How to enable OKTA Verify by API

marcin.bahojlo · May 26, 2023, 10:54am

Im working on build panel for Security Methods in my app similar to:

Right now im able to get authenticators by:

_authenticatorApi.ListAuthenticatorsWithHttpInfoAsync(cancellationToken: cancellationToken);

So im able to create form like above. Now i want to handle buttons operations, how to fire:
For password
https://dev-97268717.okta.com/idp/authenticators/laetknf7ljDIRH44S5d6/modify
For App
https://dev-97268717.okta.com/idp/authenticators/setup/aut7s00h8ppQbbdoXt5d7
Links to open are different depending on method, so what is proper way?
From where we may know what operations can be performed on each Authenticator

erik · May 26, 2023, 10:26pm

Hello,

If you want to be able to enroll/reset factors for a user,

marcin.bahojlo · May 29, 2023, 10:25am

Well have problems to understand
this endpoint

{{url}}/api/v1/authenticators

returns many authenticators:

[
	{
		"type": "email",
		"id": "aut7s9h8pkWSfIfSI5d7",
		"key": "okta_email",
		"status": "ACTIVE",
		"name": "Email",
		"created": "2022-12-29T13:08:00.000Z",
		"lastUpdated": "2022-12-29T13:08:00.000Z",
		"settings": {
			"allowedFor": "recovery",
			"tokenLifetimeInMinutes": 5
		},
		"_links": {
			"self": {
				"href": "https://[URL]/api/v1/authenticators/aut7s9h8pkWSfIfSI5d7",
				"hints": {
					"allow": [
						"GET",
						"PUT"
					]
				}
			},
			"deactivate": {
				"href": "https://[URL]/api/v1/authenticators/aut7s9h8pkWSfIfSI5d7/lifecycle/deactivate",
				"hints": {
					"allow": [
						"POST"
					]
				}
			},
			"methods": {
				"href": "https://[URL]/api/v1/authenticators/aut7s9h8pkWSfIfSI5d7/methods",
				"hints": {
					"allow": [
						"GET"
					]
				}
			}
		}
	},
	{
		"type": "app",
		"id": "aut7s9h8ppQbbdoXt5d7",
		"key": "okta_verify",
		"status": "ACTIVE",
		"name": "Okta Verify",
		"created": "2022-12-29T13:08:00.000Z",
		"lastUpdated": "2023-05-26T08:25:28.000Z",
		"settings": {
			"compliance": {
				"fips": "OPTIONAL"
			},
			"channelBinding": {
				"style": "NUMBER_CHALLENGE",
				"required": "NEVER"
			},
			"userVerification": "PREFERRED",
			"appInstanceId": ""
		},
		"_links": {
			"self": {
				"href": "https://[URL]/api/v1/authenticators/aut7s9h8ppQbbdoXt5d7",
				"hints": {
					"allow": [
						"GET",
						"PUT"
					]
				}
			},
			"deactivate": {
				"href": "https://[URL]/api/v1/authenticators/aut7s9h8ppQbbdoXt5d7/lifecycle/deactivate",
				"hints": {
					"allow": [
						"POST"
					]
				}
			},
			"methods": {
				"href": "https://[URL]/api/v1/authenticators/aut7s9h8ppQbbdoXt5d7/methods",
				"hints": {
					"allow": [
						"GET"
					]
				}
			},
			"enroll": {
				"href": "https://[URL]/idp/authenticators",
				"hints": {
					"allow": [
						"POST"
					]
				}
			}
		}
	},
	{
		"type": "password",
		"id": "aut7s9h8pj7vcsxVG5d7",
		"key": "okta_password",
		"status": "ACTIVE",
		"name": "Password",
		"created": "2022-12-29T13:08:00.000Z",
		"lastUpdated": "2022-12-29T13:08:00.000Z",
		"_links": {
			"self": {
				"href": "https://[URL]/api/v1/authenticators/aut7s9h8pj7vcsxVG5d7",
				"hints": {
					"allow": [
						"GET",
						"PUT"
					]
				}
			},
			"methods": {
				"href": "https://[URL]/api/v1/authenticators/aut7s9h8pj7vcsxVG5d7/methods",
				"hints": {
					"allow": [
						"GET"
					]
				}
			}
		}
	},
	{
		"type": "phone",
		"id": "aut7s9h8plkwcvWlS5d7",
		"key": "phone_number",
		"status": "INACTIVE",
		"name": "Phone",
		"created": "2022-12-29T13:08:00.000Z",
		"lastUpdated": "2022-12-29T13:08:00.000Z",
		"settings": {
			"allowedFor": "recovery"
		},
		"_links": {
			"self": {
				"href": "https://[URL]/api/v1/authenticators/aut7s9h8plkwcvWlS5d7",
				"hints": {
					"allow": [
						"GET",
						"PUT"
					]
				}
			},
			"activate": {
				"href": "https://[URL]/api/v1/authenticators/aut7s9h8plkwcvWlS5d7/lifecycle/activate",
				"hints": {
					"allow": [
						"POST"
					]
				}
			},
			"methods": {
				"href": "https://[URL]/api/v1/authenticators/aut7s9h8plkwcvWlS5d7/methods",
				"hints": {
					"allow": [
						"GET"
					]
				}
			}
		}
	},
	{
		"type": "security_key",
		"id": "aut7s9h8poQZBkW2t5d7",
		"key": "webauthn",
		"status": "INACTIVE",
		"name": "Security Key or Biometric",
		"created": "2022-12-29T13:08:00.000Z",
		"lastUpdated": "2022-12-29T13:08:00.000Z",
		"_links": {
			"self": {
				"href": "https://[URL]/api/v1/authenticators/aut7s9h8poQZBkW2t5d7",
				"hints": {
					"allow": [
						"GET",
						"PUT"
					]
				}
			},
			"activate": {
				"href": "https://[URL]/api/v1/authenticators/aut7s9h8poQZBkW2t5d7/lifecycle/activate",
				"hints": {
					"allow": [
						"POST"
					]
				}
			},
			"methods": {
				"href": "https://[URL]/api/v1/authenticators/aut7s9h8poQZBkW2t5d7/methods",
				"hints": {
					"allow": [
						"GET"
					]
				}
			}
		}
	},
	{
		"type": "security_question",
		"id": "aut7s9h8pmqmdphjo5d7",
		"key": "security_question",
		"status": "ACTIVE",
		"name": "Security Question",
		"created": "2022-12-29T13:08:00.000Z",
		"lastUpdated": "2022-12-29T13:08:00.000Z",
		"settings": {
			"allowedFor": "recovery"
		},
		"_links": {
			"self": {
				"href": "https://[URL]/api/v1/authenticators/aut7s9h8pmqmdphjo5d7",
				"hints": {
					"allow": [
						"GET",
						"PUT"
					]
				}
			},
			"deactivate": {
				"href": "https://[URL]/api/v1/authenticators/aut7s9h8pmqmdphjo5d7/lifecycle/deactivate",
				"hints": {
					"allow": [
						"POST"
					]
				}
			},
			"methods": {
				"href": "https://[URL]/api/v1/authenticators/aut7s9h8pmqmdphjo5d7/methods",
				"hints": {
					"allow": [
						"GET"
					]
				}
			}
		}
	}
]

Wheras this enpoint factors to enroll:

{{url}}/api/v1/users/{{userId}}/factors/catalog

returns only one possibility:

[
    {
        "factorType": "token:software:totp",
        "provider": "OKTA",
        "vendorName": "OKTA",
        "_links": {
            "enroll": {
                "href": "[URL]/api/v1/users/00u806c7odXAfdT515d7/factors",
                "hints": {
                    "allow": [
                        "POST"
                    ]
                }
            }
        },
        "status": "NOT_SETUP",
        "enrollment": "OPTIONAL"
    }
]

How can I change to list all factors like in profile for this user?

And how make usage from links provided in JSON results?

Post		Replies	Views
API for sending one-time verification code via email API	1	1901	February 13, 2024
Okta multi factor verify call returns null response API mfa	1	4857	January 12, 2024
Okta Verify Integration to ASP.Net MVC Web App Questions	2	3331	January 25, 2024
API to send Okta verify enrollment setup links to EMAIL/SMS API api	2	992	April 17, 2024
How to Verify a WebAuthn Factor challenge using .NET Okta SDK version 7.0.0 API	2	1774	February 15, 2024

How to enable OKTA Verify by API

Related topics