I have a question. I am trying to use the Okta workflow cards, “List Import Sessions”, and “Create an Import Session”. But, I keep getting this error: "okta.identitySources.read", error="insufficient_scope", error_description="The access token provided does not contain the required scopes.\
According to Myacxiom - Sign In, I would just need to enable the scopes for
okta.identitySources.manage, or okta.identitySources.read.
But when reviewing the list of avilable API scopes under the workflows OAuth app, there is not an option for identitySources?
Hi there,
When you go to the Okta Dashboard > Applications > Applications > Okta Workflows OAuth > Okta API Scopes tab, you don’t see the following scopes?
Do you set this up in Preview or Production org.?
Do you have the LCM (Life Cycle Managment) SKU enabled in your org.?
One more thing. You could also try to add the scope in the connection:
Thank you! I will give it a try. This is currently set up in preview, and I can check on the LCM SKU.
The LCM is enabled for the org through the use of the Active Directory. I have also added the custom scope to the connection and created a new connection with the customer scope. Yet, it is still saying that I do not have the required scope. I can add the custom scope when creating the connection, yet in the Okta tenant, for the OAuth app, there is not okta.IdentitySources scope. Do you have any other suggestions? And correct my understanding of the LCM if the AD integration is not sufficient.
Essentially, I am trying to perform the “Import Now”, using Okta workflows. I just want to make sure that this is the best course of action through using the identitySources read/manage scope.
Can you DM me your org name (or via email)? We will check why you don’t see that scope.
Please create a support ticket. Supports wants to check what product SKUs and feature flags your org has. Please also DM me the ticket number.
Hey @iduggan - you likely heard back from the Suppor team about this issue. I will post a summary if anyone else runs into the same problem.
They tried to use the import cards in Workflows with AD, but they are for XaaS, and AD is not supported.
