AndrewP.21654 (Synovus) asked a question.
I am looking to update several applications with a sign-on rule related to device trust however, I don't want to manually create this rule across our environments. Using the API, is it possible to manage application sign-on policies/rules? I have so far come across the Okta Sign-on policy API but that is a different level.
Thanks.
We use cookies to provide the best website experience and to help understand marketing efforts. We may also share data with ad partners to reach potential customers across the web. To learn more, visit our Privacy Policy. Click here for Your Privacy Choices. You may also opt out of this sharing by signaling your preference via GPC, applicable only to the browser signaling the opt-out.
More information
These cookies are necessary for the website to function and cannot be switched off in our systems. They are usually only set in response to actions made by you which amount to a request for services, such as setting your privacy preferences, logging in or filling in forms. You can set your browser to block or alert you about these cookies, but some parts of the site will not then work. These cookies do not store any personally identifiable information.
These cookies enable the website to provide enhanced functionality and personalisation. They may be set by us or by third party providers whose services we have added to our pages. If you do not allow these cookies then some or all of these services may not function properly.
These cookies allow us to count visits and traffic sources so we can measure and improve the performance of our site. They help us to know which pages are the most and least popular and see how visitors move around the site. All information these cookies collect is aggregated and therefore anonymous. If you do not allow these cookies we will not know when you have visited our site, and will not be able to monitor its performance.
These cookies may be set through our site by our advertising partners. They may be used by those companies to build a profile of your interests and show you relevant adverts on other sites. They do not store directly personal information, but are based on uniquely identifying your browser and internet device. If you do not allow these cookies, you will experience less targeted advertising.
Select All
We use cookies to provide the best website experience and to help understand marketing efforts. We may also share data with ad partners to reach potential customers across the web. To learn more, visit our Privacy Policy. Click here for Your Privacy Choices. You may also opt out of this sharing by signaling your preference via GPC, applicable only to the browser signaling the opt-out.
More information
These cookies are necessary for the website to function and cannot be switched off in our systems. They are usually only set in response to actions made by you which amount to a request for services, such as setting your privacy preferences, logging in or filling in forms. You can set your browser to block or alert you about these cookies, but some parts of the site will not then work. These cookies do not store any personally identifiable information.
These cookies enable the website to provide enhanced functionality and personalisation. They may be set by us or by third party providers whose services we have added to our pages. If you do not allow these cookies then some or all of these services may not function properly.
These cookies allow us to count visits and traffic sources so we can measure and improve the performance of our site. They help us to know which pages are the most and least popular and see how visitors move around the site. All information these cookies collect is aggregated and therefore anonymous. If you do not allow these cookies we will not know when you have visited our site, and will not be able to monitor its performance.
These cookies may be set through our site by our advertising partners. They may be used by those companies to build a profile of your interests and show you relevant adverts on other sites. They do not store directly personal information, but are based on uniquely identifying your browser and internet device. If you do not allow these cookies, you will experience less targeted advertising.
Select All
May Okta Community Buzz
Stay ahead of the curve with Okta for AI Agents, new Okta Learning live sessions and labs, shout-outs, and top trending topics—all aimed at enriching your Okta journey.
I hope you have come across the developer site as it has all the api listed -
https://developer.okta.com/docs/reference/api/policy/
While creating the policy you have to change the "type" and then use the policyId to create rule appropriate rule.
Thank you. I did find that page however, the Policy API doesn't appear to manage the application sign-on policies. I was hoping that someone else has come across this before. I will keep looking.
Can we get an answer to this? We're looking to automate this process as part of our pipeline as well and are not seeing an option for this in the API.
Piping in to second this request. This is a feature that I've been looking for for a long time.
As far as I understand, there are currently no public Application Sign-On Policy APIs available to customers. However, it would be a really welcome enhancement, and in my experience is a notable gap in the options one has for configuring Okta through the API. As the number of applications in an environment grows from dozens to hundreds or thousands, it becomes increasingly difficult to audit and ensure consistency across Application Sign-On Policies. Auditing the Application Sign-On Policies without an API is a very time-intensive and error-prone task, and it causes delays in communicating to stakeholders what the current state at any given time is. Having an Application Sign-On Policy API would reduce that effort required during audits dramatically - not to mention that it would also enable DevOps pipelines to have much better control of Okta, for instance, in use cases where Terraform is being used to manage the Okta environments.
Thirding to this request, as we are using an Application Onboarding Automation tool but unable to configure App Sign on policies via API.
Agreed - I am being asked to report on our applications to show sign on policies and it would be nice to be able to include this in my script that pulls down information about the apps, so I could show which ones have custom sign in policies and which don't.
Adding my voice to this - first looked at automating App Sign On policies ~18 months ago, somewhat frustrating that we still don't have API support. Will raise a support call, may prompt some answers about a possible ETA.
Hi I've requested this feature please vote for it to increase chances okta will implement this feature thanks https://ideas.okta.com/app/#/case/135786?section=requests
Hi everyone! Currently, Okta API doesn't support this officially, but you can try making custom call to this URL `https://myorg.okta.com/api/v1/policies?type=Okta:SignOn&resourceId={app_instance_ID}`
Hope this helps!
Hi Bogdan,
Were you able to confirm that the suggestion provided works? I tried making a GET call, but the type field errors:
Not found: Resource not found: Okta:SignOn (RuleSetEntity)