Okta MCP Server

v1.0.0Securitystable

Enables LLM agents to manage Okta organizations through natural language, providing full CRUD operations for users, groups, applications, policies, and system logs via Okta's Admin Management APIs.

okta-mcp-servermcpai-integration
Share:
39
Stars
0
Downloads
0
Weekly
0/5

What is Okta MCP Server?

Okta MCP Server is a Model Context Protocol (MCP) server that allows AI assistants like Claude, Cursor, and VS Code to enables llm agents to manage okta organizations through natural language, providing full crud operations for users, groups, applications, policies, and system logs via okta's admin management apis.

Enables LLM agents to manage Okta organizations through natural language, providing full CRUD operations for users, groups, applications, policies, and system logs via Okta's Admin Management APIs.

This server falls under the Security category on MCPgee, the world's largest MCP server directory with 33,000+ servers.

Features

  • Enables LLM agents to manage Okta organizations through natu

Use Cases

Manage Okta organizations through natural language. Perform CRUD operations on users, groups, applications, policies, and review system logs.
okta

Maintainer

LicenseApache-2.0
Languagepython
Versionv1.0.0
UpdatedMay 21, 2026
Statushealthy
Maintenanceactive

Works with

ClaudeOpenAIwindowsmacoslinux

Installation

Manual Installation

npx okta-mcp-server

Configuration

Configuration Details

Config File

claude_desktop_config.json

Performance

Response Metrics

Response Time< 200ms
ThroughputMedium

Resource Usage

Memory UsageLow
CPU UsageLow

How to Set Up and Use Okta MCP Server

Okta MCP Server is an official Okta-maintained server that exposes 80+ tools for managing Okta organizations through natural language via LLM agents. It wraps Okta's Admin Management APIs to support full CRUD operations on users, groups, applications, policies, device assurance, branding, and audit log queries — all with scope-based access control so the LLM only sees tools permitted by the granted OAuth scopes. Identity administrators can automate repetitive IAM tasks, investigate security events, and orchestrate user lifecycle operations through conversational AI.

Prerequisites

  • An Okta organization with admin access (Developer Edition orgs are free at developer.okta.com)
  • An Okta OAuth application configured with the required API scopes and a private key (RSA) for JWT authentication
  • Docker and docker-compose (recommended), or Python with uv installed
  • An MCP-compatible client such as Claude Desktop
1

Clone the official Okta MCP Server repository

Clone the repository from Okta's GitHub organization.

git clone https://github.com/okta/okta-mcp-server.git
cd okta-mcp-server
2

Create an Okta OAuth application

In your Okta Admin Console, create an API Services application, assign the required OAuth 2.0 scopes (e.g. okta.users.manage, okta.groups.manage), and generate an RSA key pair. Download the private key.

3

Configure environment variables

Copy the example env file and fill in your Okta organization URL, OAuth client ID, scopes, private key, and key ID.

cp .env.example .env
# Edit .env:
# OKTA_ORG_URL=https://your-org.okta.com
# OKTA_CLIENT_ID=0oa...
# OKTA_SCOPES=okta.users.manage okta.groups.manage okta.apps.read
# OKTA_PRIVATE_KEY=-----BEGIN RSA PRIVATE KEY-----\n...
# OKTA_KEY_ID=kid_value_here
4

Start the server with Docker

Docker Compose brings up the server with all dependencies. This is the recommended approach for production use.

docker-compose up -d
5

Add to your MCP client config

Configure your MCP client to connect to the running Okta MCP Server.

{
  "mcpServers": {
    "okta": {
      "command": "python",
      "args": ["-m", "okta_mcp_server"],
      "env": {
        "OKTA_ORG_URL": "https://your-org.okta.com",
        "OKTA_CLIENT_ID": "your_client_id",
        "OKTA_SCOPES": "okta.users.manage okta.groups.manage",
        "OKTA_PRIVATE_KEY": "your_rsa_private_key",
        "OKTA_KEY_ID": "your_key_id"
      }
    }
  }
}

Okta MCP Server Examples

Client configuration

Claude Desktop config for Okta MCP Server with all required OAuth credentials.

{
  "mcpServers": {
    "okta": {
      "command": "python",
      "args": ["-m", "okta_mcp_server"],
      "env": {
        "OKTA_ORG_URL": "https://your-org.okta.com",
        "OKTA_CLIENT_ID": "0oaxxxxxxxxxxxxxxx",
        "OKTA_SCOPES": "okta.users.manage okta.groups.manage okta.apps.read okta.logs.read",
        "OKTA_PRIVATE_KEY": "-----BEGIN RSA PRIVATE KEY-----\nMIIEo...",
        "OKTA_KEY_ID": "your_key_id_here",
        "OKTA_LOG_LEVEL": "INFO"
      }
    }
  }
}

Prompts to try

Natural language IAM tasks you can delegate to Claude once Okta MCP Server is connected.

- "Create a new user for Jane Doe with email [email protected] and add her to the Engineering group."
- "Show me all failed login attempts in the last 24 hours."
- "List all Okta applications that have had no users sign in during the past 30 days."
- "Deactivate the user account for [email protected] and remove him from all groups."
- "What MFA policies are currently applied to the Sales department?"
- "Show me all users who have admin roles assigned."

Troubleshooting Okta MCP Server

Authentication fails with 'invalid_client' or JWT signature error

Verify OKTA_PRIVATE_KEY matches the public key registered in your Okta OAuth application, and that OKTA_KEY_ID matches the 'kid' field in the JWK. Ensure newlines in the private key are escaped as \n in the env file.

Some tools are not visible or return 'unauthorized' errors

The server only exposes tools for which the OAuth application has been granted scopes. Review OKTA_SCOPES and add any missing scopes in the Okta Admin Console under the OAuth application's settings. Re-authenticate after adding scopes.

Docker compose fails to start

Ensure the .env file exists and all required variables are populated. Run 'docker-compose logs' to see the specific error. Common issues are malformed private keys or an incorrect OKTA_ORG_URL (must include https:// and no trailing slash).

Frequently Asked Questions about Okta MCP Server

What is Okta MCP Server?

Okta MCP Server is a Model Context Protocol (MCP) server that enables llm agents to manage okta organizations through natural language, providing full crud operations for users, groups, applications, policies, and system logs via okta's admin management apis. It connects AI assistants to external tools and data sources through a standardized interface.

How do I install Okta MCP Server?

Follow the installation instructions on the Okta MCP Server GitHub repository. Clone the repo, install dependencies, and add the server config to your AI client.

Which AI clients work with Okta MCP Server?

Okta MCP Server works with all major MCP-compatible AI clients including Claude Desktop, Claude Code, Cursor, VS Code (GitHub Copilot), Windsurf, and Cline.

Is Okta MCP Server free to use?

Yes, Okta MCP Server is open source and available under the Apache-2.0 license. You can use it freely in both personal and commercial projects.

Okta MCP Server Alternatives — Similar Security Servers

Looking for alternatives to Okta MCP Server? Here are other popular security servers you can use with Claude, Cursor, and VS Code.

Casdoor

13.6k

An open-source Agent-first Identity and Access Management (IAM) /LLM MCP & agent gateway and auth server with web UI supporting OpenClaw, MCP, OAuth, OIDC, SAML, CAS, LDAP, SCIM, WebAuthn, TOTP, MFA, Face ID, Google Workspace, Azure AD

ghidraMCP

9.0k

An Model Context Protocol server that enables LLMs to autonomously reverse engineer applications by exposing Ghidra's decompilation and analysis tools. It allows AI agents to list code structures, rename methods, and analyze binaries directly through

HexStrike AI

8.9k

HexStrike AI MCP Agents is an advanced MCP server that lets AI agents (Claude, GPT, Copilot, etc.) autonomously run 150+ cybersecurity tools for automated pentesting, vulnerability discovery, bug bounty automation, and security research. Seamlessly b

IDA Pro MCP

8.7k

Enables AI-assisted reverse engineering in IDA Pro by providing tools to analyze binaries, decompile functions, manage comments, search patterns, and interact with the IDA database through natural language.

Anthropic Cybersecurity Skills

6.6k

754 structured cybersecurity skills for AI agents · Mapped to 5 frameworks: MITRE ATT&CK, NIST CSF 2.0, MITRE ATLAS, D3FEND & NIST AI RMF · agentskills.io standard · Works with Claude Code, GitHub Copilot, Codex CLI, Cursor, Gemini CLI & 20+ platform

Hooker

5.1k

🔥🔥 hooker is a Frida-based reverse engineering toolkit for Android. It offers a user-friendly CLI, universal scripts, auto hook generation, memory roaming to detect activities/services, one-click SOCKS5 proxy setup, Frida JustTrustMe, and BoringSSL u

Browse More Security MCP Servers

Explore all security servers available in the MCPgee directory. Each server includes setup guides for Claude, Cursor, and VS Code.

Quick Config Preview

{ "mcpServers": { "okta-mcp-server": { "command": "npx", "args": ["-y", "okta-mcp-server"] } } }

Add this to your claude_desktop_config.json or .cursor/mcp.json

Read the full setup guide →

Ready to use Okta MCP Server?

Browse our complete directory of 33,000+ MCP servers, read setup guides for your editor, and start building with the Model Context Protocol.

33,000+ ServersFree & Open SourceStep-by-Step Guides