I would like to create a service account that can dynamically provision and de-provision applications. I think the correct permissions achieve this are read/write capabilities to the apps and trusted-origins API:
https://developer.okta.com/docs/reference/api/trusted-origins/ https://developer.okta.com/docs/reference/api/apps/
However, in the permissions matrix here https://help.okta.com/en/prod/Content/Topics/Security/Administrators.htm it isn’t apparent what role is appropriate to minimally provide just those permissions and nothing else.
Can someone provide some guidance as to the best service user setup to achieve this?
Thanks.
I might be wrong, but Trusted Origins is the one for Org Admin to change
1 Like
svr
February 24, 2021, 8:14pm
3
Experts,
I am newbie to okta. Trying to setup a ‘service user’ account with required privileges for create user API.
The application team will be using JAVA API to create users in okta tentant.
Could you please help me with any URL / steps to create service user.
Thanks!
andrea
February 24, 2021, 11:49pm
4
Yeah, that should be right. Trusted Origins should fall under “Edit Okta Settings,” which can only be done by Super and Org Admins.
system
February 25, 2021, 11:50pm
5
This topic was automatically closed 24 hours after the last reply. New replies are no longer allowed.