Class: GeneratedApiClient

Methods

---

activateApplication(appId)

Activates an inactive application.

Parameters:

Name	Type	Description
appId	String

---

activateAuthorizationServer(authServerId)

Success

Parameters:

Name	Type	Description
authServerId	String

---

activateAuthorizationServerPolicy(authServerId, policyId)

Activate Authorization Server Policy

Parameters:

Name	Type	Description
authServerId	String
policyId	String

---

activateAuthorizationServerPolicyRule(authServerId, policyId, ruleId)

Activate Authorization Server Policy Rule

Parameters:

Name	Type	Description
authServerId	String
policyId	String
ruleId	String

---

activateEventHook(eventHookId)

Success

Parameters:

Name	Type	Description
eventHookId	String

Returns:

Type

Promise.<EventHook>

---

activateFactor(userId, factorId, activateFactorRequest)

The `sms` and `token:software:totp` factor types require activation to complete the enrollment process.

Parameters:

Name	Type	Description
userId	String
factorId	String
activateFactorRequest	ActivateFactorRequest

Returns:

Type

Promise.<UserFactor>

---

activateGroupRule(ruleId)

Activates a specific group rule by id from your organization

Parameters:

Name	Type	Description
ruleId	String

---

activateIdentityProvider(idpId)

Activates an inactive IdP.

Parameters:

Name	Type	Description
idpId	String

Returns:

Type

Promise.<IdentityProvider>

---

activateInlineHook(inlineHookId)

Activates the Inline Hook matching the provided id

Parameters:

Name	Type	Description
inlineHookId	String

Returns:

Type

Promise.<InlineHook>

---

activateNetworkZone(zoneId)

Activate Network Zone

Parameters:

Name	Type	Description
zoneId	String

Returns:

Type

Promise.<NetworkZone>

---

activateOrigin(trustedOriginId)

Success

Parameters:

Name	Type	Description
trustedOriginId	String

Returns:

Type

Promise.<TrustedOrigin>

---

activatePolicy(policyId)

Activates a policy.

Parameters:

Name	Type	Description
policyId	String

---

activatePolicyRule(policyId, ruleId)

Activates a policy rule.

Parameters:

Name	Type	Description
policyId	String
ruleId	String

---

activateUser(userId, queryParams)

Activates a user. This operation can only be performed on users with a `STAGED` status. Activation of a user is an asynchronous operation. The user will have the `transitioningToStatus` property with a value of `ACTIVE` during activation to indicate that the user hasn't completed the asynchronous operation. The user will have a status of `ACTIVE` when the activation process is complete.

Parameters:

Name	Type	Description
userId	String
queryParams	Object	Map of query parameters to add to this request Properties Name Type Argument Description sendEmail String <optional>

Returns:

Type

Promise.<UserActivationToken>

---

addAllAppsAsTargetToRole(userId, roleId)

Success

Parameters:

Name	Type	Description
userId	String
roleId	String

---

addApplicationInstanceTargetToAppAdminRoleGivenToGroup(groupId, roleId, appName, applicationId)

Add App Instance Target to App Administrator Role given to a Group

Parameters:

Name	Type	Description
groupId	String
roleId	String
appName	String
applicationId	String

---

addApplicationTargetToAdminRoleForUser(userId, roleId, appName)

Success

Parameters:

Name	Type	Description
userId	String
roleId	String
appName	String

---

addApplicationTargetToAdminRoleGivenToGroup(groupId, roleId, appName)

Success

Parameters:

Name	Type	Description
groupId	String
roleId	String
appName	String

---

addApplicationTargetToAppAdminRoleForUser(userId, roleId, appName, applicationId)

Add App Instance Target to App Administrator Role given to a User

Parameters:

Name	Type	Description
userId	String
roleId	String
appName	String
applicationId	String

---

addGroupTargetToGroupAdministratorRoleForGroup(groupId, roleId, targetGroupId)

Convenience method for /api/v1/groups/{groupId}/roles/{roleId}/targets/groups/{targetGroupId}

Parameters:

Name	Type	Description
groupId	String
roleId	String
targetGroupId	String

---

addGroupTargetToRole(userId, roleId, groupId)

Success

Parameters:

Name	Type	Description
userId	String
roleId	String
groupId	String

---

addLinkedObjectDefinition(linkedObject)

Success

Parameters:

Name	Type	Description
linkedObject	LinkedObject

Returns:

Type

Promise.<LinkedObject>

---

addUserToGroup(groupId, userId)

Adds a user to a group with 'OKTA_GROUP' type.

Parameters:

Name	Type	Description
groupId	String
userId	String

---

assignRoleToGroup(groupId, assignRoleRequest, queryParams)

Assigns a Role to a Group

Parameters:

Name	Type	Description
groupId	String
assignRoleRequest	AssignRoleRequest
queryParams	Object	Map of query parameters to add to this request Properties Name Type Argument Description disableNotifications String <optional>

Returns:

Type

Promise.<Role>

---

assignRoleToUser(userId, assignRoleRequest, queryParams)

Assigns a role to a user.

Parameters:

Name	Type	Description
userId	String
assignRoleRequest	AssignRoleRequest
queryParams	Object	Map of query parameters to add to this request Properties Name Type Argument Description disableNotifications String <optional>

Returns:

Type

Promise.<Role>

---

assignUserToApplication(appId, appUser)

Assigns an user to an application with [credentials](#application-user-credentials-object) and an app-specific [profile](#application-user-profile-object). Profile mappings defined for the application are first applied before applying any profile properties specified in the request.

Parameters:

Name	Type	Description
appId	String
appUser	AppUser

Returns:

Type

Promise.<AppUser>

---

changePassword(userId, changePasswordRequest, queryParams)

Changes a user's password by validating the user's current password. This operation can only be performed on users in `STAGED`, `ACTIVE`, `PASSWORD_EXPIRED`, or `RECOVERY` status that have a valid password credential

Parameters:

Name	Type	Description
userId	String
changePasswordRequest	ChangePasswordRequest
queryParams	Object	Map of query parameters to add to this request Properties Name Type Argument Description strict String <optional>

Returns:

Type

Promise.<UserCredentials>

---

changeRecoveryQuestion(userId, userCredentials)

Changes a user's recovery question & answer credential by validating the user's current password. This operation can only be performed on users in **STAGED**, **ACTIVE** or **RECOVERY** `status` that have a valid password credential

Parameters:

Name	Type	Description
userId	String
userCredentials	UserCredentials

Returns:

Type

Promise.<UserCredentials>

---

clearUserSessions(userId, queryParams)

Removes all active identity provider sessions. This forces the user to authenticate on the next operation. Optionally revokes OpenID Connect and OAuth refresh and access tokens issued to the user.

Parameters:

Name	Type	Description
userId	String
queryParams	Object	Map of query parameters to add to this request Properties Name Type Argument Description oauthTokens String <optional>

---

cloneApplicationKey(appId, keyId, queryParams)

Clones a X.509 certificate for an application key credential from a source application to target application.

Parameters:

Name	Type	Description
appId	String
keyId	String
queryParams	Object	Map of query parameters to add to this request Properties Name Type Argument Description targetAid String <optional>

Returns:

Type

Promise.<JsonWebKey>

---

cloneIdentityProviderKey(idpId, keyId, queryParams)

Clones a X.509 certificate for an IdP signing key credential from a source IdP to target IdP

Parameters:

Name	Type	Description
idpId	String
keyId	String
queryParams	Object	Map of query parameters to add to this request Properties Name Type Argument Description targetIdpId String <optional>

Returns:

Type

Promise.<JsonWebKey>

---

createApplication(application, queryParams)

Adds a new application to your Okta organization.

Parameters:

Name	Type	Description
application	Application
queryParams	Object	Map of query parameters to add to this request Properties Name Type Argument Description activate String <optional>

Returns:

Type

Promise.<Application>

---

createApplicationGroupAssignment(appId, groupId, applicationGroupAssignment)

Assigns a group to an application

Parameters:

Name	Type	Description
appId	String
groupId	String
applicationGroupAssignment	ApplicationGroupAssignment

Returns:

Type

Promise.<ApplicationGroupAssignment>

---

createAuthorizationServer(authorizationServer)

Success

Parameters:

Name	Type	Description
authorizationServer	AuthorizationServer

Returns:

Type

Promise.<AuthorizationServer>

---

createAuthorizationServerPolicy(authServerId, authorizationServerPolicy)

Success

Parameters:

Name	Type	Description
authServerId	String
authorizationServerPolicy	AuthorizationServerPolicy

Returns:

Type

Promise.<AuthorizationServerPolicy>

---

createAuthorizationServerPolicyRule(policyId, authServerId, authorizationServerPolicyRule)

Creates a policy rule for the specified Custom Authorization Server and Policy.

Parameters:

Name	Type	Description
policyId	String
authServerId	String
authorizationServerPolicyRule	AuthorizationServerPolicyRule

Returns:

Type

Promise.<AuthorizationServerPolicyRule>

---

createCertificate(domainId, domainCertificate)

Creates the Certificate for the Domain.

Parameters:

Name	Type	Description
domainId	String
domainCertificate	DomainCertificate

---

createDomain(domain)

Creates your domain.

Parameters:

Name	Type	Description
domain	Domain

Returns:

Type

Promise.<Domain>

---

createEventHook(eventHook)

Success

Parameters:

Name	Type	Description
eventHook	EventHook

Returns:

Type

Promise.<EventHook>

---

createGroup(group)

Adds a new group with `OKTA_GROUP` type to your organization.

Parameters:

Name	Type	Description
group	Group

Returns:

Type

Promise.<Group>

---

createGroupRule(groupRule)

Creates a group rule to dynamically add users to the specified group if they match the condition

Parameters:

Name	Type	Description
groupRule	GroupRule

Returns:

Type

Promise.<GroupRule>

---

createIdentityProvider(identityProvider)

Adds a new IdP to your organization.

Parameters:

Name	Type	Description
identityProvider	IdentityProvider

Returns:

Type

Promise.<IdentityProvider>

---

createIdentityProviderKey(jsonWebKey)

Adds a new X.509 certificate credential to the IdP key store.

Parameters:

Name	Type	Description
jsonWebKey	JsonWebKey

Returns:

Type

Promise.<JsonWebKey>

---

createInlineHook(inlineHook)

Success

Parameters:

Name	Type	Description
inlineHook	InlineHook

Returns:

Type

Promise.<InlineHook>

---

createNetworkZone(networkZone)

Adds a new network zone to your Okta organization.

Parameters:

Name	Type	Description
networkZone	NetworkZone

Returns:

Type

Promise.<NetworkZone>

---

createOAuth2Claim(authServerId, oAuth2Claim)

Success

Parameters:

Name	Type	Description
authServerId	String
oAuth2Claim	OAuth2Claim

Returns:

Type

Promise.<OAuth2Claim>

---

createOAuth2Scope(authServerId, oAuth2Scope)

Success

Parameters:

Name	Type	Description
authServerId	String
oAuth2Scope	OAuth2Scope

Returns:

Type

Promise.<OAuth2Scope>

---

createOrigin(trustedOrigin)

Success

Parameters:

Name	Type	Description
trustedOrigin	TrustedOrigin

Returns:

Type

Promise.<TrustedOrigin>

---

createPolicy(policy, queryParams)

Creates a policy.

Parameters:

Name	Type	Description
policy	Policy
queryParams	Object	Map of query parameters to add to this request Properties Name Type Argument Description activate String <optional>

Returns:

Type

Promise.<Policy>

---

createPolicyRule(policyId, policyRule)

Creates a policy rule.

Parameters:

Name	Type	Description
policyId	String
policyRule	PolicyRule

Returns:

Type

Promise.<PolicyRule>

---

createSession(createSessionRequest)

Creates a new session for a user with a valid session token. Use this API if, for example, you want to set the session cookie yourself instead of allowing Okta to set it, or want to hold the session ID in order to delete a session via the API instead of visiting the logout URL.

Parameters:

Name	Type	Description
createSessionRequest	CreateSessionRequest

Returns:

Type

Promise.<Session>

---

createSmsTemplate(smsTemplate)

Adds a new custom SMS template to your organization.

Parameters:

Name	Type	Description
smsTemplate	SmsTemplate

Returns:

Type

Promise.<SmsTemplate>

---

createUser(createUserRequest, queryParams)

Creates a new user in your Okta organization with or without credentials.

Parameters:

Name	Type	Description
createUserRequest	CreateUserRequest
queryParams	Object	Map of query parameters to add to this request Properties Name Type Argument Description activate String <optional> provider String <optional> nextLogin String <optional>

Returns:

Type

Promise.<User>

---

createUserType(userType)

Creates a new User Type. A default User Type is automatically created along with your org, and you may add another 9 User Types for a maximum of 10.

Parameters:

Name	Type	Description
userType	UserType

Returns:

Type

Promise.<UserType>

---

deactivateApplication(appId)

Deactivates an active application.

Parameters:

Name	Type	Description
appId	String

---

deactivateAuthorizationServer(authServerId)

Success

Parameters:

Name	Type	Description
authServerId	String

---

deactivateAuthorizationServerPolicy(authServerId, policyId)

Deactivate Authorization Server Policy

Parameters:

Name	Type	Description
authServerId	String
policyId	String

---

deactivateAuthorizationServerPolicyRule(authServerId, policyId, ruleId)

Deactivate Authorization Server Policy Rule

Parameters:

Name	Type	Description
authServerId	String
policyId	String
ruleId	String

---

deactivateEventHook(eventHookId)

Success

Parameters:

Name	Type	Description
eventHookId	String

Returns:

Type

Promise.<EventHook>

---

deactivateGroupRule(ruleId)

Deactivates a specific group rule by id from your organization

Parameters:

Name	Type	Description
ruleId	String

---

deactivateIdentityProvider(idpId)

Deactivates an active IdP.

Parameters:

Name	Type	Description
idpId	String

Returns:

Type

Promise.<IdentityProvider>

---

deactivateInlineHook(inlineHookId)

Deactivates the Inline Hook matching the provided id

Parameters:

Name	Type	Description
inlineHookId	String

Returns:

Type

Promise.<InlineHook>

---

deactivateNetworkZone(zoneId)

Deactivates a network zone.

Parameters:

Name	Type	Description
zoneId	String

Returns:

Type

Promise.<NetworkZone>

---

deactivateOrDeleteUser(userId, queryParams)

Deletes a user permanently. This operation can only be performed on users that have a `DEPROVISIONED` status. **This action cannot be recovered!**

Parameters:

Name	Type	Description
userId	String
queryParams	Object	Map of query parameters to add to this request Properties Name Type Argument Description sendEmail String <optional>

---

deactivateOrigin(trustedOriginId)

Success

Parameters:

Name	Type	Description
trustedOriginId	String

Returns:

Type

Promise.<TrustedOrigin>

---

deactivatePolicy(policyId)

Deactivates a policy.

Parameters:

Name	Type	Description
policyId	String

---

deactivatePolicyRule(policyId, ruleId)

Deactivates a policy rule.

Parameters:

Name	Type	Description
policyId	String
ruleId	String

---

deactivateUser(userId, queryParams)

Deactivates a user. This operation can only be performed on users that do not have a `DEPROVISIONED` status. Deactivation of a user is an asynchronous operation. The user will have the `transitioningToStatus` property with a value of `DEPROVISIONED` during deactivation to indicate that the user hasn't completed the asynchronous operation. The user will have a status of `DEPROVISIONED` when the deactivation process is complete.

Parameters:

Name	Type	Description
userId	String
queryParams	Object	Map of query parameters to add to this request Properties Name Type Argument Description sendEmail String <optional>

---

deleteApplication(appId)

Removes an inactive application.

Parameters:

Name	Type	Description
appId	String

---

deleteApplicationGroupAssignment(appId, groupId)

Removes a group assignment from an application.

Parameters:

Name	Type	Description
appId	String
groupId	String

---

deleteApplicationUser(appId, userId, queryParams)

Removes an assignment for a user from an application.

Parameters:

Name	Type	Description
appId	String
userId	String
queryParams	Object	Map of query parameters to add to this request Properties Name Type Argument Description sendEmail String <optional>

---

deleteAuthorizationServer(authServerId)

Success

Parameters:

Name	Type	Description
authServerId	String

---

deleteAuthorizationServerPolicy(authServerId, policyId)

Success

Parameters:

Name	Type	Description
authServerId	String
policyId	String

---

deleteAuthorizationServerPolicyRule(policyId, authServerId, ruleId)

Deletes a Policy Rule defined in the specified Custom Authorization Server and Policy.

Parameters:

Name	Type	Description
policyId	String
authServerId	String
ruleId	String

---

deleteDomain(domainId)

Deletes a Domain by `id`.

Parameters:

Name	Type	Description
domainId	String

---

deleteEventHook(eventHookId)

Success

Parameters:

Name	Type	Description
eventHookId	String

---

deleteFactor(userId, factorId)

Unenrolls an existing factor for the specified user, allowing the user to enroll a new factor.

Parameters:

Name	Type	Description
userId	String
factorId	String

---

deleteGroup(groupId)

Removes a group with `OKTA_GROUP` type from your organization.

Parameters:

Name	Type	Description
groupId	String

---

deleteGroupRule(ruleId, queryParams)

Removes a specific group rule by id from your organization

Parameters:

Name	Type	Description
ruleId	String
queryParams	Object	Map of query parameters to add to this request Properties Name Type Argument Description removeUsers String <optional>

---

deleteIdentityProvider(idpId)

Removes an IdP from your organization.

Parameters:

Name	Type	Description
idpId	String

---

deleteIdentityProviderKey(keyId)

Deletes a specific IdP Key Credential by `kid` if it is not currently being used by an Active or Inactive IdP.

Parameters:

Name	Type	Description
keyId	String

---

deleteInlineHook(inlineHookId)

Deletes the Inline Hook matching the provided id. Once deleted, the Inline Hook is unrecoverable. As a safety precaution, only Inline Hooks with a status of INACTIVE are eligible for deletion.

Parameters:

Name	Type	Description
inlineHookId	String

---

deleteLinkedObjectDefinition(linkedObjectName)

Success

Parameters:

Name	Type	Description
linkedObjectName	String

---

deleteNetworkZone(zoneId)

Removes network zone.

Parameters:

Name	Type	Description
zoneId	String

---

deleteOAuth2Claim(authServerId, claimId)

Success

Parameters:

Name	Type	Description
authServerId	String
claimId	String

---

deleteOAuth2Scope(authServerId, scopeId)

Success

Parameters:

Name	Type	Description
authServerId	String
scopeId	String

---

deleteOrigin(trustedOriginId)

Success

Parameters:

Name	Type	Description
trustedOriginId	String

---

deletePolicy(policyId)

Removes a policy.

Parameters:

Name	Type	Description
policyId	String

---

deletePolicyRule(policyId, ruleId)

Removes a policy rule.

Parameters:

Name	Type	Description
policyId	String
ruleId	String

---

deleteSmsTemplate(templateId)

Removes an SMS template.

Parameters:

Name	Type	Description
templateId	String

---

deleteUserType(typeId)

Deletes a User Type permanently. This operation is not permitted for the default type, nor for any User Type that has existing users

Parameters:

Name	Type	Description
typeId	String

---

endSession(sessionId)

Convenience method for /api/v1/sessions/{sessionId}

Parameters:

Name	Type	Description
sessionId	String

---

enrollFactor(userId, userFactor, queryParams)

Enrolls a user with a supported factor.

Parameters:

Name	Type	Description
userId	String
userFactor	UserFactor
queryParams	Object	Map of query parameters to add to this request Properties Name Type Argument Description updatePhone String <optional> templateId String <optional> tokenLifetimeSeconds String <optional> activate String <optional>

Returns:

Type

Promise.<UserFactor>

---

executeInlineHook(inlineHookId, inlineHookPayload)

Executes the Inline Hook matching the provided inlineHookId using the request body as the input. This will send the provided data through the Channel and return a response if it matches the correct data contract. This execution endpoint should only be used for testing purposes.

Parameters:

Name	Type	Description
inlineHookId	String
inlineHookPayload	InlineHookPayload

Returns:

Type

Promise.<InlineHookResponse>

---

expirePassword(userId)

This operation transitions the user to the status of `PASSWORD_EXPIRED` so that the user is required to change their password at their next login.

Parameters:

Name	Type	Description
userId	String

Returns:

Type

Promise.<User>

---

expirePasswordAndGetTemporaryPassword(userId)

This operation transitions the user to the status of `PASSWORD_EXPIRED` and the user's password is reset to a temporary password that is returned.

Parameters:

Name	Type	Description
userId	String

Returns:

Type

Promise.<TempPassword>

---

extendOktaSupport()

Extends the length of time that Okta Support can access your org by 24 hours. This means that 24 hours are added to the remaining access time.

Returns:

Type

Promise.<OrgOktaSupportSettingsObj>

---

forgotPasswordGenerateOneTimeToken(userId, queryParams)

Generates a one-time token (OTT) that can be used to reset a user's password

Parameters:

Name	Type	Description
userId	String
queryParams	Object	Map of query parameters to add to this request Properties Name Type Argument Description sendEmail String <optional>

Returns:

Type

Promise.<ForgotPasswordResponse>

---

forgotPasswordSetNewPassword(userId, userCredentials, queryParams)

Sets a new password for a user by validating the user's answer to their current recovery question

Parameters:

Name	Type	Description
userId	String
userCredentials	UserCredentials
queryParams	Object	Map of query parameters to add to this request Properties Name Type Argument Description sendEmail String <optional>

Returns:

Type

Promise.<ForgotPasswordResponse>

---

generateApplicationKey(appId, queryParams)

Generates a new X.509 certificate for an application key credential

Parameters:

Name	Type	Description
appId	String
queryParams	Object	Map of query parameters to add to this request Properties Name Type Argument Description validityYears String <optional>

Returns:

Type

Promise.<JsonWebKey>

---

generateCsrForApplication(appId, csrMetadata)

Generates a new key pair and returns the Certificate Signing Request for it.

Parameters:

Name	Type	Description
appId	String
csrMetadata	CsrMetadata

Returns:

Type

Promise.<Csr>

---

generateCsrForIdentityProvider(idpId, csrMetadata)

Generates a new key pair and returns a Certificate Signing Request for it.

Parameters:

Name	Type	Description
idpId	String
csrMetadata	CsrMetadata

Returns:

Type

Promise.<Csr>

---

generateIdentityProviderSigningKey(idpId, queryParams)

Generates a new X.509 certificate for an IdP signing key credential to be used for signing assertions sent to the IdP

Parameters:

Name	Type	Description
idpId	String
queryParams	Object	Map of query parameters to add to this request Properties Name Type Argument Description validityYears String <optional>

Returns:

Type

Promise.<JsonWebKey>

---

getApplication(appId, queryParams)

Fetches an application from your Okta organization by `id`.

Parameters:

Name	Type	Description
appId	String
queryParams	Object	Map of query parameters to add to this request Properties Name Type Argument Description expand String <optional>

Returns:

Type

Promise.<Application>

---

getApplicationGroupAssignment(appId, groupId, queryParams)

Fetches an application group assignment

Parameters:

Name	Type	Description
appId	String
groupId	String
queryParams	Object	Map of query parameters to add to this request Properties Name Type Argument Description expand String <optional>

Returns:

Type

Promise.<ApplicationGroupAssignment>

---

getApplicationKey(appId, keyId)

Gets a specific application key credential by kid

Parameters:

Name	Type	Description
appId	String
keyId	String

Returns:

Type

Promise.<JsonWebKey>

---

getApplicationUser(appId, userId, queryParams)

Fetches a specific user assignment for application by `id`.

Parameters:

Name	Type	Description
appId	String
userId	String
queryParams	Object	Map of query parameters to add to this request Properties Name Type Argument Description expand String <optional>

Returns:

Type

Promise.<AppUser>

---

getApplicationUserSchema(appInstanceId)

Fetches the Schema for an App User

Parameters:

Name	Type	Description
appInstanceId	String

Returns:

Type

Promise.<UserSchema>

---

getAuthorizationServer(authServerId)

Success

Parameters:

Name	Type	Description
authServerId	String

Returns:

Type

Promise.<AuthorizationServer>

---

getAuthorizationServerPolicy(authServerId, policyId)

Success

Parameters:

Name	Type	Description
authServerId	String
policyId	String

Returns:

Type

Promise.<AuthorizationServerPolicy>

---

getAuthorizationServerPolicyRule(policyId, authServerId, ruleId)

Returns a Policy Rule by ID that is defined in the specified Custom Authorization Server and Policy.

Parameters:

Name	Type	Description
policyId	String
authServerId	String
ruleId	String

Returns:

Type

Promise.<AuthorizationServerPolicyRule>

---

getCsrForApplication(appId, csrId)

Convenience method for /api/v1/apps/{appId}/credentials/csrs/{csrId}

Parameters:

Name	Type	Description
appId	String
csrId	String

Returns:

Type

Promise.<Csr>

---

getCsrForIdentityProvider(idpId, csrId)

Gets a specific Certificate Signing Request model by id

Parameters:

Name	Type	Description
idpId	String
csrId	String

Returns:

Type

Promise.<Csr>

---

getCurrentConfiguration()

Gets current ThreatInsight configuration

Returns:

Type

Promise.<ThreatInsightConfiguration>

---

getDomain(domainId)

Fetches a Domain by `id`.

Parameters:

Name	Type	Description
domainId	String

Returns:

Type

Promise.<Domain>

---

getEventHook(eventHookId)

Success

Parameters:

Name	Type	Description
eventHookId	String

Returns:

Type

Promise.<EventHook>

---

getFactor(userId, factorId)

Fetches a factor for the specified user

Parameters:

Name	Type	Description
userId	String
factorId	String

Returns:

Type

Promise.<UserFactor>

---

getFactorTransactionStatus(userId, factorId, transactionId)

Polls factors verification transaction for status.

Parameters:

Name	Type	Description
userId	String
factorId	String
transactionId	String

Returns:

Type

Promise.<VerifyUserFactorResponse>

---

getFeature(featureId)

Success

Parameters:

Name	Type	Description
featureId	String

Returns:

Type

Promise.<Feature>

---

getGroup(groupId)

Fetches a group from your organization.

Parameters:

Name	Type	Description
groupId	String

Returns:

Type

Promise.<Group>

---

getGroupRule(ruleId, queryParams)

Fetches a specific group rule by id from your organization

Parameters:

Name	Type	Description
ruleId	String
queryParams	Object	Map of query parameters to add to this request Properties Name Type Argument Description expand String <optional>

Returns:

Type

Promise.<GroupRule>

---

getGroupSchema()

Fetches the group schema

Returns:

Type

Promise.<GroupSchema>

---

getIdentityProvider(idpId)

Fetches an IdP by `id`.

Parameters:

Name	Type	Description
idpId	String

Returns:

Type

Promise.<IdentityProvider>

---

getIdentityProviderApplicationUser(idpId, userId)

Fetches a linked IdP user by ID

Parameters:

Name	Type	Description
idpId	String
userId	String

Returns:

Type

Promise.<IdentityProviderApplicationUser>

---

getIdentityProviderKey(keyId)

Gets a specific IdP Key Credential by `kid`

Parameters:

Name	Type	Description
keyId	String

Returns:

Type

Promise.<JsonWebKey>

---

getIdentityProviderSigningKey(idpId, keyId)

Gets a specific IdP Key Credential by `kid`

Parameters:

Name	Type	Description
idpId	String
keyId	String

Returns:

Type

Promise.<JsonWebKey>

---

getInlineHook(inlineHookId)

Gets an inline hook by ID

Parameters:

Name	Type	Description
inlineHookId	String

Returns:

Type

Promise.<InlineHook>

---

getLinkedObjectDefinition(linkedObjectName)

Success

Parameters:

Name	Type	Description
linkedObjectName	String

Returns:

Type

Promise.<LinkedObject>

---

getLinkedObjectsForUser(userId, relationshipName, queryParams)

Get linked objects for a user, relationshipName can be a primary or associated relationship name

Parameters:

Name	Type	Description
userId	String
relationshipName	String
queryParams	Object	Map of query parameters to add to this request Properties Name Type Argument Description after String <optional> limit String <optional>

Returns:

A collection that will yield ResponseLinks instances.

Type

Promise.<Collection>

---

getLogs(queryParams)

The Okta System Log API provides read access to your organization’s system log. This API provides more functionality than the Events API

Parameters:

Name	Type	Description
queryParams	Object	Map of query parameters to add to this request Properties Name Type Argument Description since String <optional> until String <optional> filter String <optional> q String <optional> limit String <optional> sortOrder String <optional> after String <optional>

Returns:

A collection that will yield LogEvent instances.

Type

Promise.<Collection>

---

getNetworkZone(zoneId)

Fetches a network zone from your Okta organization by `id`.

Parameters:

Name	Type	Description
zoneId	String

Returns:

Type

Promise.<NetworkZone>

---

getOAuth2Claim(authServerId, claimId)

Success

Parameters:

Name	Type	Description
authServerId	String
claimId	String

Returns:

Type

Promise.<OAuth2Claim>

---

getOAuth2Scope(authServerId, scopeId)

Success

Parameters:

Name	Type	Description
authServerId	String
scopeId	String

Returns:

Type

Promise.<OAuth2Scope>

---

getOAuth2TokenForApplication(appId, tokenId, queryParams)

Gets a token for the specified application

Parameters:

Name	Type	Description
appId	String
tokenId	String
queryParams	Object	Map of query parameters to add to this request Properties Name Type Argument Description expand String <optional>

Returns:

Type

Promise.<OAuth2Token>

---

getOktaCommunicationSettings()

Gets Okta Communication Settings of your organization.

Returns:

Type

Promise.<OrgOktaCommunicationSetting>

---

getOrgContactTypes()

Gets Contact Types of your organization.

Returns:

A collection that will yield OrgContactTypeObj instances.

Type

Promise.<Collection>

---

getOrgContactUser(contactType)

Retrieves the URL of the User associated with the specified Contact Type.

Parameters:

Name	Type	Description
contactType	String

Returns:

Type

Promise.<OrgContactUser>

---

getOrgOktaSupportSettings()

Gets Okta Support Settings of your organization.

Returns:

Type

Promise.<OrgOktaSupportSettingsObj>

---

getOrgPreferences()

Gets preferences of your organization.

Returns:

Type

Promise.<OrgPreferences>

---

getOrgSettings()

Get settings of your organization.

Returns:

Type

Promise.<OrgSetting>

---

getOrigin(trustedOriginId)

Success

Parameters:

Name	Type	Description
trustedOriginId	String

Returns:

Type

Promise.<TrustedOrigin>

---

getPolicy(policyId, queryParams)

Gets a policy.

Parameters:

Name	Type	Description
policyId	String
queryParams	Object	Map of query parameters to add to this request Properties Name Type Argument Description expand String <optional>

Returns:

Type

Promise.<Policy>

---

getPolicyRule(policyId, ruleId)

Gets a policy rule.

Parameters:

Name	Type	Description
policyId	String
ruleId	String

Returns:

Type

Promise.<PolicyRule>

---

getProfileMapping(mappingId)

Fetches a single Profile Mapping referenced by its ID.

Parameters:

Name	Type	Description
mappingId	String

Returns:

Type

Promise.<ProfileMapping>

---

getRefreshTokenForAuthorizationServerAndClient(authServerId, clientId, tokenId, queryParams)

Success

Parameters:

Name	Type	Description
authServerId	String
clientId	String
tokenId	String
queryParams	Object	Map of query parameters to add to this request Properties Name Type Argument Description expand String <optional>

Returns:

Type

Promise.<OAuth2RefreshToken>

---

getRefreshTokenForUserAndClient(userId, clientId, tokenId, queryParams)

Gets a refresh token issued for the specified User and Client.

Parameters:

Name	Type	Description
userId	String
clientId	String
tokenId	String
queryParams	Object	Map of query parameters to add to this request Properties Name Type Argument Description expand String <optional> limit String <optional> after String <optional>

Returns:

Type

Promise.<OAuth2RefreshToken>

---

getRole(groupId, roleId)

Success

Parameters:

Name	Type	Description
groupId	String
roleId	String

Returns:

Type

Promise.<Role>

---

getScopeConsentGrant(appId, grantId, queryParams)

Fetches a single scope consent grant for the application

Parameters:

Name	Type	Description
appId	String
grantId	String
queryParams	Object	Map of query parameters to add to this request Properties Name Type Argument Description expand String <optional>

Returns:

Type

Promise.<OAuth2ScopeConsentGrant>

---

getSession(sessionId)

Get details about a session.

Parameters:

Name	Type	Description
sessionId	String

Returns:

Type

Promise.<Session>

---

getSmsTemplate(templateId)

Fetches a specific template by `id`

Parameters:

Name	Type	Description
templateId	String

Returns:

Type

Promise.<SmsTemplate>

---

getUser(userId)

Fetches a user from your Okta organization.

Parameters:

Name	Type	Description
userId	String

Returns:

Type

Promise.<User>

---

getUserGrant(userId, grantId, queryParams)

Gets a grant for the specified user

Parameters:

Name	Type	Description
userId	String
grantId	String
queryParams	Object	Map of query parameters to add to this request Properties Name Type Argument Description expand String <optional>

Returns:

Type

Promise.<OAuth2ScopeConsentGrant>

---

getUserRole(userId, roleId)

Gets role that is assigne to user.

Parameters:

Name	Type	Description
userId	String
roleId	String

Returns:

Type

Promise.<Role>

---

getUserSchema(schemaId)

Fetches the schema for a Schema Id.

Parameters:

Name	Type	Description
schemaId	String

Returns:

Type

Promise.<UserSchema>

---

getUserType(typeId)

Fetches a User Type by ID. The special identifier `default` may be used to fetch the default User Type.

Parameters:

Name	Type	Description
typeId	String

Returns:

Type

Promise.<UserType>

---

grantConsentToScope(appId, oAuth2ScopeConsentGrant)

Grants consent for the application to request an OAuth 2.0 Okta scope

Parameters:

Name	Type	Description
appId	String
oAuth2ScopeConsentGrant	OAuth2ScopeConsentGrant

Returns:

Type

Promise.<OAuth2ScopeConsentGrant>

---

grantOktaSupport()

Enables you to temporarily allow Okta Support to access your org as an administrator for eight hours.

Returns:

Type

Promise.<OrgOktaSupportSettingsObj>

---

hideOktaUIFooter()

Hide the Okta UI footer for all end users of your organization.

Returns:

Type

Promise.<OrgPreferences>

---

linkUserToIdentityProvider(idpId, userId, userIdentityProviderLinkRequest)

Links an Okta user to an existing Social Identity Provider. This does not support the SAML2 Identity Provider Type

Parameters:

Name	Type	Description
idpId	String
userId	String
userIdentityProviderLinkRequest	UserIdentityProviderLinkRequest

Returns:

Type

Promise.<IdentityProviderApplicationUser>

---

listApplicationGroupAssignments(appId, queryParams)

Enumerates group assignments for an application.

Parameters:

Name	Type	Description
appId	String
queryParams	Object	Map of query parameters to add to this request Properties Name Type Argument Description q String <optional> after String <optional> limit String <optional> expand String <optional>

Returns:

A collection that will yield ApplicationGroupAssignment instances.

Type

Promise.<Collection>

---

listApplicationKeys(appId)

Enumerates key credentials for an application

Parameters:

Name	Type	Description
appId	String

Returns:

A collection that will yield JsonWebKey instances.

Type

Promise.<Collection>

---

listApplications(queryParams)

Enumerates apps added to your organization with pagination. A subset of apps can be returned that match a supported filter expression or query.

Parameters:

Name	Type	Description
queryParams	Object	Map of query parameters to add to this request Properties Name Type Argument Description q String <optional> after String <optional> limit String <optional> filter String <optional> expand String <optional> includeNonDeleted String <optional>

Returns:

A collection that will yield Application instances.

Type

Promise.<Collection>

---

listApplicationTargetsForApplicationAdministratorRoleForGroup(groupId, roleId, queryParams)

Lists all App targets for an `APP_ADMIN` Role assigned to a Group. This methods return list may include full Applications or Instances. The response for an instance will have an `ID` value, while Application will not have an ID.

Parameters:

Name	Type	Description
groupId	String
roleId	String
queryParams	Object	Map of query parameters to add to this request Properties Name Type Argument Description after String <optional> limit String <optional>

Returns:

A collection that will yield CatalogApplication instances.

Type

Promise.<Collection>

---

listApplicationTargetsForApplicationAdministratorRoleForUser(userId, roleId, queryParams)

Lists all App targets for an `APP_ADMIN` Role assigned to a User. This methods return list may include full Applications or Instances. The response for an instance will have an `ID` value, while Application will not have an ID.

Parameters:

Name	Type	Description
userId	String
roleId	String
queryParams	Object	Map of query parameters to add to this request Properties Name Type Argument Description after String <optional> limit String <optional>

Returns:

A collection that will yield CatalogApplication instances.

Type

Promise.<Collection>

---

listApplicationUsers(appId, queryParams)

Enumerates all assigned [application users](#application-user-model) for an application.

Parameters:

Name	Type	Description
appId	String
queryParams	Object	Map of query parameters to add to this request Properties Name Type Argument Description q String <optional> query_scope String <optional> after String <optional> limit String <optional> filter String <optional> expand String <optional>

Returns:

A collection that will yield AppUser instances.

Type

Promise.<Collection>

---

listAppLinks(userId)

Fetches appLinks for all direct or indirect (via group membership) assigned applications.

Parameters:

Name	Type	Description
userId	String

Returns:

A collection that will yield AppLink instances.

Type

Promise.<Collection>

---

listAssignedApplicationsForGroup(groupId, queryParams)

Enumerates all applications that are assigned to a group.

Parameters:

Name	Type	Description
groupId	String
queryParams	Object	Map of query parameters to add to this request Properties Name Type Argument Description after String <optional> limit String <optional>

Returns:

A collection that will yield Application instances.

Type

Promise.<Collection>

---

listAssignedRolesForUser(userId, queryParams)

Lists all roles assigned to a user.

Parameters:

Name	Type	Description
userId	String
queryParams	Object	Map of query parameters to add to this request Properties Name Type Argument Description expand String <optional>

Returns:

A collection that will yield Role instances.

Type

Promise.<Collection>

---

listAuthorizationServerKeys(authServerId)

Success

Parameters:

Name	Type	Description
authServerId	String

Returns:

A collection that will yield JsonWebKey instances.

Type

Promise.<Collection>

---

listAuthorizationServerPolicies(authServerId)

Success

Parameters:

Name	Type	Description
authServerId	String

Returns:

A collection that will yield AuthorizationServerPolicy instances.

Type

Promise.<Collection>

---

listAuthorizationServerPolicyRules(policyId, authServerId)

Enumerates all policy rules for the specified Custom Authorization Server and Policy.

Parameters:

Name	Type	Description
policyId	String
authServerId	String

Returns:

A collection that will yield AuthorizationServerPolicyRule instances.

Type

Promise.<Collection>

---

listAuthorizationServers(queryParams)

Success

Parameters:

Name	Type	Description
queryParams	Object	Map of query parameters to add to this request Properties Name Type Argument Description q String <optional> limit String <optional> after String <optional>

Returns:

A collection that will yield AuthorizationServer instances.

Type

Promise.<Collection>

---

listCsrsForApplication(appId)

Enumerates Certificate Signing Requests for an application

Parameters:

Name	Type	Description
appId	String

Returns:

A collection that will yield Csr instances.

Type

Promise.<Collection>

---

listCsrsForIdentityProvider(idpId)

Enumerates Certificate Signing Requests for an IdP

Parameters:

Name	Type	Description
idpId	String

Returns:

A collection that will yield Csr instances.

Type

Promise.<Collection>

---

listDomains()

List all verified custom Domains for the org.

Returns:

Type

Promise.<DomainListResponse>

---

listEventHooks()

Success

Returns:

A collection that will yield EventHook instances.

Type

Promise.<Collection>

---

listFactors(userId)

Enumerates all the enrolled factors for the specified user

Parameters:

Name	Type	Description
userId	String

Returns:

A collection that will yield UserFactor instances.

Type

Promise.<Collection>

---

listFeatureDependencies(featureId)

Success

Parameters:

Name	Type	Description
featureId	String

Returns:

A collection that will yield Feature instances.

Type

Promise.<Collection>

---

listFeatureDependents(featureId)

Success

Parameters:

Name	Type	Description
featureId	String

Returns:

A collection that will yield Feature instances.

Type

Promise.<Collection>

---

listFeatures()

Success

Returns:

A collection that will yield Feature instances.

Type

Promise.<Collection>

---

listGrantsForUserAndClient(userId, clientId, queryParams)

Lists all grants for a specified user and client

Parameters:

Name	Type	Description
userId	String
clientId	String
queryParams	Object	Map of query parameters to add to this request Properties Name Type Argument Description expand String <optional> after String <optional> limit String <optional>

Returns:

A collection that will yield OAuth2ScopeConsentGrant instances.

Type

Promise.<Collection>

---

listGroupAssignedRoles(groupId, queryParams)

Success

Parameters:

Name	Type	Description
groupId	String
queryParams	Object	Map of query parameters to add to this request Properties Name Type Argument Description expand String <optional>

Returns:

A collection that will yield Role instances.

Type

Promise.<Collection>

---

listGroupRules(queryParams)

Lists all group rules for your organization.

Parameters:

Name	Type	Description
queryParams	Object	Map of query parameters to add to this request Properties Name Type Argument Description limit String <optional> after String <optional> search String <optional> expand String <optional>

Returns:

A collection that will yield GroupRule instances.

Type

Promise.<Collection>

---

listGroups(queryParams)

Enumerates groups in your organization with pagination. A subset of groups can be returned that match a supported filter expression or query.

Parameters:

Name	Type	Description
queryParams	Object	Map of query parameters to add to this request Properties Name Type Argument Description q String <optional> search String <optional> after String <optional> limit String <optional> expand String <optional>

Returns:

A collection that will yield Group instances.

Type

Promise.<Collection>

---

listGroupTargetsForGroupRole(groupId, roleId, queryParams)

Success

Parameters:

Name	Type	Description
groupId	String
roleId	String
queryParams	Object	Map of query parameters to add to this request Properties Name Type Argument Description after String <optional> limit String <optional>

Returns:

A collection that will yield Group instances.

Type

Promise.<Collection>

---

listGroupTargetsForRole(userId, roleId, queryParams)

Success

Parameters:

Name	Type	Description
userId	String
roleId	String
queryParams	Object	Map of query parameters to add to this request Properties Name Type Argument Description after String <optional> limit String <optional>

Returns:

A collection that will yield Group instances.

Type

Promise.<Collection>

---

listGroupUsers(groupId, queryParams)

Enumerates all users that are a member of a group.

Parameters:

Name	Type	Description
groupId	String
queryParams	Object	Map of query parameters to add to this request Properties Name Type Argument Description after String <optional> limit String <optional>

Returns:

A collection that will yield User instances.

Type

Promise.<Collection>

---

listIdentityProviderApplicationUsers(idpId)

Find all the users linked to an identity provider

Parameters:

Name	Type	Description
idpId	String

Returns:

A collection that will yield IdentityProviderApplicationUser instances.

Type

Promise.<Collection>

---

listIdentityProviderKeys(queryParams)

Enumerates IdP key credentials.

Parameters:

Name	Type	Description
queryParams	Object	Map of query parameters to add to this request Properties Name Type Argument Description after String <optional> limit String <optional>

Returns:

A collection that will yield JsonWebKey instances.

Type

Promise.<Collection>

---

listIdentityProviders(queryParams)

Enumerates IdPs in your organization with pagination. A subset of IdPs can be returned that match a supported filter expression or query.

Parameters:

Name	Type	Description
queryParams	Object	Map of query parameters to add to this request Properties Name Type Argument Description q String <optional> after String <optional> limit String <optional> type String <optional>

Returns:

A collection that will yield IdentityProvider instances.

Type

Promise.<Collection>

---

listIdentityProviderSigningKeys(idpId)

Enumerates signing key credentials for an IdP

Parameters:

Name	Type	Description
idpId	String

Returns:

A collection that will yield JsonWebKey instances.

Type

Promise.<Collection>

---

listInlineHooks(queryParams)

Success

Parameters:

Name	Type	Description
queryParams	Object	Map of query parameters to add to this request Properties Name Type Argument Description type String <optional>

Returns:

A collection that will yield InlineHook instances.

Type

Promise.<Collection>

---

listLinkedObjectDefinitions()

Success

Returns:

A collection that will yield LinkedObject instances.

Type

Promise.<Collection>

---

listNetworkZones(queryParams)

Enumerates network zones added to your organization with pagination. A subset of zones can be returned that match a supported filter expression or query.

Parameters:

Name	Type	Description
queryParams	Object	Map of query parameters to add to this request Properties Name Type Argument Description after String <optional> limit String <optional> filter String <optional>

Returns:

A collection that will yield NetworkZone instances.

Type

Promise.<Collection>

---

listOAuth2Claims(authServerId)

Success

Parameters:

Name	Type	Description
authServerId	String

Returns:

A collection that will yield OAuth2Claim instances.

Type

Promise.<Collection>

---

listOAuth2ClientsForAuthorizationServer(authServerId)

Success

Parameters:

Name	Type	Description
authServerId	String

Returns:

A collection that will yield OAuth2Client instances.

Type

Promise.<Collection>

---

listOAuth2Scopes(authServerId, queryParams)

Success

Parameters:

Name	Type	Description
authServerId	String
queryParams	Object	Map of query parameters to add to this request Properties Name Type Argument Description q String <optional> filter String <optional> cursor String <optional> limit String <optional>

Returns:

A collection that will yield OAuth2Scope instances.

Type

Promise.<Collection>

---

listOAuth2TokensForApplication(appId, queryParams)

Lists all tokens for the application

Parameters:

Name	Type	Description
appId	String
queryParams	Object	Map of query parameters to add to this request Properties Name Type Argument Description expand String <optional> after String <optional> limit String <optional>

Returns:

A collection that will yield OAuth2Token instances.

Type

Promise.<Collection>

---

listOrigins(queryParams)

Success

Parameters:

Name	Type	Description
queryParams	Object	Map of query parameters to add to this request Properties Name Type Argument Description q String <optional> filter String <optional> after String <optional> limit String <optional>

Returns:

A collection that will yield TrustedOrigin instances.

Type

Promise.<Collection>

---

listPolicies(queryParams)

Gets all policies with the specified type.

Parameters:

Name	Type	Description
queryParams	Object	Map of query parameters to add to this request Properties Name Type Argument Description type String <optional> status String <optional> expand String <optional>

Returns:

A collection that will yield Policy instances.

Type

Promise.<Collection>

---

listPolicyRules(policyId)

Enumerates all policy rules.

Parameters:

Name	Type	Description
policyId	String

Returns:

A collection that will yield PolicyRule instances.

Type

Promise.<Collection>

---

listProfileMappings(queryParams)

Enumerates Profile Mappings in your organization with pagination.

Parameters:

Name	Type	Description
queryParams	Object	Map of query parameters to add to this request Properties Name Type Argument Description after String <optional> limit String <optional> sourceId String <optional> targetId String <optional>

Returns:

A collection that will yield ProfileMapping instances.

Type

Promise.<Collection>

---

listRefreshTokensForAuthorizationServerAndClient(authServerId, clientId, queryParams)

Success

Parameters:

Name	Type	Description
authServerId	String
clientId	String
queryParams	Object	Map of query parameters to add to this request Properties Name Type Argument Description expand String <optional> after String <optional> limit String <optional>

Returns:

A collection that will yield OAuth2RefreshToken instances.

Type

Promise.<Collection>

---

listRefreshTokensForUserAndClient(userId, clientId, queryParams)

Lists all refresh tokens issued for the specified User and Client.

Parameters:

Name	Type	Description
userId	String
clientId	String
queryParams	Object	Map of query parameters to add to this request Properties Name Type Argument Description expand String <optional> after String <optional> limit String <optional>

Returns:

A collection that will yield OAuth2RefreshToken instances.

Type

Promise.<Collection>

---

listScopeConsentGrants(appId, queryParams)

Lists all scope consent grants for the application

Parameters:

Name	Type	Description
appId	String
queryParams	Object	Map of query parameters to add to this request Properties Name Type Argument Description expand String <optional>

Returns:

A collection that will yield OAuth2ScopeConsentGrant instances.

Type

Promise.<Collection>

---

listSmsTemplates(queryParams)

Enumerates custom SMS templates in your organization. A subset of templates can be returned that match a template type.

Parameters:

Name	Type	Description
queryParams	Object	Map of query parameters to add to this request Properties Name Type Argument Description templateType String <optional>

Returns:

A collection that will yield SmsTemplate instances.

Type

Promise.<Collection>

---

listSocialAuthTokens(idpId, userId)

Fetches the tokens minted by the Social Authentication Provider when the user authenticates with Okta via Social Auth.

Parameters:

Name	Type	Description
idpId	String
userId	String

Returns:

A collection that will yield SocialAuthToken instances.

Type

Promise.<Collection>

---

listSupportedFactors(userId)

Enumerates all the supported factors that can be enrolled for the specified user

Parameters:

Name	Type	Description
userId	String

Returns:

A collection that will yield UserFactor instances.

Type

Promise.<Collection>

---

listSupportedSecurityQuestions(userId)

Enumerates all available security questions for a user's `question` factor

Parameters:

Name	Type	Description
userId	String

Returns:

A collection that will yield SecurityQuestion instances.

Type

Promise.<Collection>

---

listUserClients(userId)

Lists all client resources for which the specified user has grants or tokens.

Parameters:

Name	Type	Description
userId	String

Returns:

A collection that will yield OAuth2Client instances.

Type

Promise.<Collection>

---

listUserGrants(userId, queryParams)

Lists all grants for the specified user

Parameters:

Name	Type	Description
userId	String
queryParams	Object	Map of query parameters to add to this request Properties Name Type Argument Description scopeId String <optional> expand String <optional> after String <optional> limit String <optional>

Returns:

A collection that will yield OAuth2ScopeConsentGrant instances.

Type

Promise.<Collection>

---

listUserGroups(userId)

Fetches the groups of which the user is a member.

Parameters:

Name	Type	Description
userId	String

Returns:

A collection that will yield Group instances.

Type

Promise.<Collection>

---

listUserIdentityProviders(userId)

Lists the IdPs associated with the user.

Parameters:

Name	Type	Description
userId	String

Returns:

A collection that will yield IdentityProvider instances.

Type

Promise.<Collection>

---

listUsers(queryParams)

Lists users in your organization with pagination in most cases. A subset of users can be returned that match a supported filter expression or search criteria.

Parameters:

Name	Type	Description
queryParams	Object	Map of query parameters to add to this request Properties Name Type Argument Description q String <optional> after String <optional> limit String <optional> filter String <optional> search String <optional> sortBy String <optional> sortOrder String <optional>

Returns:

A collection that will yield User instances.

Type

Promise.<Collection>

---

listUserTypes()

Fetches all User Types in your org

Returns:

A collection that will yield UserType instances.

Type

Promise.<Collection>

---

optInUsersToOktaCommunicationEmails()

Opts in all users of this org to Okta Communication emails.

Returns:

Type

Promise.<OrgOktaCommunicationSetting>

---

optOutUsersFromOktaCommunicationEmails()

Opts out all users of this org from Okta Communication emails.

Returns:

Type

Promise.<OrgOktaCommunicationSetting>

---

partialUpdateOrgSetting(orgSetting)

Partial update settings of your organization.

Parameters:

Name	Type	Description
orgSetting	OrgSetting

Returns:

Type

Promise.<OrgSetting>

---

partialUpdateSmsTemplate(templateId, smsTemplate)

Updates only some of the SMS template properties:

Parameters:

Name	Type	Description
templateId	String
smsTemplate	SmsTemplate

Returns:

Type

Promise.<SmsTemplate>

---

partialUpdateUser(userId, user, queryParams)

Fetch a user by `id`, `login`, or `login shortname` if the short name is unambiguous.

Parameters:

Name	Type	Description
userId	String
user	User
queryParams	Object	Map of query parameters to add to this request Properties Name Type Argument Description strict String <optional>

Returns:

Type

Promise.<User>

---

publishBinaryCerCert(appId, csrId, string)

Convenience method for /api/v1/apps/{appId}/credentials/csrs/{csrId}/lifecycle/publish

Parameters:

Name	Type	Description
appId	String
csrId	String
string	string

Returns:

Type

Promise.<JsonWebKey>

---

publishBinaryCerCertForIdentityProvider(idpId, csrId, string)

Update the Certificate Signing Request with a signed X.509 certificate and add it into the signing key credentials for the IdP.

Parameters:

Name	Type	Description
idpId	String
csrId	String
string	string

Returns:

Type

Promise.<JsonWebKey>

---

publishBinaryDerCert(appId, csrId, string)

Convenience method for /api/v1/apps/{appId}/credentials/csrs/{csrId}/lifecycle/publish

Parameters:

Name	Type	Description
appId	String
csrId	String
string	string

Returns:

Type

Promise.<JsonWebKey>

---

publishBinaryDerCertForIdentityProvider(idpId, csrId, string)

Update the Certificate Signing Request with a signed X.509 certificate and add it into the signing key credentials for the IdP.

Parameters:

Name	Type	Description
idpId	String
csrId	String
string	string

Returns:

Type

Promise.<JsonWebKey>

---

publishBinaryPemCert(appId, csrId, string)

Convenience method for /api/v1/apps/{appId}/credentials/csrs/{csrId}/lifecycle/publish

Parameters:

Name	Type	Description
appId	String
csrId	String
string	string

Returns:

Type

Promise.<JsonWebKey>

---

publishBinaryPemCertForIdentityProvider(idpId, csrId, string)

Update the Certificate Signing Request with a signed X.509 certificate and add it into the signing key credentials for the IdP.

Parameters:

Name	Type	Description
idpId	String
csrId	String
string	string

Returns:

Type

Promise.<JsonWebKey>

---

publishCerCert(appId, csrId, string)

Convenience method for /api/v1/apps/{appId}/credentials/csrs/{csrId}/lifecycle/publish

Parameters:

Name	Type	Description
appId	String
csrId	String
string	string

Returns:

Type

Promise.<JsonWebKey>

---

publishCerCertForIdentityProvider(idpId, csrId, string)

Update the Certificate Signing Request with a signed X.509 certificate and add it into the signing key credentials for the IdP.

Parameters:

Name	Type	Description
idpId	String
csrId	String
string	string

Returns:

Type

Promise.<JsonWebKey>

---

publishDerCert(appId, csrId, string)

Convenience method for /api/v1/apps/{appId}/credentials/csrs/{csrId}/lifecycle/publish

Parameters:

Name	Type	Description
appId	String
csrId	String
string	string

Returns:

Type

Promise.<JsonWebKey>

---

publishDerCertForIdentityProvider(idpId, csrId, string)

Update the Certificate Signing Request with a signed X.509 certificate and add it into the signing key credentials for the IdP.

Parameters:

Name	Type	Description
idpId	String
csrId	String
string	string

Returns:

Type

Promise.<JsonWebKey>

---

reactivateUser(userId, queryParams)

Reactivates a user. This operation can only be performed on users with a `PROVISIONED` status. This operation restarts the activation workflow if for some reason the user activation was not completed when using the activationToken from [Activate User](#activate-user).

Parameters:

Name	Type	Description
userId	String
queryParams	Object	Map of query parameters to add to this request Properties Name Type Argument Description sendEmail String <optional>

Returns:

Type

Promise.<UserActivationToken>

---

refreshSession(sessionId)

Convenience method for /api/v1/sessions/{sessionId}/lifecycle/refresh

Parameters:

Name	Type	Description
sessionId	String

Returns:

Type

Promise.<Session>

---

removeApplicationTargetFromAdministratorRoleForUser(userId, roleId, appName, applicationId)

Remove App Instance Target to App Administrator Role given to a User

Parameters:

Name	Type	Description
userId	String
roleId	String
appName	String
applicationId	String

---

removeApplicationTargetFromAdministratorRoleGivenToGroup(groupId, roleId, appName, applicationId)

Remove App Instance Target to App Administrator Role given to a Group

Parameters:

Name	Type	Description
groupId	String
roleId	String
appName	String
applicationId	String

---

removeApplicationTargetFromApplicationAdministratorRoleForUser(userId, roleId, appName)

Success

Parameters:

Name	Type	Description
userId	String
roleId	String
appName	String

---

removeApplicationTargetFromApplicationAdministratorRoleGivenToGroup(groupId, roleId, appName)

Success

Parameters:

Name	Type	Description
groupId	String
roleId	String
appName	String

---

removeGroupTargetFromGroupAdministratorRoleGivenToGroup(groupId, roleId, targetGroupId)

Convenience method for /api/v1/groups/{groupId}/roles/{roleId}/targets/groups/{targetGroupId}

Parameters:

Name	Type	Description
groupId	String
roleId	String
targetGroupId	String

---

removeGroupTargetFromRole(userId, roleId, groupId)

Success

Parameters:

Name	Type	Description
userId	String
roleId	String
groupId	String

---

removeLinkedObjectForUser(userId, relationshipName)

Delete linked objects for a user, relationshipName can be ONLY a primary relationship name

Parameters:

Name	Type	Description
userId	String
relationshipName	String

---

removeRoleFromGroup(groupId, roleId)

Unassigns a Role from a Group

Parameters:

Name	Type	Description
groupId	String
roleId	String

---

removeRoleFromUser(userId, roleId)

Unassigns a role from a user.

Parameters:

Name	Type	Description
userId	String
roleId	String

---

removeUserFromGroup(groupId, userId)

Removes a user from a group with 'OKTA_GROUP' type.

Parameters:

Name	Type	Description
groupId	String
userId	String

---

replaceUserType(typeId, userType)

Replace an existing User Type

Parameters:

Name	Type	Description
typeId	String
userType	UserType

Returns:

Type

Promise.<UserType>

---

resetFactors(userId)

This operation resets all factors for the specified user. All MFA factor enrollments returned to the unenrolled state. The user's status remains ACTIVE. This link is present only if the user is currently enrolled in one or more MFA factors.

Parameters:

Name	Type	Description
userId	String

---

resetPassword(userId, queryParams)

Generates a one-time token (OTT) that can be used to reset a user's password. The OTT link can be automatically emailed to the user or returned to the API caller and distributed using a custom flow.

Parameters:

Name	Type	Description
userId	String
queryParams	Object	Map of query parameters to add to this request Properties Name Type Argument Description sendEmail String <optional>

Returns:

Type

Promise.<ResetPasswordToken>

---

revokeCsrForIdentityProvider(idpId, csrId)

Revoke a Certificate Signing Request and delete the key pair from the IdP

Parameters:

Name	Type	Description
idpId	String
csrId	String

---

revokeCsrFromApplication(appId, csrId)

Convenience method for /api/v1/apps/{appId}/credentials/csrs/{csrId}

Parameters:

Name	Type	Description
appId	String
csrId	String

---

revokeGrantsForUserAndClient(userId, clientId)

Revokes all grants for the specified user and client

Parameters:

Name	Type	Description
userId	String
clientId	String

---

revokeOAuth2TokenForApplication(appId, tokenId)

Revokes the specified token for the specified application

Parameters:

Name	Type	Description
appId	String
tokenId	String

---

revokeOAuth2TokensForApplication(appId)

Revokes all tokens for the specified application

Parameters:

Name	Type	Description
appId	String

---

revokeOktaSupport()

Revokes Okta Support access to your organization.

Returns:

Type

Promise.<OrgOktaSupportSettingsObj>

---

revokeRefreshTokenForAuthorizationServerAndClient(authServerId, clientId, tokenId)

Success

Parameters:

Name	Type	Description
authServerId	String
clientId	String
tokenId	String

---

revokeRefreshTokensForAuthorizationServerAndClient(authServerId, clientId)

Success

Parameters:

Name	Type	Description
authServerId	String
clientId	String

---

revokeScopeConsentGrant(appId, grantId)

Revokes permission for the application to request the given scope

Parameters:

Name	Type	Description
appId	String
grantId	String

---

revokeTokenForUserAndClient(userId, clientId, tokenId)

Revokes the specified refresh token.

Parameters:

Name	Type	Description
userId	String
clientId	String
tokenId	String

---

revokeTokensForUserAndClient(userId, clientId)

Revokes all refresh tokens issued for the specified User and Client.

Parameters:

Name	Type	Description
userId	String
clientId	String

---

revokeUserGrant(userId, grantId)

Revokes one grant for a specified user

Parameters:

Name	Type	Description
userId	String
grantId	String

---

revokeUserGrants(userId)

Revokes all grants for a specified user

Parameters:

Name	Type	Description
userId	String

---

rotateAuthorizationServerKeys(authServerId)

Success

Parameters:

Name	Type	Description
authServerId	String

Returns:

A collection that will yield JsonWebKey instances.

Type

Promise.<Collection>

---

setLinkedObjectForUser(associatedUserId, primaryRelationshipName, primaryUserId)

Convenience method for /api/v1/users/{associatedUserId}/linkedObjects/{primaryRelationshipName}/{primaryUserId}

Parameters:

Name	Type	Description
associatedUserId	String
primaryRelationshipName	String
primaryUserId	String

---

showOktaUIFooter()

Makes the Okta UI footer visible for all end users of your organization.

Returns:

Type

Promise.<OrgPreferences>

---

suspendUser(userId)

Suspends a user. This operation can only be performed on users with an `ACTIVE` status. The user will have a status of `SUSPENDED` when the process is complete.

Parameters:

Name	Type	Description
userId	String

---

unlinkUserFromIdentityProvider(idpId, userId)

Removes the link between the Okta user and the IdP user.

Parameters:

Name	Type	Description
idpId	String
userId	String

---

unlockUser(userId)

Unlocks a user with a `LOCKED_OUT` status and returns them to `ACTIVE` status. Users will be able to login with their current password.

Parameters:

Name	Type	Description
userId	String

---

unsuspendUser(userId)

Unsuspends a user and returns them to the `ACTIVE` state. This operation can only be performed on users that have a `SUSPENDED` status.

Parameters:

Name	Type	Description
userId	String

---

updateApplication(appId, application)

Updates an application in your organization.

Parameters:

Name	Type	Description
appId	String
application	Application

Returns:

Type

Promise.<Application>

---

updateApplicationUser(appId, userId, appUser)

Updates a user's profile for an application

Parameters:

Name	Type	Description
appId	String
userId	String
appUser	AppUser

Returns:

Type

Promise.<AppUser>

---

updateApplicationUserProfile(appInstanceId, userSchema)

Partial updates on the User Profile properties of the Application User Schema.

Parameters:

Name	Type	Description
appInstanceId	String
userSchema	UserSchema

Returns:

Type

Promise.<UserSchema>

---

updateAuthorizationServer(authServerId, authorizationServer)

Success

Parameters:

Name	Type	Description
authServerId	String
authorizationServer	AuthorizationServer

Returns:

Type

Promise.<AuthorizationServer>

---

updateAuthorizationServerPolicy(authServerId, policyId, authorizationServerPolicy)

Success

Parameters:

Name	Type	Description
authServerId	String
policyId	String
authorizationServerPolicy	AuthorizationServerPolicy

Returns:

Type

Promise.<AuthorizationServerPolicy>

---

updateAuthorizationServerPolicyRule(policyId, authServerId, ruleId, authorizationServerPolicyRule)

Updates the configuration of the Policy Rule defined in the specified Custom Authorization Server and Policy.

Parameters:

Name	Type	Description
policyId	String
authServerId	String
ruleId	String
authorizationServerPolicyRule	AuthorizationServerPolicyRule

Returns:

Type

Promise.<AuthorizationServerPolicyRule>

---

updateConfiguration(threatInsightConfiguration)

Updates ThreatInsight configuration

Parameters:

Name	Type	Description
threatInsightConfiguration	ThreatInsightConfiguration

Returns:

Type

Promise.<ThreatInsightConfiguration>

---

updateEventHook(eventHookId, eventHook)

Success

Parameters:

Name	Type	Description
eventHookId	String
eventHook	EventHook

Returns:

Type

Promise.<EventHook>

---

updateFeatureLifecycle(featureId, lifecycle, queryParams)

Success

Parameters:

Name	Type	Description
featureId	String
lifecycle	String
queryParams	Object	Map of query parameters to add to this request Properties Name Type Argument Description mode String <optional>

Returns:

Type

Promise.<Feature>

---

updateGroup(groupId, group)

Updates the profile for a group with `OKTA_GROUP` type from your organization.

Parameters:

Name	Type	Description
groupId	String
group	Group

Returns:

Type

Promise.<Group>

---

updateGroupRule(ruleId, groupRule)

Updates a group rule. Only `INACTIVE` rules can be updated.

Parameters:

Name	Type	Description
ruleId	String
groupRule	GroupRule

Returns:

Type

Promise.<GroupRule>

---

updateGroupSchema(groupSchema)

Updates, adds ore removes one or more custom Group Profile properties in the schema

Parameters:

Name	Type	Description
groupSchema	GroupSchema

Returns:

Type

Promise.<GroupSchema>

---

updateIdentityProvider(idpId, identityProvider)

Updates the configuration for an IdP.

Parameters:

Name	Type	Description
idpId	String
identityProvider	IdentityProvider

Returns:

Type

Promise.<IdentityProvider>

---

updateInlineHook(inlineHookId, inlineHook)

Updates an inline hook by ID

Parameters:

Name	Type	Description
inlineHookId	String
inlineHook	InlineHook

Returns:

Type

Promise.<InlineHook>

---

updateNetworkZone(zoneId, networkZone)

Updates a network zone in your organization.

Parameters:

Name	Type	Description
zoneId	String
networkZone	NetworkZone

Returns:

Type

Promise.<NetworkZone>

---

updateOAuth2Claim(authServerId, claimId, oAuth2Claim)

Success

Parameters:

Name	Type	Description
authServerId	String
claimId	String
oAuth2Claim	OAuth2Claim

Returns:

Type

Promise.<OAuth2Claim>

---

updateOAuth2Scope(authServerId, scopeId, oAuth2Scope)

Success

Parameters:

Name	Type	Description
authServerId	String
scopeId	String
oAuth2Scope	OAuth2Scope

Returns:

Type

Promise.<OAuth2Scope>

---

updateOrgContactUser(contactType, userIdString)

Updates the User associated with the specified Contact Type.

Parameters:

Name	Type	Description
contactType	String
userIdString	UserIdString

Returns:

Type

Promise.<OrgContactUser>

---

updateOrgSetting(orgSetting)

Update settings of your organization.

Parameters:

Name	Type	Description
orgSetting	OrgSetting

Returns:

Type

Promise.<OrgSetting>

---

updateOrigin(trustedOriginId, trustedOrigin)

Success

Parameters:

Name	Type	Description
trustedOriginId	String
trustedOrigin	TrustedOrigin

Returns:

Type

Promise.<TrustedOrigin>

---

updatePolicy(policyId, policy)

Updates a policy.

Parameters:

Name	Type	Description
policyId	String
policy	Policy

Returns:

Type

Promise.<Policy>

---

updatePolicyRule(policyId, ruleId, policyRule)

Updates a policy rule.

Parameters:

Name	Type	Description
policyId	String
ruleId	String
policyRule	PolicyRule

Returns:

Type

Promise.<PolicyRule>

---

updateProfileMapping(mappingId, profileMapping)

Updates an existing Profile Mapping by adding, updating, or removing one or many Property Mappings.

Parameters:

Name	Type	Description
mappingId	String
profileMapping	ProfileMapping

Returns:

Type

Promise.<ProfileMapping>

---

updateSmsTemplate(templateId, smsTemplate)

Updates the SMS template.

Parameters:

Name	Type	Description
templateId	String
smsTemplate	SmsTemplate

Returns:

Type

Promise.<SmsTemplate>

---

updateUser(userId, user, queryParams)

Update a user's profile and/or credentials using strict-update semantics.

Parameters:

Name	Type	Description
userId	String
user	User
queryParams	Object	Map of query parameters to add to this request Properties Name Type Argument Description strict String <optional>

Returns:

Type

Promise.<User>

---

updateUserProfile(schemaId, userSchema)

Partial updates on the User Profile properties of the user schema.

Parameters:

Name	Type	Description
schemaId	String
userSchema	UserSchema

Returns:

Type

Promise.<UserSchema>

---

updateUserType(typeId, userType)

Updates an existing User Type

Parameters:

Name	Type	Description
typeId	String
userType	UserType

Returns:

Type

Promise.<UserType>

---

verifyDomain(domainId)

Verifies the Domain by `id`.

Parameters:

Name	Type	Description
domainId	String

Returns:

Type

Promise.<Domain>

---

verifyEventHook(eventHookId)

Success

Parameters:

Name	Type	Description
eventHookId	String

Returns:

Type

Promise.<EventHook>

---

verifyFactor(userId, factorId, verifyFactorRequest, queryParams)

Verifies an OTP for a `token` or `token:hardware` factor

Parameters:

Name	Type	Description
userId	String
factorId	String
verifyFactorRequest	VerifyFactorRequest
queryParams	Object	Map of query parameters to add to this request Properties Name Type Argument Description templateId String <optional> tokenLifetimeSeconds String <optional>

Returns:

Type

Promise.<VerifyUserFactorResponse>