Overview
Pre-built tooling
Pre-built integrations
Access requirements
Setup guide
Useful links
API gotchas
Pre-built tooling
✅ Read & write data
✅ Read & write data
✅ Observability & data quality
✅ Observability & data quality
✅ Customization
✅ Customization
Access requirements
Setup guide
No setup guide yet.Contribute improvements to the setup guide by editing this page
Useful links
- Okta API Services app setup guide
- Okta private_key_jwt client authentication
- Okta Management API OAuth 2.0 scopes reference
- Okta API reference
- API rate limiting
Contribute useful links by editing this page
API gotchas
- This provider uses Okta’s Org Authorization Server (
/oauth2/v1/token) withprivate_key_jwtclient authentication to call Okta’s Management API. - The Okta application must be created as API Services (Applications > Create App Integration > API Services). Standard OIDC apps only support
authorization_codeand will returnunauthorized_clienterrors. - Authentication uses
private_key_jwt: you generate an RSA key pair, upload the public key to the Okta app, and provide the private key to Nango. No client secret is used. - Scopes must be granted to your application under Applications >
your app> Okta API Scopes. See the full list in the Okta Management API scopes reference. - Client credentials do not use refresh tokens — Nango re-authenticates automatically when the access token expires (default: 1 hour).
- Management API endpoints (e.g.
/api/v1/users) return an empty array (200 []) — not a403— when the API Services app has no admin role assigned. Grant at least Read-Only Administrator under Security > Administrators (or Applications >your app> Admin roles) to return results.
Contribute API gotchas by editing this page
Going further
Connect to Okta (Client Credentials)
Guide to connect to Okta (Client Credentials) using Connect UI