What is the best way to Authorize api requests for fetching system logs

I am working on a use case to fetch system logs from the Okta API’s. The application which will be pulling logs from okta api is a native backend application.

I need some guidance here to decide which one out the below is considered as the best approach to do that :

a. Use the SSWS token with read only “Report Administrator” role.
b. Use Implement OAuth for Okta with a service app as explained here https://developer.okta.com/docs/guides/implement-oauth-for-okta-serviceapp/main/*use-the-client-credentials-grant-flow

Please advise which is the best and preferred way ?

@mkpdev! Thank you for your question. The answer is b! As this method is the secure route/choice for a service automation app. You can learn more about why this is so here - Selecting the Best Authorization for Your API Integrations | Okta Developer. I suggest you enable the scope okta.logs.read to allow your service app to read System Log entries in your Okta org.

2 Likes