What is Provisioned status in Okta API?
I have been playing around with user lifecycle events against the Okta REST APIs.
I'm confused about the various Okta user statuses, specifically STAGED, ACTIVE, and PROVISIONED. I have seen this diagram:
but it does not fit what I am experiencing.
When I run "create user", as in this example, and I pass in "activate=false" I get a user in STAGED status. If I pass in "activate=true" I get a user in ACTIVE status.
Once the user is created, I am running these REST calls:
Something I am doing puts my user into PROVISIONED status and I can't figure out what that is. Is it creating an "active" user, then updating? Or creating a "staged" user and then updating, or creating an "active" user and then resetting password and waiting an amount of time before they log in? As you can imagine, many permutations here.
What REST call combination puts a newly created Okta user into PROVISIONED status? Is PROVISIONED status like ACTIVE status where the user is "good to go" and can authenticate? Or PROVISIONED more like STAGED where I need to "activate" my user?
Is PROVISIONED status like ACTIVE status where the user is "good to go" and can authenticate? Or PROVISIONED more like STAGED where I need to "activate" my user?
PROVISIONED is almost like ACTIVE, except the user doesn't have any credentials yet and can't log in.
Here's a simple example:
Create a user (but with no password)
POST {{url}}/api/v1/users?activate=false
{
"profile": {
"firstName": "Test",
"lastName": "Testerman",
"email": "[email protected]",
"login": "[email protected]"
}
}
Activate!
POST {{url}}/api/v1/users/00ub09deolJQUhKPm0h7/lifecycle/activate?sendEmail=false
This results in a user with "status": "PROVISIONED".
What might be happening in your case is that the password reset operation is making it look like the user doesn't have a password, so when you do the activate operation, you get PROVISIONED.
- How do you access the result structure returned with cfoauth?
- How to set up a Vue app with Okta auth with Composition API
- How to handle Axios 401 response and Okta Vue SDK
- To allow external client application users to access B2C Integrated client website
- Spring gateway dependency causing clientRegistrationRepository cannot be null
- Return Azure B2C ID to Okta
- OKTA - OAuthError: Illegal value for redirect_uri parameter
- Possible to script Google Authenticator codes
- Which grant_type(flow) shoud I use?
- Okta SSO (Allowing other users from another organization to use SSO with the OpenID application i created on my Okta developer dashboard)
- Integrating Okta via a Authorization Filter
- Okta as IDP Azure AD
- OKTA User Impersonation _Masquerade
- Error authenticating to SonarQube using SAML Okta
- Okta blocks call from angular front end at localhost:4200 to spring boot backend at localhost:8080
- from okta auth0 how can i increase the azure ad token validity?
- Okta custom integration invalid credentials on /token endpoint
- calling the Auth0 API with Spring Boot using Oauth2
- Passing code challenge to Cognito Federated Identiy via Amplify [Okta]
- How is the OAuth/Okta Sign-in redirect URI used
- How can I get the Next Link from response header in Okta's API List Users when paginating?
- okta oidc - Where/How do I find my jwks_uri?
- Unable to edit or add redirect URL's in OKTA Application
- How to stop page refresh after okta token refresh after every 2 min
- Can't get Auth Code from Auth0 or Okta in Angular app using angular-oauth2-oidc
- Spring Boot 3.2.0 'oauth2ResourceServer()', 'jwt()','cors()' and 'crsf()' is deprecated and marked for removal
- how to renew Okta token when claims change
- ERROR NullInjectorError: NullInjectorError: No provider for OktaAuthStateService
- SCIM Provisioning sends unexpected payload for user deactivation
- HttpContext.User becomes empty on Redirection after Successful Okta Authentication