okta-mcp-server
Version:
Model Context Protocol (MCP) server for Okta API operations with support for bulk operations and caching
279 lines • 10.6 kB
JavaScript
export const userTools = [
{
name: 'listUsers',
description: 'List Okta users with pagination and filtering support. Returns a page of users matching the specified criteria.',
inputSchema: {
type: 'object',
properties: {
limit: {
type: 'number',
description: 'Number of users to return per page (1-200)',
default: 20,
minimum: 1,
maximum: 200,
},
after: {
type: 'string',
description: 'Cursor for pagination - use the cursor from previous response to get next page',
},
filter: {
type: 'string',
description: 'Filter expression for users (e.g., "status eq \\"ACTIVE\\"", "profile.department eq \\"Sales\\"")',
},
search: {
type: 'string',
description: 'Searches for users with a supported filtering expression for most properties',
},
sortBy: {
type: 'string',
enum: ['id', 'status', 'created', 'activated', 'lastLogin'],
description: 'Field to sort results by',
},
sortOrder: {
type: 'string',
enum: ['asc', 'desc'],
description: 'Sort order',
default: 'asc',
},
},
},
},
{
name: 'getUser',
description: 'Get a single Okta user by ID or login (email)',
inputSchema: {
type: 'object',
properties: {
userIdOrLogin: {
type: 'string',
description: 'User ID or login email to retrieve',
},
},
required: ['userIdOrLogin'],
},
},
{
name: 'createUser',
description: 'Create a new Okta user with profile information and optional credentials',
inputSchema: {
type: 'object',
properties: {
profile: {
type: 'object',
description: 'User profile information',
properties: {
email: {
type: 'string',
description: 'User email address (required)',
},
login: {
type: 'string',
description: 'User login (defaults to email if not provided)',
},
firstName: {
type: 'string',
description: 'User first name',
},
lastName: {
type: 'string',
description: 'User last name',
},
mobilePhone: {
type: 'string',
description: 'User mobile phone',
},
secondEmail: {
type: 'string',
description: 'User secondary email',
},
},
required: ['email'],
additionalProperties: true,
},
credentials: {
type: 'object',
description: 'User credentials',
properties: {
password: {
type: 'object',
properties: {
value: {
type: 'string',
description: 'Password value (min 8 characters)',
},
},
},
recovery_question: {
type: 'object',
properties: {
question: {
type: 'string',
description: 'Security question',
},
answer: {
type: 'string',
description: 'Security answer',
},
},
},
provider: {
type: 'object',
properties: {
type: {
type: 'string',
enum: ['OKTA', 'ACTIVE_DIRECTORY', 'LDAP', 'FEDERATION', 'SOCIAL'],
description: 'Authentication provider type',
},
name: {
type: 'string',
description: 'Provider name',
},
},
},
},
},
groupIds: {
type: 'array',
items: {
type: 'string',
},
description: 'Array of group IDs to add the user to',
},
activate: {
type: 'boolean',
description: 'Whether to activate the user immediately',
default: true,
},
provider: {
type: 'boolean',
description: 'Whether the user will be authenticated via a provider',
default: false,
},
nextLogin: {
type: 'string',
enum: ['changePassword'],
description: 'Actions to take on next login',
},
},
required: ['profile'],
},
},
{
name: 'updateUser',
description: 'Update an existing Okta user profile or credentials',
inputSchema: {
type: 'object',
properties: {
userId: {
type: 'string',
description: 'User ID to update',
},
profile: {
type: 'object',
description: 'Profile fields to update',
properties: {
email: {
type: 'string',
description: 'User email address',
},
login: {
type: 'string',
description: 'User login',
},
firstName: {
type: 'string',
description: 'User first name',
},
lastName: {
type: 'string',
description: 'User last name',
},
mobilePhone: {
type: 'string',
description: 'User mobile phone',
},
secondEmail: {
type: 'string',
description: 'User secondary email',
},
},
additionalProperties: true,
},
credentials: {
type: 'object',
description: 'Credentials to update',
properties: {
password: {
type: 'object',
properties: {
value: {
type: 'string',
description: 'New password value',
},
},
},
recovery_question: {
type: 'object',
properties: {
question: {
type: 'string',
description: 'Security question',
},
answer: {
type: 'string',
description: 'Security answer',
},
},
},
},
},
},
required: ['userId'],
},
},
{
name: 'deleteUser',
description: 'Deactivate or delete an Okta user',
inputSchema: {
type: 'object',
properties: {
userId: {
type: 'string',
description: 'User ID to delete',
},
sendEmail: {
type: 'boolean',
description: 'Whether to send deactivation email to the user',
default: false,
},
},
required: ['userId'],
},
},
{
name: 'getUserGroups',
description: 'Get all groups that a user is a member of',
inputSchema: {
type: 'object',
properties: {
userId: {
type: 'string',
description: 'User ID to get groups for',
},
limit: {
type: 'number',
description: 'Number of groups to return per page',
default: 20,
minimum: 1,
maximum: 200,
},
after: {
type: 'string',
description: 'Cursor for pagination',
},
},
required: ['userId'],
},
},
];
//# sourceMappingURL=definitions.js.map