I am working on an integration project with okta via okta rest APIs. One use case needs to get ID for role type “APP_ADMIN”. I don’t find official API for this. (I think a simple API to list all roles should do it.) I see people talking about unofficial] or undocumented APIs. Also, will that ID will be consistent so that I can put it as configuration. Thanks for advice!
Whenever you see references to ${roleId} in https://developer.okta.com/docs/api/resources/roles, that is an ID for the assignment rather than a reference to the role type. So if you were to un-assign and reassign the same role to a user, the roleId would change.
Does that help?
Hi schandra,
Thanks for your information. my understanding about Role was different. Let me give the use case and see if there is solution for it.
Our use case is that we have company developer portal (DevPortal) to allow internal developers to manage apps/apis and also provide administrative support via APIs to external systems; okta is one of them. one use case is when user creates an “okta” app within DevPortal, we also want to assign “APP_Admin” role for this user to this app. On the implementation side, we rely on okta REST APIs for it. one of them is https://developer.okta.com/docs/api/resources/roles#add-app-instance-target-to-app-administrator-role. As you can see {roleID} is what we are looking for.
From role model doc https://developer.okta.com/docs/api/resources/roles#role-model, APP_ADMIN is the role type we are targeting at. My initial understanding about okta roles is for those “build-in” role type, the {roleID} may stay consistent across the okta environment.
If you still need it… when you assign an admin role to a user via API, you get a response back with that ID for that role. That unique string is what you’re looking for. You can list this by going to …api/v1/users/{{userid}}/roles.
This topic was automatically closed 24 hours after the last reply. New replies are no longer allowed.