Skip to content
Switch branches/tags

Latest commit


Git stats


Failed to load latest commit information.
Latest commit message
Commit time


Call the Okta API from PowerShell -- unofficial code.

This module provides a thin wrapper around the Okta API. It converts to/from JSON. It supports pagination of objects and allows you to check rate limits.

It assumes you are familiar with the Okta API and using REST.



# Connect to Okta. Do this before making any other calls.
Connect-Okta "YOUR_API_TOKEN" ""

# Show info about the current user.
Get-OktaUser "me"

# Add a user to a group.
$user = Get-OktaUser "me" # or "login" or "id"
$group = Get-OktaGroups "PowerShell" 'type eq "OKTA_GROUP"'
Add-OktaGroupMember $ $

# Create a user.
$profile = @{login = $login; email = $email; firstName = $firstName; lastName = $lastName}
$user = New-OktaUser @{profile = $profile}

# Create a group.
$profile = @{name = $name; description = $description}
$group = New-OktaGroup @{profile = $profile}

# Get all users. If you have more than 200 users, you have to use pagination.
# See this page for more info:
$params = @{filter = 'status eq "ACTIVE"'}
do {
    $page = Get-OktaUsers @params
    $users = $page.objects
    foreach ($user in $users) {
        # Add more properties here:
        Write-Host $user.profile.login $
    $params = @{url = $page.nextUrl}
} while ($page.nextUrl)

# Query up to 200 users by first name, last name or email.
$page = Get-OktaUsers -q "first name"
$users = $page.objects

# Filter lists all users; filter by status, last updated, id, login, email, first name or last name.
$page = Get-OktaUsers -filter 'profile.firstName eq "first name"'
$users = $page.objects # see pagination above.

# Search lists all users; search by any user profile property, including custom-defined
# properties, and id, status, created, activated, status changed and last updated.
$page = Get-OktaUsers -search 'profile.department eq "IT"'
$users = $page.objects # see pagination above.

See CallOktaAPI.ps1 for more examples.

There are functions for Apps, Events, Factors, Groups, IdPs, Logs, Roles, Schemas, Users and Zones. And you can add your own.


To determine which version of PowerShell you're running, see PSVersion under $PSVersionTable.

To Install on PowerShell 5 or newer

Install-Module OktaAPI # [1]

Install-Script CallOktaAPI # [2]

CallOktaAPI.ps1 has sample code. Replace YOUR_API_TOKEN and YOUR_ORG with your values or use OktaAPISettings.ps1.


Might I also suggest an IDE and debugging tools

Converting JSON to PowerShell

Most Okta API calls come with sample curl commands with blocks of JSON. To convert from JSON to PowerShell:

  • Change { to @{
  • Change : to =
  • Change , to ; or use a line break instead
  • Change [ to @(, and ] to )
  • Change true, false and null to $true, $false and $null
  • Change \" to `"

Here is an example from Assign User to App:


  "id": "00ud4tVDDXYVKPXKVLCO",
  "scope": "USER",
  "credentials": {
    "userName": "",
    "password": {
      "value": "correcthorsebatterystaple"


  id = "00ud4tVDDXYVKPXKVLCO"
  scope = "USER"
  credentials = @{
    userName = ""
    password = @{
      value = "correcthorsebatterystaple"

Or, use a here-string along with ConvertFrom-Json. Note that here-strings require @"<Enter> and <Enter>"@. In the example below, $newUser uses a here-string:

$id = "00ud4tVDDXYVKPXKVLCO"

$oldUser = @{
    credentials = @{
        userName = ""

$newUser = ConvertFrom-Json @"
  "id": "$id",
  "scope": "USER",
  "credentials": {
    "userName": "$($oldUser.credentials.userName)",
    "password": {
      "value": "correcthorsebatterystaple"

Adding new endpoints

To add a new endpoint, check the documentation for the HTTP verb (e.g. GET, POST, PUT, DELETE) and URL, and convert it into a corresponding PowerShell call.

For example, the documentation for Get User says:

GET /api/v1/users/${id}

The PowerShell code is:

function Get-OktaUser($id) {
    Invoke-Method GET "/api/v1/users/$id"

See Modules/OktaAPI.psm1 for more examples.


Call Okta API from PowerShell -- unofficial code.




No releases published


No packages published