I have a following usecase:
I need to call multiple okta apis like /groups, /users etc for some internal requirements.
How can I call these api using client_credentials flow using client_id and client_secret without signin?
I am able to call api using private key pair, but is it possible to achieve the same using client_id and client_secret?
Hi,
To interact with Okta APIs with a service app you can try following this doc Implement OAuth for Okta with a service app | Okta Developer
You will need to use public private key pair since using client_id/client_secret is not supported with this
@vk-giri Thanks for you response. I just wanted to know a few things:
Since we cannot ask our clients to create another service app via public private key pair,and using API access token , expiry is max 30 days for token, Is there any other way via which okta apis can be called? Just like in Azure, Apis can be called directly using client_id, client_secret and tenant_id
The private_key_jwt client authentication method is the only supported method for OAuth service apps that want to get access tokens with Okta scopes.
As @vk-giri said and the documentation they linked to confirms, Okta does not support requesting Access Tokens that can be used against Okta’s endpoints using Client Credentials flow with Client ID:Client Secret auth, as we require that Private Key JWT client authentication be used for enhanced security.
Thanks guys for your prompt response! Will use private key to do the same.