Enterprise Connectors
Okta logo. Okta MCP server connector.

Okta MCP Server

Okta is an enterprise identity and access management platform that provides authentication, authorization, and user management.

Tools
25
Last Updated
Apr 27, 2026
Category
all
Install with Willow
Claude
Enterprise-grade security
SSO & authentication ready
Full governance & audit logs

What is the Okta MCP Server?

The Okta MCP server gives AI agents structured, permission-aware access to Okta through the Model Context Protocol. With 25 pre-built actions, agents can read, create, and update Okta data on behalf of authorized users.

Willow ships the Okta MCP server as part of an enterprise control plane. Every call runs behind SSO (Okta, Azure AD), enforces RBAC and least-privilege at runtime, writes to a full audit trail, and integrates with Splunk and Loki for SIEM visibility. Connect from Claude Desktop, Claude Code, Cursor, ChatGPT, VS Code, n8n, or any custom agent. Install once, distribute org-wide, and see exactly how Okta is being used by every AI agent in your stack.

Tools

List Users

List all users in your Okta organization with optional filtering and pagination. Supports filtering by status (STAGED, PROVISIONED, ACTIVE, RECOVERY, LOCKED_OUT, PASSWORD_EXPIRED, SUSPENDED, DEPROVISIONED) and searching by name, email, or other profile attributes. Use this to discover users, audit accounts, or find specific users matching criteria.

Get User

Get detailed information about a specific user by their ID or login email. Returns user profile, status, credentials info, and lifecycle state. Use this to retrieve complete user details for a known user.

Search Users

Search for users using advanced filter expressions. Supports complex queries with operators like eq (equals), sw (starts with), pr (present), gt (greater than), lt (less than). Examples: 'status eq "ACTIVE" and profile.department eq "Engineering"' or 'profile.lastName sw "Smith"'. Use this for complex user discovery scenarios.

Create User

Create a new user in your Okta organization. Requires at minimum an email address and can optionally include full profile details, password, and activation preferences. You can create users in different states: with activation email, without activation, or as a group admin. Use this to provision new user accounts.

Update User

Update an existing user's profile information. You can modify any profile attributes like name, email, phone, or custom attributes. This performs a partial update - only specified fields are updated. Use this to keep user information current.

Deactivate User

Deactivate a user account. This changes the user's status to DEPROVISIONED and revokes all active sessions. The user will not be able to log in. User data is retained and the user can be reactivated later. Use this for offboarding or temporarily suspending access.

Activate User

Activate a user account that is in STAGED or DEPROVISIONED status. This allows the user to authenticate and access applications. Optionally sends an activation email with a temporary token. Use this for onboarding new users or reactivating previously deactivated accounts.

List Groups

List all groups in your Okta organization. Supports searching by name and pagination. Groups are used to organize users and assign them to applications collectively. Use this to discover groups, audit group structure, or find specific groups.

Get Group

Get detailed information about a specific group including its name, description, type, and member count. Use this to retrieve complete group details for a known group ID.

List Group Members

List all users who are members of a specific group. Returns user profiles for each member with pagination support. Use this to see who belongs to a group or audit group membership.
Prev
123
Next
1–10 of 25 tools

Customize Tools

Edit descriptions, modify arguments, select tools, or add new ones

Edit descriptions
Change arguments
Select tools
Create New

Set Up Your Okta MCP Server in Minutes

Add the following configuration to your MCP client. Authentication is handled via OAuth. Compatible with Claude Desktop, Claude Code, Cursor, ChatGPT, VS Code, n8n, and any MCP-compatible agent.

Claude Desktop

claude_desktop_config.json
{
  "mcpServers": {
    "willow-okta1": {
      "type": "http",
      "url": "https://<org>.mcp-s.com/mcp/mcp/okta1"
    }
  }
}

Cursor

.cursor/mcp.json
{
  "mcpServers": {
    "willow-okta1": {
      "type": "http",
      "url": "https://<org>.mcp-s.com/mcp/mcp/okta1"
    }
  }
}

Claude Code

CLI
claude mcp add willow-okta1 --transport http https://<org>.mcp-s.com/mcp/mcp/okta1

n8n

HTTP Request Node
{
  "url": "https://<org>.mcp-s.com/mcp/mcp/okta1",
  "method": "POST"
}

Or click "Install with Willow" above to set up automatically with SSO and RBAC preconfigured.

Enterprise Governance for Okta

Willow adds the layer Okta and every other SaaS doesn't ship out of the box: every call runs behind SSO (Okta, Azure AD), enforces RBAC and least-privilege at runtime, writes to full audit logs, and detects shadow AI usage across your stack. One MCP gateway. Any agent. Every tool.

Okta MCP Server FAQ

What is the Okta MCP server?

The Okta MCP server is a Model Context Protocol implementation that lets AI agents like Claude, Cursor, and ChatGPT read and write Okta data through a standardized interface. Willow hosts and governs this server so enterprises can roll it out without a security review backlog.

How is Willow's Okta MCP server different from the official one?

The official Okta MCP server is scoped to a single user's account and does not include enterprise governance. Willow's version adds SSO, RBAC, audit logging, shadow AI detection, and centralized control over which actions agents can take across the entire org.

Which AI clients work with the Okta MCP server?

Claude Desktop, Claude Code, Cursor, ChatGPT, VS Code with MCP support, n8n, and any custom agent built with OpenAI Agents SDK, LangChain, Vercel AI SDK, or Anthropic SDK.

Is the Okta MCP server secure? How does Willow handle authentication?

Every call runs behind your existing SSO (Okta, Azure AD). Per-user OAuth scopes the agent to exactly what that user can do in Okta, nothing more. No credentials reach the LLM. Every action writes to an audit trail.

Can I limit which Okta actions agents can take?

Yes. Willow lets you scope agents to specific actions, specific projects, or specific environments. Toggle actions on or off in the dashboard, or enforce policy via infrastructure-as-code through GitHub.

How do I detect shadow Okta MCP servers in my org?

Willow's browser extension and discovery service surface unmanaged MCP servers, skills, and AI agents across the org. If a developer installed an unapproved Okta MCP locally, you'll see it.

What does the Okta MCP server cost?

Pricing depends on org size and deployment model (SaaS, dedicated cloud, self-host). See withwillow.ai/pricing or contact sales for a quote.

How do I install the Okta MCP server with Willow?

Install via the Willow Connect Panel in one click, or paste the JSON snippet above into your Claude Desktop, Cursor, or Claude Code config. SSO and RBAC inherit from your existing Willow setup.

Compare Willow MCP Gateway

See how Willow stacks up against other MCP platforms on governance, security, and enterprise readiness.

Willow vs ArchestraWillow vs CloudflareWillow vs MetaMCPWillow vs ObotWillow vs MintMCPWillow vs Lunar MCPXWillow vs Runlayer

Related MCP Servers

Affinity logo. Affinity MCP server connector.

Affinity

verified

Affinity MCP server. 10 governed tools.

Airtable logo. Airtable MCP server connector.

Airtable

verified

Airtable MCP server. 16 governed tools.

Amplitude logo. Amplitude MCP server connector.

Amplitude

verified

Amplitude MCP server. 42 governed tools.

Asana logo. Asana MCP server connector.

Asana

verified

Asana MCP server. 22 governed tools.

Your agents are already in the wild.

Give them a Basecamp. Go from AI chaos to AI work, in minutes.

Get Started
See a Demo
Okta MCP Server: Connect AI Agents to Okta Securely | Willow