Retrieve Okta User On Backend

Questions
1

I have a problem. I use okta for my app login but I wanna try to use it for manage the users directly on the app. For this, I like to connect on okta and show all users. But, the client credentials doesn’t work. My frontend call my backend like localhost:8080/users or localhost:8080/users/id to see some specific but nothing works. I’ve tried to use this:

Client client = Clients.builder()
.setOrgUrl(“https://{yourOktaDomain}”) // e.g. https://dev-123456.okta.com
.setAuthorizationMode(AuthorizationMode.PRIVATE_KEY)
.setClientId("{clientId}")
.setScopes(new HashSet<>(Arrays.asList(“okta.users.read”, “okta.apps.read”)))
.setPrivateKey("/path/to/yourPrivateKey.pem")
.build();

or

Client client = Clients.builder()
.setOrgUrl(“https://{yourOktaDomain}”) // e.g. https://dev-123456.okta.com
.setClientCredentials(new TokenClientCredentials("{apiToken}"))
.build();

but the info that they expect I don’t have or it’s impracticable.
Thanks for helping

2

Hi there @lucas88. Can you provide any more specifics on the error(s) you’re encountering?

Also, make sure your apiToken has not expired - you can check this at Security → API → Tokens in your Okta dashboard.

3

So,

I don’t wanna use an API Token. There is a way to retrieve the list of users or create or delete or update a user with client_id and client_secret? Or pretty much any data already exists…
Or the unique way is using the API Token? I read a lot of content, gathering information, but nothing helps… I thought about using a PEM certificate but I think it’s complex too.
My piece of code:

return oktaUserMapper.toDto(oktaClient.getUser(userEmail));

the oktaClient. How do I initiate it?

4

Gotcha! Unfortunately you will not be able achieve this flow solely with a client ID and secret. If you don’t want to go the api token route then the other constructor you posted is the only alternate option. Take a look at this thread here for more discussion on this as well as a guide to help you create your PEM file:

5

This topic was automatically closed 24 hours after the last reply. New replies are no longer allowed.