» Okta Provider

The Okta provider is used to interact with the resources supported by Okta. The provider needs to be configured with the proper credentials before it can be used.

Use the navigation to the left to read about the available resources.

» Example Usage

# Configure the Okta Provider
provider "okta" {
  org_name  = "dev-123456"
  base_url  = "okta.com"
  api_token = "xxxx"
}

» Authentication

The Okta provider offers a flexible means of providing credentials for authentication. The following methods are supported, in this order, and explained below:

  • Environment variables
  • Provider Config

» Environment variables

You can provide your credentials via the OKTA_API_TOKEN.

provider "okta" {}

Usage:

$ export OKTA_API_TOKEN="xxxx"
$ terraform plan

» Argument Reference

In addition to generic provider arguments (e.g. alias and version), the following arguments are supported in the Okta provider block:

  • org_name - (Required) This is the org name of your Okta account, for example dev-123.oktapreview.com would have an org name of dev-123. It must be provided, but it can also be sourced from the OKTA_ORG_NAME.

  • base_url - (Required) This is the domain of your Okta account, for example dev-123.oktapreview.com would have a base url of oktapreview.com. It must be provided but it can also be sourced from the OKTA_BASE_URL.

  • api_token - (Required) This is the API token to interact with your Okta org.

  • backoff - (Optional) Whether to use exponential back off strategy for rate limits, the default is true.

  • min_wait_seconds - (Optional) Minimum seconds to wait when rate limit is hit, the default is 30.

  • max_wait_seconds - (Optional) Maximum seconds to wait when rate limit is hit, the default is 300.

  • max_retries - (Optional) Maximum number of retries to attempt before returning an error, the default is 5.