associated_servers

Creates, updates, deletes, gets or lists an associated_servers resource.

Overview

Name	associated_servers
Type	Resource
Id	okta.authorizationservers.associated_servers

Fields

The following fields are returned by SELECT queries:

list_associated_servers_by_trusted_type

Name	Datatype	Description
id	string	The ID of the custom authorization server
name	string	The name of the custom authorization server
_links	object	Specifies link relations (see Web Linking) available using the JSON Hypertext Application Language specification. This object is used for dynamic discovery of related resources and lifecycle operations.
accessTokenEncryptedResponseAlgorithm	string	<x-lifecycle-container><x-lifecycle class="ea"></x-lifecycle></x-lifecycle-container>The algorithm for encrypting access tokens issued by this authorization server. If this is requested, the response is signed, and then encrypted. The result is a nested JWT. The default, if omitted, is that no encryption is performed.
audiences	array	The recipients that the tokens are intended for. This becomes the aud claim in an access token. Okta currently supports only one audience.
created	string (date-time)
credentials	object
description	string	The description of the custom authorization server
issuer	string	The complete URL for the custom authorization server. This becomes the iss claim in an access token.
issuerMode	string	Indicates which value is specified in the issuer of the tokens that a custom authorization server returns: the Okta org domain URL or a custom domain URL. issuerMode is visible if you have a custom URL domain configured or the Dynamic Issuer Mode feature enabled. If you have a custom URL domain configured, you can set a custom domain URL in a custom authorization server, and this property is returned in the appropriate responses. When set to ORG_URL, then in responses, issuer is the Okta org domain URL: https://$&#123;yourOktaDomain&#125;. When set to CUSTOM_URL, then in responses, issuer is the custom domain URL configured in the administration user interface. When set to DYNAMIC, then in responses, issuer is the custom domain URL if the OAuth 2.0 request was sent to the custom domain, or is the Okta org's domain URL if the OAuth 2.0 request was sent to the original Okta org domain. After you configure a custom URL domain, all new custom authorization servers use CUSTOM_URL by default. If the Dynamic Issuer Mode feature is enabled, then all new custom authorization servers use DYNAMIC by default. All existing custom authorization servers continue to use the original value until they're changed using the Admin Console or the API. This way, existing integrations with the client and resource server continue to work after the feature is enabled.
jwks	object	<x-lifecycle-container><x-lifecycle class="ea"></x-lifecycle></x-lifecycle-container>A JSON Web Key Set for encrypting JWTs minted by the custom authorization server
jwks_uri	string	<x-lifecycle-container><x-lifecycle class="ea"></x-lifecycle></x-lifecycle-container>URL string that references a JSON Web Key Set for encrypting JWTs minted by the custom authorization server
lastUpdated	string (date-time)
status	string

Methods

The following methods are available for this resource:

Name	Accessible by	Required Params	Optional Params	Description
list_associated_servers_by_trusted_type	select	subdomain	trusted, q, limit, after	Lists all associated Authorization Servers by trusted type for the given authServerId
create_associated_servers	insert	subdomain		Creates trusted relationships between the given authorization server and other authorization servers
delete_associated_server	delete	subdomain		Deletes an associated Authorization Server

Parameters

Parameters can be passed in the WHERE clause of a query. Check the Methods section to see which parameters are required or optional for each operation.

Name	Datatype	Description
subdomain	string	The domain of your organization. This can be a provided subdomain of an official okta domain (okta.com, oktapreview.com, etc) or one of your configured custom domains. (default: my-org)
after	string	Specifies the pagination cursor for the next page of the associated authorization servers
limit	integer (int32)	Specifies the number of results for a page
q	string	Searches for the name or audience of the associated authorization servers (example: customasone)
trusted	boolean	Searches trusted authorization servers when true or searches untrusted authorization servers when false

SELECT examples

list_associated_servers_by_trusted_type

Lists all associated Authorization Servers by trusted type for the given authServerId

SELECT
id,
name,
_links,
accessTokenEncryptedResponseAlgorithm,
audiences,
created,
credentials,
description,
issuer,
issuerMode,
jwks,
jwks_uri,
lastUpdated,
status
FROM okta.authorizationservers.associated_servers
WHERE subdomain = '{{ subdomain }}' -- required
AND trusted = '{{ trusted }}'
AND q = '{{ q }}'
AND limit = '{{ limit }}'
AND after = '{{ after }}';

INSERT examples

create_associated_servers

Creates trusted relationships between the given authorization server and other authorization servers

INSERT INTO okta.authorizationservers.associated_servers (
data__trusted,
subdomain
)
SELECT 
'{{ trusted }}',
'{{ subdomain }}'
RETURNING
id,
name,
_links,
accessTokenEncryptedResponseAlgorithm,
audiences,
created,
credentials,
description,
issuer,
issuerMode,
jwks,
jwks_uri,
lastUpdated,
status
;

Manifest

# Description fields are for documentation purposes
- name: associated_servers
  props:
    - name: subdomain
      value: string
      description: Required parameter for the associated_servers resource.
    - name: trusted
      value: array
      description: >
        A list of the authorization server IDs
        

DELETE examples

delete_associated_server

Deletes an associated Authorization Server

DELETE FROM okta.authorizationservers.associated_servers
WHERE subdomain = '{{ subdomain }}' --required;