How to programmatically fetch SSWS API access token and then use it to create an IdP?

First of all, I’d like to ask if it is possible to fetch an API access token in a SSWS format?
My idea is to:

  1. Fetch API access token through the oauth2/default/v1/token endpoint.
  2. Create an IdP, using the api/v1/idps endpoint.(create IdP doc)

However, when I dug deeper in the documentation, it seems that for the second endpoint, a Bearer token is not applicable(the first endpoint returns a Bearer token). In other words, I’d need a SSWS(which is not recommended by Okta, but for my purposes it is not such a problem).

So my question is if it’s possible to fetch an API access token in a SSWS format programmatically?

Thanks in advance and correct me if my understanding is somewhat wrong.

There is no way to programmatically fetch SSWS tokens, but the endpoint /api/v1/idps does support OAuth bearer tokens with the okta.idps.manage scope.

Note that only the Org Authorization Server can mint a token with this scope, so you will need to use /oauth2/v1/token


Thanks for the fast reply and for the hints provided!

As you’ve mentioned, I was able to create IdP programmatically using a bearer token.
I’d like to point the Okta docs and steps for implementing this approach:

  1. a Service App is required
  2. Implement OAuth for Okta with a service app
  3. Using the Bearer token from 2. alongside the okta.idps.manage scope in the {okta-domain}/api/v1/idps endpoint worked just fine.
1 Like

This topic was automatically closed 24 hours after the last reply. New replies are no longer allowed.