<iframe src="https://www.googletagmanager.com/ns.html?id=GTM-M74D8PB" height="0" width="0" style="display:none;visibility:hidden">
Loading
Skip to NavigationSkip to Main Content
System Status
Announcements
Announcements
Search
Search
Select Language
Knowledge Base
Knowledge Articles
Support Videos ↗
Documentation
Product Documentation ↗
Developer Documentation ↗
Product Release Notes ↗
Community
Events & Webinars
Okta Ideas ↗
Resources
Product Hub
Customer Success Hub
Product Release Update
Learning
Okta Learning ↗
Get Support
Open a Case
HomeCommunityForum
0D51Y000061Fq0wSACOkta Classic EngineAdministrationAnswered2019-05-13T22:54:27.000Z2019-03-01T18:46:42.000Z2019-05-13T22:54:27.000Z

SamY.57083 (Customer) asked a question.

March 1, 2019 at 6:46 PM
Obtain API token dynamically

Is there any way to programmatically get an API token? The docs seem to indicate the Tokens endpoint is deprecated, but they only link to a page describing the manual way to get a token from the web UI. An initial manual step to get a token wouldn't be terrible, but there's no way to "rotate" tokens automatically (i.e. issue a new one to replace the old one). Just having a static, highly privileged token sitting around forever (even in some kind of secrets vault) makes me pretty uncomfortable.

  • 3 answers
  • 658 views
LeeM.10302 likes this.

  • LeeM.10302 (Swiss Re)

    It appears Okta are working on some OAuth based scoping permissions for their API's

  • stefan.pescaru1.4793088119572407E12 (Okta, Inc.)

    Hello Sam,

     

    At the moment, a public endpoint for generating API tokens is not something we support. Yet, I would see a way of doing this in a programmatic manner, but this will require for you to use the Okta UI and the browser console to obtain the information you need.

    Also, in order for this to work, you will need to have an authenticated session, and the Token will inherit the permissions of the authenticated account.

    Again, I must underline the fact that this is not something we support or will offer support on, but simply an idea of a workaround to the outcome you are trying to achieve.

     

    Thank you,

     

    Stefan Pescaru

    Technical Support Engineer

    Okta Global Customer Care

    Expand Post

    • SamY.57083 (Customer)

      Thanks for clarifying. We had indeed considered using something like Selenium to automate the UI steps, but that seems likely to be kind of brittle. For now we are going to wait it out and hope something better comes along (e.g. further development of OAuth scopes for Okta APIs).
This question is closed.
Loading
Obtain API token dynamically