Okta Python Management SDK

• Release Status
• Need help?
• Installation Guide
• Getting Started
• Usage Guide
• Exceptions
• Pagination
• Logging
• Configuration Reference
• Rate Limiting
• Building the SDK
• Contributing
• Documentation for API Endpoints

This repository contains the Okta management SDK for Python. This SDK can be used in your server-side code to interact with the Okta management API and

This Python package is automatically generated by the OpenAPI Generator project:

• API version: 5.1.0
• Package version: 1.0.0
• Generator version: 7.7.0
• Build package: org.openapitools.codegen.languages.PythonClientCodegen For more information, please visit https://developer.okta.com/

Requirements.

Requires Python version 3.7.0 or higher.

You can also learn more on the Okta + Python page in our documentation.

Release status

This library uses semantic versioning and follows Okta's Library Version Policy.

Version	Status
2.x	⚠️ Deprecated
3.x	✔️ Release

The latest release can always be found on the releases page.

Need help?

If you run into problems using the SDK, you can:

• Ask questions on the Okta Developer Forums
• Post issues on GitHub (for code errors)

Installation & Usage

pip install

If the repository is cloned, you can install directly using the below command at root directory (where setup.py is located):

To install the Okta Python SDK in your project:

pip install okta

You'll also need

• An Okta account, called an organization (sign up for a free developer organization if you need one)
• An API token

Construct a client instance by passing it your Okta domain name and API token:

Setuptools

Install via Setuptools.

python setup.py install --user

(or sudo python setup.py install to install the package for all users)

Then import the package:

import okta

Tests

Execute pytest to run the tests.

Getting Started

Please follow the installation procedure and then run the following:

import asyncio
from okta import UserProfile, PasswordCredential, CreateUserRequest, UserNextLogin, UserCredentials
from okta.client import Client as OktaClient
config = {
    'orgUrl': 'https://{your_org}.okta.com',
    'token': 'YOUR_API_TOKEN',
}

okta_client = OktaClient(config)
user_config = {
    "firstName": "Sample",
    "lastName": "Sample",
    "email": "[email protected]",
    "login": "[email protected]",
    "mobilePhone": "555-415-1337"
  }
user_profile = UserProfile(**user_config)

password_value = {
    "value": "Knock*knock*neo*111"
}
password_credential = PasswordCredential(**password_value)
user_credentials = {
    "password": password_credential
}
user_credentials = UserCredentials(**user_credentials)
create_user_request = {
    "profile": user_profile,
    "credentials": user_credentials,
}
user_request = CreateUserRequest(**create_user_request)
async def users():
    next_login = UserNextLogin(UserNextLogin.CHANGEPASSWORD)
    user, resp, err = await okta_client.create_user(user_request, activate=True, provider=False, next_login=next_login)
    print("The response of UserApi->create_user:\n")
    print(user)
    print(resp, err)

    users, resp, err = await okta_client.list_users()
    for user in users:
        print(user.profile.first_name, user.profile.last_name)
        try:
            print(user.profile.customAttr)
        except:
            print('User has no customAttr')
loop = asyncio.get_event_loop()
loop.run_until_complete(users())

OAuth 2.0

Okta allows you to interact with Okta APIs using scoped OAuth 2.0 access tokens. Each access token enables the bearer to perform specific actions on specific Okta endpoints, with that ability controlled by which scopes the access token contains.

This SDK supports this feature (OAuth 2.0) only for service-to-service applications. Check out our guides to learn more about how to register a new service application using a private and public key pair.

When using this approach you won't need an API Token because the SDK will request an access token for you. In order to use OAuth 2.0, construct a client instance by passing the following parameters:

from okta.client import Client as OktaClient
config = {
    'orgUrl': 'https://{yourOktaDomain}',
    'authorizationMode': 'PrivateKey',
    'clientId': '{yourClientId}',
    'scopes': ['okta.users.manage'],
    'privateKey': 'YOUR_PRIVATE_JWK', # this parameter should be type of str
    'kid': 'YOUR_PRIVATE_KEY_ID' # if a key ID needs to be provided, it can be provided here or part of the privateKey under "kid"
}
okta_client = OktaClient(config)


# example of usage, list all users and print their first name and last name
async def main():
    users, resp, err = await okta_client.list_users()
    for user in users:
        print(user.profile.first_name, user.profile.last_name)

loop = asyncio.get_event_loop()
loop.run_until_complete(main())

Note, that privateKey can be passed in JWK format or in PEM format, i.e. (examples generated with https://mkjwk.org):

{
    "p": "4VmEO2ztlIHvalMHX797rWhETbKgB6bRbdGevYpRLZH167hKHB5vsuRjIAXJdujQw8W3rnas9Z-_Ddv1TbR5Qnz0UmhnxQAIbdDDUE9r5P_LEholrjY9Jz0P-W4jey-7cDATeITYHb3t67HcIwVbxQF5fkRdJAhfO029RqkH3OE",
    "kty": "RSA",
    "q": "x8ngsUMrDGReVVpeGdlZzGTSFxrNP89DF4WEQZ7zCpSe3_GpuUPbzgslYQEiX6XJY5ssavavVNOmmQEAt0xsMcxxVOPYCYy7LBE8cJQiFb_bMf2H1-zTlPn_KF4D10h45cLXhu-xh4c52Rh9WDMYZmKWLkAJQ6L_eueGoZkIDmU",
    "d": "R38UamnZiEhOLxD7FYUN5AKj9mHQneRWizblxfNq2T1Nfk4matfZrrlMq_nz9tYZ3-TOCu3u-7k_igM0Tml365mbU_HzkfCrD-ou7cGSrqNgnipj_VQSgJfKRFKATEf4hMfdpKSd4rZzf8OJnq8s-kpRVC4kdHJtJjja59VvHEQRIrN_dkycNHSBWu5UjZbXOO5X3mjwuIh9gpLGZ-nHTqgTpT324q5BLVsH8_ywRGifIj-HQL1O5bJO2Q2_18iL1TbnMSbDwrKdb1edb4bgDuWB4o0xSTXsherTgeXu76gN9FY28tuAKSd34yqp7GZaYcjtkskbWPRtYhOID2cOgQ",
    "e": "AQAB",
    "use": "sig",
    "kid": "test",
    "qi": "FZGFuvW1W9VF31JyrMYJy_BH7vja3d9iZlhFzttNZ-wmiXG4irrI_fLJgmXK6dI3MfIhKPAYi9nnza2kcR1qEV9QObA4NV86RWnc8sAHbDGooe9VK5eJ5jjD7Tq_ZZiLiHGOZit3HylNilOb0k3VsgMcp0F3ZQaMbg35K9rSgZE",
    "dp": "i4D6HjupvCTQDNdHmluU-d2xYxQwg2we_EgnaBkHdhmEzx8wKcYhyfIe90T92jH4gymUM1neatQw1yiS7D7MTn_CVH2zt730ed8h-kageYxsr1EmgHmtU-w2RmiLaIg9Fg99Dj_W9lqMvjtGFxwLGqN2DdfOfS79nV3bzbF4X6E",
    "alg": "RS256",
    "dq": "CT79iBacsmkeuIKDIl0du8jatDkIULCt4TPLqCHMC6xPIfwUJ7_NN17qru-XgKeyh0qSJq0d9iYJasFSICmIRFG62PvmbqK1stdlXaxtW2ZSpaCfHc4XCKj9NwgK03bGKZP314XWSHhoo_RvMJrEwVBEtQU_qIKtoil-4JGtfsU",
    "n": "r95K3WIN8-4dB-tEKHjyTIIZZUMbHz8ad5oBX2BGiGxfPGfHbz2RH4QLT9ffzL-tgEo8IKs0Myh0VTwauiwz0cdHuS2gUTasK9OsosX1h1scSu_eZ-g-__lXBogU-SvBXBAgjv8hdcZjqWYQwmhJp2Ilv0CuXKxQwZyjso775PDjWDCH5HkVcSxHyUvpThLfWfkfz5PNDZvRpuPltv55ILRaVZhwPb7VXLAm2ebfeYUdybUKpGnEogKQdaL7TdNvP-HRnUSXTiYeXWHzU04FaXJ7yLmtXOQ52FT9dwkwLrCDOmDSBGafZ9asUtgOKhKN6wQW5mndhMK_1zThfjZyxQ"
}

or

-----BEGIN PRIVATE KEY-----
MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQCv3krdYg3z7h0H
60QoePJMghllQxsfPxp3mgFfYEaIbF88Z8dvPZEfhAtP19/Mv62ASjwgqzQzKHRV
PBq6LDPRx0e5LaBRNqwr06yixfWHWxxK795n6D7/+VcGiBT5K8FcECCO/yF1xmOp
ZhDCaEmnYiW/QK5crFDBnKOyjvvk8ONYMIfkeRVxLEfJS+lOEt9Z+R/Pk80Nm9Gm
4+W2/nkgtFpVmHA9vtVcsCbZ5t95hR3JtQqkacSiApB1ovtN028/4dGdRJdOJh5d
YfNTTgVpcnvIua1c5DnYVP13CTAusIM6YNIEZp9n1qxS2A4qEo3rBBbmad2Ewr/X
NOF+NnLFAgMBAAECggEAR38UamnZiEhOLxD7FYUN5AKj9mHQneRWizblxfNq2T1N
fk4matfZrrlMq/nz9tYZ3+TOCu3u+7k/igM0Tml365mbU/HzkfCrD+ou7cGSrqNg
nipj/VQSgJfKRFKATEf4hMfdpKSd4rZzf8OJnq8s+kpRVC4kdHJtJjja59VvHEQR
IrN/dkycNHSBWu5UjZbXOO5X3mjwuIh9gpLGZ+nHTqgTpT324q5BLVsH8/ywRGif
Ij+HQL1O5bJO2Q2/18iL1TbnMSbDwrKdb1edb4bgDuWB4o0xSTXsherTgeXu76gN
9FY28tuAKSd34yqp7GZaYcjtkskbWPRtYhOID2cOgQKBgQDhWYQ7bO2Uge9qUwdf
v3utaERNsqAHptFt0Z69ilEtkfXruEocHm+y5GMgBcl26NDDxbeudqz1n78N2/VN
tHlCfPRSaGfFAAht0MNQT2vk/8sSGiWuNj0nPQ/5biN7L7twMBN4hNgdve3rsdwj
BVvFAXl+RF0kCF87Tb1GqQfc4QKBgQDHyeCxQysMZF5VWl4Z2VnMZNIXGs0/z0MX
hYRBnvMKlJ7f8am5Q9vOCyVhASJfpcljmyxq9q9U06aZAQC3TGwxzHFU49gJjLss
ETxwlCIVv9sx/YfX7NOU+f8oXgPXSHjlwteG77GHhznZGH1YMxhmYpYuQAlDov96
54ahmQgOZQKBgQCLgPoeO6m8JNAM10eaW5T53bFjFDCDbB78SCdoGQd2GYTPHzAp
xiHJ8h73RP3aMfiDKZQzWd5q1DDXKJLsPsxOf8JUfbO3vfR53yH6RqB5jGyvUSaA
ea1T7DZGaItoiD0WD30OP9b2Woy+O0YXHAsao3YN1859Lv2dXdvNsXhfoQKBgAk+
/YgWnLJpHriCgyJdHbvI2rQ5CFCwreEzy6ghzAusTyH8FCe/zTde6q7vl4CnsodK
kiatHfYmCWrBUiApiERRutj75m6itbLXZV2sbVtmUqWgnx3OFwio/TcICtN2ximT
99eF1kh4aKP0bzCaxMFQRLUFP6iCraIpfuCRrX7FAoGAFZGFuvW1W9VF31JyrMYJ
y/BH7vja3d9iZlhFzttNZ+wmiXG4irrI/fLJgmXK6dI3MfIhKPAYi9nnza2kcR1q
EV9QObA4NV86RWnc8sAHbDGooe9VK5eJ5jjD7Tq/ZZiLiHGOZit3HylNilOb0k3V
sgMcp0F3ZQaMbg35K9rSgZE=
-----END PRIVATE KEY-----

Using a Python dictionary to hard-code the Okta domain and API token is encouraged for development; In production, you should use a more secure way of storing these values. This library supports a few different configuration sources, covered in the configuration reference section.

Extending the Client

When creating a new client, we allow for you to pass custom instances of okta.request_executor, okta.http_client and okta.cache.cache.

from okta.client import Client as OktaClient
# Assuming implementations are in project.custom
from project.custom.request_executor_impl import RequestExecImpl
from project.custom.http_client_impl import HTTPClientImpl
from project.custom.cache_impl import CacheImpl


config = {
    'orgUrl': 'https://{yourOktaDomain}',
    'token': 'YOUR_API_TOKEN',
    'requestExecutor': RequestExecImpl,
    'httpClient': HTTPClientImpl,
    'cacheManager': CacheImpl(), # pass instance of CacheImpl
    'cache': {'enabled': True}
}


async def main():
    client = OktaClient(config)
    user_info, resp, err = await client.get_user({YOUR_USER_ID})
    print(user_info)


loop = asyncio.get_event_loop()
loop.run_until_complete(main())

Extending or Creating New Classes

Example: You can create a custom cache driver by implementing okta.cache.cache

# Fully working example for Custom Cache class
from okta.cache.cache import Cache


class CacheImpl(Cache):
    def __init__(self):
        super().__init__()
        self.cache_dict = {}

    def add(self, key, value):
        self.cache_dict[key] = value

    def get(self, key):
        return self.cache_dict.get(key, None)

    def contains(self, key):
        return key in self.cache_dict

    def delete(self, key):
        if self.contains(key):
            del self.cache_dict[key]

A similar approach can be used to extend okta.request_executor:

from okta.request_executor import RequestExecutor


class RequestExecImpl(RequestExecutor):
    def __init__(self, config, cache, http_client=None):
        super().__init__(config, cache, http_client)
        # custom code

    # Note, this method shoud be defined as async
    async def create_request(self, method: str, url: str, body: dict = None,
                             headers: dict = {}, oauth=False):
        """
        Creates request for request executor's HTTP client.

        Args:
            method (str): HTTP Method to be used
            url (str): URL to send request to
            body (dict, optional): Request body. Defaults to None.
            headers (dict, optional): Request headers. Defaults to {}.

        Returns:
            dict, Exception: Tuple of Dictionary repr of HTTP request and
            exception raised during execution
        """
        # custom code

    # Note, this method shoud be defined as async
    async def execute(self, request, response_type=None):
        """
        This function is the high level request execution method. Performs the
        API call and returns a formatted response object

        Args:
            request (dict): dictionary object containing request details

        Returns:
            (OktaAPIResponse, Exception): Response obj for the Okta API, Error
        """
        # custom code

and okta.http_client:

from okta.http_client import HTTPClient


class HTTPClientImpl(HTTPClient):
    def __init__(self, http_config={}):
        super().__init__(http_config)
        # custom code

    # Note, this method shoud be defined as async
    async def send_request(self, request):
        """
        This method fires HTTP requests

        Arguments:
            request {dict} -- This dictionary contains all information needed
            for the request.
            - HTTP method (as str)
            - Headers (as dict)
            - Request body (as dict)

        Returns:
            Tuple(RequestInfo, ClientResponse, JSONBody, ErrorObject)
            -- A tuple containing the request and response of the HTTP call
        """
        # custom code

Usage guide

These examples will help you understand how to use this library.

Once you initialize a client, you can call methods to make requests to the Okta API. The client uses asynchronous methods to operate. Most methods are grouped by the API endpoint they belong to. For example, methods that call the Users API are organized under the User resource client (okta.resource_clients.user_client.py).

Asynchronous I/O is fairly new to Python after making its debut in Python 3.5. It's powered by the asyncio library which provides avenues to produce concurrent code. This allows developers to define async functions and await asynchronous calls within them. For more information, you can check out the Python docs.

Calls using await must be made in an async def function. That function must be called by asyncio (see example below).

from okta.client import Client as OktaClient
import asyncio

async def main():
    client = OktaClient()
    users, resp, err = await client.list_users()
    print(len(users))

loop = asyncio.get_event_loop()
loop.run_until_complete(main())

Authenticate a User

This library should only be used with the Okta management API. To call the Authentication API, you should construct your own HTTP requests.

Assume the client is instantiated before each example below.

from okta.client import Client as OktaClient
import okta.models as models
client = OktaClient({'orgUrl': 'https://test.okta.com', 'token': 'YOUR_API_TOKEN'})

Get and set custom headers

Feature appears in v1.3.0

It is possible to set custom headers, which will be sent with each request:

import asyncio

from okta.client import Client as OktaClient

async def main():
    client = OktaClient()

    # set custom headers
    client.set_custom_headers({'Custom-Header': 'custom value'})

    # perform different requests with custom headers
    users, resp, err = await client.list_users()
    for user in users:
        print(user.profile.first_name, user.profile.last_name)

    # clear all custom headers
    client.clear_custom_headers()

    # output should be: {}
    print(client.get_custom_headers())


loop = asyncio.get_event_loop()
loop.run_until_complete(main())

Note, that custom headers will be overwritten with default headers with the same name. This doesn't allow breaking the client. Get default headers:

client.get_default_headers()

Exceptions

Starting from v1.1.0 SDK introduces exceptions, which are disabled by default, thus feature is backward compatible. To force client raise an exception instead of returning custom error, option 'raiseException' should be provided:

import asyncio

from okta.client import Client as OktaClient
from okta.exceptions import OktaAPIException


async def main():
    config = {'orgUrl': 'https://{yourOktaDomain}',
              'token': 'bad_token',
              'raiseException': True}
    client = OktaClient(config)
    try:
        users, resp, err = await client.list_users()
        for user in users:
            print(user.profile.first_name, user.profile.last_name)
    except OktaAPIException as err:
        print(err)


loop = asyncio.get_event_loop()
loop.run_until_complete(main())

Result should look like:

{'errorCode': 'E0000011', 'errorSummary': 'Invalid token provided', 'errorLink': 'E0000011', 'errorId': 'oaeqWcqizEUQ_-iHc2hCbH9LA', 'errorCauses': []}

List of available exceptions: OktaAPIException, HTTPException (to raise instead of returning errors OktaAPIError and HTTPError respectively). It is possible to inherit and/or extend given exceptions:

from okta.exceptions import HTTPException


class MyHTTPException(HTTPException):
    pass


raise MyHTTPException('My HTTP Exception')

Pagination

If your request comes back with more than the default or set limit (resp.has_next() == True), you can request the next page.

Example of listing users 1 at a time:

query_parameters = {'limit': '1'}
users, resp, err = await client.list_users(query_parameters)

# Check if there more pages follow
if resp.has_next():
  users, err = await resp.next()  # Returns list of 1 user after the last retrieved user

# Iterate through all of the rest of the pages
while resp.has_next():
  users, err = await resp.next()
  # Do stuff with users in users

print(resp.has_next()) # False
try:
  await resp.next()
except StopAsyncIteration:
  # Handle Exception raised

Here's a complete example:

from okta.client import Client as OktaClient
import asyncio

async def main():
    client = OktaClient()
    users, resp, err = await client.list_users()
    while True:
        for user in users:
            print(user.profile.login) # Add more properties here.
        if resp.has_next():
            users, err = await resp.next()
        else:
            break

loop = asyncio.get_event_loop()
loop.run_until_complete(main())

If you require access to the response headers during a pagination operation, set the includeResponse parameter to True in the call to the next method; this returns the response as a third tuple value. See the following example:

from okta.client import Client as OktaClient
import asyncio

async def main():
    client = OktaClient()
    users, resp, err = await client.list_users()
    while True:
        for user in users:
            print(user.profile.login) 
        if resp.has_next():
            users, err, response = await resp.next(True) # Specify True to receive the response object as the third part of the tuple for further analysis
        else:
            break

loop = asyncio.get_event_loop()
loop.run_until_complete(main())

Logging

Feature appears in version 1.5.0

SDK v1.5.0 introduces logging for debug purposes. Logs are disabled by default, thus SDK behavior remains the same. Logging should be enabled explicitly via client configuration or via a configuration file:

from okta.client import Client as OktaClient


config = {"logging": {"enabled": True}}
client = OktaClient(config)

SDK utilizes the standard Python library logging. By default, log level INFO is set. You can set another log level via config:

from okta.client import Client as OktaClient
import logging

config = {"logging": {"enabled": True, "logLevel": logging.DEBUG}}
client = OktaClient(config)

NOTE: DO NOT SET DEBUG LEVEL IN PRODUCTION!

Configuration reference

This library looks for configuration in the following sources:

0. An okta.yaml file in a .okta folder in the current user's home directory (~/.okta/okta.yaml or %userprofile%\.okta\okta.yaml). See a sample YAML Configuration
1. A okta.yaml file in the application or project's root directory. See a sample YAML Configuration
2. Environment variables
3. Configuration explicitly passed to the constructor (see the example in Getting started)

Only ONE source needs to be provided!

Higher numbers win. In other words, configuration passed via the constructor will OVERRIDE configuration found in environment variables, which will override configuration in the designated okta.yaml files.

YAML configuration

When you use an API Token instead of OAuth 2.0 the full YAML configuration looks like:

okta:
  client:
    connectionTimeout: 30 # seconds
    orgUrl: "https://{yourOktaDomain}"
    proxy:
      port: { proxy_port }
      host: { proxy_host }
      username: { proxy_username }
      password: { proxy_password }
    token: "YOUR_API_TOKEN"
    requestTimeout: 0 # seconds
    rateLimit:
      maxRetries: 4
    logging:
      enabled: true
      logLevel: INFO

When you use OAuth 2.0 the full YAML configuration looks like:

okta:
  client:
    connectionTimeout: 30 # seconds
    orgUrl: "https://{yourOktaDomain}"
    proxy:
      port: { proxy_port }
      host: { proxy_host }
      username: { proxy_username }
      password: { proxy_password }
    authorizationMode: "PrivateKey"
    clientId: "YOUR_CLIENT_ID"
    scopes:
      - scope.1
      - scope.2
    privateKey: |
      -----BEGIN RSA PRIVATE KEY-----
      MIIEogIBAAKCAQEAl4F5CrP6Wu2kKwH1Z+CNBdo0iteHhVRIXeHdeoqIB1iXvuv4
      THQdM5PIlot6XmeV1KUKuzw2ewDeb5zcasA4QHPcSVh2+KzbttPQ+RUXCUAr5t+r
      0r6gBc5Dy1IPjCFsqsPJXFwqe3RzUb...
      -----END RSA PRIVATE KEY-----
    requestTimeout: 0 # seconds
    rateLimit:
      maxRetries: 4
    logging:
      enabled: true
      logLevel: INFO

If a proxy is not going to be used for the SDK, you may omit the okta.client.proxy section from your okta.yaml file

Environment variables

Each one of the configuration values above can be turned into an environment variable name with the _ (underscore) character and UPPERCASE characters. The following are accepted:

• OKTA_CLIENT_AUTHORIZATIONMODE
• OKTA_CLIENT_ORGURL
• OKTA_CLIENT_TOKEN
• OKTA_CLIENT_CLIENTID
• OKTA_CLIENT_SCOPES
• OKTA_CLIENT_PRIVATEKEY
• OKTA_CLIENT_USERAGENT
• OKTA_CLIENT_CONNECTIONTIMEOUT
• OKTA_CLIENT_REQUESTTIMEOUT
• OKTA_CLIENT_CACHE_ENABLED
• OKTA_CLIENT_CACHE_DEFAULTTTI
• OKTA_CLIENT_CACHE_DEFAULTTTL
• OKTA_CLIENT_PROXY_PORT
• OKTA_CLIENT_PROXY_HOST
• OKTA_CLIENT_PROXY_USERNAME
• OKTA_CLIENT_PROXY_PASSWORD
• OKTA_CLIENT_RATELIMIT_MAXRETRIES
• OKTA_TESTING_TESTINGDISABLEHTTPSCHECK

Other configuration options

Starting with SDK v2.3.0 you can provide custom SSL context:

import asyncio
import ssl

from okta.client import Client as OktaClient


async def main():
    # create default context for demo purpose
    ssl_context = ssl.create_default_context()
    client = OktaClient({"sslContext": ssl_context})
    users, resp, err = await client.list_users()
    print(users)

loop = asyncio.get_event_loop()
loop.run_until_complete(main())

Rate Limiting

The Okta API will return 429 responses if too many requests are made within a given time. Please see Rate Limiting at Okta for a complete list of which endpoints are rate limited. When a 429 error is received, the X-Rate-Limit-Reset header will tell you the time at which you can retry. This section discusses the method for handling rate limiting with this SDK.

Built-In Retry

This SDK uses the built-in retry strategy to automatically retry on 429 errors. You can use the default configuration options for the built-in retry strategy, or provide your desired values via the client configuration.

You can configure the following options when using the built-in retry strategy:

Configuration Option	Description
client.requestTimeout	The waiting time in seconds for a request to be resolved by the client. Less than or equal to 0 means "no timeout". The default value is 0 (None).
client.rateLimit.maxRetries	The number of times to retry.

Check out the Configuration Reference section for more details about how to set these values via configuration.

Building the SDK

In most cases, you won't need to build the SDK from source. If you want to build it yourself, you'll need these prerequisites:

• Clone the repo
• Run python setup.py build from the root of the project (assuming Python is installed)
• Ensure tests run succesfully. Install tox if not installed already using: pip install tox. Run tests using tox in the root directory of the project.

Contributing

We're happy to accept contributions and PRs! Please see the Contribution Guide to understand how to structure a contribution.

For contributing, please make changes to the mustache templates and submit the change.

Documentation for API Endpoints

All URIs are relative to https://subdomain.okta.com

Class	Method	HTTP request	Description
AgentPoolsApi	activate_agent_pools_update	POST /api/v1/agentPools/{poolId}/updates/{updateId}/activate	Activate an Agent Pool update
AgentPoolsApi	create_agent_pools_update	POST /api/v1/agentPools/{poolId}/updates	Create an Agent Pool update
AgentPoolsApi	deactivate_agent_pools_update	POST /api/v1/agentPools/{poolId}/updates/{updateId}/deactivate	Deactivate an Agent Pool update
AgentPoolsApi	delete_agent_pools_update	DELETE /api/v1/agentPools/{poolId}/updates/{updateId}	Delete an Agent Pool update
AgentPoolsApi	get_agent_pools_update_instance	GET /api/v1/agentPools/{poolId}/updates/{updateId}	Retrieve an Agent Pool update by id
AgentPoolsApi	get_agent_pools_update_settings	GET /api/v1/agentPools/{poolId}/updates/settings	Retrieve an Agent Pool update's settings
AgentPoolsApi	list_agent_pools	GET /api/v1/agentPools	List all Agent Pools
AgentPoolsApi	list_agent_pools_updates	GET /api/v1/agentPools/{poolId}/updates	List all Agent Pool updates
AgentPoolsApi	pause_agent_pools_update	POST /api/v1/agentPools/{poolId}/updates/{updateId}/pause	Pause an Agent Pool update
AgentPoolsApi	resume_agent_pools_update	POST /api/v1/agentPools/{poolId}/updates/{updateId}/resume	Resume an Agent Pool update
AgentPoolsApi	retry_agent_pools_update	POST /api/v1/agentPools/{poolId}/updates/{updateId}/retry	Retry an Agent Pool update
AgentPoolsApi	stop_agent_pools_update	POST /api/v1/agentPools/{poolId}/updates/{updateId}/stop	Stop an Agent Pool update
AgentPoolsApi	update_agent_pools_update	POST /api/v1/agentPools/{poolId}/updates/{updateId}	Update an Agent Pool update by id
AgentPoolsApi	update_agent_pools_update_settings	POST /api/v1/agentPools/{poolId}/updates/settings	Update an Agent Pool update settings
ApiServiceIntegrationsApi	activate_api_service_integration_instance_secret	POST /integrations/api/v1/api-services/{apiServiceId}/credentials/secrets/{secretId}/lifecycle/activate	Activate an API Service Integration instance Secret
ApiServiceIntegrationsApi	create_api_service_integration_instance	POST /integrations/api/v1/api-services	Create an API Service Integration instance
ApiServiceIntegrationsApi	create_api_service_integration_instance_secret	POST /integrations/api/v1/api-services/{apiServiceId}/credentials/secrets	Create an API Service Integration instance Secret
ApiServiceIntegrationsApi	deactivate_api_service_integration_instance_secret	POST /integrations/api/v1/api-services/{apiServiceId}/credentials/secrets/{secretId}/lifecycle/deactivate	Deactivate an API Service Integration instance Secret
ApiServiceIntegrationsApi	delete_api_service_integration_instance	DELETE /integrations/api/v1/api-services/{apiServiceId}	Delete an API Service Integration instance
ApiServiceIntegrationsApi	delete_api_service_integration_instance_secret	DELETE /integrations/api/v1/api-services/{apiServiceId}/credentials/secrets/{secretId}	Delete an API Service Integration instance Secret
ApiServiceIntegrationsApi	get_api_service_integration_instance	GET /integrations/api/v1/api-services/{apiServiceId}	Retrieve an API Service Integration instance
ApiServiceIntegrationsApi	list_api_service_integration_instance_secrets	GET /integrations/api/v1/api-services/{apiServiceId}/credentials/secrets	List all API Service Integration instance Secrets
ApiServiceIntegrationsApi	list_api_service_integration_instances	GET /integrations/api/v1/api-services	List all API Service Integration instances
ApiTokenApi	get_api_token	GET /api/v1/api-tokens/{apiTokenId}	Retrieve an API Token's Metadata
ApiTokenApi	list_api_tokens	GET /api/v1/api-tokens	List all API Token Metadata
ApiTokenApi	revoke_api_token	DELETE /api/v1/api-tokens/{apiTokenId}	Revoke an API Token
ApiTokenApi	revoke_current_api_token	DELETE /api/v1/api-tokens/current	Revoke the Current API Token
ApplicationApi	activate_application	POST /api/v1/apps/{appId}/lifecycle/activate	Activate an Application
ApplicationApi	create_application	POST /api/v1/apps	Create an Application
ApplicationApi	deactivate_application	POST /api/v1/apps/{appId}/lifecycle/deactivate	Deactivate an Application
ApplicationApi	delete_application	DELETE /api/v1/apps/{appId}	Delete an Application
ApplicationApi	get_application	GET /api/v1/apps/{appId}	Retrieve an Application
ApplicationApi	list_applications	GET /api/v1/apps	List all Applications
ApplicationApi	replace_application	PUT /api/v1/apps/{appId}	Replace an Application
ApplicationConnectionsApi	activate_default_provisioning_connection_for_application	POST /api/v1/apps/{appId}/connections/default/lifecycle/activate	Activate the default Provisioning Connection
ApplicationConnectionsApi	deactivate_default_provisioning_connection_for_application	POST /api/v1/apps/{appId}/connections/default/lifecycle/deactivate	Deactivate the default Provisioning Connection
ApplicationConnectionsApi	get_default_provisioning_connection_for_application	GET /api/v1/apps/{appId}/connections/default	Retrieve the default Provisioning Connection
ApplicationConnectionsApi	update_default_provisioning_connection_for_application	POST /api/v1/apps/{appId}/connections/default	Update the default Provisioning Connection
ApplicationCredentialsApi	clone_application_key	POST /api/v1/apps/{appId}/credentials/keys/{keyId}/clone	Clone a Key Credential
ApplicationCredentialsApi	generate_application_key	POST /api/v1/apps/{appId}/credentials/keys/generate	Generate a Key Credential
ApplicationCredentialsApi	generate_csr_for_application	POST /api/v1/apps/{appId}/credentials/csrs	Generate a Certificate Signing Request
ApplicationCredentialsApi	get_application_key	GET /api/v1/apps/{appId}/credentials/keys/{keyId}	Retrieve a Key Credential
ApplicationCredentialsApi	get_csr_for_application	GET /api/v1/apps/{appId}/credentials/csrs/{csrId}	Retrieve a Certificate Signing Request
ApplicationCredentialsApi	list_application_keys	GET /api/v1/apps/{appId}/credentials/keys	List all Key Credentials
ApplicationCredentialsApi	list_csrs_for_application	GET /api/v1/apps/{appId}/credentials/csrs	List all Certificate Signing Requests
ApplicationCredentialsApi	publish_csr_from_application	POST /api/v1/apps/{appId}/credentials/csrs/{csrId}/lifecycle/publish	Publish a Certificate Signing Request
ApplicationCredentialsApi	revoke_csr_from_application	DELETE /api/v1/apps/{appId}/credentials/csrs/{csrId}	Revoke a Certificate Signing Request
ApplicationFeaturesApi	get_feature_for_application	GET /api/v1/apps/{appId}/features/{featureName}	Retrieve a Feature
ApplicationFeaturesApi	list_features_for_application	GET /api/v1/apps/{appId}/features	List all Features
ApplicationFeaturesApi	update_feature_for_application	PUT /api/v1/apps/{appId}/features/{featureName}	Update a Feature
ApplicationGrantsApi	get_scope_consent_grant	GET /api/v1/apps/{appId}/grants/{grantId}	Retrieve an app Grant
ApplicationGrantsApi	grant_consent_to_scope	POST /api/v1/apps/{appId}/grants	Grant consent to scope
ApplicationGrantsApi	list_scope_consent_grants	GET /api/v1/apps/{appId}/grants	List all app Grants
ApplicationGrantsApi	revoke_scope_consent_grant	DELETE /api/v1/apps/{appId}/grants/{grantId}	Revoke an app Grant
ApplicationGroupsApi	assign_group_to_application	PUT /api/v1/apps/{appId}/groups/{groupId}	Assign a Group
ApplicationGroupsApi	get_application_group_assignment	GET /api/v1/apps/{appId}/groups/{groupId}	Retrieve an Assigned Group
ApplicationGroupsApi	list_application_group_assignments	GET /api/v1/apps/{appId}/groups	List all Assigned Groups
ApplicationGroupsApi	unassign_application_from_group	DELETE /api/v1/apps/{appId}/groups/{groupId}	Unassign a Group
ApplicationLogosApi	upload_application_logo	POST /api/v1/apps/{appId}/logo	Upload an application Logo
ApplicationPoliciesApi	assign_application_policy	PUT /api/v1/apps/{appId}/policies/{policyId}	Assign an application to a Policy
ApplicationSSOApi	preview_sam_lmetadata_for_application	GET /api/v1/apps/${appId}/sso/saml/metadata	Preview the application SAML metadata
ApplicationTokensApi	get_o_auth2_token_for_application	GET /api/v1/apps/{appId}/tokens/{tokenId}	Retrieve an OAuth 2.0 Token
ApplicationTokensApi	list_o_auth2_tokens_for_application	GET /api/v1/apps/{appId}/tokens	List all OAuth 2.0 Tokens
ApplicationTokensApi	revoke_o_auth2_token_for_application	DELETE /api/v1/apps/{appId}/tokens/{tokenId}	Revoke an OAuth 2.0 Token
ApplicationTokensApi	revoke_o_auth2_tokens_for_application	DELETE /api/v1/apps/{appId}/tokens	Revoke all OAuth 2.0 Tokens
ApplicationUsersApi	assign_user_to_application	POST /api/v1/apps/{appId}/users	Assign a User
ApplicationUsersApi	get_application_user	GET /api/v1/apps/{appId}/users/{userId}	Retrieve an assigned User
ApplicationUsersApi	list_application_users	GET /api/v1/apps/{appId}/users	List all assigned Users
ApplicationUsersApi	unassign_user_from_application	DELETE /api/v1/apps/{appId}/users/{userId}	Unassign an App User
ApplicationUsersApi	update_application_user	POST /api/v1/apps/{appId}/users/{userId}	Update an App Profile for an assigned User
AttackProtectionApi	get_user_lockout_settings	GET /attack-protection/api/v1/user-lockout-settings	Retrieve the User Lockout Settings
AttackProtectionApi	replace_user_lockout_settings	PUT /attack-protection/api/v1/user-lockout-settings	Replace the User Lockout Settings
AuthenticatorApi	activate_authenticator	POST /api/v1/authenticators/{authenticatorId}/lifecycle/activate	Activate an Authenticator
AuthenticatorApi	activate_authenticator_method	POST /api/v1/authenticators/{authenticatorId}/methods/{methodType}/lifecycle/activate	Activate an Authenticator Method
AuthenticatorApi	create_authenticator	POST /api/v1/authenticators	Create an Authenticator
AuthenticatorApi	deactivate_authenticator	POST /api/v1/authenticators/{authenticatorId}/lifecycle/deactivate	Deactivate an Authenticator
AuthenticatorApi	deactivate_authenticator_method	POST /api/v1/authenticators/{authenticatorId}/methods/{methodType}/lifecycle/deactivate	Deactivate an Authenticator Method
AuthenticatorApi	get_authenticator	GET /api/v1/authenticators/{authenticatorId}	Retrieve an Authenticator
AuthenticatorApi	get_authenticator_method	GET /api/v1/authenticators/{authenticatorId}/methods/{methodType}	Retrieve a Method
AuthenticatorApi	get_well_known_app_authenticator_configuration	GET /.well-known/app-authenticator-configuration	Retrieve the Well-Known App Authenticator Configuration
AuthenticatorApi	list_authenticator_methods	GET /api/v1/authenticators/{authenticatorId}/methods	List all Methods of an Authenticator
AuthenticatorApi	list_authenticators	GET /api/v1/authenticators	List all Authenticators
AuthenticatorApi	replace_authenticator	PUT /api/v1/authenticators/{authenticatorId}	Replace an Authenticator
AuthenticatorApi	replace_authenticator_method	PUT /api/v1/authenticators/{authenticatorId}/methods/{methodType}	Replace a Method
AuthorizationServerApi	activate_authorization_server	POST /api/v1/authorizationServers/{authServerId}/lifecycle/activate	Activate an Authorization Server
AuthorizationServerApi	activate_authorization_server_policy	POST /api/v1/authorizationServers/{authServerId}/policies/{policyId}/lifecycle/activate	Activate a Policy
AuthorizationServerApi	activate_authorization_server_policy_rule	POST /api/v1/authorizationServers/{authServerId}/policies/{policyId}/rules/{ruleId}/lifecycle/activate	Activate a Policy Rule
AuthorizationServerApi	create_associated_servers	POST /api/v1/authorizationServers/{authServerId}/associatedServers	Create the Associated Authorization Servers
AuthorizationServerApi	create_authorization_server	POST /api/v1/authorizationServers	Create an Authorization Server
AuthorizationServerApi	create_authorization_server_policy	POST /api/v1/authorizationServers/{authServerId}/policies	Create a Policy
AuthorizationServerApi	create_authorization_server_policy_rule	POST /api/v1/authorizationServers/{authServerId}/policies/{policyId}/rules	Create a Policy Rule
AuthorizationServerApi	create_o_auth2_claim	POST /api/v1/authorizationServers/{authServerId}/claims	Create a Custom Token Claim
AuthorizationServerApi	create_o_auth2_scope	POST /api/v1/authorizationServers/{authServerId}/scopes	Create a Custom Token Scope
AuthorizationServerApi	deactivate_authorization_server	POST /api/v1/authorizationServers/{authServerId}/lifecycle/deactivate	Deactivate an Authorization Server
AuthorizationServerApi	deactivate_authorization_server_policy	POST /api/v1/authorizationServers/{authServerId}/policies/{policyId}/lifecycle/deactivate	Deactivate a Policy
AuthorizationServerApi	deactivate_authorization_server_policy_rule	POST /api/v1/authorizationServers/{authServerId}/policies/{policyId}/rules/{ruleId}/lifecycle/deactivate	Deactivate a Policy Rule
AuthorizationServerApi	delete_associated_server	DELETE /api/v1/authorizationServers/{authServerId}/associatedServers/{associatedServerId}	Delete an Associated Authorization Server
AuthorizationServerApi	delete_authorization_server	DELETE /api/v1/authorizationServers/{authServerId}	Delete an Authorization Server
AuthorizationServerApi	delete_authorization_server_policy	DELETE /api/v1/authorizationServers/{authServerId}/policies/{policyId}	Delete a Policy
AuthorizationServerApi	delete_authorization_server_policy_rule	DELETE /api/v1/authorizationServers/{authServerId}/policies/{policyId}/rules/{ruleId}	Delete a Policy Rule
AuthorizationServerApi	delete_o_auth2_claim	DELETE /api/v1/authorizationServers/{authServerId}/claims/{claimId}	Delete a Custom Token Claim
AuthorizationServerApi	delete_o_auth2_scope	DELETE /api/v1/authorizationServers/{authServerId}/scopes/{scopeId}	Delete a Custom Token Scope
AuthorizationServerApi	get_authorization_server	GET /api/v1/authorizationServers/{authServerId}	Retrieve an Authorization Server
AuthorizationServerApi	get_authorization_server_policy	GET /api/v1/authorizationServers/{authServerId}/policies/{policyId}	Retrieve a Policy
AuthorizationServerApi	get_authorization_server_policy_rule	GET /api/v1/authorizationServers/{authServerId}/policies/{policyId}/rules/{ruleId}	Retrieve a Policy Rule
AuthorizationServerApi	get_o_auth2_claim	GET /api/v1/authorizationServers/{authServerId}/claims/{claimId}	Retrieve a Custom Token Claim
AuthorizationServerApi	get_o_auth2_scope	GET /api/v1/authorizationServers/{authServerId}/scopes/{scopeId}	Retrieve a Custom Token Scope
AuthorizationServerApi	get_refresh_token_for_authorization_server_and_client	GET /api/v1/authorizationServers/{authServerId}/clients/{clientId}/tokens/{tokenId}	Retrieve a Refresh Token for a Client
AuthorizationServerApi	list_associated_servers_by_trusted_type	GET /api/v1/authorizationServers/{authServerId}/associatedServers	List all Associated Authorization Servers
AuthorizationServerApi	list_authorization_server_keys	GET /api/v1/authorizationServers/{authServerId}/credentials/keys	List all Credential Keys
AuthorizationServerApi	list_authorization_server_policies	GET /api/v1/authorizationServers/{authServerId}/policies	List all Policies
AuthorizationServerApi	list_authorization_server_policy_rules	GET /api/v1/authorizationServers/{authServerId}/policies/{policyId}/rules	List all Policy Rules
AuthorizationServerApi	list_authorization_servers	GET /api/v1/authorizationServers	List all Authorization Servers
AuthorizationServerApi	list_o_auth2_claims	GET /api/v1/authorizationServers/{authServerId}/claims	List all Custom Token Claims
AuthorizationServerApi	list_o_auth2_clients_for_authorization_server	GET /api/v1/authorizationServers/{authServerId}/clients	List all Clients
AuthorizationServerApi	list_o_auth2_scopes	GET /api/v1/authorizationServers/{authServerId}/scopes	List all Custom Token Scopes
AuthorizationServerApi	list_refresh_tokens_for_authorization_server_and_client	GET /api/v1/authorizationServers/{authServerId}/clients/{clientId}/tokens	List all Refresh Tokens for a Client
AuthorizationServerApi	replace_authorization_server	PUT /api/v1/authorizationServers/{authServerId}	Replace an Authorization Server
AuthorizationServerApi	replace_authorization_server_policy	PUT /api/v1/authorizationServers/{authServerId}/policies/{policyId}	Replace a Policy
AuthorizationServerApi	replace_authorization_server_policy_rule	PUT /api/v1/authorizationServers/{authServerId}/policies/{policyId}/rules/{ruleId}	Replace a Policy Rule
AuthorizationServerApi	replace_o_auth2_claim	PUT /api/v1/authorizationServers/{authServerId}/claims/{claimId}	Replace a Custom Token Claim
AuthorizationServerApi	replace_o_auth2_scope	PUT /api/v1/authorizationServers/{authServerId}/scopes/{scopeId}	Replace a Custom Token Scope
AuthorizationServerApi	revoke_refresh_token_for_authorization_server_and_client	DELETE /api/v1/authorizationServers/{authServerId}/clients/{clientId}/tokens/{tokenId}	Revoke a Refresh Token for a Client
AuthorizationServerApi	revoke_refresh_tokens_for_authorization_server_and_client	DELETE /api/v1/authorizationServers/{authServerId}/clients/{clientId}/tokens	Revoke all Refresh Tokens for a Client
AuthorizationServerApi	rotate_authorization_server_keys	POST /api/v1/authorizationServers/{authServerId}/credentials/lifecycle/keyRotate	Rotate all Credential Keys
BehaviorApi	activate_behavior_detection_rule	POST /api/v1/behaviors/{behaviorId}/lifecycle/activate	Activate a Behavior Detection Rule
BehaviorApi	create_behavior_detection_rule	POST /api/v1/behaviors	Create a Behavior Detection Rule
BehaviorApi	deactivate_behavior_detection_rule	POST /api/v1/behaviors/{behaviorId}/lifecycle/deactivate	Deactivate a Behavior Detection Rule
BehaviorApi	delete_behavior_detection_rule	DELETE /api/v1/behaviors/{behaviorId}	Delete a Behavior Detection Rule
BehaviorApi	get_behavior_detection_rule	GET /api/v1/behaviors/{behaviorId}	Retrieve a Behavior Detection Rule
BehaviorApi	list_behavior_detection_rules	GET /api/v1/behaviors	List all Behavior Detection Rules
BehaviorApi	replace_behavior_detection_rule	PUT /api/v1/behaviors/{behaviorId}	Replace a Behavior Detection Rule
CAPTCHAApi	create_captcha_instance	POST /api/v1/captchas	Create a CAPTCHA instance
CAPTCHAApi	delete_captcha_instance	DELETE /api/v1/captchas/{captchaId}	Delete a CAPTCHA Instance
CAPTCHAApi	delete_org_captcha_settings	DELETE /api/v1/org/captcha	Delete the Org-wide CAPTCHA Settings
CAPTCHAApi	get_captcha_instance	GET /api/v1/captchas/{captchaId}	Retrieve a CAPTCHA Instance
CAPTCHAApi	get_org_captcha_settings	GET /api/v1/org/captcha	Retrieve the Org-wide CAPTCHA Settings
CAPTCHAApi	list_captcha_instances	GET /api/v1/captchas	List all CAPTCHA Instances
CAPTCHAApi	replace_captcha_instance	PUT /api/v1/captchas/{captchaId}	Replace a CAPTCHA Instance
CAPTCHAApi	replaces_org_captcha_settings	PUT /api/v1/org/captcha	Replace the Org-wide CAPTCHA Settings
CAPTCHAApi	update_captcha_instance	POST /api/v1/captchas/{captchaId}	Update a CAPTCHA Instance
CustomDomainApi	delete_custom_domain	DELETE /api/v1/domains/{domainId}	Delete a Custom Domain
CustomDomainApi	get_custom_domain	GET /api/v1/domains/{domainId}	Retrieve a Custom Domain
CustomDomainApi	list_custom_domains	GET /api/v1/domains	List all Custom Domains
CustomDomainApi	replace_custom_domain	PUT /api/v1/domains/{domainId}	Replace a Custom Domain's Brand
CustomDomainApi	upsert_certificate	PUT /api/v1/domains/{domainId}/certificate	Upsert the Custom Domain's Certificate
CustomDomainApi	verify_domain	POST /api/v1/domains/{domainId}/verify	Verify a Custom Domain
CustomizationApi	create_brand	POST /api/v1/brands	Create a Brand
CustomizationApi	create_email_customization	POST /api/v1/brands/{brandId}/templates/email/{templateName}/customizations	Create an Email Customization
CustomizationApi	delete_all_customizations	DELETE /api/v1/brands/{brandId}/templates/email/{templateName}/customizations	Delete all Email Customizations
CustomizationApi	delete_brand	DELETE /api/v1/brands/{brandId}	Delete a brand
CustomizationApi	delete_brand_theme_background_image	DELETE /api/v1/brands/{brandId}/themes/{themeId}/background-image	Delete the Background Image
CustomizationApi	delete_brand_theme_favicon	DELETE /api/v1/brands/{brandId}/themes/{themeId}/favicon	Delete the Favicon
CustomizationApi	delete_brand_theme_logo	DELETE /api/v1/brands/{brandId}/themes/{themeId}/logo	Delete the Logo
CustomizationApi	delete_customized_error_page	DELETE /api/v1/brands/{brandId}/pages/error/customized	Delete the Customized Error Page
CustomizationApi	delete_customized_sign_in_page	DELETE /api/v1/brands/{brandId}/pages/sign-in/customized	Delete the Customized Sign-in Page
CustomizationApi	delete_email_customization	DELETE /api/v1/brands/{brandId}/templates/email/{templateName}/customizations/{customizationId}	Delete an Email Customization
CustomizationApi	delete_preview_error_page	DELETE /api/v1/brands/{brandId}/pages/error/preview	Delete the Preview Error Page
CustomizationApi	delete_preview_sign_in_page	DELETE /api/v1/brands/{brandId}/pages/sign-in/preview	Delete the Preview Sign-in Page
CustomizationApi	get_brand	GET /api/v1/brands/{brandId}	Retrieve a Brand
CustomizationApi	get_brand_theme	GET /api/v1/brands/{brandId}/themes/{themeId}	Retrieve a Theme
CustomizationApi	get_customization_preview	GET /api/v1/brands/{brandId}/templates/email/{templateName}/customizations/{customizationId}/preview	Retrieve a Preview of an Email Customization
CustomizationApi	get_customized_error_page	GET /api/v1/brands/{brandId}/pages/error/customized	Retrieve the Customized Error Page
CustomizationApi	get_customized_sign_in_page	GET /api/v1/brands/{brandId}/pages/sign-in/customized	Retrieve the Customized Sign-in Page
CustomizationApi	get_default_error_page	GET /api/v1/brands/{brandId}/pages/error/default	Retrieve the Default Error Page
CustomizationApi	get_default_sign_in_page	GET /api/v1/brands/{brandId}/pages/sign-in/default	Retrieve the Default Sign-in Page
CustomizationApi	get_email_customization	GET /api/v1/brands/{brandId}/templates/email/{templateName}/customizations/{customizationId}	Retrieve an Email Customization
CustomizationApi	get_email_default_content	GET /api/v1/brands/{brandId}/templates/email/{templateName}/default-content	Retrieve an Email Template Default Content
CustomizationApi	get_email_default_preview	GET /api/v1/brands/{brandId}/templates/email/{templateName}/default-content/preview	Retrieve a Preview of the Email Template Default Content
CustomizationApi	get_email_settings	GET /api/v1/brands/{brandId}/templates/email/{templateName}/settings	Retrieve the Email Template Settings
CustomizationApi	get_email_template	GET /api/v1/brands/{brandId}/templates/email/{templateName}	Retrieve an Email Template
CustomizationApi	get_error_page	GET /api/v1/brands/{brandId}/pages/error	Retrieve the Error Page Sub-Resources
CustomizationApi	get_preview_error_page	GET /api/v1/brands/{brandId}/pages/error/preview	Retrieve the Preview Error Page Preview
CustomizationApi	get_preview_sign_in_page	GET /api/v1/brands/{brandId}/pages/sign-in/preview	Retrieve the Preview Sign-in Page Preview
CustomizationApi	get_sign_in_page	GET /api/v1/brands/{brandId}/pages/sign-in	Retrieve the Sign-in Page Sub-Resources
CustomizationApi	get_sign_out_page_settings	GET /api/v1/brands/{brandId}/pages/sign-out/customized	Retrieve the Sign-out Page Settings
CustomizationApi	list_all_sign_in_widget_versions	GET /api/v1/brands/{brandId}/pages/sign-in/widget-versions	List all Sign-in Widget Versions
CustomizationApi	list_brand_domains	GET /api/v1/brands/{brandId}/domains	List all Domains associated with a Brand
CustomizationApi	list_brand_themes	GET /api/v1/brands/{brandId}/themes	List all Themes
CustomizationApi	list_brands	GET /api/v1/brands	List all Brands
CustomizationApi	list_email_customizations	GET /api/v1/brands/{brandId}/templates/email/{templateName}/customizations	List all Email Customizations
CustomizationApi	list_email_templates	GET /api/v1/brands/{brandId}/templates/email	List all Email Templates
CustomizationApi	replace_brand	PUT /api/v1/brands/{brandId}	Replace a Brand
CustomizationApi	replace_brand_theme	PUT /api/v1/brands/{brandId}/themes/{themeId}	Replace a Theme
CustomizationApi	replace_customized_error_page	PUT /api/v1/brands/{brandId}/pages/error/customized	Replace the Customized Error Page
CustomizationApi	replace_customized_sign_in_page	PUT /api/v1/brands/{brandId}/pages/sign-in/customized	Replace the Customized Sign-in Page
CustomizationApi	replace_email_customization	PUT /api/v1/brands/{brandId}/templates/email/{templateName}/customizations/{customizationId}	Replace an Email Customization
CustomizationApi	replace_email_settings	PUT /api/v1/brands/{brandId}/templates/email/{templateName}/settings	Replace the Email Template Settings
CustomizationApi	replace_preview_error_page	PUT /api/v1/brands/{brandId}/pages/error/preview	Replace the Preview Error Page
CustomizationApi	replace_preview_sign_in_page	PUT /api/v1/brands/{brandId}/pages/sign-in/preview	Replace the Preview Sign-in Page
CustomizationApi	replace_sign_out_page_settings	PUT /api/v1/brands/{brandId}/pages/sign-out/customized	Replace the Sign-out Page Settings
CustomizationApi	send_test_email	POST /api/v1/brands/{brandId}/templates/email/{templateName}/test	Send a Test Email
CustomizationApi	upload_brand_theme_background_image	POST /api/v1/brands/{brandId}/themes/{themeId}/background-image	Upload the Background Image
CustomizationApi	upload_brand_theme_favicon	POST /api/v1/brands/{brandId}/themes/{themeId}/favicon	Upload the Favicon
CustomizationApi	upload_brand_theme_logo	POST /api/v1/brands/{brandId}/themes/{themeId}/logo	Upload the Logo
DeviceApi	activate_device	POST /api/v1/devices/{deviceId}/lifecycle/activate	Activate a Device
DeviceApi	deactivate_device	POST /api/v1/devices/{deviceId}/lifecycle/deactivate	Deactivate a Device
DeviceApi	delete_device	DELETE /api/v1/devices/{deviceId}	Delete a Device
DeviceApi	get_device	GET /api/v1/devices/{deviceId}	Retrieve a Device
DeviceApi	list_device_users	GET /api/v1/devices/{deviceId}/users	List all Users for a Device
DeviceApi	list_devices	GET /api/v1/devices	List all Devices
DeviceApi	suspend_device	POST /api/v1/devices/{deviceId}/lifecycle/suspend	Suspend a Device
DeviceApi	unsuspend_device	POST /api/v1/devices/{deviceId}/lifecycle/unsuspend	Unsuspend a Device
DeviceAssuranceApi	create_device_assurance_policy	POST /api/v1/device-assurances	Create a Device Assurance Policy
DeviceAssuranceApi	delete_device_assurance_policy	DELETE /api/v1/device-assurances/{deviceAssuranceId}	Delete a Device Assurance Policy
DeviceAssuranceApi	get_device_assurance_policy	GET /api/v1/device-assurances/{deviceAssuranceId}	Retrieve a Device Assurance Policy
DeviceAssuranceApi	list_device_assurance_policies	GET /api/v1/device-assurances	List all Device Assurance Policies
DeviceAssuranceApi	replace_device_assurance_policy	PUT /api/v1/device-assurances/{deviceAssuranceId}	Replace a Device Assurance Policy
EmailDomainApi	create_email_domain	POST /api/v1/email-domains	Create an Email Domain
EmailDomainApi	delete_email_domain	DELETE /api/v1/email-domains/{emailDomainId}	Delete an Email Domain
EmailDomainApi	get_email_domain	GET /api/v1/email-domains/{emailDomainId}	Retrieve an Email Domain
EmailDomainApi	list_email_domains	GET /api/v1/email-domains	List all Email Domains
EmailDomainApi	replace_email_domain	PUT /api/v1/email-domains/{emailDomainId}	Replace an Email Domain
EmailDomainApi	verify_email_domain	POST /api/v1/email-domains/{emailDomainId}/verify	Verify an Email Domain
EmailServerApi	create_email_server	POST /api/v1/email-servers	Create a custom SMTP server
EmailServerApi	delete_email_server	DELETE /api/v1/email-servers/{emailServerId}	Delete an SMTP Server configuration
EmailServerApi	get_email_server	GET /api/v1/email-servers/{emailServerId}	Retrieve an SMTP Server configuration
EmailServerApi	list_email_servers	GET /api/v1/email-servers	List all enrolled SMTP servers
EmailServerApi	test_email_server	POST /api/v1/email-servers/{emailServerId}/test	Test an SMTP Server configuration
EmailServerApi	update_email_server	PATCH /api/v1/email-servers/{emailServerId}	Update an SMTP Server configuration
EventHookApi	activate_event_hook	POST /api/v1/eventHooks/{eventHookId}/lifecycle/activate	Activate an Event Hook
EventHookApi	create_event_hook	POST /api/v1/eventHooks	Create an Event Hook
EventHookApi	deactivate_event_hook	POST /api/v1/eventHooks/{eventHookId}/lifecycle/deactivate	Deactivate an Event Hook
EventHookApi	delete_event_hook	DELETE /api/v1/eventHooks/{eventHookId}	Delete an Event Hook
EventHookApi	get_event_hook	GET /api/v1/eventHooks/{eventHookId}	Retrieve an Event Hook
EventHookApi	list_event_hooks	GET /api/v1/eventHooks	List all Event Hooks
EventHookApi	replace_event_hook	PUT /api/v1/eventHooks/{eventHookId}	Replace an Event Hook
EventHookApi	verify_event_hook	POST /api/v1/eventHooks/{eventHookId}/lifecycle/verify	Verify an Event Hook
FeatureApi	get_feature	GET /api/v1/features/{featureId}	Retrieve a Feature
FeatureApi	list_feature_dependencies	GET /api/v1/features/{featureId}/dependencies	List all Dependencies
FeatureApi	list_feature_dependents	GET /api/v1/features/{featureId}/dependents	List all Dependents
FeatureApi	list_features	GET /api/v1/features	List all Features
FeatureApi	update_feature_lifecycle	POST /api/v1/features/{featureId}/{lifecycle}	Update a Feature Lifecycle
GroupApi	activate_group_rule	POST /api/v1/groups/rules/{groupRuleId}/lifecycle/activate	Activate a Group Rule
GroupApi	assign_group_owner	POST /api/v1/groups/{groupId}/owners	Assign a Group Owner
GroupApi	assign_user_to_group	PUT /api/v1/groups/{groupId}/users/{userId}	Assign a User
GroupApi	create_group	POST /api/v1/groups	Create a Group
GroupApi	create_group_rule	POST /api/v1/groups/rules	Create a Group Rule
GroupApi	deactivate_group_rule	POST /api/v1/groups/rules/{groupRuleId}/lifecycle/deactivate	Deactivate a Group Rule
GroupApi	delete_group	DELETE /api/v1/groups/{groupId}	Delete a Group
GroupApi	delete_group_owner	DELETE /api/v1/groups/{groupId}/owners/{ownerId}	Delete a Group Owner
GroupApi	delete_group_rule	DELETE /api/v1/groups/rules/{groupRuleId}	Delete a group Rule
GroupApi	get_group	GET /api/v1/groups/{groupId}	Retrieve a Group
GroupApi	get_group_rule	GET /api/v1/groups/rules/{groupRuleId}	Retrieve a Group Rule
GroupApi	list_assigned_applications_for_group	GET /api/v1/groups/{groupId}/apps	List all Assigned Applications
GroupApi	list_group_owners	GET /api/v1/groups/{groupId}/owners	List all Group Owners
GroupApi	list_group_rules	GET /api/v1/groups/rules	List all Group Rules
GroupApi	list_group_users	GET /api/v1/groups/{groupId}/users	List all Member Users
GroupApi	list_groups	GET /api/v1/groups	List all Groups
GroupApi	replace_group	PUT /api/v1/groups/{groupId}	Replace a Group
GroupApi	replace_group_rule	PUT /api/v1/groups/rules/{groupRuleId}	Replace a Group Rule
GroupApi	unassign_user_from_group	DELETE /api/v1/groups/{groupId}/users/{userId}	Unassign a User
HookKeyApi	create_hook_key	POST /api/v1/hook-keys	Create a key
HookKeyApi	delete_hook_key	DELETE /api/v1/hook-keys/{hookKeyId}	Delete a key
HookKeyApi	get_hook_key	GET /api/v1/hook-keys/{hookKeyId}	Retrieve a key
HookKeyApi	get_public_key	GET /api/v1/hook-keys/public/{publicKeyId}	Retrieve a public key
HookKeyApi	list_hook_keys	GET /api/v1/hook-keys	List all keys
HookKeyApi	replace_hook_key	PUT /api/v1/hook-keys/{hookKeyId}	Replace a key
IdentityProviderApi	activate_identity_provider	POST /api/v1/idps/{idpId}/lifecycle/activate	Activate an Identity Provider
IdentityProviderApi	clone_identity_provider_key	POST /api/v1/idps/{idpId}/credentials/keys/{idpKeyId}/clone	Clone a Signing Credential Key
IdentityProviderApi	create_identity_provider	POST /api/v1/idps	Create an Identity Provider
IdentityProviderApi	create_identity_provider_key	POST /api/v1/idps/credentials/keys	Create an X.509 Certificate Public Key
IdentityProviderApi	deactivate_identity_provider	POST /api/v1/idps/{idpId}/lifecycle/deactivate	Deactivate an Identity Provider
IdentityProviderApi	delete_identity_provider	DELETE /api/v1/idps/{idpId}	Delete an Identity Provider
IdentityProviderApi	delete_identity_provider_key	DELETE /api/v1/idps/credentials/keys/{idpKeyId}	Delete a Signing Credential Key
IdentityProviderApi	generate_csr_for_identity_provider	POST /api/v1/idps/{idpId}/credentials/csrs	Generate a Certificate Signing Request
IdentityProviderApi	generate_identity_provider_signing_key	POST /api/v1/idps/{idpId}/credentials/keys/generate	Generate a new Signing Credential Key
IdentityProviderApi	get_csr_for_identity_provider	GET /api/v1/idps/{idpId}/credentials/csrs/{idpCsrId}	Retrieve a Certificate Signing Request
IdentityProviderApi	get_identity_provider	GET /api/v1/idps/{idpId}	Retrieve an Identity Provider
IdentityProviderApi	get_identity_provider_application_user	GET /api/v1/idps/{idpId}/users/{userId}	Retrieve a User
IdentityProviderApi	get_identity_provider_key	GET /api/v1/idps/credentials/keys/{idpKeyId}	Retrieve an Credential Key
IdentityProviderApi	get_identity_provider_signing_key	GET /api/v1/idps/{idpId}/credentials/keys/{idpKeyId}	Retrieve a Signing Credential Key
IdentityProviderApi	link_user_to_identity_provider	POST /api/v1/idps/{idpId}/users/{userId}	Link a User to a Social IdP
IdentityProviderApi	list_csrs_for_identity_provider	GET /api/v1/idps/{idpId}/credentials/csrs	List all Certificate Signing Requests
IdentityProviderApi	list_identity_provider_application_users	GET /api/v1/idps/{idpId}/users	List all Users
IdentityProviderApi	list_identity_provider_keys	GET /api/v1/idps/credentials/keys	List all Credential Keys
IdentityProviderApi	list_identity_provider_signing_keys	GET /api/v1/idps/{idpId}/credentials/keys	List all Signing Credential Keys
IdentityProviderApi	list_identity_providers	GET /api/v1/idps	List all Identity Providers
IdentityProviderApi	list_social_auth_tokens	GET /api/v1/idps/{idpId}/users/{userId}/credentials/tokens	List all Tokens from a OIDC Identity Provider
IdentityProviderApi	publish_csr_for_identity_provider	POST /api/v1/idps/{idpId}/credentials/csrs/{idpCsrId}/lifecycle/publish	Publish a Certificate Signing Request
IdentityProviderApi	replace_identity_provider	PUT /api/v1/idps/{idpId}	Replace an Identity Provider
IdentityProviderApi	revoke_csr_for_identity_provider	DELETE /api/v1/idps/{idpId}/credentials/csrs/{idpCsrId}	Revoke a Certificate Signing Request
IdentityProviderApi	unlink_user_from_identity_provider	DELETE /api/v1/idps/{idpId}/users/{userId}	Unlink a User from IdP
IdentitySourceApi	create_identity_source_session	POST /api/v1/identity-sources/{identitySourceId}/sessions	Create an Identity Source Session
IdentitySourceApi	delete_identity_source_session	DELETE /api/v1/identity-sources/{identitySourceId}/sessions/{sessionId}	Delete an Identity Source Session
IdentitySourceApi	get_identity_source_session	GET /api/v1/identity-sources/{identitySourceId}/sessions/{sessionId}	Retrieve an Identity Source Session
IdentitySourceApi	list_identity_source_sessions	GET /api/v1/identity-sources/{identitySourceId}/sessions	List all Identity Source Sessions
IdentitySourceApi	start_import_from_identity_source	POST /api/v1/identity-sources/{identitySourceId}/sessions/{sessionId}/start-import	Start the import from the Identity Source
IdentitySourceApi	upload_identity_source_data_for_delete	POST /api/v1/identity-sources/{identitySourceId}/sessions/{sessionId}/bulk-delete	Upload the data to be deleted in Okta
IdentitySourceApi	upload_identity_source_data_for_upsert	POST /api/v1/identity-sources/{identitySourceId}/sessions/{sessionId}/bulk-upsert	Upload the data to be upserted in Okta
InlineHookApi	activate_inline_hook	POST /api/v1/inlineHooks/{inlineHookId}/lifecycle/activate	Activate an Inline Hook
InlineHookApi	create_inline_hook	POST /api/v1/inlineHooks	Create an Inline Hook
InlineHookApi	deactivate_inline_hook	POST /api/v1/inlineHooks/{inlineHookId}/lifecycle/deactivate	Deactivate an Inline Hook
InlineHookApi	delete_inline_hook	DELETE /api/v1/inlineHooks/{inlineHookId}	Delete an Inline Hook
InlineHookApi	execute_inline_hook	POST /api/v1/inlineHooks/{inlineHookId}/execute	Execute an Inline Hook
InlineHookApi	get_inline_hook	GET /api/v1/inlineHooks/{inlineHookId}	Retrieve an Inline Hook
InlineHookApi	list_inline_hooks	GET /api/v1/inlineHooks	List all Inline Hooks
InlineHookApi	replace_inline_hook	PUT /api/v1/inlineHooks/{inlineHookId}	Replace an Inline Hook
LinkedObjectApi	create_linked_object_definition	POST /api/v1/meta/schemas/user/linkedObjects	Create a Linked Object Definition
LinkedObjectApi	delete_linked_object_definition	DELETE /api/v1/meta/schemas/user/linkedObjects/{linkedObjectName}	Delete a Linked Object Definition
LinkedObjectApi	get_linked_object_definition	GET /api/v1/meta/schemas/user/linkedObjects/{linkedObjectName}	Retrieve a Linked Object Definition
LinkedObjectApi	list_linked_object_definitions	GET /api/v1/meta/schemas/user/linkedObjects	List all Linked Object Definitions
LogStreamApi	activate_log_stream	POST /api/v1/logStreams/{logStreamId}/lifecycle/activate	Activate a Log Stream
LogStreamApi	create_log_stream	POST /api/v1/logStreams	Create a Log Stream
LogStreamApi	deactivate_log_stream	POST /api/v1/logStreams/{logStreamId}/lifecycle/deactivate	Deactivate a Log Stream
LogStreamApi	delete_log_stream	DELETE /api/v1/logStreams/{logStreamId}	Delete a Log Stream
LogStreamApi	get_log_stream	GET /api/v1/logStreams/{logStreamId}	Retrieve a Log Stream
LogStreamApi	list_log_streams	GET /api/v1/logStreams	List all Log Streams
LogStreamApi	replace_log_stream	PUT /api/v1/logStreams/{logStreamId}	Replace a Log Stream
NetworkZoneApi	activate_network_zone	POST /api/v1/zones/{zoneId}/lifecycle/activate	Activate a Network Zone
NetworkZoneApi	create_network_zone	POST /api/v1/zones	Create a Network Zone
NetworkZoneApi	deactivate_network_zone	POST /api/v1/zones/{zoneId}/lifecycle/deactivate	Deactivate a Network Zone
NetworkZoneApi	delete_network_zone	DELETE /api/v1/zones/{zoneId}	Delete a Network Zone
NetworkZoneApi	get_network_zone	GET /api/v1/zones/{zoneId}	Retrieve a Network Zone
NetworkZoneApi	list_network_zones	GET /api/v1/zones	List all Network Zones
NetworkZoneApi	replace_network_zone	PUT /api/v1/zones/{zoneId}	Replace a Network Zone
OrgSettingApi	bulk_remove_email_address_bounces	POST /api/v1/org/email/bounces/remove-list	Remove Emails from Email Provider Bounce List
OrgSettingApi	extend_okta_support	POST /api/v1/org/privacy/oktaSupport/extend	Extend Okta Support Access
OrgSettingApi	get_okta_communication_settings	GET /api/v1/org/privacy/oktaCommunication	Retrieve the Okta Communication Settings
OrgSettingApi	get_org_contact_types	GET /api/v1/org/contacts	Retrieve the Org Contact Types
OrgSettingApi	get_org_contact_user	GET /api/v1/org/contacts/{contactType}	Retrieve the User of the Contact Type
OrgSettingApi	get_org_okta_support_settings	GET /api/v1/org/privacy/oktaSupport	Retrieve the Okta Support Settings
OrgSettingApi	get_org_preferences	GET /api/v1/org/preferences	Retrieve the Org Preferences
OrgSettingApi	get_org_settings	GET /api/v1/org	Retrieve the Org Settings
OrgSettingApi	get_wellknown_org_metadata	GET /.well-known/okta-organization	Retrieve the Well-Known Org Metadata
OrgSettingApi	grant_okta_support	POST /api/v1/org/privacy/oktaSupport/grant	Grant Okta Support Access to your Org
OrgSettingApi	opt_in_users_to_okta_communication_emails	POST /api/v1/org/privacy/oktaCommunication/optIn	Opt in all Users to Okta Communication emails
OrgSettingApi	opt_out_users_from_okta_communication_emails	POST /api/v1/org/privacy/oktaCommunication/optOut	Opt out all Users from Okta Communication emails
OrgSettingApi	replace_org_contact_user	PUT /api/v1/org/contacts/{contactType}	Replace the User of the Contact Type
OrgSettingApi	replace_org_settings	PUT /api/v1/org	Replace the Org Settings
OrgSettingApi	revoke_okta_support	POST /api/v1/org/privacy/oktaSupport/revoke	Revoke Okta Support Access
OrgSettingApi	update_org_hide_okta_ui_footer	POST /api/v1/org/preferences/hideEndUserFooter	Update the Preference to Hide the Okta Dashboard Footer
OrgSettingApi	update_org_settings	POST /api/v1/org	Update the Org Settings
OrgSettingApi	update_org_show_okta_ui_footer	POST /api/v1/org/preferences/showEndUserFooter	Update the Preference to Show the Okta Dashboard Footer
OrgSettingApi	upload_org_logo	POST /api/v1/org/logo	Upload the Org Logo
PolicyApi	activate_policy	POST /api/v1/policies/{policyId}/lifecycle/activate	Activate a Policy
PolicyApi	activate_policy_rule	POST /api/v1/policies/{policyId}/rules/{ruleId}/lifecycle/activate	Activate a Policy Rule
PolicyApi	clone_policy	POST /api/v1/policies/{policyId}/clone	Clone an existing Policy
PolicyApi	create_policy	POST /api/v1/policies	Create a Policy
PolicyApi	create_policy_rule	POST /api/v1/policies/{policyId}/rules	Create a Policy Rule
PolicyApi	create_policy_simulation	POST /api/v1/policies/simulate	Create a Policy Simulation
PolicyApi	deactivate_policy	POST /api/v1/policies/{policyId}/lifecycle/deactivate	Deactivate a Policy
PolicyApi	deactivate_policy_rule	POST /api/v1/policies/{policyId}/rules/{ruleId}/lifecycle/deactivate	Deactivate a Policy Rule
PolicyApi	delete_policy	DELETE /api/v1/policies/{policyId}	Delete a Policy
PolicyApi	delete_policy_resource_mapping	DELETE /api/v1/policies/{policyId}/mappings/{mappingId}	Delete a policy resource Mapping
PolicyApi	delete_policy_rule	DELETE /api/v1/policies/{policyId}/rules/{ruleId}	Delete a Policy Rule
PolicyApi	get_policy	GET /api/v1/policies/{policyId}	Retrieve a Policy
PolicyApi	get_policy_mapping	GET /api/v1/policies/{policyId}/mappings/{mappingId}	Retrieve a policy resource Mapping
PolicyApi	get_policy_rule	GET /api/v1/policies/{policyId}/rules/{ruleId}	Retrieve a Policy Rule
PolicyApi	list_policies	GET /api/v1/policies	List all Policies
PolicyApi	list_policy_apps	GET /api/v1/policies/{policyId}/app	List all Applications mapped to a Policy
PolicyApi	list_policy_mappings	GET /api/v1/policies/{policyId}/mappings	List all resources mapped to a Policy
PolicyApi	list_policy_rules	GET /api/v1/policies/{policyId}/rules	List all Policy Rules
PolicyApi	map_resource_to_policy	POST /api/v1/policies/{policyId}/mappings	Map a resource to a Policy
PolicyApi	replace_policy	PUT /api/v1/policies/{policyId}	Replace a Policy
PolicyApi	replace_policy_rule	PUT /api/v1/policies/{policyId}/rules/{ruleId}	Replace a Policy Rule
PrincipalRateLimitApi	create_principal_rate_limit_entity	POST /api/v1/principal-rate-limits	Create a Principal Rate Limit
PrincipalRateLimitApi	get_principal_rate_limit_entity	GET /api/v1/principal-rate-limits/{principalRateLimitId}	Retrieve a Principal Rate Limit
PrincipalRateLimitApi	list_principal_rate_limit_entities	GET /api/v1/principal-rate-limits	List all Principal Rate Limits
PrincipalRateLimitApi	replace_principal_rate_limit_entity	PUT /api/v1/principal-rate-limits/{principalRateLimitId}	Replace a Principal Rate Limit
ProfileMappingApi	get_profile_mapping	GET /api/v1/mappings/{mappingId}	Retrieve a Profile Mapping
ProfileMappingApi	list_profile_mappings	GET /api/v1/mappings	List all Profile Mappings
ProfileMappingApi	update_profile_mapping	POST /api/v1/mappings/{mappingId}	Update a Profile Mapping
PushProviderApi	create_push_provider	POST /api/v1/push-providers	Create a Push Provider
PushProviderApi	delete_push_provider	DELETE /api/v1/push-providers/{pushProviderId}	Delete a Push Provider
PushProviderApi	get_push_provider	GET /api/v1/push-providers/{pushProviderId}	Retrieve a Push Provider
PushProviderApi	list_push_providers	GET /api/v1/push-providers	List all Push Providers
PushProviderApi	replace_push_provider	PUT /api/v1/push-providers/{pushProviderId}	Replace a Push Provider
RateLimitSettingsApi	get_rate_limit_settings_admin_notifications	GET /api/v1/rate-limit-settings/admin-notifications	Retrieve the Rate Limit Admin Notification Settings
RateLimitSettingsApi	get_rate_limit_settings_per_client	GET /api/v1/rate-limit-settings/per-client	Retrieve the Per-Client Rate Limit Settings
RateLimitSettingsApi	get_rate_limit_settings_warning_threshold	GET /api/v1/rate-limit-settings/warning-threshold	Retrieve the Rate Limit Warning Threshold Percentage
RateLimitSettingsApi	replace_rate_limit_settings_admin_notifications	PUT /api/v1/rate-limit-settings/admin-notifications	Replace the Rate Limit Admin Notification Settings
RateLimitSettingsApi	replace_rate_limit_settings_per_client	PUT /api/v1/rate-limit-settings/per-client	Replace the Per-Client Rate Limit Settings
RateLimitSettingsApi	replace_rate_limit_settings_warning_threshold	PUT /api/v1/rate-limit-settings/warning-threshold	Replace the Rate Limit Warning Threshold Percentage
RealmApi	create_realm	POST /api/v1/realms	Create a Realm
RealmApi	delete_realm	DELETE /api/v1/realms/{realmId}	Delete a Realm
RealmApi	get_realm	GET /api/v1/realms/{realmId}	Retrieve a Realm
RealmApi	list_realms	GET /api/v1/realms	List all Realms
RealmApi	update_realm	POST /api/v1/realms/{realmId}	Update a Realm
ResourceSetApi	add_members_to_binding	PATCH /api/v1/iam/resource-sets/{resourceSetId}/bindings/{roleIdOrLabel}/members	Add more Members to a binding
ResourceSetApi	add_resource_set_resource	PATCH /api/v1/iam/resource-sets/{resourceSetId}/resources	Add more Resource to a Resource Set
ResourceSetApi	create_resource_set	POST /api/v1/iam/resource-sets	Create a Resource Set
ResourceSetApi	create_resource_set_binding	POST /api/v1/iam/resource-sets/{resourceSetId}/bindings	Create a Resource Set Binding
ResourceSetApi	delete_binding	DELETE /api/v1/iam/resource-sets/{resourceSetId}/bindings/{roleIdOrLabel}	Delete a Binding
ResourceSetApi	delete_resource_set	DELETE /api/v1/iam/resource-sets/{resourceSetId}	Delete a Resource Set
ResourceSetApi	delete_resource_set_resource	DELETE /api/v1/iam/resource-sets/{resourceSetId}/resources/{resourceId}	Delete a Resource from a Resource Set
ResourceSetApi	get_binding	GET /api/v1/iam/resource-sets/{resourceSetId}/bindings/{roleIdOrLabel}	Retrieve a Binding
ResourceSetApi	get_member_of_binding	GET /api/v1/iam/resource-sets/{resourceSetId}/bindings/{roleIdOrLabel}/members/{memberId}	Retrieve a Member of a binding
ResourceSetApi	get_resource_set	GET /api/v1/iam/resource-sets/{resourceSetId}	Retrieve a Resource Set
ResourceSetApi	list_bindings	GET /api/v1/iam/resource-sets/{resourceSetId}/bindings	List all Bindings
ResourceSetApi	list_members_of_binding	GET /api/v1/iam/resource-sets/{resourceSetId}/bindings/{roleIdOrLabel}/members	List all Members of a binding
ResourceSetApi	list_resource_set_resources	GET /api/v1/iam/resource-sets/{resourceSetId}/resources	List all Resources of a Resource Set
ResourceSetApi	list_resource_sets	GET /api/v1/iam/resource-sets	List all Resource Sets
ResourceSetApi	replace_resource_set	PUT /api/v1/iam/resource-sets/{resourceSetId}	Replace a Resource Set
ResourceSetApi	unassign_member_from_binding	DELETE /api/v1/iam/resource-sets/{resourceSetId}/bindings/{roleIdOrLabel}/members/{memberId}	Unassign a Member from a binding
RiskEventApi	send_risk_events	POST /api/v1/risk/events/ip	Send multiple Risk Events
RiskProviderApi	create_risk_provider	POST /api/v1/risk/providers	Create a Risk Provider
RiskProviderApi	delete_risk_provider	DELETE /api/v1/risk/providers/{riskProviderId}	Delete a Risk Provider
RiskProviderApi	get_risk_provider	GET /api/v1/risk/providers/{riskProviderId}	Retrieve a Risk Provider
RiskProviderApi	list_risk_providers	GET /api/v1/risk/providers	List all Risk Providers
RiskProviderApi	replace_risk_provider	PUT /api/v1/risk/providers/{riskProviderId}	Replace a Risk Provider
RoleApi	create_role	POST /api/v1/iam/roles	Create a Role
RoleApi	create_role_permission	POST /api/v1/iam/roles/{roleIdOrLabel}/permissions/{permissionType}	Create a Permission
RoleApi	delete_role	DELETE /api/v1/iam/roles/{roleIdOrLabel}	Delete a Role
RoleApi	delete_role_permission	DELETE /api/v1/iam/roles/{roleIdOrLabel}/permissions/{permissionType}	Delete a Permission
RoleApi	get_role	GET /api/v1/iam/roles/{roleIdOrLabel}	Retrieve a Role
RoleApi	get_role_permission	GET /api/v1/iam/roles/{roleIdOrLabel}/permissions/{permissionType}	Retrieve a Permission
RoleApi	list_role_permissions	GET /api/v1/iam/roles/{roleIdOrLabel}/permissions	List all Permissions
RoleApi	list_roles	GET /api/v1/iam/roles	List all Roles
RoleApi	replace_role	PUT /api/v1/iam/roles/{roleIdOrLabel}	Replace a Role
RoleApi	replace_role_permission	PUT /api/v1/iam/roles/{roleIdOrLabel}/permissions/{permissionType}	Replace a Permission
RoleAssignmentApi	assign_role_to_group	POST /api/v1/groups/{groupId}/roles	Assign a Role to a Group
RoleAssignmentApi	assign_role_to_user	POST /api/v1/users/{userId}/roles	Assign a Role to a User
RoleAssignmentApi	get_group_assigned_role	GET /api/v1/groups/{groupId}/roles/{roleId}	Retrieve a Role assigned to Group
RoleAssignmentApi	get_user_assigned_role	GET /api/v1/users/{userId}/roles/{roleId}	Retrieve a Role assigned to a User
RoleAssignmentApi	list_assigned_roles_for_user	GET /api/v1/users/{userId}/roles	List all Roles assigned to a User
RoleAssignmentApi	list_group_assigned_roles	GET /api/v1/groups/{groupId}/roles	List all Assigned Roles of Group
RoleAssignmentApi	list_users_with_role_assignments	GET /api/v1/iam/assignees/users	List all Users with Role Assignments
RoleAssignmentApi	unassign_role_from_group	DELETE /api/v1/groups/{groupId}/roles/{roleId}	Unassign a Role from a Group
RoleAssignmentApi	unassign_role_from_user	DELETE /api/v1/users/{userId}/roles/{roleId}	Unassign a Role from a User
RoleTargetApi	assign_all_apps_as_target_to_role_for_user	PUT /api/v1/users/{userId}/roles/{roleId}/targets/catalog/apps	Assign all Apps as Target to Role
RoleTargetApi	assign_app_instance_target_to_app_admin_role_for_group	PUT /api/v1/groups/{groupId}/roles/{roleId}/targets/catalog/apps/{appName}/{appId}	Assign an Application Instance Target to Application Administrator Role
RoleTargetApi	assign_app_instance_target_to_app_admin_role_for_user	PUT /api/v1/users/{userId}/roles/{roleId}/targets/catalog/apps/{appName}/{appId}	Assign an Application Instance Target to an Application Administrator Role
RoleTargetApi	assign_app_target_to_admin_role_for_group	PUT /api/v1/groups/{groupId}/roles/{roleId}/targets/catalog/apps/{appName}	Assign an Application Target to Administrator Role
RoleTargetApi	assign_app_target_to_admin_role_for_user	PUT /api/v1/users/{userId}/roles/{roleId}/targets/catalog/apps/{appName}	Assign an Application Target to Administrator Role
RoleTargetApi	assign_group_target_to_group_admin_role	PUT /api/v1/groups/{groupId}/roles/{roleId}/targets/groups/{targetGroupId}	Assign a Group Target to a Group Role
RoleTargetApi	assign_group_target_to_user_role	PUT /api/v1/users/{userId}/roles/{roleId}/targets/groups/{groupId}	Assign a Group Target to Role
RoleTargetApi	list_application_targets_for_application_administrator_role_for_group	GET /api/v1/groups/{groupId}/roles/{roleId}/targets/catalog/apps	List all Application Targets for an Application Administrator Role
RoleTargetApi	list_application_targets_for_application_administrator_role_for_user	GET /api/v1/users/{userId}/roles/{roleId}/targets/catalog/apps	List all Application Targets for Application Administrator Role
RoleTargetApi	list_group_targets_for_group_role	GET /api/v1/groups/{groupId}/roles/{roleId}/targets/groups	List all Group Targets for a Group Role
RoleTargetApi	list_group_targets_for_role	GET /api/v1/users/{userId}/roles/{roleId}/targets/groups	List all Group Targets for Role
RoleTargetApi	unassign_app_instance_target_from_admin_role_for_user	DELETE /api/v1/users/{userId}/roles/{roleId}/targets/catalog/apps/{appName}/{appId}	Unassign an Application Instance Target from an Application Administrator Role
RoleTargetApi	unassign_app_instance_target_to_app_admin_role_for_group	DELETE /api/v1/groups/{groupId}/roles/{roleId}/targets/catalog/apps/{appName}/{appId}	Unassign an Application Instance Target from an Application Administrator Role
RoleTargetApi	unassign_app_target_from_app_admin_role_for_user	DELETE /api/v1/users/{userId}/roles/{roleId}/targets/catalog/apps/{appName}	Unassign an Application Target from an Application Administrator Role
RoleTargetApi	unassign_app_target_to_admin_role_for_group	DELETE /api/v1/groups/{groupId}/roles/{roleId}/targets/catalog/apps/{appName}	Unassign an Application Target from Application Administrator Role
RoleTargetApi	unassign_group_target_from_group_admin_role	DELETE /api/v1/groups/{groupId}/roles/{roleId}/targets/groups/{targetGroupId}	Unassign a Group Target from a Group Role
RoleTargetApi	unassign_group_target_from_user_admin_role	DELETE /api/v1/users/{userId}/roles/{roleId}/targets/groups/{groupId}	Unassign a Group Target from Role
SchemaApi	get_app_ui_schema	GET /api/v1/meta/layouts/apps/{appName}/sections/{section}/{operation}	Retrieve the UI schema for a section
SchemaApi	get_app_ui_schema_links	GET /api/v1/meta/layouts/apps/{appName}	Retrieve the links for UI schemas for an Application
SchemaApi	get_application_user_schema	GET /api/v1/meta/schemas/apps/{appId}/default	Retrieve the default Application User Schema for an Application
SchemaApi	get_group_schema	GET /api/v1/meta/schemas/group/default	Retrieve the default Group Schema
SchemaApi	get_log_stream_schema	GET /api/v1/meta/schemas/logStream/{logStreamType}	Retrieve the Log Stream Schema for the schema type
SchemaApi	get_user_schema	GET /api/v1/meta/schemas/user/{schemaId}	Retrieve a User Schema
SchemaApi	list_log_stream_schemas	GET /api/v1/meta/schemas/logStream	List the Log Stream Schemas
SchemaApi	update_application_user_profile	POST /api/v1/meta/schemas/apps/{appId}/default	Update the default Application User Schema for an Application
SchemaApi	update_group_schema	POST /api/v1/meta/schemas/group/default	Update the default Group Schema
SchemaApi	update_user_profile	POST /api/v1/meta/schemas/user/{schemaId}	Update a User Schema
SessionApi	create_session	POST /api/v1/sessions	Create a Session with session token
SessionApi	get_session	GET /api/v1/sessions/{sessionId}	Retrieve a Session
SessionApi	refresh_session	POST /api/v1/sessions/{sessionId}/lifecycle/refresh	Refresh a Session
SessionApi	revoke_session	DELETE /api/v1/sessions/{sessionId}	Revoke a Session
SubscriptionApi	get_subscriptions_notification_type_role	GET /api/v1/roles/{roleRef}/subscriptions/{notificationType}	Retrieve a Subscription for a Role
SubscriptionApi	get_subscriptions_notification_type_user	GET /api/v1/users/{userId}/subscriptions/{notificationType}	Retrieve a Subscription for a User
SubscriptionApi	list_subscriptions_role	GET /api/v1/roles/{roleRef}/subscriptions	List all Subscriptions for a Role
SubscriptionApi	list_subscriptions_user	GET /api/v1/users/{userId}/subscriptions	List all Subscriptions for a User
SubscriptionApi	subscribe_by_notification_type_role	POST /api/v1/roles/{roleRef}/subscriptions/{notificationType}/subscribe	Subscribe a Role to a Specific Notification Type
SubscriptionApi	subscribe_by_notification_type_user	POST /api/v1/users/{userId}/subscriptions/{notificationType}/subscribe	Subscribe a User to a Specific Notification Type
SubscriptionApi	unsubscribe_by_notification_type_role	POST /api/v1/roles/{roleRef}/subscriptions/{notificationType}/unsubscribe	Unsubscribe a Role from a Specific Notification Type
SubscriptionApi	unsubscribe_by_notification_type_user	POST /api/v1/users/{userId}/subscriptions/{notificationType}/unsubscribe	Unsubscribe a User from a Specific Notification Type
SystemLogApi	list_log_events	GET /api/v1/logs	List all System Log Events
TemplateApi	create_sms_template	POST /api/v1/templates/sms	Create an SMS Template
TemplateApi	delete_sms_template	DELETE /api/v1/templates/sms/{templateId}	Delete an SMS Template
TemplateApi	get_sms_template	GET /api/v1/templates/sms/{templateId}	Retrieve an SMS Template
TemplateApi	list_sms_templates	GET /api/v1/templates/sms	List all SMS Templates
TemplateApi	replace_sms_template	PUT /api/v1/templates/sms/{templateId}	Replace an SMS Template
TemplateApi	update_sms_template	POST /api/v1/templates/sms/{templateId}	Update an SMS Template
ThreatInsightApi	get_current_configuration	GET /api/v1/threats/configuration	Retrieve the ThreatInsight Configuration
ThreatInsightApi	update_configuration	POST /api/v1/threats/configuration	Update the ThreatInsight Configuration
TrustedOriginApi	activate_trusted_origin	POST /api/v1/trustedOrigins/{trustedOriginId}/lifecycle/activate	Activate a Trusted Origin
TrustedOriginApi	create_trusted_origin	POST /api/v1/trustedOrigins	Create a Trusted Origin
TrustedOriginApi	deactivate_trusted_origin	POST /api/v1/trustedOrigins/{trustedOriginId}/lifecycle/deactivate	Deactivate a Trusted Origin
TrustedOriginApi	delete_trusted_origin	DELETE /api/v1/trustedOrigins/{trustedOriginId}	Delete a Trusted Origin
TrustedOriginApi	get_trusted_origin	GET /api/v1/trustedOrigins/{trustedOriginId}	Retrieve a Trusted Origin
TrustedOriginApi	list_trusted_origins	GET /api/v1/trustedOrigins	List all Trusted Origins
TrustedOriginApi	replace_trusted_origin	PUT /api/v1/trustedOrigins/{trustedOriginId}	Replace a Trusted Origin
UISchemaApi	create_ui_schema	POST /api/v1/meta/uischemas	Create a UI Schema
UISchemaApi	delete_ui_schemas	DELETE /api/v1/meta/uischemas/{id}	Delete a UI Schema
UISchemaApi	get_ui_schema	GET /api/v1/meta/uischemas/{id}	Retrieve a UI Schema
UISchemaApi	list_ui_schemas	GET /api/v1/meta/uischemas	List all UI Schemas
UISchemaApi	replace_ui_schemas	PUT /api/v1/meta/uischemas/{id}	Replace a UI Schema
UserApi	activate_user	POST /api/v1/users/{userId}/lifecycle/activate	Activate a User
UserApi	change_password	POST /api/v1/users/{userId}/credentials/change_password	Change Password
UserApi	change_recovery_question	POST /api/v1/users/{userId}/credentials/change_recovery_question	Change Recovery Question
UserApi	create_user	POST /api/v1/users	Create a User
UserApi	deactivate_user	POST /api/v1/users/{userId}/lifecycle/deactivate	Deactivate a User
UserApi	delete_linked_object_for_user	DELETE /api/v1/users/{userId}/linkedObjects/{relationshipName}	Delete a Linked Object
UserApi	delete_user	DELETE /api/v1/users/{userId}	Delete a User
UserApi	expire_password	POST /api/v1/users/{userId}/lifecycle/expire_password	Expire Password
UserApi	expire_password_and_get_temporary_password	POST /api/v1/users/{userId}/lifecycle/expire_password_with_temp_password	Expire Password and Set Temporary Password
UserApi	forgot_password	POST /api/v1/users/{userId}/credentials/forgot_password	Initiate Forgot Password
UserApi	forgot_password_set_new_password	POST /api/v1/users/{userId}/credentials/forgot_password_recovery_question	Reset Password with Recovery Question
UserApi	generate_reset_password_token	POST /api/v1/users/{userId}/lifecycle/reset_password	Generate a Reset Password Token
UserApi	get_refresh_token_for_user_and_client	GET /api/v1/users/{userId}/clients/{clientId}/tokens/{tokenId}	Retrieve a Refresh Token for a Client
UserApi	get_user	GET /api/v1/users/{userId}	Retrieve a User
UserApi	get_user_grant	GET /api/v1/users/{userId}/grants/{grantId}	Retrieve a User Grant
UserApi	list_app_links	GET /api/v1/users/{userId}/appLinks	List all Assigned Application Links
UserApi	list_grants_for_user_and_client	GET /api/v1/users/{userId}/clients/{clientId}/grants	List all Grants for a Client
UserApi	list_linked_objects_for_user	GET /api/v1/users/{userId}/linkedObjects/{relationshipName}	List all Linked Objects
UserApi	list_refresh_tokens_for_user_and_client	GET /api/v1/users/{userId}/clients/{clientId}/tokens	List all Refresh Tokens for a Client
UserApi	list_user_blocks	GET /api/v1/users/{userId}/blocks	List all User Blocks
UserApi	list_user_clients	GET /api/v1/users/{userId}/clients	List all Clients
UserApi	list_user_grants	GET /api/v1/users/{userId}/grants	List all User Grants
UserApi	list_user_groups	GET /api/v1/users/{userId}/groups	List all Groups
UserApi	list_user_identity_providers	GET /api/v1/users/{userId}/idps	List all Identity Providers
UserApi	list_users	GET /api/v1/users	List all Users
UserApi	reactivate_user	POST /api/v1/users/{userId}/lifecycle/reactivate	Reactivate a User
UserApi	replace_user	PUT /api/v1/users/{userId}	Replace a User
UserApi	reset_factors	POST /api/v1/users/{userId}/lifecycle/reset_factors	Reset all Factors
UserApi	revoke_grants_for_user_and_client	DELETE /api/v1/users/{userId}/clients/{clientId}/grants	Revoke all Grants for a Client
UserApi	revoke_token_for_user_and_client	DELETE /api/v1/users/{userId}/clients/{clientId}/tokens/{tokenId}	Revoke a Token for a Client
UserApi	revoke_tokens_for_user_and_client	DELETE /api/v1/users/{userId}/clients/{clientId}/tokens	Revoke all Refresh Tokens for a Client
UserApi	revoke_user_grant	DELETE /api/v1/users/{userId}/grants/{grantId}	Revoke a User Grant
UserApi	revoke_user_grants	DELETE /api/v1/users/{userId}/grants	Revoke all User Grants
UserApi	revoke_user_sessions	DELETE /api/v1/users/{userId}/sessions	Revoke all User Sessions
UserApi	set_linked_object_for_user	PUT /api/v1/users/{userId}/linkedObjects/{primaryRelationshipName}/{primaryUserId}	Create a Linked Object for two Users
UserApi	suspend_user	POST /api/v1/users/{userId}/lifecycle/suspend	Suspend a User
UserApi	unlock_user	POST /api/v1/users/{userId}/lifecycle/unlock	Unlock a User
UserApi	unsuspend_user	POST /api/v1/users/{userId}/lifecycle/unsuspend	Unsuspend a User
UserApi	update_user	POST /api/v1/users/{userId}	Update a User
UserFactorApi	activate_factor	POST /api/v1/users/{userId}/factors/{factorId}/lifecycle/activate	Activate a Factor
UserFactorApi	enroll_factor	POST /api/v1/users/{userId}/factors	Enroll a Factor
UserFactorApi	get_factor	GET /api/v1/users/{userId}/factors/{factorId}	Retrieve a Factor
UserFactorApi	get_factor_transaction_status	GET /api/v1/users/{userId}/factors/{factorId}/transactions/{transactionId}	Retrieve a Factor Transaction Status
UserFactorApi	list_factors	GET /api/v1/users/{userId}/factors	List all Factors
UserFactorApi	list_supported_factors	GET /api/v1/users/{userId}/factors/catalog	List all Supported Factors
UserFactorApi	list_supported_security_questions	GET /api/v1/users/{userId}/factors/questions	List all Supported Security Questions
UserFactorApi	resend_enroll_factor	POST /api/v1/users/{userId}/factors/{factorId}/resend	Resend a factor enrollment
UserFactorApi	unenroll_factor	DELETE /api/v1/users/{userId}/factors/{factorId}	Unenroll a Factor
UserFactorApi	verify_factor	POST /api/v1/users/{userId}/factors/{factorId}/verify	Verify an MFA Factor
UserTypeApi	create_user_type	POST /api/v1/meta/types/user	Create a User Type
UserTypeApi	delete_user_type	DELETE /api/v1/meta/types/user/{typeId}	Delete a User Type
UserTypeApi	get_user_type	GET /api/v1/meta/types/user/{typeId}	Retrieve a User Type
UserTypeApi	list_user_types	GET /api/v1/meta/types/user	List all User Types
UserTypeApi	replace_user_type	PUT /api/v1/meta/types/user/{typeId}	Replace a User Type
UserTypeApi	update_user_type	POST /api/v1/meta/types/user/{typeId}	Update a User Type

Documentation For Models

• APIServiceIntegrationInstance
• APIServiceIntegrationInstanceSecret
• APIServiceIntegrationLinks
• APIServiceIntegrationSecretLinks
• APNSConfiguration
• APNSPushProvider
• AccessPolicy
• AccessPolicyConstraint
• AccessPolicyConstraints
• AccessPolicyRule
• AccessPolicyRuleActions
• AccessPolicyRuleApplicationSignOn
• AccessPolicyRuleConditions
• AccessPolicyRuleCustomCondition
• AcsEndpoint
• ActivateFactorRequest
• Agent
• AgentPool
• AgentPoolUpdate
• AgentPoolUpdateSetting
• AgentType
• AgentUpdateInstanceStatus
• AgentUpdateJobStatus
• AllowedForEnum
• ApiToken
• AppAndInstanceConditionEvaluatorAppOrInstance
• AppAndInstancePolicyRuleCondition
• AppAndInstanceType
• AppInstancePolicyRuleCondition
• AppLink
• AppUser
• AppUserCredentials
• AppUserPasswordCredential
• AppUserStatus
• AppUserSyncState
• Application
• ApplicationAccessibility
• ApplicationCredentials
• ApplicationCredentialsOAuthClient
• ApplicationCredentialsScheme
• ApplicationCredentialsSigning
• ApplicationCredentialsSigningUse
• ApplicationCredentialsUsernameTemplate
• ApplicationFeature
• ApplicationFeatureLinks
• ApplicationGroupAssignment
• ApplicationLayout
• ApplicationLayoutRule
• ApplicationLayoutRuleCondition
• ApplicationLayouts
• ApplicationLayoutsLinks
• ApplicationLicensing
• ApplicationLifecycleStatus
• ApplicationLinks
• ApplicationSettings
• ApplicationSettingsNotes
• ApplicationSettingsNotifications
• ApplicationSettingsNotificationsVpn
• ApplicationSettingsNotificationsVpnNetwork
• ApplicationSignOnMode
• ApplicationVisibility
• ApplicationVisibilityHide
• AssignGroupOwnerRequestBody
• AssignRoleRequest
• AssociatedServerMediated
• AuthenticationMethodObject
• AuthenticationProvider
• AuthenticationProviderType
• Authenticator
• AuthenticatorIdentity
• AuthenticatorLinks
• AuthenticatorMethodAlgorithm
• AuthenticatorMethodBase
• AuthenticatorMethodConstraint
• AuthenticatorMethodOtp
• AuthenticatorMethodProperty
• AuthenticatorMethodPush
• AuthenticatorMethodPushAllOfSettings
• AuthenticatorMethodSignedNonce
• AuthenticatorMethodSignedNonceAllOfSettings
• AuthenticatorMethodSimple
• AuthenticatorMethodTotp
• AuthenticatorMethodTotpAllOfSettings
• AuthenticatorMethodTransactionType
• AuthenticatorMethodType
• AuthenticatorMethodWebAuthn
• AuthenticatorMethodWebAuthnAllOfSettings
• AuthenticatorMethodWithVerifiableProperties
• AuthenticatorProvider
• AuthenticatorProviderConfiguration
• AuthenticatorProviderConfigurationUserNameTemplate
• AuthenticatorSettings
• AuthenticatorType
• AuthorizationServer
• AuthorizationServerCredentials
• AuthorizationServerCredentialsRotationMode
• AuthorizationServerCredentialsSigningConfig
• AuthorizationServerCredentialsUse
• AuthorizationServerPolicy
• AuthorizationServerPolicyRule
• AuthorizationServerPolicyRuleActions
• AuthorizationServerPolicyRuleConditions
• AutoLoginApplication
• AutoLoginApplicationSettings
• AutoLoginApplicationSettingsSignOn
• AutoUpdateSchedule
• AwsRegion
• BaseEmailDomain
• BaseEmailServer
• BasicApplicationSettings
• BasicApplicationSettingsApplication
• BasicAuthApplication
• BeforeScheduledActionPolicyRuleCondition
• BehaviorRule
• BehaviorRuleAnomalousDevice
• BehaviorRuleAnomalousIP
• BehaviorRuleAnomalousLocation
• BehaviorRuleSettingsAnomalousDevice
• BehaviorRuleSettingsAnomalousIP
• BehaviorRuleSettingsAnomalousLocation
• BehaviorRuleSettingsHistoryBased
• BehaviorRuleSettingsVelocity
• BehaviorRuleType
• BehaviorRuleVelocity
• BookmarkApplication
• BookmarkApplicationSettings
• BookmarkApplicationSettingsApplication
• BouncesRemoveListError
• BouncesRemoveListObj
• BouncesRemoveListResult
• Brand
• BrandRequest
• BrandWithEmbedded
• BrowserPluginApplication
• BulkDeleteRequestBody
• BulkUpsertRequestBody
• CAPTCHAInstance
• CAPTCHAType
• CallUserFactor
• CallUserFactorProfile
• CapabilitiesCreateObject
• CapabilitiesObject
• CapabilitiesUpdateObject
• CatalogApplication
• CatalogApplicationStatus
• ChangeEnum
• ChangePasswordRequest
• ChannelBinding
• ChromeBrowserVersion
• ClientPolicyCondition
• Compliance
• ContentSecurityPolicySetting
• ContextPolicyRuleCondition
• CreateBrandRequest
• CreateIamRoleRequest
• CreateResourceSetRequest
• CreateSessionRequest
• CreateUISchema
• CreateUpdateIamRolePermissionRequest
• CreateUserRequest
• Csr
• CsrMetadata
• CsrMetadataSubject
• CsrMetadataSubjectAltNames
• CustomHotpUserFactor
• CustomHotpUserFactorProfile
• CustomizablePage
• DNSRecord
• DNSRecordType
• DTCChromeOS
• DTCMacOS
• DTCWindows
• DefaultApp
• Device
• DeviceAccessPolicyRuleCondition
• DeviceAssurance
• DeviceAssuranceAndroidPlatform
• DeviceAssuranceAndroidPlatformAllOfDiskEncryptionType
• DeviceAssuranceAndroidPlatformAllOfScreenLockType
• DeviceAssuranceChromeOSPlatform
• DeviceAssuranceChromeOSPlatformAllOfThirdPartySignalProviders
• DeviceAssuranceIOSPlatform
• DeviceAssuranceMacOSPlatform
• DeviceAssuranceMacOSPlatformAllOfThirdPartySignalProviders
• DeviceAssuranceWindowsPlatform
• DeviceAssuranceWindowsPlatformAllOfThirdPartySignalProviders
• DeviceDisplayName
• DevicePlatform
• DevicePolicyMDMFramework
• DevicePolicyPlatformType
• DevicePolicyRuleCondition
• DevicePolicyRuleConditionAssurance
• DevicePolicyRuleConditionPlatform
• DevicePolicyTrustLevel
• DeviceProfile
• DeviceStatus
• DeviceUser
• DigestAlgorithm
• DiskEncryptionType
• DiskEncryptionTypeDef
• DomainCertificate
• DomainCertificateMetadata
• DomainCertificateSourceType
• DomainCertificateType
• DomainLinks
• DomainLinksAllOfBrand
• DomainLinksAllOfCertificate
• DomainLinksAllOfVerify
• DomainListResponse
• DomainRequest
• DomainResponse
• DomainValidationStatus
• Duration
• EmailContent
• EmailCustomization
• EmailCustomizationAllOfLinks
• EmailDefaultContent
• EmailDomain
• EmailDomainDNSRecord
• EmailDomainDNSRecordType
• EmailDomainResponse
• EmailDomainResponseWithEmbedded
• EmailDomainStatus
• EmailPreview
• EmailPreviewLinks
• EmailServerListResponse
• EmailServerPost
• EmailServerRequest
• EmailServerResponse
• EmailSettings
• EmailTemplate
• EmailTemplateEmbedded
• EmailTemplateLinks
• EmailTemplateTouchPointVariant
• EmailTestAddresses
• EmailUserFactor
• EmailUserFactorProfile
• EnabledPagesType
• EnabledStatus
• EndUserDashboardTouchPointVariant
• Error
• ErrorErrorCausesInner
• ErrorPage
• ErrorPageTouchPointVariant
• EventHook
• EventHookChannel
• EventHookChannelConfig
• EventHookChannelConfigAuthScheme
• EventHookChannelConfigAuthSchemeType
• EventHookChannelConfigHeader
• EventHookChannelType
• EventHookVerificationStatus
• EventSubscriptionType
• EventSubscriptions
• FCMConfiguration
• FCMPushProvider
• FactorProvider
• FactorResultType
• FactorStatus
• FactorType
• Feature
• FeatureLifecycle
• FeatureStage
• FeatureStageState
• FeatureStageValue
• FeatureType
• FipsEnum
• ForgotPasswordResponse
• GrantOrTokenStatus
• GrantTypePolicyRuleCondition
• Group
• GroupCondition
• GroupLinks
• GroupOwner
• GroupOwnerOriginType
• GroupOwnerType
• GroupPolicyRuleCondition
• GroupProfile
• GroupRule
• GroupRuleAction
• GroupRuleConditions
• GroupRuleExpression
• GroupRuleGroupAssignment
• GroupRuleGroupCondition
• GroupRulePeopleCondition
• GroupRuleStatus
• GroupRuleUserCondition
• GroupSchema
• GroupSchemaAttribute
• GroupSchemaBase
• GroupSchemaBaseProperties
• GroupSchemaCustom
• GroupSchemaDefinitions
• GroupType
• HardwareUserFactor
• HardwareUserFactorProfile
• HookKey
• HostedPage
• HostedPageType
• HrefObject
• HrefObjectActivateLink
• HrefObjectAppLink
• HrefObjectClientLink
• HrefObjectDeactivateLink
• HrefObjectDeleteLink
• HrefObjectHints
• HrefObjectLogoLink
• HrefObjectMappingsLink
• HrefObjectRulesLink
• HrefObjectSelfLink
• HrefObjectSuspendLink
• HrefObjectUnsuspendLink
• HrefObjectUserLink
• HttpMethod
• IamRole
• IamRoleLinks
• IamRoles
• IdentityProvider
• IdentityProviderApplicationUser
• IdentityProviderCredentials
• IdentityProviderCredentialsClient
• IdentityProviderCredentialsSigning
• IdentityProviderCredentialsTrust
• IdentityProviderCredentialsTrustRevocation
• IdentityProviderLinks
• IdentityProviderPolicy
• IdentityProviderPolicyProvider
• IdentityProviderPolicyRuleCondition
• IdentityProviderProperties
• IdentityProviderType
• IdentitySourceSession
• IdentitySourceSessionStatus
• IdentitySourceUserProfileForDelete
• IdentitySourceUserProfileForUpsert
• IdpDiscoveryPolicy
• IdpDiscoveryPolicyRule
• IdpDiscoveryPolicyRuleCondition
• IdpPolicyRuleAction
• IdpPolicyRuleActionIdp
• IdpPolicyRuleActionMatchCriteria
• IdpPolicyRuleActionProvider
• IdpSelectionType
• IframeEmbedScopeAllowedApps
• ImageUploadResponse
• InactivityPolicyRuleCondition
• InlineHook
• InlineHookChannel
• InlineHookChannelConfig
• InlineHookChannelConfigAuthScheme
• InlineHookChannelConfigHeaders
• InlineHookChannelHttp
• InlineHookChannelOAuth
• InlineHookChannelType
• InlineHookOAuthBasicConfig
• InlineHookOAuthChannelConfig
• InlineHookOAuthClientSecretConfig
• InlineHookOAuthPrivateKeyJwtConfig
• InlineHookResponse
• InlineHookResponseCommandValue
• InlineHookResponseCommands
• InlineHookStatus
• InlineHookType
• IssuerMode
• JsonWebKey
• JwkUse
• JwkUseType
• KeyRequest
• KeyTrustLevelBrowserKey
• KeyTrustLevelOSMode
• KnowledgeConstraint
• LifecycleCreateSettingObject
• LifecycleDeactivateSettingObject
• LifecycleExpirationPolicyRuleCondition
• LifecycleStatus
• LinkedObject
• LinkedObjectDetails
• LinkedObjectDetailsType
• LinksAppAndUser
• LinksNext
• LinksSelf
• LinksSelfAndFullUsersLifecycle
• LinksSelfAndLifecycle
• LinksSelfAndRoles
• ListProfileMappings
• ListSubscriptionsRoleRoleRefParameter
• LoadingPageTouchPointVariant
• LocationGranularity
• LogActor
• LogAuthenticationContext
• LogAuthenticationProvider
• LogClient
• LogCredentialProvider
• LogCredentialType
• LogDebugContext
• LogEvent
• LogGeographicalContext
• LogGeolocation
• LogIpAddress
• LogIssuer
• LogOutcome
• LogRequest
• LogSecurityContext
• LogSeverity
• LogStream
• LogStreamActivateLink
• LogStreamAws
• LogStreamAwsPutSchema
• LogStreamDeactivateLink
• LogStreamLinkObject
• LogStreamLinksSelfAndLifecycle
• LogStreamPutSchema
• LogStreamSchema
• LogStreamSelfLink
• LogStreamSettingsAws
• LogStreamSettingsSplunk
• LogStreamSettingsSplunkPut
• LogStreamSplunk
• LogStreamSplunkPutSchema
• LogStreamType
• LogTarget
• LogTransaction
• LogUserAgent
• MDMEnrollmentPolicyEnrollment
• MDMEnrollmentPolicyRuleCondition
• MultifactorEnrollmentPolicy
• MultifactorEnrollmentPolicyAuthenticatorSettings
• MultifactorEnrollmentPolicyAuthenticatorSettingsConstraints
• MultifactorEnrollmentPolicyAuthenticatorSettingsEnroll
• MultifactorEnrollmentPolicyAuthenticatorStatus
• MultifactorEnrollmentPolicyAuthenticatorType
• MultifactorEnrollmentPolicySettings
• MultifactorEnrollmentPolicySettingsType
• NetworkZone
• NetworkZoneAddress
• NetworkZoneAddressType
• NetworkZoneLinks
• NetworkZoneLocation
• NetworkZoneStatus
• NetworkZoneType
• NetworkZoneUsage
• NotificationType
• OAuth2Actor
• OAuth2Claim
• OAuth2ClaimConditions
• OAuth2ClaimGroupFilterType
• OAuth2ClaimType
• OAuth2ClaimValueType
• OAuth2Client
• OAuth2RefreshToken
• OAuth2Scope
• OAuth2ScopeConsentGrant
• OAuth2ScopeConsentGrantEmbedded
• OAuth2ScopeConsentGrantEmbeddedScope
• OAuth2ScopeConsentGrantLinks
• OAuth2ScopeConsentGrantSource
• OAuth2ScopeConsentType
• OAuth2ScopeMetadataPublish
• OAuth2ScopesMediationPolicyRuleCondition
• OAuth2Token
• OAuthApplicationCredentials
• OAuthEndpointAuthenticationMethod
• OAuthGrantType
• OAuthResponseType
• OSVersion
• OktaSignOnPolicy
• OktaSignOnPolicyConditions
• OktaSignOnPolicyFactorPromptMode
• OktaSignOnPolicyRule
• OktaSignOnPolicyRuleActions
• OktaSignOnPolicyRuleConditions
• OktaSignOnPolicyRuleSignonActions
• OktaSignOnPolicyRuleSignonSessionActions
• OpenIdConnectApplication
• OpenIdConnectApplicationConsentMethod
• OpenIdConnectApplicationIdpInitiatedLogin
• OpenIdConnectApplicationIssuerMode
• OpenIdConnectApplicationSettings
• OpenIdConnectApplicationSettingsClient
• OpenIdConnectApplicationSettingsClientKeys
• OpenIdConnectApplicationSettingsRefreshToken
• OpenIdConnectApplicationType
• OpenIdConnectRefreshTokenRotationType
• OperationalStatus
• OrgCAPTCHASettings
• OrgCAPTCHASettingsLinks
• OrgContactType
• OrgContactTypeObj
• OrgContactUser
• OrgOktaCommunicationSetting
• OrgOktaSupportSetting
• OrgOktaSupportSettingsObj
• OrgPreferences
• OrgSetting
• OtpProtocol
• OtpTotpAlgorithm
• OtpTotpEncoding
• PageRoot
• PageRootEmbedded
• PageRootLinks
• PasswordCredential
• PasswordCredentialHash
• PasswordCredentialHashAlgorithm
• PasswordCredentialHook
• PasswordDictionary
• PasswordDictionaryCommon
• PasswordExpirationPolicyRuleCondition
• PasswordPolicy
• PasswordPolicyAuthenticationProviderCondition
• PasswordPolicyAuthenticationProviderType
• PasswordPolicyConditions
• PasswordPolicyDelegationSettings
• PasswordPolicyDelegationSettingsOptions
• PasswordPolicyPasswordSettings
• PasswordPolicyPasswordSettingsAge
• PasswordPolicyPasswordSettingsComplexity
• PasswordPolicyPasswordSettingsLockout
• PasswordPolicyRecoveryEmail
• PasswordPolicyRecoveryEmailProperties
• PasswordPolicyRecoveryEmailRecoveryToken
• PasswordPolicyRecoveryFactorSettings
• PasswordPolicyRecoveryFactors
• PasswordPolicyRecoveryQuestion
• PasswordPolicyRecoveryQuestionComplexity
• PasswordPolicyRecoveryQuestionProperties
• PasswordPolicyRecoverySettings
• PasswordPolicyRule
• PasswordPolicyRuleAction
• PasswordPolicyRuleActions
• PasswordPolicyRuleConditions
• PasswordPolicySettings
• PasswordProtectionWarningTrigger
• PasswordSettingObject
• PerClientRateLimitMode
• PerClientRateLimitSettings
• PerClientRateLimitSettingsUseCaseModeOverrides
• Permission
• PermissionLinks
• Permissions
• PipelineType
• Platform
• PlatformConditionEvaluatorPlatform
• PlatformConditionEvaluatorPlatformOperatingSystem
• PlatformConditionEvaluatorPlatformOperatingSystemVersion
• PlatformConditionOperatingSystemVersionMatchType
• PlatformPolicyRuleCondition
• Policy
• PolicyAccess
• PolicyAccountLink
• PolicyAccountLinkAction
• PolicyAccountLinkFilter
• PolicyAccountLinkFilterGroups
• PolicyContext
• PolicyContextDevice
• PolicyContextGroups
• PolicyContextRisk
• PolicyContextUser
• PolicyContextZones
• PolicyLinks
• PolicyMapping
• PolicyMappingLinks
• PolicyMappingLinksAllOfApplication
• PolicyMappingLinksAllOfAuthenticator
• PolicyMappingLinksAllOfPolicy
• PolicyMappingRequest
• PolicyMappingResourceType
• PolicyNetworkCondition
• PolicyNetworkConnection
• PolicyPeopleCondition
• PolicyPlatformOperatingSystemType
• PolicyPlatformType
• PolicyRule
• PolicyRuleActionsEnroll
• PolicyRuleActionsEnrollSelf
• PolicyRuleAuthContextCondition
• PolicyRuleAuthContextType
• PolicyRuleConditions
• PolicyRuleType
• PolicySubject
• PolicySubjectMatchType
• PolicyType
• PolicyUserNameTemplate
• PolicyUserStatus
• PossessionConstraint
• PostAPIServiceIntegrationInstance
• PostAPIServiceIntegrationInstanceRequest
• PreRegistrationInlineHook
• PrincipalRateLimitEntity
• PrincipalType
• ProfileEnrollmentPolicy
• ProfileEnrollmentPolicyRule
• ProfileEnrollmentPolicyRuleAction
• ProfileEnrollmentPolicyRuleActions
• ProfileEnrollmentPolicyRuleActivationRequirement
• ProfileEnrollmentPolicyRuleProfileAttribute
• ProfileMapping
• ProfileMappingProperty
• ProfileMappingPropertyPushStatus
• ProfileMappingRequest
• ProfileMappingSource
• ProfileMappingTarget
• ProfileSettingObject
• Protocol
• ProtocolAlgorithmType
• ProtocolAlgorithmTypeSignature
• ProtocolAlgorithmTypeSignatureScope
• ProtocolAlgorithms
• ProtocolEndpoint
• ProtocolEndpointBinding
• ProtocolEndpointType
• ProtocolEndpoints
• ProtocolRelayState
• ProtocolRelayStateFormat
• ProtocolSettings
• ProtocolType
• ProviderType
• Provisioning
• ProvisioningAction
• ProvisioningConditions
• ProvisioningConnection
• ProvisioningConnectionAuthScheme
• ProvisioningConnectionProfile
• ProvisioningConnectionProfileOauth
• ProvisioningConnectionProfileToken
• ProvisioningConnectionProfileUnknown
• ProvisioningConnectionRequest
• ProvisioningConnectionStatus
• ProvisioningDeprovisionedAction
• ProvisioningDeprovisionedCondition
• ProvisioningGroups
• ProvisioningGroupsAction
• ProvisioningSuspendedAction
• ProvisioningSuspendedCondition
• PushMethodKeyProtection
• PushProvider
• PushUserFactor
• PushUserFactorProfile
• RateLimitAdminNotifications
• RateLimitWarningThresholdRequest
• RateLimitWarningThresholdResponse
• Realm
• RealmProfile
• RecoveryQuestionCredential
• ReleaseChannel
• RequiredEnum
• ResetPasswordToken
• ResourceSet
• ResourceSetBindingAddMembersRequest
• ResourceSetBindingCreateRequest
• ResourceSetBindingMember
• ResourceSetBindingMembers
• ResourceSetBindingMembersLinks
• ResourceSetBindingResponse
• ResourceSetBindingResponseLinks
• ResourceSetBindingRole
• ResourceSetBindingRoleLinks
• ResourceSetBindings
• ResourceSetLinks
• ResourceSetResource
• ResourceSetResourcePatchRequest
• ResourceSetResources
• ResourceSetResourcesLinks
• ResourceSets
• RiskEvent
• RiskEventSubject
• RiskEventSubjectRiskLevel
• RiskPolicyRuleCondition
• RiskProvider
• RiskProviderAction
• RiskScorePolicyRuleCondition
• Role
• RoleAssignedUser
• RoleAssignedUsers
• RoleAssignmentType
• RolePermissionType
• RoleType
• SafeBrowsingProtectionLevel
• SamlApplication
• SamlApplicationSettings
• SamlApplicationSettingsApplication
• SamlApplicationSettingsSignOn
• SamlAttributeStatement
• ScheduledUserLifecycleAction
• SchemeApplicationCredentials
• ScreenLockType
• SecurePasswordStoreApplication
• SecurePasswordStoreApplicationSettings
• SecurePasswordStoreApplicationSettingsApplication
• SecurityQuestion
• SecurityQuestionUserFactor
• SecurityQuestionUserFactorProfile
• SeedEnum
• SelfServicePasswordResetAction
• Session
• SessionAuthenticationMethod
• SessionIdentityProvider
• SessionIdentityProviderType
• SessionStatus
• ShowSignInWithOV
• SignInPage
• SignInPageAllOfWidgetCustomizations
• SignInPageTouchPointVariant
• SignOnInlineHook
• SimulatePolicyBody
• SimulatePolicyEvaluations
• SimulatePolicyEvaluationsEvaluated
• SimulatePolicyEvaluationsUndefined
• SimulatePolicyResult
• SimulateResultConditions
• SimulateResultPoliciesItems
• SimulateResultRules
• SingleLogout
• SloParticipate
• SmsTemplate
• SmsTemplateType
• SmsUserFactor
• SmsUserFactorProfile
• SocialAuthToken
• SourceLinks
• SourceLinksAllOfSchema
• SpCertificate
• SplunkEdition
• SsprPrimaryRequirement
• SsprRequirement
• SsprStepUpRequirement
• Subscription
• SubscriptionLinks
• SubscriptionStatus
• Success
• SuccessSuccessMessageInner
• SupportedMethods
• SupportedMethodsSettings
• SwaApplicationSettings
• SwaApplicationSettingsApplication
• TempPassword
• Theme
• ThemeResponse
• ThreatInsightConfiguration
• TokenAuthorizationServerPolicyRuleAction
• TokenAuthorizationServerPolicyRuleActionInlineHook
• TokenUserFactor
• TokenUserFactorProfile
• TotpUserFactor
• TotpUserFactorProfile
• TrustedOrigin
• TrustedOriginScope
• TrustedOriginScopeType
• U2fUserFactor
• U2fUserFactorProfile
• UIElement
• UIElementOptions
• UISchemaObject
• UISchemasResponseObject
• UpdateDomain
• UpdateEmailDomain
• UpdateIamRoleRequest
• UpdateUISchema
• UpdateUserRequest
• User
• UserActivationToken
• UserBlock
• UserCondition
• UserCredentials
• UserFactor
• UserIdentifierConditionEvaluatorPattern
• UserIdentifierMatchType
• UserIdentifierPolicyRuleCondition
• UserIdentifierType
• UserIdentityProviderLinkRequest
• UserLifecycleAttributePolicyRuleCondition
• UserLockoutSettings
• UserNextLogin
• UserPolicyRuleCondition
• UserProfile
• UserSchema
• UserSchemaAttribute
• UserSchemaAttributeEnum
• UserSchemaAttributeItems
• UserSchemaAttributeMaster
• UserSchemaAttributeMasterPriority
• UserSchemaAttributeMasterType
• UserSchemaAttributePermission
• UserSchemaAttributeScope
• UserSchemaAttributeType
• UserSchemaAttributeUnion
• UserSchemaBase
• UserSchemaBaseProperties
• UserSchemaDefinitions
• UserSchemaProperties
• UserSchemaPropertiesProfile
• UserSchemaPropertiesProfileItem
• UserSchemaPublic
• UserStatus
• UserStatusPolicyRuleCondition
• UserType
• UserTypeCondition
• UserTypeLinks
• UserTypeLinksAllOfSchema
• UserTypePostRequest
• UserTypePutRequest
• UserVerificationEnum
• VerificationMethod
• VerifyFactorRequest
• VerifyUserFactorResponse
• VerifyUserFactorResponseLinks
• VerifyUserFactorResult
• WebAuthnAttachment
• WebAuthnUserFactor
• WebAuthnUserFactorProfile
• WebUserFactor
• WebUserFactorProfile
• WellKnownAppAuthenticatorConfiguration
• WellKnownAppAuthenticatorConfigurationSettings
• WellKnownOrgMetadata
• WellKnownOrgMetadataLinks
• WellKnownOrgMetadataSettings
• WsFederationApplication
• WsFederationApplicationSettings
• WsFederationApplicationSettingsApplication

Documentation For Authorization

Authentication schemes defined for the API:

apiToken

• Type: API key
• API key parameter name: Authorization
• Location: HTTP header

oauth2

• Type: OAuth
• Flow: accessCode
• Authorization URL: /oauth2/v1/authorize
• Scopes:
• okta.agentPools.manage: Allows the app to create and manage agent pools in your Okta organization.
• okta.agentPools.read: Allows the app to read agent pools in your Okta organization.
• okta.apiTokens.manage: Allows the app to manage API Tokens in your Okta organization.
• okta.apiTokens.read: Allows the app to read API Tokens in your Okta organization.
• okta.appGrants.manage: Allows the app to create and manage grants in your Okta organization.
• okta.appGrants.read: Allows the app to read grants in your Okta organization.
• okta.apps.manage: Allows the app to create and manage Apps in your Okta organization.
• okta.apps.read: Allows the app to read information about Apps in your Okta organization.
• okta.authenticators.manage: Allows the app to manage all authenticators (e.g. enrollments, reset).
• okta.authenticators.read: Allows the app to read org authenticators information.
• okta.authorizationServers.manage: Allows the app to create and manage Authorization Servers in your Okta organization.
• okta.authorizationServers.read: Allows the app to read information about Authorization Servers in your Okta organization.
• okta.behaviors.manage: Allows the app to create and manage behavior detection rules in your Okta organization.
• okta.behaviors.read: Allows the app to read behavior detection rules in your Okta organization.
• okta.brands.manage: Allows the app to create and manage Brands and Themes in your Okta organization.
• okta.brands.read: Allows the app to read information about Brands and Themes in your Okta organization.
• okta.captchas.manage: Allows the app to create and manage CAPTCHAs in your Okta organization.
• okta.captchas.read: Allows the app to read information about CAPTCHAs in your Okta organization.
• okta.deviceAssurance.manage: Allows the app to manage device assurances.
• okta.deviceAssurance.read: Allows the app to read device assurances.
• okta.devices.manage: Allows the app to manage device status transitions and delete a device.
• okta.devices.read: Allows the app to read the existing device's profile and search devices.
• okta.domains.manage: Allows the app to manage custom Domains for your Okta organization.
• okta.domains.read: Allows the app to read information about custom Domains for your Okta organization.
• okta.emailDomains.manage: Allows the app to manage Email Domains for your Okta organization.
• okta.emailDomains.read: Allows the app to read information about Email Domains for your Okta organization.
• okta.emailServers.manage: Allows the app to manage Email Servers for your Okta organization.
• okta.emailServers.read: Allows the app to read information about Email Servers for your Okta organization.
• okta.eventHooks.manage: Allows the app to create and manage Event Hooks in your Okta organization.
• okta.eventHooks.read: Allows the app to read information about Event Hooks in your Okta organization.
• okta.features.manage: Allows the app to create and manage Features in your Okta organization.
• okta.features.read: Allows the app to read information about Features in your Okta organization.
• okta.groups.manage: Allows the app to manage existing groups in your Okta organization.
• okta.groups.read: Allows the app to read information about groups and their members in your Okta organization.
• okta.identitySources.manage: Allows the custom identity sources to manage user entities in your Okta organization
• okta.identitySources.read: Allows to read session information for custom identity sources in your Okta organization
• okta.idps.manage: Allows the app to create and manage Identity Providers in your Okta organization.
• okta.idps.read: Allows the app to read information about Identity Providers in your Okta organization.
• okta.inlineHooks.manage: Allows the app to create and manage Inline Hooks in your Okta organization.
• okta.inlineHooks.read: Allows the app to read information about Inline Hooks in your Okta organization.
• okta.linkedObjects.manage: Allows the app to manage linked object definitions in your Okta organization.
• okta.linkedObjects.read: Allows the app to read linked object definitions in your Okta organization.
• okta.logStreams.manage: Allows the app to create and manage log streams in your Okta organization.
• okta.logStreams.read: Allows the app to read information about log streams in your Okta organization.
• okta.logs.read: Allows the app to read information about System Log entries in your Okta organization.
• okta.networkZones.manage: Allows the app to create and manage Network Zones in your Okta organization.
• okta.networkZones.read: Allows the app to read Network Zones in your Okta organization.
• okta.oauthIntegrations.manage: Allows the app to create and manage API service Integration instances in your Okta organization.
• okta.oauthIntegrations.read: Allows the app to read API service Integration instances in your Okta organization.
• okta.orgs.manage: Allows the app to manage organization-specific details for your Okta organization.
• okta.orgs.read: Allows the app to read organization-specific details about your Okta organization.
• okta.policies.manage: Allows the app to manage policies in your Okta organization.
• okta.policies.read: Allows the app to read information about policies in your Okta organization.
• okta.principalRateLimits.manage: Allows the app to create and manage Principal Rate Limits in your Okta organization.
• okta.principalRateLimits.read: Allows the app to read information about Principal Rate Limits in your Okta organization.
• okta.profileMappings.manage: Allows the app to manage user profile mappings in your Okta organization.
• okta.profileMappings.read: Allows the app to read user profile mappings in your Okta organization.
• okta.pushProviders.manage: Allows the app to create and manage push notification providers such as APNs and FCM.
• okta.pushProviders.read: Allows the app to read push notification providers such as APNs and FCM.
• okta.rateLimits.manage: Allows the app to create and manage rate limits in your Okta organization.
• okta.rateLimits.read: Allows the app to read information about rate limits in your Okta organization.
• okta.realms.manage: Allows the app to create new realms and to manage their details.
• okta.realms.read: Allows the app to read the existing realms and their details.
• okta.riskEvents.manage: Allows the app to publish risk events to your Okta organization.
• okta.riskProviders.manage: Allows the app to create and manage risk provider integrations in your Okta organization.
• okta.riskProviders.read: Allows the app to read all risk provider integrations in your Okta organization.
• okta.roles.manage: Allows the app to manage administrative role assignments for users in your Okta organization.
• okta.roles.read: Allows the app to read administrative role assignments for users in your Okta organization.
• okta.schemas.manage: Allows the app to create and manage Schemas in your Okta organization.
• okta.schemas.read: Allows the app to read information about Schemas in your Okta organization.
• okta.sessions.manage: Allows the app to manage all sessions in your Okta organization.
• okta.sessions.read: Allows the app to read all sessions in your Okta organization.
• okta.templates.manage: Allows the app to manage all custom templates in your Okta organization.
• okta.templates.read: Allows the app to read all custom templates in your Okta organization.
• okta.threatInsights.manage: Allows the app to manage all ThreatInsight configurations in your Okta organization.
• okta.threatInsights.read: Allows the app to read all ThreatInsight configurations in your Okta organization.
• okta.trustedOrigins.manage: Allows the app to manage all Trusted Origins in your Okta organization.
• okta.trustedOrigins.read: Allows the app to read all Trusted Origins in your Okta organization.
• okta.uischemas.manage: Allows the app to manage all the UI Schemas in your Okta organization.
• okta.uischemas.read: Allows the app to read all the UI Schemas in your Okta organization.
• okta.userTypes.manage: Allows the app to manage user types in your Okta organization.
• okta.userTypes.read: Allows the app to read user types in your Okta organization.
• okta.users.manage: Allows the app to create new users and to manage all users' profile and credentials information.
• okta.users.read: Allows the app to read the existing users' profiles and credentials.

Author

[email protected]