DanW.42369 (Customer) asked a question.
What Okta Admin Permissions are Required for factors API Call
Trying to make an API call to the factors API via an HTTP post to /api/v1/users/${userId}/factors/${factorId}/verify and I'm trying to determine what admin permissions are required for this call to succeed. None of the admin permissions give me an idea of which to grant for this call and I can't find any information on it via the documentation page.
The API call fails with "You do not have permission to perform the requested action" when using a read only administrator account. The API call does work when using an org admin token, but I would prefer to avoid using the org admin role as it is excessive for my needs.
https://developer.okta.com/docs/reference/api/factors/*response-example-21
Hello @DanW.42369 (Customer) Thank you for reacting out to our Community!
If you want to configure Factors API, for this you need at least ORG admin based on our documentation below, "Multifactor Authentication" section:
https://help.okta.com/en-us/Content/Topics/Security/administrators-admin-comparison.htm
The Okta Community Catalysts Program is now live. Collect online badges when you participate in the Okta Help Center Questions community. Learn more here.