Okta User Management MCP Server

Overview

The Okta User Management MCP connects Claude to your Okta organization, allowing it to perform a wide range of identity management tasks. This integration is particularly useful for administrators who need to manage users, groups, and access controls within their Okta environment.

Prerequisites

Before setting up this MCP, you'll need:

• Node.js v16 or higher
• An Okta Developer Account
• An Admin API Token from your Okta organization
• Claude Desktop App

Installation

Step 1: Create an Okta Developer Account (if you don't have one)

1. Visit the Okta Developer Console
2. Create a new account or sign in to your existing one
3. Note your Okta domain (e.g., dev-123456.okta.com)

Step 2: Generate an API Token

1. In the Okta Developer Console, navigate to Security > API > Tokens
2. Click "Create Token"
3. Provide a meaningful name for your token (e.g., "MCP Server Token")
4. Copy the token value immediately (you won't be able to view it again)

Step 3: Set Up the MCP Server

1. Clone the repository:

   git clone https://github.com/kapilduraphe/okta-mcp-server.git
   cd okta-mcp-server
   

2. Install dependencies:

   npm install
   

3. Build the project:

   npm run build
   

Step 4: Configure Claude Desktop

Open your Claude Desktop configuration file:

• MacOS: ~/Library/Application Support/Claude/claude_desktop_config.json
• Windows: %AppData%\Claude\claude_desktop_config.json

Add the following configuration (replace placeholders with your actual values):

{
  "mcpServers": {
    "okta": {
      "command": "node",
      "args": [
        "PATH_TO_PROJECT_DIRECTORY/dist/index.js"
      ],
      "env": {
        "OKTA_ORG_URL": "https://your-domain.okta.com",
        "OKTA_API_TOKEN": "your-api-token"
      }
    }
  }
}

Save the file and restart Claude Desktop.

Using the MCP

Once configured, you can ask Claude to perform various Okta management tasks. Here are some example prompts:

User Management

• "Show me details for user john.doe@company.com"
• "List all users in the marketing department"
• "When was the last login for user jane.smith@organization.com"
• "Activate user with ID 00u1a2b3c4d5e6f7g8"
• "Suspend user john.doe@company.com"

Group Management

• "Show me all groups in my Okta organization"
• "Create a new group called 'Marketing Team'"
• "Add user jane.smith@organization.com to the Finance group"
• "List all users in the 'Engineering' group"

Onboarding Automation

• "Import these users from CSV data: [CSV content]"
• "Assign users to groups based on their department attribute"
• "Run a complete onboarding workflow for these new hires: [CSV content]"

Troubleshooting

If you encounter issues with the MCP:

1. Authentication Errors: Verify your Okta API token is valid and has the necessary permissions
2. Connection Issues: Ensure your Okta domain URL is correct and accessible
3. Permission Errors: Check that your API token has the required scopes for the operations you're attempting
4. Rate Limiting: Okta enforces API rate limits; if you hit these limits, the MCP will return appropriate error messages

For persistent issues, check the Claude Desktop logs or the MCP server output for more detailed error information.