Hello. I am using the trial to do some testing in my local env. From my admin account, I have created several users and want to create API tokens for a non admin user but I haven’t seen this option in the trial Dashboard.
I have logged with the non-admin user account but this is not an option too for a user that is not an admin. is it possible to use a non admin user to send API requests to Okta? How can I create its token? Thanks in advance
Hi @tania.garcia,
Welcome to the Auth0 Community!
First, could you please explain why you want to share an API access token with non-admin users?
Could you elaborate on your use case a little more? This could become a security issue if you grant them all the scopes (permissions) for the Management API.
Thanks,
Rueben
Hello Rueben.
this is a python backend that manages services in the org.
We have built a slack bot that interacts with the backend.
I need to allow/deny actions based on the identity of the user executing the slash command
and since we use Okta in the org, we decided to use Okta to get user’s info to decide if it can execute certain operations available in the bot command options.
I have seen that the Okta API token is usually intended to be for admin users.
Given this, I don’t think that the backend Okta user will be turned to an admin, so I have done a different approach in my solution: I have created an API service integration in Okta
And I am using this library GitHub - okta/okta-sdk-python to get an authorization token from the backend and be able to send requests to the Okta API.
Am I following the correct approach?
Thanks in advance.
1 Like
This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.