Okta Integration
Manage Okta users, groups, apps, authorization servers, policies, and system logs
The Okta integration provides access to manage Okta users, groups, apps, authorization servers, policies, and system logs through the Integrate MCP server.
Installation
The Okta integration is included with the SDK:
import { oktaIntegration } from "integrate-sdk/server";Setup
1. Create an Okta OAuth App
- Create an OAuth application for Okta
- Configure your redirect URI
- Note your Client ID and Client Secret
2. Configure the Integration on Your Server
Add the Okta integration to your server configuration. The integration automatically reads OKTA_CLIENT_ID and OKTA_CLIENT_SECRET from your environment variables:
import { createMCPServer, oktaIntegration } from "integrate-sdk/server";
export const { client: serverClient } = createMCPServer({
apiKey: process.env.INTEGRATE_API_KEY,
integrations: [
oktaIntegration({
scopes: ["openid", "profile", "email", "offline_access", "okta.users.read", "okta.users.manage", "okta.groups.read", "okta.groups.manage", "okta.apps.read", "okta.logs.read"], // Optional
}),
],
});You can override the environment variables by passing explicit values:
oktaIntegration({
clientId: process.env.CUSTOM_OKTA_ID,
clientSecret: process.env.CUSTOM_OKTA_SECRET,
scopes: ["openid", "profile", "email", "offline_access", "okta.users.read", "okta.users.manage", "okta.groups.read", "okta.groups.manage", "okta.apps.read", "okta.logs.read"], // Optional
});3. Client-Side Usage
The default client automatically includes all integrations. You can use it directly:
import { client } from "integrate-sdk";
await client.authorize("okta");
const result = await client.okta.listUsers({});
console.log(result);If you're using a custom client, add the integration to the integrations array:
import { createMCPClient, oktaIntegration } from "integrate-sdk";
const customClient = createMCPClient({
integrations: [oktaIntegration()],
});Configuration Options
Prop
Type
Default Scopes
These defaults are applied unless you override scopes in the integration config:
openidprofileemailoffline_accessokta.users.readokta.users.manageokta.groups.readokta.groups.manageokta.apps.readokta.logs.read
Tools
okta_list_users
List users
Prop
Type
okta_get_user
Get user
Prop
Type
okta_create_user
Create user
Prop
Type
okta_update_user
Update user
Prop
Type
okta_deactivate_user
Deactivate user
Prop
Type
okta_list_groups
List groups
Prop
Type
okta_get_group
Get group
Prop
Type
okta_create_group
Create group
Prop
Type
okta_add_user_to_group
Add user to group
Prop
Type
okta_remove_user_from_group
Remove user from group
Prop
Type
okta_list_apps
List apps
Prop
Type
okta_get_app
Get app
Prop
Type
okta_list_authorization_servers
List authorization servers
Prop
Type
okta_list_policies
List policies
Prop
Type
okta_list_system_logs
List system logs
Prop
Type
Notes
- Category: Identity & Access
- Authentication mode: OAuth