Factors API - API Token Permissions?

The admin matrix does not make it clear what permissions an account needs to use the Factors API.

https://developer.okta.com/docs/reference/api/factors/
https://help.okta.com/en/prod/Content/Topics/Security/administrators-admin-comparison.htm

We have a use case where a third-party application will challenge a user’s MFA and validate the response before allowing them access to internal resources. We have validated that the use case works when using a API token created by a super user account, but we want to use the least permissive API token permission set possible.

According to the doc, it looks like you need either Org admin or Super admin permissions to use the Factors API.

Update - I did some manual testing, and it looks like you can get away with using a Read Only Admin API Token.

This topic was automatically closed 24 hours after the last reply. New replies are no longer allowed.