<iframe src="https://www.googletagmanager.com/ns.html?id=GTM-M74D8PB" height="0" width="0" style="display:none;visibility:hidden">
Loading
Skip to NavigationSkip to Main Content
System Status
Announcements
Announcements
Search
Search
Select Language
Knowledge Base
Knowledge Articles
Support Videos ↗
Documentation
Product Documentation ↗
Developer Documentation ↗
Product Release Notes ↗
Community
Events & Webinars
Okta Ideas ↗
Resources
Product Hub
Customer Success Hub
Product Release Update
Learning
Okta Learning ↗
Get Support
Open a Case
HomeKnowledge Base
Okta Administrators Default Group Limitations
Dec 6, 2023
Okta Identity Engine
Administration
Overview
When running API calls using the Okta Administrators group, Admins might receive 400 errors.
Applies To
  • API Calls
  • Okta Identity Engine (OIE)
Cause

The Okta Administrators group is created by default in OIE. This group is fully managed by Okta and cannot support any modifications, including via API.

If running GET api/v1/groups/{groupID} in Postman, the following parameter in the response will be received:

"type""BUILT_IN",

This type of group can only support GET calls in the format of:

{{url}}/api/v1/groups/00g7************

Any other type of operation against the Okta Admin Default group will result in 400 errors. PUT, POST, and DELETE operations will not work. Assigning apps to the group also will not work since this group does not support App Assignments.


 
Solution
If using a more complex system of getting groups, users, or apps from the tenant to export externally to any outside system, please exclude this group from any API operations, as it might return 400 errors.

Recommended content

Still looking for help?
Loading
Okta Administrators Default Group Limitations