<iframe src="https://www.googletagmanager.com/ns.html?id=GTM-M74D8PB" height="0" width="0" style="display:none;visibility:hidden">
Loading
Skip to NavigationSkip to Main Content
System Status
Announcements
Announcements
Search
Search
Select Language
Knowledge Base
Knowledge Articles
Support Videos ↗
Documentation
Product Documentation ↗
Developer Documentation ↗
Product Release Notes ↗
Community
Events & Webinars
Okta Ideas ↗
Resources
Product Hub
Customer Success Hub
Product Release Update
Learning
Okta Learning ↗
Get Support
Open a Case
HomeCommunityForum
0D54z00007DAyrlCADOkta Classic EngineAdministrationAnswered2021-10-04T16:24:29.000Z2021-10-01T01:32:46.000Z2021-10-04T16:24:29.000Z

JamalE.54083 (Customer) asked a question.

October 1, 2021 at 1:32 AM
Associating API token with multiple users

We have an application that is used by admins to create new users in our system. This admin app behind the scene creates a new user in OKTA. Now the admins also login to the app using OKTA so they are part of an admin group. So, the app makes a call to the /user endpoint passing an API Token in the Authorization header to create the user.

Since the API token was created by one superAdmin user. Every time a user is created. The actor in the logs is showing as the superAdmin user and not the admin user who created the new user?

This is problematic for us since now we have no audits to show which admin created which user. It only shows the superadmin.

How can we change this behavior? Can API token get generated dynamically by the admin user that is authenticated and logged in to OKTA?

 

Thanks!

  • 1 answer
  • 570 views

  • User15730827840579969856 (Vendor Management)

    Cezar here with Okta Support.Unfortunately, at this moment, this is the only way to create api tokens.I would advise you to file an idea in this portal ideas.okta.com and if upvoted, our engineering team will consider it for future implementations.

This question is closed.
Loading
Associating API token with multiple users