Hi,
The UpdateUser api form online menu asks for api_token. I am wondering if there is option to use OAuth 2.0 access token (bear token), similar to getUserInfo api?
Thanks,
Hi @lgeng! Can you elaborate more on what you are looking for/want to do? Currently, our OIDC /userinfo endpoint takes a bearer token - OpenID Connect & OAuth 2.0 API | Okta Developer.
@sigama I want to update user own profile, e.g first name, last name etc. I know POST
/api/v1/users/me can serve it’s purpose, but it needs api_token. I am wondering if there is api to use bearer token only without exposing api token.
Thank you for clarifying @lgeng. You can definitely send an access token instead, please check out OAuth for Okta, but aside from this I recommend our blog on API Key best practice.
1 Like
@sigama I read through the OAuth for Okta. Currently the open available endpoint for access token is getUserInfo.
From Scopes and supported endpoints | Okta Developer, does that mean once we have managed scope of access token, e.g okta.users.manage.self, we can use the same endpoint which requires api token for the request as long as we replaced with access token, is that true? Do you have an working example to show?
1 Like
@lgeng can you confirm where you are referencing the getUserInfo endpoint you mentioned? Is this from one of our SDKs?