Do I need an Authorization Server? Skip to main content
https://support.okta.com/help/oktaarticledetailpage?childcateg=&id=ka02a0000005unwsay&source=documentation&refurl=http%3a%2f%2fsupport.okta.com%2fhelp%2fdocumentation%2fknowledge_article%2fdo-i-need-an-authorization-server
How satisfied are you with the Okta Help Center?
Thank you for your feedback!
How satisfied are you with the Okta Help Center?
1
2
3
4
5
Very Dissatisfied
Very satisfied
Enter content less than 200 characters.
Do I need an Authorization Server?
Published: Nov 3, 2017   -   Updated: Jun 22, 2018
Issue: How do you know if you need to use Okta’s authorization server instead of the authorization service that is built in to your Okta?

Applies to:  
  • Okta environments with the API Access Management SKU

Resolution:  

You need an Authorization Server if
  • You need to protect non-Okta resources.
  • You need different authorization policies depending on whether the person is an employee, partner, or end user, or other similar specializations.
 

Note: If your employees, partners, and users can all use the same authentication policies for single sign-on, try Okta’s built in authorization service.

For more info, review: https://help.okta.com/en/prod/Content/Topics/Security/API_Access.htm