Hello Okta.
Working with your teams in the forums, it seems that OIN is the best approach for our needs; we’re a fairly popular LXP and we have some common clients that would like to synchronize their Okta directory as learners in our system. We have a current integration with Microsoft Azure AD which uses the same Bearer token process - it was trivial to implement, and I’m hopeful that we can get some guidance on replicating that functionality with Okta.
I have, however, run into some confusion. The nature of “auth servers” isn’t quite as clear as Azure AD which has a single endpoint for all integrations (where the app token identifies tenancy).
So far, I have:
- Signed up for a developer edition of Okta, which yields an admin area with a dev-**** hostname
- Have gone into Applications > Applications and clicked on Create App Integration in order to get client/secret
- I’ve granted this application the okta.users.read scope
- I’ve got my base64 token ready to go - but on what hostname do we call /token? We are currently able to call a default endpoint, but the token it yields doesn’t work with the API
If I’ve dug in the wrong direction, perhaps I latched onto the wrong docs. If a reset were owed to the conversation, it’d be a very simple one: We just want to read user directories using bearer tokens.
What’s our fastest track to a proof of concept?
Confused, puzzled, yet thankful!
Alex