Custom Authorization Server and Policy.
Parameters:
Name Type Description
policyId String
authServerId String
ruleId String
Returns:
Type
Promise.<AuthorizationServerPolicyRule>

getCsrForApplication(appId, csrId)

Convenience method for /api/v1/apps/{appId}/credentials/csrs/{csrId}
Parameters:
Name Type Description
appId String
csrId String
Returns:
Type
Promise.<Csr>

getCsrForIdentityProvider(idpId, csrId)

Gets a specific Certificate Signing Request model by id
Parameters:
Name Type Description
idpId String
csrId String
Returns:
Type
Promise.<Csr>

getCurrentConfiguration()

Gets current ThreatInsight configuration
Returns:
Type
Promise.<ThreatInsightConfiguration>

getDomain(domainId)

Fetches a Domain by `id`.
Parameters:
Name Type Description
domainId String
Returns:
Type
Promise.<Domain>

getEventHook(eventHookId)

Success
Parameters:
Name Type Description
eventHookId String
Returns:
Type
Promise.<EventHook>

getFactor(userId, factorId)

Fetches a factor for the specified user
Parameters:
Name Type Description
userId String
factorId String
Returns:
Type
Promise.<UserFactor>

getFactorTransactionStatus(userId, factorId, transactionId)

Polls factors verification transaction for status.
Parameters:
Name Type Description
userId String
factorId String
transactionId String
Returns:
Type
Promise.<VerifyUserFactorResponse>

getFeature(featureId)

Success
Parameters:
Name Type Description
featureId String
Returns:
Type
Promise.<Feature>

getGroup(groupId)

Fetches a group from your organization.
Parameters:
Name Type Description
groupId String
Returns:
Type
Promise.<Group>

getGroupRule(ruleId, queryParams)

Fetches a specific group rule by id from your organization
Parameters:
Name Type Description
ruleId String
queryParams Object Map of query parameters to add to this request
Properties
Name Type Argument Description
expand String <optional>
Returns:
Type
Promise.<GroupRule>

getGroupSchema()

Fetches the group schema
Returns:
Type
Promise.<GroupSchema>

getIdentityProvider(idpId)

Fetches an IdP by `id`.
Parameters:
Name Type Description
idpId String
Returns:
Type
Promise.<IdentityProvider>

getIdentityProviderApplicationUser(idpId, userId)

Fetches a linked IdP user by ID
Parameters:
Name Type Description
idpId String
userId String
Returns:
Type
Promise.<IdentityProviderApplicationUser>

getIdentityProviderKey(keyId)

Gets a specific IdP Key Credential by `kid`
Parameters:
Name Type Description
keyId String
Returns:
Type
Promise.<JsonWebKey>

getIdentityProviderSigningKey(idpId, keyId)

Gets a specific IdP Key Credential by `kid`
Parameters:
Name Type Description
idpId String
keyId String
Returns:
Type
Promise.<JsonWebKey>

getInlineHook(inlineHookId)

Gets an inline hook by ID
Parameters:
Name Type Description
inlineHookId String
Returns:
Type
Promise.<InlineHook>

getLinkedObjectDefinition(linkedObjectName)

Success
Parameters:
Name Type Description
linkedObjectName String
Returns:
Type
Promise.<LinkedObject>

getLinkedObjectsForUser(userId, relationshipName, queryParams)

Get linked objects for a user, relationshipName can be a primary or associated relationship name
Parameters:
Name Type Description
userId String
relationshipName String
queryParams Object Map of query parameters to add to this request
Properties
Name Type Argument Description
after String <optional>
limit String <optional>
Returns:
A collection that will yield ResponseLinks instances.
Type
Promise.<Collection>

getLogs(queryParams)

The Okta System Log API provides read access to your organization’s system log. This API provides more functionality than the Events API
Parameters:
Name Type Description
queryParams Object Map of query parameters to add to this request
Properties
Name Type Argument Description
since String <optional>
until String <optional>
filter String <optional>
q String <optional>
limit String <optional>
sortOrder String <optional>
after String <optional>
Returns:
A collection that will yield LogEvent instances.
Type
Promise.<Collection>

getNetworkZone(zoneId)

Fetches a network zone from your Okta organization by `id`.
Parameters:
Name Type Description
zoneId String
Returns:
Type
Promise.<NetworkZone>

getOAuth2Claim(authServerId, claimId)

Success
Parameters:
Name Type Description
authServerId String
claimId String
Returns:
Type
Promise.<OAuth2Claim>

getOAuth2Scope(authServerId, scopeId)

Success
Parameters:
Name Type Description
authServerId String
scopeId String
Returns:
Type
Promise.<OAuth2Scope>

getOAuth2TokenForApplication(appId, tokenId, queryParams)

Gets a token for the specified application
Parameters:
Name Type Description
appId String
tokenId String
queryParams Object Map of query parameters to add to this request
Properties
Name Type Argument Description
expand String <optional>
Returns:
Type
Promise.<OAuth2Token>

getOktaCommunicationSettings()

Gets Okta Communication Settings of your organization.
Returns:
Type
Promise.<OrgOktaCommunicationSetting>

getOrgContactTypes()

Gets Contact Types of your organization.
Returns:
A collection that will yield OrgContactTypeObj instances.
Type
Promise.<Collection>

getOrgContactUser(contactType)

Retrieves the URL of the User associated with the specified Contact Type.
Parameters:
Name Type Description
contactType String
Returns:
Type
Promise.<OrgContactUser>

getOrgOktaSupportSettings()

Gets Okta Support Settings of your organization.
Returns:
Type
Promise.<OrgOktaSupportSettingsObj>

getOrgPreferences()

Gets preferences of your organization.
Returns:
Type
Promise.<OrgPreferences>

getOrgSettings()

Get settings of your organization.
Returns:
Type
Promise.<OrgSetting>

getOrigin(trustedOriginId)

Success
Parameters:
Name Type Description
trustedOriginId String
Returns:
Type
Promise.<TrustedOrigin>

getPolicy(policyId, queryParams)

Gets a policy.
Parameters:
Name Type Description
policyId String
queryParams Object Map of query parameters to add to this request
Properties
Name Type Argument Description
expand String <optional>
Returns:
Type
Promise.<Policy>

getPolicyRule(policyId, ruleId)

Gets a policy rule.
Parameters:
Name Type Description
policyId String
ruleId String
Returns:
Type
Promise.<PolicyRule>

getProfileMapping(mappingId)

Fetches a single Profile Mapping referenced by its ID.
Parameters:
Name Type Description
mappingId String
Returns:
Type
Promise.<ProfileMapping>

getRefreshTokenForAuthorizationServerAndClient(authServerId, clientId, tokenId, queryParams)

Success
Parameters:
Name Type Description
authServerId String
clientId String
tokenId String
queryParams Object Map of query parameters to add to this request
Properties
Name Type Argument Description
expand String <optional>
Returns:
Type
Promise.<OAuth2RefreshToken>

getRefreshTokenForUserAndClient(userId, clientId, tokenId, queryParams)

Gets a refresh token issued for the specified User and Client.
Parameters:
Name Type Description
userId String
clientId String
tokenId String
queryParams Object Map of query parameters to add to this request
Properties
Name Type Argument Description
expand String <optional>
limit String <optional>
after String <optional>
Returns:
Type
Promise.<OAuth2RefreshToken>

getRole(groupId, roleId)

Success
Parameters:
Name Type Description
groupId String
roleId String
Returns:
Type
Promise.<Role>

getScopeConsentGrant(appId, grantId, queryParams)

Fetches a single scope consent grant for the application
Parameters:
Name Type Description
appId String
grantId String
queryParams Object Map of query parameters to add to this request
Properties
Name Type Argument Description
expand String <optional>
Returns:
Type
Promise.<OAuth2ScopeConsentGrant>

getSession(sessionId)

Get details about a session.
Parameters:
Name Type Description
sessionId String
Returns:
Type
Promise.<Session>

getSmsTemplate(templateId)

Fetches a specific template by `id`
Parameters:
Name Type Description
templateId String
Returns:
Type
Promise.<SmsTemplate>

getUser(userId)

Fetches a user from your Okta organization.
Parameters:
Name Type Description
userId String
Returns:
Type
Promise.<User>

getUserGrant(userId, grantId, queryParams)

Gets a grant for the specified user
Parameters:
Name Type Description
userId String
grantId String
queryParams Object Map of query parameters to add to this request
Properties
Name Type Argument Description
expand String <optional>
Returns:
Type
Promise.<OAuth2ScopeConsentGrant>

getUserRole(userId, roleId)

Gets role that is assigne to user.
Parameters:
Name Type Description
userId String
roleId String
Returns:
Type
Promise.<Role>

getUserSchema(schemaId)

Fetches the schema for a Schema Id.
Parameters:
Name Type Description
schemaId String
Returns:
Type
Promise.<UserSchema>

getUserType(typeId)

Fetches a User Type by ID. The special identifier `default` may be used to fetch the default User Type.
Parameters:
Name Type Description
typeId String
Returns:
Type
Promise.<UserType>

grantConsentToScope(appId, oAuth2ScopeConsentGrant)

Grants consent for the application to request an OAuth 2.0 Okta scope
Parameters:
Name Type Description
appId String
oAuth2ScopeConsentGrant OAuth2ScopeConsentGrant
Returns:
Type
Promise.<OAuth2ScopeConsentGrant>

grantOktaSupport()

Enables you to temporarily allow Okta Support to access your org as an administrator for eight hours.
Returns:
Type
Promise.<OrgOktaSupportSettingsObj>

hideOktaUIFooter()

Hide the Okta UI footer for all end users of your organization.
Returns:
Type
Promise.<OrgPreferences>

linkUserToIdentityProvider(idpId, userId, userIdentityProviderLinkRequest)

Links an Okta user to an existing Social Identity Provider. This does not support the SAML2 Identity Provider Type
Parameters:
Name Type Description
idpId String
userId String
userIdentityProviderLinkRequest UserIdentityProviderLinkRequest
Returns:
Type
Promise.<IdentityProviderApplicationUser>

listApplicationGroupAssignments(appId, queryParams)

Enumerates group assignments for an application.
Parameters:
Name Type Description
appId String
queryParams Object Map of query parameters to add to this request
Properties
Name Type Argument Description
q String <optional>
after String <optional>
limit String <optional>
expand String <optional>
Returns:
A collection that will yield ApplicationGroupAssignment instances.
Type
Promise.<Collection>

listApplicationKeys(appId)

Enumerates key credentials for an application
Parameters:
Name Type Description
appId String
Returns:
A collection that will yield JsonWebKey instances.
Type
Promise.<Collection>

listApplications(queryParams)

Enumerates apps added to your organization with pagination. A subset of apps can be returned that match a supported filter expression or query.
Parameters:
Name Type Description
queryParams Object Map of query parameters to add to this request
Properties
Name Type Argument Description
q String <optional>
after String <optional>
limit String <optional>
filter String <optional>
expand String <optional>
includeNonDeleted String <optional>
Returns:
A collection that will yield Application instances.
Type
Promise.<Collection>

listApplicationTargetsForApplicationAdministratorRoleForGroup(groupId, roleId, queryParams)

Lists all App targets for an `APP_ADMIN` Role assigned to a Group. This methods return list may include full Applications or Instances. The response for an instance will have an `ID` value, while Application will not have an ID.
Parameters:
Name Type Description
groupId String
roleId String
queryParams Object Map of query parameters to add to this request
Properties
Name Type Argument Description
after String <optional>
limit String <optional>
Returns:
A collection that will yield CatalogApplication instances.
Type
Promise.<Collection>

listApplicationTargetsForApplicationAdministratorRoleForUser(userId, roleId, queryParams)

Lists all App targets for an `APP_ADMIN` Role assigned to a User. This methods return list may include full Applications or Instances. The response for an instance will have an `ID` value, while Application will not have an ID.
Parameters:
Name Type Description
userId String
roleId String
queryParams Object Map of query parameters to add to this request
Properties
Name Type Argument Description
after String <optional>
limit String <optional>
Returns:
A collection that will yield CatalogApplication instances.
Type
Promise.<Collection>

listApplicationUsers(appId, queryParams)

Enumerates all assigned [application users](#application-user-model) for an application.
Parameters:
Name Type Description
appId String
queryParams Object Map of query parameters to add to this request
Properties
Name Type Argument Description
q String <optional>
query_scope String <optional>
after String <optional>
limit String <optional>
filter String <optional>
expand String <optional>
Returns:
A collection that will yield AppUser instances.
Type
Promise.<Collection>

Fetches appLinks for all direct or indirect (via group membership) assigned applications.
Parameters:
Name Type Description
userId String
Returns:
A collection that will yield AppLink instances.
Type
Promise.<Collection>

listAssignedApplicationsForGroup(groupId, queryParams)

Enumerates all applications that are assigned to a group.
Parameters:
Name Type Description
groupId String
queryParams Object Map of query parameters to add to this request
Properties
Name Type Argument Description
after String <optional>
limit String <optional>
Returns:
A collection that will yield Application instances.
Type
Promise.<Collection>

listAssignedRolesForUser(userId, queryParams)

Lists all roles assigned to a user.
Parameters:
Name Type Description
userId String
queryParams Object Map of query parameters to add to this request
Properties
Name Type Argument Description
expand String <optional>
Returns:
A collection that will yield Role instances.
Type
Promise.<Collection>

listAuthorizationServerKeys(authServerId)

Success
Parameters:
Name Type Description
authServerId String
Returns:
A collection that will yield JsonWebKey instances.
Type
Promise.<Collection>

listAuthorizationServerPolicies(authServerId)

Success
Parameters:
Name Type Description
authServerId String
Returns:
A collection that will yield AuthorizationServerPolicy instances.
Type
Promise.<Collection>

listAuthorizationServerPolicyRules(policyId, authServerId)

Enumerates all policy rules for the specified Custom Authorization Server and Policy.
Parameters:
Name Type Description
policyId String
authServerId String
Returns:
A collection that will yield AuthorizationServerPolicyRule instances.
Type
Promise.<Collection>

listAuthorizationServers(queryParams)

Success
Parameters:
Name Type Description
queryParams Object Map of query parameters to add to this request
Properties
Name Type Argument Description
q String <optional>
limit String <optional>
after String <optional>
Returns:
A collection that will yield AuthorizationServer instances.
Type
Promise.<Collection>

listCsrsForApplication(appId)

Enumerates Certificate Signing Requests for an application
Parameters:
Name Type Description
appId String
Returns:
A collection that will yield Csr instances.
Type
Promise.<Collection>

listCsrsForIdentityProvider(idpId)

Enumerates Certificate Signing Requests for an IdP
Parameters:
Name Type Description
idpId String
Returns:
A collection that will yield Csr instances.
Type
Promise.<Collection>

listDomains()

List all verified custom Domains for the org.
Returns:
Type
Promise.<DomainListResponse>

listEventHooks()

Success
Returns:
A collection that will yield EventHook instances.
Type
Promise.<Collection>

listFactors(userId)

Enumerates all the enrolled factors for the specified user
Parameters:
Name Type Description
userId String
Returns:
A collection that will yield UserFactor instances.
Type
Promise.<Collection>

listFeatureDependencies(featureId)

Success
Parameters:
Name Type Description
featureId String
Returns:
A collection that will yield Feature instances.
Type
Promise.<Collection>

listFeatureDependents(featureId)

Success
Parameters:
Name Type Description
featureId String
Returns:
A collection that will yield Feature instances.
Type
Promise.<Collection>

listFeatures()

Success
Returns:
A collection that will yield Feature instances.
Type
Promise.<Collection>

listGrantsForUserAndClient(userId, clientId, queryParams)

Lists all grants for a specified user and client
Parameters:
Name Type Description
userId String
clientId String
queryParams Object Map of query parameters to add to this request
Properties
Name Type Argument Description
expand String <optional>
after String <optional>
limit String <optional>
Returns:
A collection that will yield OAuth2ScopeConsentGrant instances.
Type
Promise.<Collection>

listGroupAssignedRoles(groupId, queryParams)

Success
Parameters:
Name Type Description
groupId String
queryParams Object Map of query parameters to add to this request
Properties
Name Type Argument Description
expand String <optional>
Returns:
A collection that will yield Role instances.
Type
Promise.<Collection>

listGroupRules(queryParams)

Lists all group rules for your organization.
Parameters:
Name Type Description
queryParams Object Map of query parameters to add to this request
Properties
Name Type Argument Description
limit String <optional>
after String <optional>
search String <optional>
expand String <optional>
Returns:
A collection that will yield GroupRule instances.
Type
Promise.<Collection>

listGroups(queryParams)

Enumerates groups in your organization with pagination. A subset of groups can be returned that match a supported filter expression or query.
Parameters:
Name Type Description
queryParams Object Map of query parameters to add to this request
Properties
Name Type Argument Description
q String <optional>
search String <optional>
after String <optional>
limit String <optional>
expand String <optional>
Returns:
A collection that will yield Group instances.
Type
Promise.<Collection>

listGroupTargetsForGroupRole(groupId, roleId, queryParams)

Success
Parameters:
Name Type Description
groupId String
roleId String
queryParams Object Map of query parameters to add to this request
Properties
Name Type Argument Description
after String <optional>
limit String <optional>
Returns:
A collection that will yield Group instances.
Type
Promise.<Collection>

listGroupTargetsForRole(userId, roleId, queryParams)

Success
Parameters:
Name Type Description
userId String
roleId String
queryParams Object Map of query parameters to add to this request
Properties
Name Type Argument Description
after String <optional>
limit String <optional>
Returns:
A collection that will yield Group instances.
Type
Promise.<Collection>

listGroupUsers(groupId, queryParams)

Enumerates all users that are a member of a group.
Parameters:
Name Type Description
groupId String
queryParams Object Map of query parameters to add to this request
Properties
Name Type Argument Description
after String <optional>
limit String <optional>
Returns:
A collection that will yield User instances.
Type
Promise.<Collection>

listIdentityProviderApplicationUsers(idpId)

Find all the users linked to an identity provider
Parameters:
Name Type Description
idpId String
Returns:
A collection that will yield IdentityProviderApplicationUser instances.
Type
Promise.<Collection>

listIdentityProviderKeys(queryParams)

Enumerates IdP key credentials.
Parameters:
Name Type Description
queryParams Object Map of query parameters to add to this request
Properties
Name Type Argument Description
after String <optional>
limit String <optional>
Returns:
A collection that will yield JsonWebKey instances.
Type
Promise.<Collection>

listIdentityProviders(queryParams)

Enumerates IdPs in your organization with pagination. A subset of IdPs can be returned that match a supported filter expression or query.
Parameters:
Name Type Description
queryParams Object Map of query parameters to add to this request
Properties
Name Type Argument Description
q String <optional>
after String <optional>
limit String <optional>
type String <optional>
Returns:
A collection that will yield IdentityProvider instances.
Type
Promise.<Collection>

listIdentityProviderSigningKeys(idpId)

Enumerates signing key credentials for an IdP
Parameters:
Name Type Description
idpId String
Returns:
A collection that will yield JsonWebKey instances.
Type
Promise.<Collection>

listInlineHooks(queryParams)

Success
Parameters:
Name Type Description
queryParams Object Map of query parameters to add to this request
Properties
Name Type Argument Description
type String <optional>
Returns:
A collection that will yield InlineHook instances.
Type
Promise.<Collection>

listLinkedObjectDefinitions()

Success
Returns:
A collection that will yield LinkedObject instances.
Type
Promise.<Collection>

listNetworkZones(queryParams)

Enumerates network zones added to your organization with pagination. A subset of zones can be returned that match a supported filter expression or query.
Parameters:
Name Type Description
queryParams Object Map of query parameters to add to this request
Properties
Name Type Argument Description
after String <optional>
limit String <optional>
filter String <optional>
Returns:
A collection that will yield NetworkZone instances.
Type
Promise.<Collection>

listOAuth2Claims(authServerId)

Success
Parameters:
Name Type Description
authServerId String
Returns:
A collection that will yield OAuth2Claim instances.
Type
Promise.<Collection>

listOAuth2ClientsForAuthorizationServer(authServerId)

Success
Parameters:
Name Type Description
authServerId String
Returns:
A collection that will yield OAuth2Client instances.
Type
Promise.<Collection>

listOAuth2Scopes(authServerId, queryParams)

Success
Parameters:
Name Type Description
authServerId String
queryParams Object Map of query parameters to add to this request
Properties
Name Type Argument Description
q String <optional>
filter String <optional>
cursor String <optional>
limit String <optional>
Returns:
A collection that will yield OAuth2Scope instances.
Type
Promise.<Collection>

listOAuth2TokensForApplication(appId, queryParams)

Lists all tokens for the application
Parameters:
Name Type Description
appId String
queryParams Object Map of query parameters to add to this request
Properties
Name Type Argument Description
expand String <optional>
after String <optional>
limit String <optional>
Returns:
A collection that will yield OAuth2Token instances.
Type
Promise.<Collection>

listOrigins(queryParams)

Success
Parameters:
Name Type Description
queryParams Object Map of query parameters to add to this request
Properties
Name Type Argument Description
q String <optional>
filter String <optional>
after String <optional>
limit String <optional>
Returns:
A collection that will yield TrustedOrigin instances.
Type
Promise.<Collection>

listPolicies(queryParams)

Gets all policies with the specified type.
Parameters:
Name Type Description
queryParams Object Map of query parameters to add to this request
Properties
Name Type Argument Description
type String <optional>
status String <optional>
expand String <optional>
Returns:
A collection that will yield Policy instances.
Type
Promise.<Collection>

listPolicyRules(policyId)

Enumerates all policy rules.
Parameters:
Name Type Description
policyId String
Returns:
A collection that will yield PolicyRule instances.
Type
Promise.<Collection>

listProfileMappings(queryParams)

Enumerates Profile Mappings in your organization with pagination.
Parameters:
Name Type Description
queryParams Object Map of query parameters to add to this request
Properties
Name Type Argument Description
after String <optional>
limit String <optional>
sourceId String <optional>
targetId String <optional>
Returns:
A collection that will yield ProfileMapping instances.
Type
Promise.<Collection>

listRefreshTokensForAuthorizationServerAndClient(authServerId, clientId, queryParams)

Success
Parameters:
Name Type Description
authServerId String
clientId String
queryParams Object Map of query parameters to add to this request
Properties
Name Type Argument Description
expand String <optional>
after String <optional>
limit String <optional>
Returns:
A collection that will yield OAuth2RefreshToken instances.
Type
Promise.<Collection>

listRefreshTokensForUserAndClient(userId, clientId, queryParams)

Lists all refresh tokens issued for the specified User and Client.
Parameters:
Name Type Description
userId String
clientId String
queryParams Object Map of query parameters to add to this request
Properties
Name Type Argument Description
expand String <optional>
after String <optional>
limit String <optional>
Returns:
A collection that will yield OAuth2RefreshToken instances.
Type
Promise.<Collection>

listScopeConsentGrants(appId, queryParams)

Lists all scope consent grants for the application
Parameters:
Name Type Description
appId String
queryParams Object Map of query parameters to add to this request
Properties
Name Type Argument Description
expand String <optional>
Returns:
A collection that will yield OAuth2ScopeConsentGrant instances.
Type
Promise.<Collection>

listSmsTemplates(queryParams)

Enumerates custom SMS templates in your organization. A subset of templates can be returned that match a template type.
Parameters:
Name Type Description
queryParams Object Map of query parameters to add to this request
Properties
Name Type Argument Description
templateType String <optional>
Returns:
A collection that will yield SmsTemplate instances.
Type
Promise.<Collection>

listSocialAuthTokens(idpId, userId)

Fetches the tokens minted by the Social Authentication Provider when the user authenticates with Okta via Social Auth.
Parameters:
Name Type Description
idpId String
userId String
Returns:
A collection that will yield SocialAuthToken instances.
Type
Promise.<Collection>

listSupportedFactors(userId)

Enumerates all the supported factors that can be enrolled for the specified user
Parameters:
Name Type Description
userId String
Returns:
A collection that will yield UserFactor instances.
Type
Promise.<Collection>

listSupportedSecurityQuestions(userId)

Enumerates all available security questions for a user's `question` factor
Parameters:
Name Type Description
userId String
Returns:
A collection that will yield SecurityQuestion instances.
Type
Promise.<Collection>

listUserClients(userId)

Lists all client resources for which the specified user has grants or tokens.
Parameters:
Name Type Description
userId String
Returns:
A collection that will yield OAuth2Client instances.
Type
Promise.<Collection>

listUserGrants(userId, queryParams)

Lists all grants for the specified user
Parameters:
Name Type Description
userId String
queryParams Object Map of query parameters to add to this request
Properties
Name Type Argument Description
scopeId String <optional>
expand String <optional>
after String <optional>
limit String <optional>
Returns:
A collection that will yield OAuth2ScopeConsentGrant instances.
Type
Promise.<Collection>

listUserGroups(userId)

Fetches the groups of which the user is a member.
Parameters:
Name Type Description
userId String
Returns:
A collection that will yield Group instances.
Type
Promise.<Collection>

listUserIdentityProviders(userId)

Lists the IdPs associated with the user.
Parameters:
Name Type Description
userId String
Returns:
A collection that will yield IdentityProvider instances.
Type
Promise.<Collection>

listUsers(queryParams)

Lists users in your organization with pagination in most cases. A subset of users can be returned that match a supported filter expression or search criteria.
Parameters:
Name Type Description
queryParams Object Map of query parameters to add to this request
Properties
Name Type Argument Description
q String <optional>
after String <optional>
limit String <optional>
filter String <optional>
search String <optional>
sortBy String <optional>
sortOrder String <optional>
Returns:
A collection that will yield User instances.
Type
Promise.<Collection>

listUserTypes()

Fetches all User Types in your org
Returns:
A collection that will yield UserType instances.
Type
Promise.<Collection>

optInUsersToOktaCommunicationEmails()

Opts in all users of this org to Okta Communication emails.
Returns:
Type
Promise.<OrgOktaCommunicationSetting>

optOutUsersFromOktaCommunicationEmails()

Opts out all users of this org from Okta Communication emails.
Returns:
Type
Promise.<OrgOktaCommunicationSetting>

partialUpdateOrgSetting(orgSetting)

Partial update settings of your organization.
Parameters:
Name Type Description
orgSetting OrgSetting
Returns:
Type
Promise.<OrgSetting>

partialUpdateSmsTemplate(templateId, smsTemplate)

Updates only some of the SMS template properties:
Parameters:
Name Type Description
templateId String
smsTemplate SmsTemplate
Returns:
Type
Promise.<SmsTemplate>

partialUpdateUser(userId, user, queryParams)

Fetch a user by `id`, `login`, or `login shortname` if the short name is unambiguous.
Parameters:
Name Type Description
userId String
user User
queryParams Object Map of query parameters to add to this request
Properties
Name Type Argument Description
strict String <optional>
Returns:
Type
Promise.<User>

publishBinaryCerCert(appId, csrId, string)

Convenience method for /api/v1/apps/{appId}/credentials/csrs/{csrId}/lifecycle/publish
Parameters:
Name Type Description
appId String
csrId String
string string
Returns:
Type
Promise.<JsonWebKey>

publishBinaryCerCertForIdentityProvider(idpId, csrId, string)

Update the Certificate Signing Request with a signed X.509 certificate and add it into the signing key credentials for the IdP.
Parameters:
Name Type Description
idpId String
csrId String
string string
Returns:
Type
Promise.<JsonWebKey>

publishBinaryDerCert(appId, csrId, string)

Convenience method for /api/v1/apps/{appId}/credentials/csrs/{csrId}/lifecycle/publish
Parameters:
Name Type Description
appId String
csrId String
string string
Returns:
Type
Promise.<JsonWebKey>

publishBinaryDerCertForIdentityProvider(idpId, csrId, string)

Update the Certificate Signing Request with a signed X.509 certificate and add it into the signing key credentials for the IdP.
Parameters:
Name Type Description
idpId String
csrId String
string string
Returns:
Type
Promise.<JsonWebKey>

publishBinaryPemCert(appId, csrId, string)

Convenience method for /api/v1/apps/{appId}/credentials/csrs/{csrId}/lifecycle/publish
Parameters:
Name Type Description
appId String
csrId String
string string
Returns:
Type
Promise.<JsonWebKey>

publishBinaryPemCertForIdentityProvider(idpId, csrId, string)

Update the Certificate Signing Request with a signed X.509 certificate and add it into the signing key credentials for the IdP.
Parameters:
Name Type Description
idpId String
csrId String
string string
Returns:
Type
Promise.<JsonWebKey>

publishCerCert(appId, csrId, string)

Convenience method for /api/v1/apps/{appId}/credentials/csrs/{csrId}/lifecycle/publish
Parameters:
Name Type Description
appId String
csrId String
string string
Returns:
Type
Promise.<JsonWebKey>

publishCerCertForIdentityProvider(idpId, csrId, string)

Update the Certificate Signing Request with a signed X.509 certificate and add it into the signing key credentials for the IdP.
Parameters:
Name Type Description
idpId String
csrId String
string string
Returns:
Type
Promise.<JsonWebKey>

publishDerCert(appId, csrId, string)

Convenience method for /api/v1/apps/{appId}/credentials/csrs/{csrId}/lifecycle/publish
Parameters:
Name Type Description
appId String
csrId String
string string
Returns:
Type
Promise.<JsonWebKey>

publishDerCertForIdentityProvider(idpId, csrId, string)

Update the Certificate Signing Request with a signed X.509 certificate and add it into the signing key credentials for the IdP.
Parameters:
Name Type Description
idpId String
csrId String
string string
Returns:
Type
Promise.<JsonWebKey>

reactivateUser(userId, queryParams)

Reactivates a user. This operation can only be performed on users with a `PROVISIONED` status. This operation restarts the activation workflow if for some reason the user activation was not completed when using the activationToken from [Activate User](#activate-user).
Parameters:
Name Type Description
userId String
queryParams Object Map of query parameters to add to this request
Properties
Name Type Argument Description
sendEmail String <optional>
Returns:
Type
Promise.<UserActivationToken>

refreshSession(sessionId)

Convenience method for /api/v1/sessions/{sessionId}/lifecycle/refresh
Parameters:
Name Type Description
sessionId String
Returns:
Type
Promise.<Session>

removeApplicationTargetFromAdministratorRoleForUser(userId, roleId, appName, applicationId)

Remove App Instance Target to App Administrator Role given to a User
Parameters:
Name Type Description
userId String
roleId String
appName String
applicationId String

removeApplicationTargetFromAdministratorRoleGivenToGroup(groupId, roleId, appName, applicationId)

Remove App Instance Target to App Administrator Role given to a Group
Parameters:
Name Type Description
groupId String
roleId String
appName String
applicationId String

removeApplicationTargetFromApplicationAdministratorRoleForUser(userId, roleId, appName)

Success
Parameters:
Name Type Description
userId String
roleId String
appName String

removeApplicationTargetFromApplicationAdministratorRoleGivenToGroup(groupId, roleId, appName)

Success
Parameters:
Name Type Description
groupId String
roleId String
appName String

removeGroupTargetFromGroupAdministratorRoleGivenToGroup(groupId, roleId, targetGroupId)

Convenience method for /api/v1/groups/{groupId}/roles/{roleId}/targets/groups/{targetGroupId}
Parameters:
Name Type Description
groupId String
roleId String
targetGroupId String

removeGroupTargetFromRole(userId, roleId, groupId)

Success
Parameters:
Name Type Description
userId String
roleId String
groupId String

removeLinkedObjectForUser(userId, relationshipName)

Delete linked objects for a user, relationshipName can be ONLY a primary relationship name
Parameters:
Name Type Description
userId String
relationshipName String

removeRoleFromGroup(groupId, roleId)

Unassigns a Role from a Group
Parameters:
Name Type Description
groupId String
roleId String

removeRoleFromUser(userId, roleId)

Unassigns a role from a user.
Parameters:
Name Type Description
userId String
roleId String

removeUserFromGroup(groupId, userId)

Removes a user from a group with 'OKTA_GROUP' type.
Parameters:
Name Type Description
groupId String
userId String

replaceUserType(typeId, userType)

Replace an existing User Type
Parameters:
Name Type Description
typeId String
userType UserType
Returns:
Type
Promise.<UserType>

resetFactors(userId)

This operation resets all factors for the specified user. All MFA factor enrollments returned to the unenrolled state. The user's status remains ACTIVE. This link is present only if the user is currently enrolled in one or more MFA factors.
Parameters:
Name Type Description
userId String

resetPassword(userId, queryParams)

Generates a one-time token (OTT) that can be used to reset a user's password. The OTT link can be automatically emailed to the user or returned to the API caller and distributed using a custom flow.
Parameters:
Name Type Description
userId String
queryParams Object Map of query parameters to add to this request
Properties
Name Type Argument Description
sendEmail String <optional>
Returns:
Type
Promise.<ResetPasswordToken>

revokeCsrForIdentityProvider(idpId, csrId)

Revoke a Certificate Signing Request and delete the key pair from the IdP
Parameters:
Name Type Description
idpId String
csrId String

revokeCsrFromApplication(appId, csrId)

Convenience method for /api/v1/apps/{appId}/credentials/csrs/{csrId}
Parameters:
Name Type Description
appId String
csrId String

revokeGrantsForUserAndClient(userId, clientId)

Revokes all grants for the specified user and client
Parameters:
Name Type Description
userId String
clientId String

revokeOAuth2TokenForApplication(appId, tokenId)

Revokes the specified token for the specified application
Parameters:
Name Type Description
appId String
tokenId String

revokeOAuth2TokensForApplication(appId)

Revokes all tokens for the specified application
Parameters:
Name Type Description
appId String

revokeOktaSupport()

Revokes Okta Support access to your organization.
Returns:
Type
Promise.<OrgOktaSupportSettingsObj>

revokeRefreshTokenForAuthorizationServerAndClient(authServerId, clientId, tokenId)

Success
Parameters:
Name Type Description
authServerId String
clientId String
tokenId String

revokeRefreshTokensForAuthorizationServerAndClient(authServerId, clientId)

Success
Parameters:
Name Type Description
authServerId String
clientId String

revokeScopeConsentGrant(appId, grantId)

Revokes permission for the application to request the given scope
Parameters:
Name Type Description
appId String
grantId String

revokeTokenForUserAndClient(userId, clientId, tokenId)

Revokes the specified refresh token.
Parameters:
Name Type Description
userId String
clientId String
tokenId String

revokeTokensForUserAndClient(userId, clientId)

Revokes all refresh tokens issued for the specified User and Client.
Parameters:
Name Type Description
userId String
clientId String

revokeUserGrant(userId, grantId)

Revokes one grant for a specified user
Parameters:
Name Type Description
userId String
grantId String

revokeUserGrants(userId)

Revokes all grants for a specified user
Parameters:
Name Type Description
userId String

rotateAuthorizationServerKeys(authServerId)

Success
Parameters:
Name Type Description
authServerId String
Returns:
A collection that will yield JsonWebKey instances.
Type
Promise.<Collection>

setLinkedObjectForUser(associatedUserId, primaryRelationshipName, primaryUserId)

Convenience method for /api/v1/users/{associatedUserId}/linkedObjects/{primaryRelationshipName}/{primaryUserId}
Parameters:
Name Type Description
associatedUserId String
primaryRelationshipName String
primaryUserId String

showOktaUIFooter()

Makes the Okta UI footer visible for all end users of your organization.
Returns:
Type
Promise.<OrgPreferences>

suspendUser(userId)

Suspends a user. This operation can only be performed on users with an `ACTIVE` status. The user will have a status of `SUSPENDED` when the process is complete.
Parameters:
Name Type Description
userId String

unlinkUserFromIdentityProvider(idpId, userId)

Removes the link between the Okta user and the IdP user.
Parameters:
Name Type Description
idpId String
userId String

unlockUser(userId)

Unlocks a user with a `LOCKED_OUT` status and returns them to `ACTIVE` status. Users will be able to login with their current password.
Parameters:
Name Type Description
userId String

unsuspendUser(userId)

Unsuspends a user and returns them to the `ACTIVE` state. This operation can only be performed on users that have a `SUSPENDED` status.
Parameters:
Name Type Description
userId String

updateApplication(appId, application)

Updates an application in your organization.
Parameters:
Name Type Description
appId String
application Application
Returns:
Type
Promise.<Application>

updateApplicationUser(appId, userId, appUser)

Updates a user's profile for an application
Parameters:
Name Type Description
appId String
userId String
appUser AppUser
Returns:
Type
Promise.<AppUser>

updateApplicationUserProfile(appInstanceId, userSchema)

Partial updates on the User Profile properties of the Application User Schema.
Parameters:
Name Type Description
appInstanceId String
userSchema UserSchema
Returns:
Type
Promise.<UserSchema>

updateAuthorizationServer(authServerId, authorizationServer)

Success
Parameters:
Name Type Description
authServerId String
authorizationServer AuthorizationServer
Returns:
Type
Promise.<AuthorizationServer>

updateAuthorizationServerPolicy(authServerId, policyId, authorizationServerPolicy)

Success
Parameters:
Name Type Description
authServerId String
policyId String
authorizationServerPolicy AuthorizationServerPolicy
Returns:
Type
Promise.<AuthorizationServerPolicy>

updateAuthorizationServerPolicyRule(policyId, authServerId, ruleId, authorizationServerPolicyRule)

Updates the configuration of the Policy Rule defined in the specified Custom Authorization Server and Policy.
Parameters:
Name Type Description
policyId String
authServerId String
ruleId String
authorizationServerPolicyRule AuthorizationServerPolicyRule
Returns:
Type
Promise.<AuthorizationServerPolicyRule>

updateConfiguration(threatInsightConfiguration)

Updates ThreatInsight configuration
Parameters:
Name Type Description
threatInsightConfiguration ThreatInsightConfiguration
Returns:
Type
Promise.<ThreatInsightConfiguration>

updateEventHook(eventHookId, eventHook)

Success
Parameters:
Name Type Description
eventHookId String
eventHook EventHook
Returns:
Type
Promise.<EventHook>

updateFeatureLifecycle(featureId, lifecycle, queryParams)

Success
Parameters:
Name Type Description
featureId String
lifecycle String
queryParams Object Map of query parameters to add to this request
Properties
Name Type Argument Description
mode String <optional>
Returns:
Type
Promise.<Feature>

updateGroup(groupId, group)

Updates the profile for a group with `OKTA_GROUP` type from your organization.
Parameters:
Name Type Description
groupId String
group Group
Returns:
Type
Promise.<Group>

updateGroupRule(ruleId, groupRule)

Updates a group rule. Only `INACTIVE` rules can be updated.
Parameters:
Name Type Description
ruleId String
groupRule GroupRule
Returns:
Type
Promise.<GroupRule>

updateGroupSchema(groupSchema)

Updates, adds ore removes one or more custom Group Profile properties in the schema
Parameters:
Name Type Description
groupSchema GroupSchema
Returns:
Type
Promise.<GroupSchema>

updateIdentityProvider(idpId, identityProvider)

Updates the configuration for an IdP.
Parameters:
Name Type Description
idpId String
identityProvider IdentityProvider
Returns:
Type
Promise.<IdentityProvider>

updateInlineHook(inlineHookId, inlineHook)

Updates an inline hook by ID
Parameters:
Name Type Description
inlineHookId String
inlineHook InlineHook
Returns:
Type
Promise.<InlineHook>

updateNetworkZone(zoneId, networkZone)

Updates a network zone in your organization.
Parameters:
Name Type Description
zoneId String
networkZone NetworkZone
Returns:
Type
Promise.<NetworkZone>

updateOAuth2Claim(authServerId, claimId, oAuth2Claim)

Success
Parameters:
Name Type Description
authServerId String
claimId String
oAuth2Claim OAuth2Claim
Returns:
Type
Promise.<OAuth2Claim>

updateOAuth2Scope(authServerId, scopeId, oAuth2Scope)

Success
Parameters:
Name Type Description
authServerId String
scopeId String
oAuth2Scope OAuth2Scope
Returns:
Type
Promise.<OAuth2Scope>

updateOrgContactUser(contactType, userIdString)

Updates the User associated with the specified Contact Type.
Parameters:
Name Type Description
contactType String
userIdString UserIdString
Returns:
Type
Promise.<OrgContactUser>

updateOrgSetting(orgSetting)

Update settings of your organization.
Parameters:
Name Type Description
orgSetting OrgSetting
Returns:
Type
Promise.<OrgSetting>

updateOrigin(trustedOriginId, trustedOrigin)

Success
Parameters:
Name Type Description
trustedOriginId String
trustedOrigin TrustedOrigin
Returns:
Type
Promise.<TrustedOrigin>

updatePolicy(policyId, policy)

Updates a policy.
Parameters:
Name Type Description
policyId String
policy Policy
Returns:
Type
Promise.<Policy>

updatePolicyRule(policyId, ruleId, policyRule)

Updates a policy rule.
Parameters:
Name Type Description
policyId String
ruleId String
policyRule PolicyRule
Returns:
Type
Promise.<PolicyRule>

updateProfileMapping(mappingId, profileMapping)

Updates an existing Profile Mapping by adding, updating, or removing one or many Property Mappings.
Parameters:
Name Type Description
mappingId String
profileMapping ProfileMapping
Returns:
Type
Promise.<ProfileMapping>

updateSmsTemplate(templateId, smsTemplate)

Updates the SMS template.
Parameters:
Name Type Description
templateId String
smsTemplate SmsTemplate
Returns:
Type
Promise.<SmsTemplate>

updateUser(userId, user, queryParams)

Update a user's profile and/or credentials using strict-update semantics.
Parameters:
Name Type Description
userId String
user User
queryParams Object Map of query parameters to add to this request
Properties
Name Type Argument Description
strict String <optional>
Returns:
Type
Promise.<User>

updateUserProfile(schemaId, userSchema)

Partial updates on the User Profile properties of the user schema.
Parameters:
Name Type Description
schemaId String
userSchema UserSchema
Returns:
Type
Promise.<UserSchema>

updateUserType(typeId, userType)

Updates an existing User Type
Parameters:
Name Type Description
typeId String
userType UserType
Returns:
Type
Promise.<UserType>

verifyDomain(domainId)

Verifies the Domain by `id`.
Parameters:
Name Type Description
domainId String
Returns:
Type
Promise.<Domain>

verifyEventHook(eventHookId)

Success
Parameters:
Name Type Description
eventHookId String
Returns:
Type
Promise.<EventHook>

verifyFactor(userId, factorId, verifyFactorRequest, queryParams)

Verifies an OTP for a `token` or `token:hardware` factor
Parameters:
Name Type Description
userId String
factorId String
verifyFactorRequest VerifyFactorRequest
queryParams Object Map of query parameters to add to this request
Properties
Name Type Argument Description
templateId String <optional>
tokenLifetimeSeconds String <optional>
Returns:
Type
Promise.<VerifyUserFactorResponse>