Skip to content

Latest commit

 

History

History
582 lines (419 loc) · 22.8 KB

OktaUserFactorApi.md

File metadata and controls

582 lines (419 loc) · 22.8 KB
Raw

Okta.PowerShell.Okta.PowerShell\Api.OktaUserFactorApi

All URIs are relative to https://subdomain.okta.com

Method HTTP request Description
Invoke-OktaActivateFactor POST /api/v1/users/{userId}/factors/{factorId}/lifecycle/activate Activate a Factor
Invoke-OktaDeleteFactor DELETE /api/v1/users/{userId}/factors/{factorId} Delete a Factor
Invoke-OktaEnrollFactor POST /api/v1/users/{userId}/factors Enroll a Factor
Get-OktaFactor GET /api/v1/users/{userId}/factors/{factorId} Retrieve a Factor
Get-OktaFactorTransactionStatus GET /api/v1/users/{userId}/factors/{factorId}/transactions/{transactionId} Retrieve a Factor Transaction Status
Invoke-OktaListFactors GET /api/v1/users/{userId}/factors List all Factors
Invoke-OktaListSupportedFactors GET /api/v1/users/{userId}/factors/catalog List all Supported Factors
Invoke-OktaListSupportedSecurityQuestions GET /api/v1/users/{userId}/factors/questions List all Supported Security Questions
Invoke-OktaResendEnrollFactor POST /api/v1/users/{userId}/factors/{factorId}/resend Resend factor enrollment
Test-OktaFactor POST /api/v1/users/{userId}/factors/{factorId}/verify Verify an MFA Factor

Invoke-OktaActivateFactor

UserFactor Invoke-OktaActivateFactor
        [-UserId]
        [-FactorId]
        [-Body]

Activate a Factor

The sms and token:software:totp factor types require activation to complete the enrollment process.

Example

# general setting of the PowerShell module, e.g. base URL, authentication, etc
$Configuration = Get-OktaConfiguration

# Configure your client ID and scope for authorization
$Configuration.ClientId = "YOUR_CLIENT_ID"
$Configuration.Scope = "OKTA_SCOPES" # for example okta.users.read

$UserId = "MyUserId" # String | 
$FactorId = "MyFactorId" # String | 
$ActivateFactorRequest = Initialize-ActivateFactorRequest -Attestation "MyAttestation" -ClientData "MyClientData" -PassCode "MyPassCode" -RegistrationData "MyRegistrationData" -StateToken "MyStateToken" # ActivateFactorRequest |  (optional)

# Activate a Factor
try {
    $Result = Invoke-OktaActivateFactor -UserId $UserId -FactorId $FactorId -Body $Body
} catch {
    Write-Host ("Exception occurred when calling Invoke-OktaActivateFactor: {0}" -f ($_.ErrorDetails | ConvertFrom-Json))
    Write-Host ("Response headers: {0}" -f ($_.Exception.Response.Headers | ConvertTo-Json))
}

Parameters

Name Type Description Notes
UserId String
FactorId String
Body ActivateFactorRequest [optional]

Return type

UserFactor (PSCustomObject)

Authorization

apiToken, oauth2

HTTP request headers

  • Content-Type: application/json
  • Accept: application/json

[Back to top] [Back to API list] [Back to Model list] [Back to README]

Invoke-OktaDeleteFactor

void Invoke-OktaDeleteFactor
        [-UserId]
        [-FactorId]
        [-RemoveRecoveryEnrollment] <System.Nullable[Boolean]>

Delete a Factor

Unenrolls an existing factor for the specified user, allowing the user to enroll a new factor.

Example

# general setting of the PowerShell module, e.g. base URL, authentication, etc
$Configuration = Get-OktaConfiguration

# Configure your client ID and scope for authorization
$Configuration.ClientId = "YOUR_CLIENT_ID"
$Configuration.Scope = "OKTA_SCOPES" # for example okta.users.read

$UserId = "MyUserId" # String | 
$FactorId = "MyFactorId" # String | 
$RemoveRecoveryEnrollment = $true # Boolean |  (optional) (default to $false)

# Delete a Factor
try {
    $Result = Invoke-OktaDeleteFactor -UserId $UserId -FactorId $FactorId -RemoveRecoveryEnrollment $RemoveRecoveryEnrollment
} catch {
    Write-Host ("Exception occurred when calling Invoke-OktaDeleteFactor: {0}" -f ($_.ErrorDetails | ConvertFrom-Json))
    Write-Host ("Response headers: {0}" -f ($_.Exception.Response.Headers | ConvertTo-Json))
}

Parameters

Name Type Description Notes
UserId String
FactorId String
RemoveRecoveryEnrollment Boolean [optional] [default to $false]

Return type

void (empty response body)

Authorization

apiToken, oauth2

HTTP request headers

  • Content-Type: Not defined
  • Accept: application/json

[Back to top] [Back to API list] [Back to Model list] [Back to README]

Invoke-OktaEnrollFactor

UserFactor Invoke-OktaEnrollFactor
        [-UserId]
        [-Body]
        [-UpdatePhone] <System.Nullable[Boolean]>
        [-TemplateId]
        [-TokenLifetimeSeconds] <System.Nullable[Int32]>
        [-Activate] <System.Nullable[Boolean]>

Enroll a Factor

Enrolls a user with a supported factor.

Example

# general setting of the PowerShell module, e.g. base URL, authentication, etc
$Configuration = Get-OktaConfiguration

# Configure your client ID and scope for authorization
$Configuration.ClientId = "YOUR_CLIENT_ID"
$Configuration.Scope = "OKTA_SCOPES" # for example okta.users.read

$UserId = "MyUserId" # String | 
$VerifyFactorRequest = Initialize-VerifyFactorRequest -ActivationToken "MyActivationToken" -Answer "MyAnswer" -Attestation "MyAttestation" -ClientData "MyClientData" -NextPassCode "MyNextPassCode" -PassCode "MyPassCode" -RegistrationData "MyRegistrationData" -StateToken "MyStateToken"
$UserFactor = Initialize-UserFactor -Created (Get-Date) -FactorType "call" -Id "MyId" -LastUpdated (Get-Date) -Provider "CUSTOM" -Status "ACTIVE" -Verify $VerifyFactorRequest -Embedded @{ key_example =  } -Links @{ key_example =  } # UserFactor | Factor
$UpdatePhone = $true # Boolean |  (optional) (default to $false)
$TemplateId = "MyTemplateId" # String | id of SMS template (only for SMS factor) (optional)
$TokenLifetimeSeconds = 56 # Int32 |  (optional) (default to 300)
$Activate = $true # Boolean |  (optional) (default to $false)

# Enroll a Factor
try {
    $Result = Invoke-OktaEnrollFactor -UserId $UserId -Body $Body -UpdatePhone $UpdatePhone -TemplateId $TemplateId -TokenLifetimeSeconds $TokenLifetimeSeconds -Activate $Activate
} catch {
    Write-Host ("Exception occurred when calling Invoke-OktaEnrollFactor: {0}" -f ($_.ErrorDetails | ConvertFrom-Json))
    Write-Host ("Response headers: {0}" -f ($_.Exception.Response.Headers | ConvertTo-Json))
}

Parameters

Name Type Description Notes
UserId String
Body UserFactor Factor
UpdatePhone Boolean [optional] [default to $false]
TemplateId String id of SMS template (only for SMS factor) [optional]
TokenLifetimeSeconds Int32 [optional] [default to 300]
Activate Boolean [optional] [default to $false]

Return type

UserFactor (PSCustomObject)

Authorization

apiToken, oauth2

HTTP request headers

  • Content-Type: application/json
  • Accept: application/json

[Back to top] [Back to API list] [Back to Model list] [Back to README]

Get-OktaFactor

UserFactor Get-OktaFactor
        [-UserId]
        [-FactorId]

Retrieve a Factor

Fetches a factor for the specified user

Example

# general setting of the PowerShell module, e.g. base URL, authentication, etc
$Configuration = Get-OktaConfiguration

# Configure your client ID and scope for authorization
$Configuration.ClientId = "YOUR_CLIENT_ID"
$Configuration.Scope = "OKTA_SCOPES" # for example okta.users.read

$UserId = "MyUserId" # String | 
$FactorId = "MyFactorId" # String | 

# Retrieve a Factor
try {
    $Result = Get-OktaFactor -UserId $UserId -FactorId $FactorId
} catch {
    Write-Host ("Exception occurred when calling Get-OktaFactor: {0}" -f ($_.ErrorDetails | ConvertFrom-Json))
    Write-Host ("Response headers: {0}" -f ($_.Exception.Response.Headers | ConvertTo-Json))
}

Parameters

Name Type Description Notes
UserId String
FactorId String

Return type

UserFactor (PSCustomObject)

Authorization

apiToken, oauth2

HTTP request headers

  • Content-Type: Not defined
  • Accept: application/json

[Back to top] [Back to API list] [Back to Model list] [Back to README]

Get-OktaFactorTransactionStatus

VerifyUserFactorResponse Get-OktaFactorTransactionStatus
        [-UserId]
        [-FactorId]
        [-TransactionId]

Retrieve a Factor Transaction Status

Polls factors verification transaction for status.

Example

# general setting of the PowerShell module, e.g. base URL, authentication, etc
$Configuration = Get-OktaConfiguration

# Configure your client ID and scope for authorization
$Configuration.ClientId = "YOUR_CLIENT_ID"
$Configuration.Scope = "OKTA_SCOPES" # for example okta.users.read

$UserId = "MyUserId" # String | 
$FactorId = "MyFactorId" # String | 
$TransactionId = "MyTransactionId" # String | 

# Retrieve a Factor Transaction Status
try {
    $Result = Get-OktaFactorTransactionStatus -UserId $UserId -FactorId $FactorId -TransactionId $TransactionId
} catch {
    Write-Host ("Exception occurred when calling Get-OktaFactorTransactionStatus: {0}" -f ($_.ErrorDetails | ConvertFrom-Json))
    Write-Host ("Response headers: {0}" -f ($_.Exception.Response.Headers | ConvertTo-Json))
}

Parameters

Name Type Description Notes
UserId String
FactorId String
TransactionId String

Return type

VerifyUserFactorResponse (PSCustomObject)

Authorization

apiToken, oauth2

HTTP request headers

  • Content-Type: Not defined
  • Accept: application/json

[Back to top] [Back to API list] [Back to Model list] [Back to README]

Invoke-OktaListFactors

UserFactor[] Invoke-OktaListFactors
        [-UserId]

List all Factors

Enumerates all the enrolled factors for the specified user

Example

# general setting of the PowerShell module, e.g. base URL, authentication, etc
$Configuration = Get-OktaConfiguration

# Configure your client ID and scope for authorization
$Configuration.ClientId = "YOUR_CLIENT_ID"
$Configuration.Scope = "OKTA_SCOPES" # for example okta.users.read

$UserId = "MyUserId" # String | 

# List all Factors
try {
    $Result = Invoke-OktaListFactors -UserId $UserId
} catch {
    Write-Host ("Exception occurred when calling Invoke-OktaListFactors: {0}" -f ($_.ErrorDetails | ConvertFrom-Json))
    Write-Host ("Response headers: {0}" -f ($_.Exception.Response.Headers | ConvertTo-Json))
}

Parameters

Name Type Description Notes
UserId String

Return type

UserFactor[] (PSCustomObject)

Authorization

apiToken, oauth2

HTTP request headers

  • Content-Type: Not defined
  • Accept: application/json

[Back to top] [Back to API list] [Back to Model list] [Back to README]

Invoke-OktaListSupportedFactors

UserFactor[] Invoke-OktaListSupportedFactors
        [-UserId]

List all Supported Factors

Enumerates all the supported factors that can be enrolled for the specified user

Example

# general setting of the PowerShell module, e.g. base URL, authentication, etc
$Configuration = Get-OktaConfiguration

# Configure your client ID and scope for authorization
$Configuration.ClientId = "YOUR_CLIENT_ID"
$Configuration.Scope = "OKTA_SCOPES" # for example okta.users.read

$UserId = "MyUserId" # String | 

# List all Supported Factors
try {
    $Result = Invoke-OktaListSupportedFactors -UserId $UserId
} catch {
    Write-Host ("Exception occurred when calling Invoke-OktaListSupportedFactors: {0}" -f ($_.ErrorDetails | ConvertFrom-Json))
    Write-Host ("Response headers: {0}" -f ($_.Exception.Response.Headers | ConvertTo-Json))
}

Parameters

Name Type Description Notes
UserId String

Return type

UserFactor[] (PSCustomObject)

Authorization

apiToken, oauth2

HTTP request headers

  • Content-Type: Not defined
  • Accept: application/json

[Back to top] [Back to API list] [Back to Model list] [Back to README]

Invoke-OktaListSupportedSecurityQuestions

SecurityQuestion[] Invoke-OktaListSupportedSecurityQuestions
        [-UserId]

List all Supported Security Questions

Enumerates all available security questions for a user's question factor

Example

# general setting of the PowerShell module, e.g. base URL, authentication, etc
$Configuration = Get-OktaConfiguration

$UserId = "MyUserId" # String | 

# List all Supported Security Questions
try {
    $Result = Invoke-OktaListSupportedSecurityQuestions -UserId $UserId
} catch {
    Write-Host ("Exception occurred when calling Invoke-OktaListSupportedSecurityQuestions: {0}" -f ($_.ErrorDetails | ConvertFrom-Json))
    Write-Host ("Response headers: {0}" -f ($_.Exception.Response.Headers | ConvertTo-Json))
}

Parameters

Name Type Description Notes
UserId String

Return type

SecurityQuestion[] (PSCustomObject)

Authorization

apiToken

HTTP request headers

  • Content-Type: Not defined
  • Accept: application/json

[Back to top] [Back to API list] [Back to Model list] [Back to README]

Invoke-OktaResendEnrollFactor

UserFactor Invoke-OktaResendEnrollFactor
        [-UserId]
        [-FactorId]
        [-UserFactor]
        [-TemplateId]

Resend factor enrollment

Resends a factor challenge (SMS/call/email OTP) as part of an enrollment flow. The current rate limit is one OTP challenge (call or SMS) per device every 30 seconds. Okta round-robins between SMS providers with every resend request to help ensure delivery of an SMS OTP across different carriers.

Example

# general setting of the PowerShell module, e.g. base URL, authentication, etc
$Configuration = Get-OktaConfiguration

# Configure your client ID and scope for authorization
$Configuration.ClientId = "YOUR_CLIENT_ID"
$Configuration.Scope = "OKTA_SCOPES" # for example okta.users.read

$UserId = "MyUserId" # String | 
$FactorId = "MyFactorId" # String | 
$VerifyFactorRequest = Initialize-VerifyFactorRequest -ActivationToken "MyActivationToken" -Answer "MyAnswer" -Attestation "MyAttestation" -ClientData "MyClientData" -NextPassCode "MyNextPassCode" -PassCode "MyPassCode" -RegistrationData "MyRegistrationData" -StateToken "MyStateToken"
$UserFactor = Initialize-UserFactor -Created (Get-Date) -FactorType "call" -Id "MyId" -LastUpdated (Get-Date) -Provider "CUSTOM" -Status "ACTIVE" -Verify $VerifyFactorRequest -Embedded @{ key_example =  } -Links @{ key_example =  } # UserFactor | Factor
$TemplateId = "MyTemplateId" # String | id of SMS template (only for SMS factor) (optional)

# Resend factor enrollment
try {
    $Result = Invoke-OktaResendEnrollFactor -UserId $UserId -FactorId $FactorId -UserFactor $UserFactor -TemplateId $TemplateId
} catch {
    Write-Host ("Exception occurred when calling Invoke-OktaResendEnrollFactor: {0}" -f ($_.ErrorDetails | ConvertFrom-Json))
    Write-Host ("Response headers: {0}" -f ($_.Exception.Response.Headers | ConvertTo-Json))
}

Parameters

Name Type Description Notes
UserId String
FactorId String
UserFactor UserFactor Factor
TemplateId String id of SMS template (only for SMS factor) [optional]

Return type

UserFactor (PSCustomObject)

Authorization

apiToken, oauth2

HTTP request headers

  • Content-Type: application/json
  • Accept: application/json

[Back to top] [Back to API list] [Back to Model list] [Back to README]

Test-OktaFactor

VerifyUserFactorResponse Test-OktaFactor
        [-UserId]
        [-FactorId]
        [-TemplateId]
        [-TokenLifetimeSeconds] <System.Nullable[Int32]>
        [-XForwardedFor]
        [-UserAgent]
        [-AcceptLanguage]
        [-Body]

Verify an MFA Factor

Verifies an OTP for a token or token:hardware factor

Example

# general setting of the PowerShell module, e.g. base URL, authentication, etc
$Configuration = Get-OktaConfiguration

# Configure your client ID and scope for authorization
$Configuration.ClientId = "YOUR_CLIENT_ID"
$Configuration.Scope = "OKTA_SCOPES" # for example okta.users.read

$UserId = "MyUserId" # String | 
$FactorId = "MyFactorId" # String | 
$TemplateId = "MyTemplateId" # String |  (optional)
$TokenLifetimeSeconds = 56 # Int32 |  (optional) (default to 300)
$XForwardedFor = "MyXForwardedFor" # String |  (optional)
$UserAgent = "MyUserAgent" # String |  (optional)
$AcceptLanguage = "MyAcceptLanguage" # String |  (optional)
$VerifyFactorRequest = Initialize-VerifyFactorRequest -ActivationToken "MyActivationToken" -Answer "MyAnswer" -Attestation "MyAttestation" -ClientData "MyClientData" -NextPassCode "MyNextPassCode" -PassCode "MyPassCode" -RegistrationData "MyRegistrationData" -StateToken "MyStateToken" # VerifyFactorRequest |  (optional)

# Verify an MFA Factor
try {
    $Result = Test-OktaFactor -UserId $UserId -FactorId $FactorId -TemplateId $TemplateId -TokenLifetimeSeconds $TokenLifetimeSeconds -XForwardedFor $XForwardedFor -UserAgent $UserAgent -AcceptLanguage $AcceptLanguage -Body $Body
} catch {
    Write-Host ("Exception occurred when calling Test-OktaFactor: {0}" -f ($_.ErrorDetails | ConvertFrom-Json))
    Write-Host ("Response headers: {0}" -f ($_.Exception.Response.Headers | ConvertTo-Json))
}

Parameters

Name Type Description Notes
UserId String
FactorId String
TemplateId String [optional]
TokenLifetimeSeconds Int32 [optional] [default to 300]
XForwardedFor String [optional]
UserAgent String [optional]
AcceptLanguage String [optional]
Body VerifyFactorRequest [optional]

Return type

VerifyUserFactorResponse (PSCustomObject)

Authorization

apiToken, oauth2

HTTP request headers

  • Content-Type: application/json
  • Accept: application/json

[Back to top] [Back to API list] [Back to Model list] [Back to README]