Policy API question Skip to main content
How satisfied are you with the Okta Help Center?
Thank you for your feedback!
How satisfied are you with the Okta Help Center?
Very Dissatisfied
Very satisfied
Enter content less than 200 characters.
Ask Search:
Michael MongeauMichael Mongeau 

Policy API question

I'm testing the early access Policy API and found that I can retrieve sign-on policies using this REST API endpoint:


It only returns the global sign-on policies configured under Security / Authenticaiton.  What about application-specific sign-on policies, such as MFA policies configured at the application level?  Is there any way to retrieve those polices and rules using the API?



Jerrell GaryJerrell Gary (Okta, Inc.)
Hello Michael,

Type-Specific Policy Data Structures

Okta Sign On Policy

Okta sign on policy controls the manner in which a user is allowed to sign on to Okta, including whether they are challenged for multifactor authentication (MFA) and how long they are allowed to remain signed in before re-authenticating.

Note: Okta Sign On Policy is different from application sign-on policy, which determines the extra levels of authentication (if any) which must be performed before a specific Okta application can be invoked. Application sign-on policy can’t be configured via the API.

Please read the following documentation if you have any additional concerns or you can open a Support case.

KB article - https://developer.okta.com/docs/api/resources/policy.html