How to get SSWS {{apikey}} and roles?

Jvalekar · September 2, 2022, 11:52am

Hello All,

I am new to Okta and I have okta sandbox details only. Can anyone please tell me where I get the roles for a particular user and how can i get the API key for the SSWS {{apikey}} for the postman?

andrea · September 7, 2022, 8:37pm

You can call /api/v1/users/${userId}/roles to list the admin roles for a user.
An SSWS API key cannot be generated via an API call, you must generate it in the UI (while logged in as the admin user in question, of course).

If you need something more programmatic, you may want to considering using OAuth to authorize the calls to Okta instead. More details here: Implement OAuth for Okta | Okta Developer and Implement OAuth for Okta with a service app | Okta Developer

Jvalekar · September 8, 2022, 7:37am

Thanks, @andrea for the response. I am using authorization code flow with the PKCE method and I received the access token as well, but when I want to make calls for another APIS, I need an API key in the header. I tried with the access token key but got an unauthorized token error. So not sure what is the main reason for it.

andrea · September 8, 2022, 4:16pm

If the user’s access token has high enough admin privileges to make the request (for /roles, they would need to be an admin that is allowed to read users), then you can add the access token to the auth header as a Bearer token (e.g, change it from SSWS {{apikey}} to Bearer {{access_token}}).

End-users without admin permissions will not be able to access this information with their access token

AlexandreUnca · July 3, 2023, 8:54am

This is what i am trying to do.

Do how do i get the bearer of the user.
My front angular only send me the Auth bearer with no scopes.

I am building my api in dotnet core.

to get the accestoken i am doing something like this :
this.Request.Headers[HeaderNames.Authorization]
and this as scope :
Scopes = new HashSet { “okta.users.read”, “okta.apps.read”, “okta.users.manage” }

But when i try to call await uapi.ListUsers().ToListAsync(), i dont get any result.

andrea · July 6, 2023, 8:17pm

And you’re getting back an Access Token with the requested scopes, issued by the Org Authorization Server (iss == your Okta domain)?

Are you using one of our SDKs to get the token and then make the request to Users, or is this your own code?

AlexandreUnca · July 9, 2023, 8:36am

cf : How to lock down an API token to only access what our application needs - #13 by AlexandreUnca

I do use okta skd.

system · February 13, 2024, 1:00am

This topic was automatically closed 24 hours after the last reply. New replies are no longer allowed.

Post		Replies	Views
Get Okta users API with sessionToken OAuth/OIDC	5	3665	October 18, 2022
Administrator Roles API - List user roles Questions	2	4463	March 11, 2019
Okta API Authentication API	7	3938	September 29, 2022
Okta API Only Needs API Token? API	2	2319	October 6, 2022
Using Client Secrets and Client IDs API	4	5402	February 12, 2024

How to get SSWS {{apikey}} and roles?

Related topics