How do I allow customers to change their passwords without an API token?

drs · April 22, 2021, 4:06pm

I am reading through the Okta API for change password and shows that the call requires an Authorization header with a valid API token.

Is there a way for our application to make an API call allowing users to change their own password without needing an API token?

I would have thought that end users wouldn’t need an API token from an Okta Admin in order to make an API call like this, but maybe I’m not thinking of something. If it is required, can anyone tell me the least-privileged Admin level that is needed for this API token to make this corresponding call?

Lijia · April 22, 2021, 8:37pm

@drs
You can use bearer token instead of API token.
Please refer the example in this discussion thread.

To implement this, you need to have “OAuth 2.0 Consent for API Access Management” feature.
If you don’t have the feature enabled, please feel free to send an email to support@okta.com and request OAUTH2_FOR_OKTA_API feature.

Also, for the API token access issue, you can refer the doc here: manage access level for API token.
You need a super admin to manage the access level.

Post		Replies	Views
Okta API - Credential operations via OAuth2 token OAuth/OIDC api	2	3628	February 13, 2024
Okta Widget Authentication and updating user's password within application OAuth/OIDC api	8	2181	February 15, 2024
Allow web app to change user password using access token? Questions	2	3626	September 29, 2020
Using Access token as Bearer token as authentication for REST endpoints OAuth/OIDC api	4	6878	October 17, 2019
Non-admin user to change the password without the API Key Questions	2	786	May 18, 2024

How do I allow customers to change their passwords without an API token?

Related topics