Skip to main content

Overview

Pre-built tooling

Pre-built integrations

Access requirements

Setup guide

Useful links

API gotchas

Pre-built tooling

No pre-built syncs or actions available yet.
Not seeing the integration you need? Build your own independently.

Access requirements

Setup guide

No setup guide yet.
Need help getting started? Get help in the community.
Contribute improvements to the setup guide by editing this page
Contribute useful links by editing this page

API gotchas

  • This provider uses Okta’s Org Authorization Server (/oauth2/v1/token) with private_key_jwt client authentication to call Okta’s Management API.
  • The Okta application must be created as API Services (Applications > Create App Integration > API Services). Standard OIDC apps only support authorization_code and will return unauthorized_client errors.
  • Authentication uses private_key_jwt: you generate an RSA key pair, upload the public key to the Okta app, and provide the private key to Nango. No client secret is used.
  • Scopes must be granted to your application under Applications > your app > Okta API Scopes. See the full list in the Okta Management API scopes reference.
  • Client credentials do not use refresh tokens — Nango re-authenticates automatically when the access token expires (default: 1 hour).
  • Management API endpoints (e.g. /api/v1/users) return an empty array (200 []) — not a 403 — when the API Services app has no admin role assigned. Grant at least Read-Only Administrator under Security > Administrators (or Applications > your app > Admin roles) to return results.
Contribute API gotchas by editing this page

Going further

Connect to Okta (Client Credentials)

Guide to connect to Okta (Client Credentials) using Connect UI