Skip to main content

users

Overview

Nameusers
TypeResource
Idokta.user.users

Fields

NameDatatype
idstring
_embeddedobject
_linksobject
activatedstring
createdstring
credentialsobject
lastLoginstring
lastUpdatedstring
passwordChangedstring
profileobject
statusstring
statusChangedstring
transitioningToStatusstring
typeobject

Methods

NameAccessible byRequired ParamsDescription
getSELECTuserId, subdomainFetches a user from your Okta organization.
listSELECTsubdomainLists users in your organization with pagination in most cases. A subset of users can be returned that match a supported filter expression or search criteria.
insertINSERTsubdomainCreates a new user in your Okta organization with or without credentials.
deleteDELETEuserId, subdomainDeletes a user permanently. This operation can only be performed on users that have a DEPROVISIONED status. This action cannot be recovered!
activateEXECsendEmail, userId, subdomainActivates a user. This operation can only be performed on users with a STAGED status. Activation of a user is an asynchronous operation. The user will have the transitioningToStatus property with a value of ACTIVE during activation to indicate that the user hasn't completed the asynchronous operation. The user will have a status of ACTIVE when the activation process is complete.
changePasswordEXECuserId, subdomainChanges a user's password by validating the user's current password. This operation can only be performed on users in STAGED, ACTIVE, PASSWORD_EXPIRED, or RECOVERY status that have a valid password credential
changeRecoveryQuestionEXECuserId, subdomainChanges a user's recovery question & answer credential by validating the user's current password. This operation can only be performed on users in STAGED, ACTIVE or RECOVERY status that have a valid password credential
deactivateEXECuserId, subdomainDeactivates a user. This operation can only be performed on users that do not have a DEPROVISIONED status. Deactivation of a user is an asynchronous operation. The user will have the transitioningToStatus property with a value of DEPROVISIONED during deactivation to indicate that the user hasn't completed the asynchronous operation. The user will have a status of DEPROVISIONED when the deactivation process is complete.
expirePasswordEXECuserId, subdomainThis operation transitions the user to the status of PASSWORD_EXPIRED so that the user is required to change their password at their next login.
expirePasswordTempEXECuserId, subdomainThis operation transitions the user to the status of PASSWORD_EXPIRED and the user's password is reset to a temporary password that is returned.
forgotPasswordEXECuserId, subdomain
reactivateEXECuserId, subdomainReactivates a user. This operation can only be performed on users with a PROVISIONED status. This operation restarts the activation workflow if for some reason the user activation was not completed when using the activationToken from Activate User.
resetFactorsEXECuserId, subdomainThis operation resets all factors for the specified user. All MFA factor enrollments returned to the unenrolled state. The user's status remains ACTIVE. This link is present only if the user is currently enrolled in one or more MFA factors.
resetPasswordEXECsendEmail, userId, subdomainGenerates a one-time token (OTT) that can be used to reset a user's password. The OTT link can be automatically emailed to the user or returned to the API caller and distributed using a custom flow.
suspendEXECuserId, subdomainSuspends a user. This operation can only be performed on users with an ACTIVE status. The user will have a status of SUSPENDED when the process is complete.
unlockEXECuserId, subdomainUnlocks a user with a LOCKED_OUT status and returns them to ACTIVE status. Users will be able to login with their current password.
unsuspendEXECuserId, subdomainUnsuspends a user and returns them to the ACTIVE state. This operation can only be performed on users that have a SUSPENDED status.
updateEXECuserId, subdomainUpdate a user's profile and/or credentials using strict-update semantics.