MFA on OKTA native API login with token

Hi,

I am developing an admin script that connects to the Okta API (https://xyz.okta-ema.com/api/v1/) for Okta user, group management. So I am NOT integrating Okta in any kind of app. It’s just my own Okta admin script.

I have this working with a token but I want to add MFA on this.

Currently this token won’t be secure because if anybody get’s his/her hand on this token it can be used from everywhere in the world. The solution would be to add MFA. But I can only find documentation on how to add OAuth a.o. to my application. I want it on the Okta API session.

If some one could confirm this is possible (or not) and point me in the right direction? Thanks in advance.

Hi @JappeReuling

You can find here a documentation for OAuth for Okta API. The bearer tokens generated through this feature can be used for 60 minutes.

Regarding the MFA option, there is no option out of the box for this functionality, however you can proxy the request through an API gateway, which can add the Authorization header with the API token, preventing the token from being exposed to users.