IntegrateIntegrate
Integrations

Okta Integration

Manage Okta users, groups, apps, authorization servers, policies, and system logs

The Okta integration provides access to manage Okta users, groups, apps, authorization servers, policies, and system logs through the Integrate MCP server.

Installation

The Okta integration is included with the SDK:

import { oktaIntegration } from "integrate-sdk/server";

Setup

1. Create an Okta OAuth App

  1. Create an OAuth application for Okta
  2. Configure your redirect URI
  3. Note your Client ID and Client Secret

2. Configure the Integration on Your Server

Add the Okta integration to your server configuration. The integration automatically reads OKTA_CLIENT_ID and OKTA_CLIENT_SECRET from your environment variables:

import { createMCPServer, oktaIntegration } from "integrate-sdk/server";

export const { client: serverClient } = createMCPServer({
  apiKey: process.env.INTEGRATE_API_KEY,
  integrations: [
    oktaIntegration({
      scopes: ["openid", "profile", "email", "offline_access", "okta.users.read", "okta.users.manage", "okta.groups.read", "okta.groups.manage", "okta.apps.read", "okta.logs.read"], // Optional
    }),
  ],
});

You can override the environment variables by passing explicit values:

oktaIntegration({
  clientId: process.env.CUSTOM_OKTA_ID,
  clientSecret: process.env.CUSTOM_OKTA_SECRET,
      scopes: ["openid", "profile", "email", "offline_access", "okta.users.read", "okta.users.manage", "okta.groups.read", "okta.groups.manage", "okta.apps.read", "okta.logs.read"], // Optional
});

3. Client-Side Usage

The default client automatically includes all integrations. You can use it directly:

import { client } from "integrate-sdk";

await client.authorize("okta");
const result = await client.okta.listUsers({});

console.log(result);

If you're using a custom client, add the integration to the integrations array:

import { createMCPClient, oktaIntegration } from "integrate-sdk";

const customClient = createMCPClient({
  integrations: [oktaIntegration()],
});

Configuration Options

Prop

Type

Default Scopes

These defaults are applied unless you override scopes in the integration config:

  • openid
  • profile
  • email
  • offline_access
  • okta.users.read
  • okta.users.manage
  • okta.groups.read
  • okta.groups.manage
  • okta.apps.read
  • okta.logs.read

Tools

okta_list_users

List users

Prop

Type

okta_get_user

Get user

Prop

Type

okta_create_user

Create user

Prop

Type

okta_update_user

Update user

Prop

Type

okta_deactivate_user

Deactivate user

Prop

Type

okta_list_groups

List groups

Prop

Type

okta_get_group

Get group

Prop

Type

okta_create_group

Create group

Prop

Type

okta_add_user_to_group

Add user to group

Prop

Type

okta_remove_user_from_group

Remove user from group

Prop

Type

okta_list_apps

List apps

Prop

Type

okta_get_app

Get app

Prop

Type

okta_list_authorization_servers

List authorization servers

Prop

Type

okta_list_policies

List policies

Prop

Type

okta_list_system_logs

List system logs

Prop

Type

Notes

  • Category: Identity & Access
  • Authentication mode: OAuth

On this page