AlessioG.03979 (Customer) asked a question.
we have disconnected clients that manage auth through a server.
These server haven't user credentials, it get it from client and use it on/api/v1/authn to get a sessionToken for valid login and stores it.
We don't use OAuth, security level we need is very poor and our only purpose is to check the state of user auth every single day.
We read about "session API" and how to refresh it but it seems to be oversized for our needs.
We only need to check if user is still "valid" (not locked, not pending for password change request or not deleted) once a day.
Which is the "lightest" way to do that?
Is there any way to simply "refresh" the sessionToken above without session management and without re-ask user credential?
Once a day, which API call sequence have we to implement to manage this situation?
Thanks in advance,
Alessio
Hi Alessio,
Thank you for posting on the Okta Help center.
Since your end-goal is to confirm users life-cycle status in Okta, you can use the Users APIs to retrieve user profiles based on user ID , list users by search or apply filters to retrieve only "Provisioned" or "Active Users" which in turn will confirm the user status in Okta, thus, allowing you to confirm user accounts are Active or if any change has been made.
Examples : {{url}}/api/v1/users?filter=status eq "ACTIVE"&limit=25 - Retrieves 25 users with the status Active.
{{url}}/api/v1/users/userID- Retrieves only the specific Okta profile. Note: User IDs can be found in the URL when accessing an user Profile, the value being similar to 00uazkjewUJB44AH7356.
Please find detailed instructions regarding the Users APIs along with instructions to download the Okta APIs collections available for Postman, in the below KB's:
https://developer.okta.com/docs/reference/api/users/#list-users-with-a-filter
https://developer.okta.com/code/rest/
https://developer.okta.com/docs/reference/postman-collections/
If you'll have any questions or require assistance, feel free to open a case with Okta Support.
Best regards.
Sergiu Costea
Technical Support Engineer
Okta Global Customer Care