Why okta api scopes must be granted for a service app

idaaser · February 6, 2025, 5:19am

Per service app, I’m building a service app(a backend daemon) which calls okta management-api to sync all users in okta.

It’s easy to understand that I MUST assign an “Admin Role” to get all users, but I dont’ understand why I have to grant scope of “okta.users.read” ? because it is already an “Admin”

plese help clarify, thanks

system · March 8, 2025, 5:19am

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.

Post		Replies	Views
Okta Workflows OAuth App API scope Questions	3	101	August 15, 2024
Limit service application scopes to groups or apps Questions	2	3430	February 6, 2024
Native App with Okta scopes: unable to use Okta scope during authentication API api	1	2991	February 12, 2024
/users/#{user_id}/factors endpoint returns 403 API	7	1723	August 29, 2023
Why not all scopes are available for API applications? API api , oauth	2	1441	January 2, 2024

Why okta api scopes must be granted for a service app

Related topics