Okta MCP Server

An official Okta-maintained Model Context Protocol (MCP) server that securely integrates LLM agents with Okta Admin Management APIs for natural-language-driven automation of users, groups, applications, and policies management.

Okta MCP Server is an official Okta-maintained implementation of the Model Context Protocol (MCP) server, designed to securely integrate Large Language Model (LLM) agents with Okta Admin Management APIs. The project enables IT operators to perform Okta identity management tasks through natural language instructions.

Key Features#

LLM-Driven Identity Management: Execute complex Okta administrative operations via natural language instructions
Dual-Mode Secure Authentication: Supports both Device Authorization Grant (interactive) and Private Key JWT (server-to-server) authentication methods
Interactive Confirmation Mechanism: Destructive operations (delete, deactivate) require user confirmation via MCP Elicitation API
Full CRUD Support: Covers five major resource categories: Users, Groups, Applications, Policies, and Logs
Extensible Architecture: Easy to add new tools and support for additional Okta API endpoints

Supported Tool Categories#

Category	Tool Examples
Users	list_users, get_user, create_user, update_user, deactivate_user, delete_deactivated_user, get_user_profile_attributes
Groups	list_groups, get_group, create_group, update_group, delete_group, list_group_users, list_group_apps, add_user_to_group, remove_user_from_group
Applications	list_applications, get_application, create_application, update_application, delete_application, activate_application, deactivate_application
Policies	list_policies, get_policy, create_policy, update_policy, delete_policy and rule management tools
Logs	get_logs

Installation & Deployment#

Docker (Recommended):

git clone https://github.com/okta/okta-mcp-server.git
cd okta-mcp-server
cp .env.example .env
docker-compose up -d

uv Package Manager:

git clone https://github.com/okta/okta-mcp-server.git
cd okta-mcp-server
uv sync
uv run okta-mcp-server

Environment Variables#

Variable	Description
`OKTA_ORG_URL`	Okta organization URL
`OKTA_CLIENT_ID`	Okta OAuth application Client ID
`OKTA_SCOPES`	API permission scopes
`OKTA_PRIVATE_KEY`	RSA private key (Private Key JWT mode)
`OKTA_KEY_ID`	Key ID
`OKTA_LOG_LEVEL`	Log level

Use Cases#

IT Operations Automation: Bulk user creation, group membership adjustments, application authorization
Security Audit & Compliance: Query login logs and authentication events
Helpdesk Support: Front-line support querying user status via natural language
Policy Configuration Management: Password policies, MFA policy creation and adjustment

Client Support#

Claude Desktop
VS Code (MCP Extension)
Any MCP protocol-compatible client

Python Version Requirement: ≥ 3.13 License: Apache License 2.0

Key Features#

Supported Tool Categories#

Installation & Deployment#

Environment Variables#

Use Cases#

Client Support#

Related Projects

oh-my-codex

Ironcurtain

vibe-remote

STAY UPDATED