Hi,
Is there any feature in Okta to give my end-users a personal access token/API key to work with in some cases instead of their username/password? like a private personal token with no expiry time.
Hi,
Is there any feature in Okta to give my end-users a personal access token/API key to work with in some cases instead of their username/password? like a private personal token with no expiry time.
Not exactly, but you could use U2F and password sequencing to give this effect. Set up a U2F token (Yubikey, Windows Hello) and let them login with it first.
But this is just for end-user authentication.
No, I don’t need that for authentications.
Actually I need that personal token to be used exactly as a personal api key.
I have an application that its users are developers! who can use some of the features by calling its APIs and I need to generate and assign a unique key for each user.
In an ideal situation, I need a unique token to be generated with unlimited lifetime and dedicated to a user.
Hello @chu123 could you please elaborate a little more?
We need a similar feature to support API Keys along with OAuth2.0
Every user/customer is able to issue 1…n static long-lived API keys and use them to access our API instead of OAuth2.0 flow. It is needed for use-cases where no UI is involved (backend-only apps, trading bots, etc.).
Same way as Coinbase does, see their doc: API Key Authentication - Coinbase Developers
Okta provides so many features, and I’m a little lost if it is supported. Could you point me in the right direction? Thanks.