Authorization
Okta makes authorization easy by helping you control what users have access to in your application or API.
Flexible Authorization
- Add authorization information to any account, regardless of origin
- Integrate easily with common authorization frameworks using our pre-built libraries
- Use the built-in groups resource for role-based access control, or add custom profile attributes for more complex authorization scenarios
Role-Based Access Control
- Quickly separate users into groups
- Create a group with just one API call or a few clicks in our admin console
- Control which applications or features your users have access to at a high level
Fine-Grained Permissions
- Add custom user profile attributes to model access-control lists, claim-based permissions, or completely custom permissions schemes
- Extend tokens with dynamic data or additional entitlements from internal systems for seamless migration and faster integration
- Perform authorization checks in application code based on user profile attributes
OAuth 2.0 and OpenID Connect
- Easily add claims to access or ID tokens via groups and profile attributes
- Use the powerful Okta Expression Language for fine-tuned control over claims and claim values
