I found the API Users | Okta Developer which I can use to get status of a user.
Since my application is on a shared tenant, I will not be able to get api_token. Is there any other way or API to get user status without providing api_token?
Short of having an API token with admin permissions, if the user is logged into the Okta org in the browser, they can make a call to https://oktaDomain/api/v1/users/me (aka, navigate to that URL in another tab or make a CORS request from a Trusted Origin for that domain). Granted, if they are able to login, that means they’re status is going to be “ACTIVE”.
A user’s session cookie, an admin’s API token, or an Access Token issued to an admin or a service app with sufficient scopes is the only way to access this information.
This topic was automatically closed 24 hours after the last reply. New replies are no longer allowed.