Okta · Capability

Okta API — AuthorizationServer

Okta API — AuthorizationServer. 38 operations. Lead operation: AuthorizationServer. Self-contained Naftiko capability covering one Okta business surface.

Run with Naftiko OktaAuthorizationServer

What You Can Do

GET
Listauthorizationservers — Success
/v1/api/v1/authorizationservers
POST
Createauthorizationserver — Success
/v1/api/v1/authorizationservers
GET
Getauthorizationserver — Success
/v1/api/v1/authorizationservers/{authserverid}
PUT
Updateauthorizationserver — Success
/v1/api/v1/authorizationservers/{authserverid}
DELETE
Deleteauthorizationserver — Success
/v1/api/v1/authorizationservers/{authserverid}
GET
Listoauth2claims — Success
/v1/api/v1/authorizationservers/{authserverid}/claims
POST
Createoauth2claim — Success
/v1/api/v1/authorizationservers/{authserverid}/claims
GET
Getoauth2claim — Success
/v1/api/v1/authorizationservers/{authserverid}/claims/{claimid}
PUT
Updateoauth2claim — Success
/v1/api/v1/authorizationservers/{authserverid}/claims/{claimid}
DELETE
Deleteoauth2claim — Success
/v1/api/v1/authorizationservers/{authserverid}/claims/{claimid}
GET
Listoauth2clientsforauthorizationserver — Success
/v1/api/v1/authorizationservers/{authserverid}/clients
GET
Listrefreshtokensforauthorizationserverandclient — Success
/v1/api/v1/authorizationservers/{authserverid}/clients/{clientid}/tokens
DELETE
Revokerefreshtokensforauthorizationserverandclient — Success
/v1/api/v1/authorizationservers/{authserverid}/clients/{clientid}/tokens
GET
Getrefreshtokenforauthorizationserverandclient — Success
/v1/api/v1/authorizationservers/{authserverid}/clients/{clientid}/tokens/{tokenid}
DELETE
Revokerefreshtokenforauthorizationserverandclient — Success
/v1/api/v1/authorizationservers/{authserverid}/clients/{clientid}/tokens/{tokenid}
GET
Listauthorizationserverkeys — Success
/v1/api/v1/authorizationservers/{authserverid}/credentials/keys
POST
Rotateauthorizationserverkeys — Success
/v1/api/v1/authorizationservers/{authserverid}/credentials/lifecycle/keyrotate
POST
Activateauthorizationserver — Success
/v1/api/v1/authorizationservers/{authserverid}/lifecycle/activate
POST
Deactivateauthorizationserver — Success
/v1/api/v1/authorizationservers/{authserverid}/lifecycle/deactivate
GET
Listauthorizationserverpolicies — Success
/v1/api/v1/authorizationservers/{authserverid}/policies
POST
Createauthorizationserverpolicy — Success
/v1/api/v1/authorizationservers/{authserverid}/policies
GET
Getauthorizationserverpolicy — Success
/v1/api/v1/authorizationservers/{authserverid}/policies/{policyid}
PUT
Updateauthorizationserverpolicy — Success
/v1/api/v1/authorizationservers/{authserverid}/policies/{policyid}
DELETE
Deleteauthorizationserverpolicy — Success
/v1/api/v1/authorizationservers/{authserverid}/policies/{policyid}
POST
Activateauthorizationserverpolicy — Activate Authorization Server Policy
/v1/api/v1/authorizationservers/{authserverid}/policies/{policyid}/lifecycle/activate
POST
Deactivateauthorizationserverpolicy — Deactivate Authorization Server Policy
/v1/api/v1/authorizationservers/{authserverid}/policies/{policyid}/lifecycle/deactivate
GET
Listauthorizationserverpolicyrules — Enumerates all policy rules for the specified Custom Authorization Server and Policy.
/v1/api/v1/authorizationservers/{authserverid}/policies/{policyid}/rules
POST
Createauthorizationserverpolicyrule — Creates a policy rule for the specified Custom Authorization Server and Policy.
/v1/api/v1/authorizationservers/{authserverid}/policies/{policyid}/rules
GET
Getauthorizationserverpolicyrule — Returns a Policy Rule by ID that is defined in the specified Custom Authorization Server and Policy.
/v1/api/v1/authorizationservers/{authserverid}/policies/{policyid}/rules/{ruleid}
PUT
Updateauthorizationserverpolicyrule — Updates the configuration of the Policy Rule defined in the specified Custom Authorization Server and Policy.
/v1/api/v1/authorizationservers/{authserverid}/policies/{policyid}/rules/{ruleid}
DELETE
Deleteauthorizationserverpolicyrule — Deletes a Policy Rule defined in the specified Custom Authorization Server and Policy.
/v1/api/v1/authorizationservers/{authserverid}/policies/{policyid}/rules/{ruleid}
POST
Activateauthorizationserverpolicyrule — Activate Authorization Server Policy Rule
/v1/api/v1/authorizationservers/{authserverid}/policies/{policyid}/rules/{ruleid}/lifecycle/activate
POST
Deactivateauthorizationserverpolicyrule — Deactivate Authorization Server Policy Rule
/v1/api/v1/authorizationservers/{authserverid}/policies/{policyid}/rules/{ruleid}/lifecycle/deactivate
GET
Listoauth2scopes — Success
/v1/api/v1/authorizationservers/{authserverid}/scopes
POST
Createoauth2scope — Success
/v1/api/v1/authorizationservers/{authserverid}/scopes
GET
Getoauth2scope — Success
/v1/api/v1/authorizationservers/{authserverid}/scopes/{scopeid}
PUT
Updateoauth2scope — Success
/v1/api/v1/authorizationservers/{authserverid}/scopes/{scopeid}
DELETE
Deleteoauth2scope — Success
/v1/api/v1/authorizationservers/{authserverid}/scopes/{scopeid}

MCP Tools

success

Success

read-only idempotent
success-2

Success

success-3

Success

read-only idempotent
success-4

Success

idempotent
success-5

Success

idempotent
success-6

Success

read-only idempotent
success-7

Success

success-8

Success

read-only idempotent
success-9

Success

idempotent
success-10

Success

idempotent
success-11

Success

read-only idempotent
success-12

Success

read-only idempotent
success-13

Success

idempotent
success-14

Success

read-only idempotent
success-15

Success

idempotent
success-16

Success

read-only idempotent
success-17

Success

success-18

Success

success-19

Success

success-20

Success

read-only idempotent
success-21

Success

success-22

Success

read-only idempotent
success-23

Success

idempotent
success-24

Success

idempotent
activate-authorization-server-policy

Activate Authorization Server Policy

deactivate-authorization-server-policy

Deactivate Authorization Server Policy

enumerates-all-policy-rules-specified

Enumerates all policy rules for the specified Custom Authorization Server and Policy.

read-only idempotent
creates-policy-rule-specified-custom

Creates a policy rule for the specified Custom Authorization Server and Policy.

returns-policy-rule-id-that

Returns a Policy Rule by ID that is defined in the specified Custom Authorization Server and Policy.

read-only idempotent
updates-configuration-policy-rule-defined

Updates the configuration of the Policy Rule defined in the specified Custom Authorization Server and Policy.

idempotent
deletes-policy-rule-defined-specified

Deletes a Policy Rule defined in the specified Custom Authorization Server and Policy.

idempotent
activate-authorization-server-policy-rule

Activate Authorization Server Policy Rule

deactivate-authorization-server-policy-rule

Deactivate Authorization Server Policy Rule

success-25

Success

read-only idempotent
success-26

Success

success-27

Success

read-only idempotent
success-28

Success

idempotent
success-29

Success

idempotent

Capability Spec

okta-authorizationserver.yaml Raw ↑ 
naftiko: 1.0.0-alpha2
info:
  label: Okta API — AuthorizationServer
  description: 'Okta API — AuthorizationServer. 38 operations. Lead operation: AuthorizationServer. Self-contained Naftiko
    capability covering one Okta business surface.'
  tags:
  - Okta
  - AuthorizationServer
  created: '2026-05-19'
  modified: '2026-05-19'
binds:
- namespace: env
  keys:
    OKTA_API_KEY: OKTA_API_KEY
capability:
  consumes:
  - type: http
    namespace: okta-authorizationserver
    baseUri: https://your-subdomain.okta.com
    description: Okta API — AuthorizationServer business capability. Self-contained, no shared references.
    resources:
    - name: api-v1-authorizationServers
      path: /api/v1/authorizationServers
      operations:
      - name: listauthorizationservers
        method: GET
        description: Success
        outputRawFormat: json
        outputParameters:
        - name: result
          type: object
          value: $.
        inputParameters:
        - name: q
          in: query
          type: string
        - name: limit
          in: query
          type: string
        - name: after
          in: query
          type: string
      - name: createauthorizationserver
        method: POST
        description: Success
        outputRawFormat: json
        outputParameters:
        - name: result
          type: object
          value: $.
        inputParameters:
        - name: body
          in: body
          type: object
          description: Request body (JSON).
          required: true
    - name: api-v1-authorizationServers-authServerId
      path: /api/v1/authorizationServers/{authServerId}
      operations:
      - name: getauthorizationserver
        method: GET
        description: Success
        outputRawFormat: json
        outputParameters:
        - name: result
          type: object
          value: $.
        inputParameters:
        - name: authServerId
          in: path
          type: string
          required: true
      - name: updateauthorizationserver
        method: PUT
        description: Success
        outputRawFormat: json
        outputParameters:
        - name: result
          type: object
          value: $.
        inputParameters:
        - name: authServerId
          in: path
          type: string
          required: true
        - name: body
          in: body
          type: object
          description: Request body (JSON).
          required: true
      - name: deleteauthorizationserver
        method: DELETE
        description: Success
        outputRawFormat: json
        outputParameters:
        - name: result
          type: object
          value: $.
        inputParameters:
        - name: authServerId
          in: path
          type: string
          required: true
    - name: api-v1-authorizationServers-authServerId-claims
      path: /api/v1/authorizationServers/{authServerId}/claims
      operations:
      - name: listoauth2claims
        method: GET
        description: Success
        outputRawFormat: json
        outputParameters:
        - name: result
          type: object
          value: $.
        inputParameters:
        - name: authServerId
          in: path
          type: string
          required: true
      - name: createoauth2claim
        method: POST
        description: Success
        outputRawFormat: json
        outputParameters:
        - name: result
          type: object
          value: $.
        inputParameters:
        - name: authServerId
          in: path
          type: string
          required: true
        - name: body
          in: body
          type: object
          description: Request body (JSON).
          required: true
    - name: api-v1-authorizationServers-authServerId-claims-claimId
      path: /api/v1/authorizationServers/{authServerId}/claims/{claimId}
      operations:
      - name: getoauth2claim
        method: GET
        description: Success
        outputRawFormat: json
        outputParameters:
        - name: result
          type: object
          value: $.
        inputParameters:
        - name: authServerId
          in: path
          type: string
          required: true
        - name: claimId
          in: path
          type: string
          required: true
      - name: updateoauth2claim
        method: PUT
        description: Success
        outputRawFormat: json
        outputParameters:
        - name: result
          type: object
          value: $.
        inputParameters:
        - name: authServerId
          in: path
          type: string
          required: true
        - name: claimId
          in: path
          type: string
          required: true
        - name: body
          in: body
          type: object
          description: Request body (JSON).
          required: true
      - name: deleteoauth2claim
        method: DELETE
        description: Success
        outputRawFormat: json
        outputParameters:
        - name: result
          type: object
          value: $.
        inputParameters:
        - name: authServerId
          in: path
          type: string
          required: true
        - name: claimId
          in: path
          type: string
          required: true
    - name: api-v1-authorizationServers-authServerId-clients
      path: /api/v1/authorizationServers/{authServerId}/clients
      operations:
      - name: listoauth2clientsforauthorizationserver
        method: GET
        description: Success
        outputRawFormat: json
        outputParameters:
        - name: result
          type: object
          value: $.
        inputParameters:
        - name: authServerId
          in: path
          type: string
          required: true
    - name: api-v1-authorizationServers-authServerId-clients-clientId-tokens
      path: /api/v1/authorizationServers/{authServerId}/clients/{clientId}/tokens
      operations:
      - name: listrefreshtokensforauthorizationserverandclient
        method: GET
        description: Success
        outputRawFormat: json
        outputParameters:
        - name: result
          type: object
          value: $.
        inputParameters:
        - name: authServerId
          in: path
          type: string
          required: true
        - name: clientId
          in: path
          type: string
          required: true
        - name: expand
          in: query
          type: string
        - name: after
          in: query
          type: string
        - name: limit
          in: query
          type: integer
      - name: revokerefreshtokensforauthorizationserverandclient
        method: DELETE
        description: Success
        outputRawFormat: json
        outputParameters:
        - name: result
          type: object
          value: $.
        inputParameters:
        - name: authServerId
          in: path
          type: string
          required: true
        - name: clientId
          in: path
          type: string
          required: true
    - name: api-v1-authorizationServers-authServerId-clients-clientId-tokens-tokenId
      path: /api/v1/authorizationServers/{authServerId}/clients/{clientId}/tokens/{tokenId}
      operations:
      - name: getrefreshtokenforauthorizationserverandclient
        method: GET
        description: Success
        outputRawFormat: json
        outputParameters:
        - name: result
          type: object
          value: $.
        inputParameters:
        - name: authServerId
          in: path
          type: string
          required: true
        - name: clientId
          in: path
          type: string
          required: true
        - name: tokenId
          in: path
          type: string
          required: true
        - name: expand
          in: query
          type: string
      - name: revokerefreshtokenforauthorizationserverandclient
        method: DELETE
        description: Success
        outputRawFormat: json
        outputParameters:
        - name: result
          type: object
          value: $.
        inputParameters:
        - name: authServerId
          in: path
          type: string
          required: true
        - name: clientId
          in: path
          type: string
          required: true
        - name: tokenId
          in: path
          type: string
          required: true
    - name: api-v1-authorizationServers-authServerId-credentials-keys
      path: /api/v1/authorizationServers/{authServerId}/credentials/keys
      operations:
      - name: listauthorizationserverkeys
        method: GET
        description: Success
        outputRawFormat: json
        outputParameters:
        - name: result
          type: object
          value: $.
        inputParameters:
        - name: authServerId
          in: path
          type: string
          required: true
    - name: api-v1-authorizationServers-authServerId-credentials-lifecycle-keyRotate
      path: /api/v1/authorizationServers/{authServerId}/credentials/lifecycle/keyRotate
      operations:
      - name: rotateauthorizationserverkeys
        method: POST
        description: Success
        outputRawFormat: json
        outputParameters:
        - name: result
          type: object
          value: $.
        inputParameters:
        - name: authServerId
          in: path
          type: string
          required: true
        - name: body
          in: body
          type: object
          description: Request body (JSON).
          required: true
    - name: api-v1-authorizationServers-authServerId-lifecycle-activate
      path: /api/v1/authorizationServers/{authServerId}/lifecycle/activate
      operations:
      - name: activateauthorizationserver
        method: POST
        description: Success
        outputRawFormat: json
        outputParameters:
        - name: result
          type: object
          value: $.
        inputParameters:
        - name: authServerId
          in: path
          type: string
          required: true
    - name: api-v1-authorizationServers-authServerId-lifecycle-deactivate
      path: /api/v1/authorizationServers/{authServerId}/lifecycle/deactivate
      operations:
      - name: deactivateauthorizationserver
        method: POST
        description: Success
        outputRawFormat: json
        outputParameters:
        - name: result
          type: object
          value: $.
        inputParameters:
        - name: authServerId
          in: path
          type: string
          required: true
    - name: api-v1-authorizationServers-authServerId-policies
      path: /api/v1/authorizationServers/{authServerId}/policies
      operations:
      - name: listauthorizationserverpolicies
        method: GET
        description: Success
        outputRawFormat: json
        outputParameters:
        - name: result
          type: object
          value: $.
        inputParameters:
        - name: authServerId
          in: path
          type: string
          required: true
      - name: createauthorizationserverpolicy
        method: POST
        description: Success
        outputRawFormat: json
        outputParameters:
        - name: result
          type: object
          value: $.
        inputParameters:
        - name: authServerId
          in: path
          type: string
          required: true
        - name: body
          in: body
          type: object
          description: Request body (JSON).
          required: true
    - name: api-v1-authorizationServers-authServerId-policies-policyId
      path: /api/v1/authorizationServers/{authServerId}/policies/{policyId}
      operations:
      - name: getauthorizationserverpolicy
        method: GET
        description: Success
        outputRawFormat: json
        outputParameters:
        - name: result
          type: object
          value: $.
        inputParameters:
        - name: authServerId
          in: path
          type: string
          required: true
        - name: policyId
          in: path
          type: string
          required: true
      - name: updateauthorizationserverpolicy
        method: PUT
        description: Success
        outputRawFormat: json
        outputParameters:
        - name: result
          type: object
          value: $.
        inputParameters:
        - name: authServerId
          in: path
          type: string
          required: true
        - name: policyId
          in: path
          type: string
          required: true
        - name: body
          in: body
          type: object
          description: Request body (JSON).
          required: true
      - name: deleteauthorizationserverpolicy
        method: DELETE
        description: Success
        outputRawFormat: json
        outputParameters:
        - name: result
          type: object
          value: $.
        inputParameters:
        - name: authServerId
          in: path
          type: string
          required: true
        - name: policyId
          in: path
          type: string
          required: true
    - name: api-v1-authorizationServers-authServerId-policies-policyId-lifecycle-activate
      path: /api/v1/authorizationServers/{authServerId}/policies/{policyId}/lifecycle/activate
      operations:
      - name: activateauthorizationserverpolicy
        method: POST
        description: Activate Authorization Server Policy
        outputRawFormat: json
        outputParameters:
        - name: result
          type: object
          value: $.
        inputParameters:
        - name: authServerId
          in: path
          type: string
          required: true
        - name: policyId
          in: path
          type: string
          required: true
    - name: api-v1-authorizationServers-authServerId-policies-policyId-lifecycle-deactivate
      path: /api/v1/authorizationServers/{authServerId}/policies/{policyId}/lifecycle/deactivate
      operations:
      - name: deactivateauthorizationserverpolicy
        method: POST
        description: Deactivate Authorization Server Policy
        outputRawFormat: json
        outputParameters:
        - name: result
          type: object
          value: $.
        inputParameters:
        - name: authServerId
          in: path
          type: string
          required: true
        - name: policyId
          in: path
          type: string
          required: true
    - name: api-v1-authorizationServers-authServerId-policies-policyId-rules
      path: /api/v1/authorizationServers/{authServerId}/policies/{policyId}/rules
      operations:
      - name: listauthorizationserverpolicyrules
        method: GET
        description: Enumerates all policy rules for the specified Custom Authorization Server and Policy.
        outputRawFormat: json
        outputParameters:
        - name: result
          type: object
          value: $.
        inputParameters:
        - name: authServerId
          in: path
          type: string
          required: true
        - name: policyId
          in: path
          type: string
          required: true
      - name: createauthorizationserverpolicyrule
        method: POST
        description: Creates a policy rule for the specified Custom Authorization Server and Policy.
        outputRawFormat: json
        outputParameters:
        - name: result
          type: object
          value: $.
        inputParameters:
        - name: authServerId
          in: path
          type: string
          required: true
        - name: policyId
          in: path
          type: string
          required: true
        - name: body
          in: body
          type: object
          description: Request body (JSON).
          required: true
    - name: api-v1-authorizationServers-authServerId-policies-policyId-rules-ruleId
      path: /api/v1/authorizationServers/{authServerId}/policies/{policyId}/rules/{ruleId}
      operations:
      - name: getauthorizationserverpolicyrule
        method: GET
        description: Returns a Policy Rule by ID that is defined in the specified Custom Authorization Server and Policy.
        outputRawFormat: json
        outputParameters:
        - name: result
          type: object
          value: $.
        inputParameters:
        - name: authServerId
          in: path
          type: string
          required: true
        - name: policyId
          in: path
          type: string
          required: true
        - name: ruleId
          in: path
          type: string
          required: true
      - name: updateauthorizationserverpolicyrule
        method: PUT
        description: Updates the configuration of the Policy Rule defined in the specified Custom Authorization Server and
          Policy.
        outputRawFormat: json
        outputParameters:
        - name: result
          type: object
          value: $.
        inputParameters:
        - name: authServerId
          in: path
          type: string
          required: true
        - name: policyId
          in: path
          type: string
          required: true
        - name: ruleId
          in: path
          type: string
          required: true
        - name: body
          in: body
          type: object
          description: Request body (JSON).
          required: true
      - name: deleteauthorizationserverpolicyrule
        method: DELETE
        description: Deletes a Policy Rule defined in the specified Custom Authorization Server and Policy.
        outputRawFormat: json
        outputParameters:
        - name: result
          type: object
          value: $.
        inputParameters:
        - name: authServerId
          in: path
          type: string
          required: true
        - name: policyId
          in: path
          type: string
          required: true
        - name: ruleId
          in: path
          type: string
          required: true
    - name: api-v1-authorizationServers-authServerId-policies-policyId-rules-ruleId-lifecycl
      path: /api/v1/authorizationServers/{authServerId}/policies/{policyId}/rules/{ruleId}/lifecycle/activate
      operations:
      - name: activateauthorizationserverpolicyrule
        method: POST
        description: Activate Authorization Server Policy Rule
        outputRawFormat: json
        outputParameters:
        - name: result
          type: object
          value: $.
        inputParameters:
        - name: authServerId
          in: path
          type: string
          required: true
        - name: policyId
          in: path
          type: string
          required: true
        - name: ruleId
          in: path
          type: string
          required: true
    - name: api-v1-authorizationServers-authServerId-policies-policyId-rules-ruleId-lifecycl
      path: /api/v1/authorizationServers/{authServerId}/policies/{policyId}/rules/{ruleId}/lifecycle/deactivate
      operations:
      - name: deactivateauthorizationserverpolicyrule
        method: POST
        description: Deactivate Authorization Server Policy Rule
        outputRawFormat: json
        outputParameters:
        - name: result
          type: object
          value: $.
        inputParameters:
        - name: authServerId
          in: path
          type: string
          required: true
        - name: policyId
          in: path
          type: string
          required: true
        - name: ruleId
          in: path
          type: string
          required: true
    - name: api-v1-authorizationServers-authServerId-scopes
      path: /api/v1/authorizationServers/{authServerId}/scopes
      operations:
      - name: listoauth2scopes
        method: GET
        description: Success
        outputRawFormat: json
        outputParameters:
        - name: result
          type: object
          value: $.
        inputParameters:
        - name: authServerId
          in: path
          type: string
          required: true
        - name: q
          in: query
          type: string
        - name: filter
          in: query
          type: string
        - name: cursor
          in: query
          type: string
        - name: limit
          in: query
          type: integer
      - name: createoauth2scope
        method: POST
        description: Success
        outputRawFormat: json
        outputParameters:
        - name: result
          type: object
          value: $.
        inputParameters:
        - name: authServerId
          in: path
          type: string
          required: true
        - name: body
          in: body
          type: object
          description: Request body (JSON).
          required: true
    - name: api-v1-authorizationServers-authServerId-scopes-scopeId
      path: /api/v1/authorizationServers/{authServerId}/scopes/{scopeId}
      operations:
      - name: getoauth2scope
        method: GET
        description: Success
        outputRawFormat: json
        outputParameters:
        - name: result
          type: object
          value: $.
        inputParameters:
        - name: authServerId
          in: path
          type: string
          required: true
        - name: scopeId
          in: path
          type: string
          required: true
      - name: updateoauth2scope
        method: PUT
        description: Success
        outputRawFormat: json
        outputParameters:
        - name: result
          type: object
          value: $.
        inputParameters:
        - name: authServerId
          in: path
          type: string
          required: true
        - name: scopeId
          in: path
          type: string
          required: true
        - name: body
          in: body
          type: object
          description: Request body (JSON).
          required: true
      - name: deleteoauth2scope
        method: DELETE
        description: Success
        outputRawFormat: json
        outputParameters:
        - name: result
          type: object
          value: $.
        inputParameters:
        - name: authServerId
          in: path
          type: string
          required: true
        - name: scopeId
          in: path
          type: string
          required: true
    authentication:
      type: apikey
      key: Authorization
      value: '{{env.OKTA_API_KEY}}'
      placement: header
  exposes:
  - type: rest
    namespace: okta-authorizationserver-rest
    port: 8080
    description: REST adapter for Okta API — AuthorizationServer. One Spectral-compliant resource per consumed operation,
      prefixed with /v1.
    resources:
    - path: /v1/api/v1/authorizationservers
      name: api-v1-authorizationservers
      description: REST surface for api-v1-authorizationServers.
      operations:
      - method: GET
        name: listauthorizationservers
        description: Success
        call: okta-authorizationserver.listauthorizationservers
        with:
          q: rest.q
          limit: rest.limit
          after: rest.after
        outputParameters:
        - type: object
          mapping: $.
      - method: POST
        name: createauthorizationserver
        description: Success
        call: okta-authorizationserver.createauthorizationserver
        with:
          body: rest.body
        outputParameters:
        - type: object
          mapping: $.
    - path: /v1/api/v1/authorizationservers/{authserverid}
      name: api-v1-authorizationservers-authserverid
      description: REST surface for api-v1-authorizationServers-authServerId.
      operations:
      - method: GET
        name: getauthorizationserver
        description: Success
        call: okta-authorizationserver.getauthorizationserver
        with:
          authServerId: rest.authServerId
        outputParameters:
        - type: object
          mapping: $.
      - method: PUT
        name: updateauthorizationserver
        description: Success
        call: okta-authorizationserver.updateauthorizationserver
        with:
          authServerId: rest.authServerId
          body: rest.body
        outputParameters:
        - type: object
          mapping: $.
      - method: DELETE
        name: deleteauthorizationserver
        description: Success
        call: okta-authorizationserver.deleteauthorizationserver
        with:
          authServerId: rest.authServerId
        outputParameters:
        - type: object
          mapping: $.
    - path: /v1/api/v1/authorizationservers/{authserverid}/claims
      name: api-v1-authorizationservers-authserverid-claims
      description: REST surface for api-v1-authorizationServers-authServerId-claims.
      operations:
      - method: GET
        name: listoauth2claims
        description: Success
        call: okta-authorizationserver.listoauth2claims
        with:
          authServerId: rest.authServerId
        outputParameters:
        - type: object
          mapping: $.
      - method: POST
        name: createoauth2claim
        description: Success
        call: okta-authorizationserver.createoauth2claim
        with:
          authServerId: rest.authServerId
          body: rest.body
        outputParameters:
        - type: object
          mapping: $.
    - path: /v1/api/v1/authorizationservers/{authserverid}/claims/{claimid}
      name: api-v1-authorizationservers-authserverid-claims-claimid
      description: REST surface for api-v1-authorizationServers-authServerId-claims-claimId.
      operations:
      - method: GET
        name: getoauth2claim
        description: Success
        call: okta-authorizationserver.getoauth2claim
        with:
          authServerId: rest.authServerId
          claimId: rest.claimId
        outputParameters:
        - type: object
          mapping: $.
      - method: PUT
        name: updateoauth2claim
        description: Success
        call: okta-authorizationserver.updateoauth2claim
        with:
          authServerId: rest.authServerId
          claimId: rest.claimId
          body: rest.body
        outputParameters:
        - type: object
          mapping: $.
      - method: DELETE
        name: deleteoauth2claim
        description: Success
        call: okta-authorizationserver.deleteoauth2claim
        with:
          authServerId: rest.authServerId
          claimId: rest.claimId
        outputParameters:
        - type: object
          mapping: $.
    - path: /v1/api/v1/authorizationservers/{authserverid}/clients
      name: api-v1-authorizationservers-authserverid-clients
      description: REST surface for api-v1-authorizationServers-authServerId-clients.
      operations:
      - method: GET
        name: listoauth2clientsforauthorizationserver
        description: Success
        call: okta-authorizationserver.listoauth2clientsforauthorizationserver
        with:
          authServerId: rest.authServerId
        outputParameters:
        - type: object
          mapping: $.
    - path: /v1/api/v1/authorizationservers/{authserverid}/clients/{clientid}/tokens
      name: api-v1-authorizationservers-authserverid-clients-clientid-tokens
      description: REST surface for api-v1-authorizationServers-authServerId-clients-clientId-tokens.
      operations:
      - method: GET
        name: listrefreshtokensforauthorizationserverandclient
        description: Success
        call: okta-authorizationserver.listrefreshtokensforauthorizationserverandclient
        with:
          authServerId: rest.authServerId
          clientId: rest.clientId
          expand: rest.expand
          after: rest.after
          limit: rest.limit
        outputParameters:
        - type: object
          mapping: $.
      - method: DELETE
        name: revokerefreshtokensforauthorizationserverandclient
        description: Success
        call: okta-authorizationserver.revokerefreshtokensforauthorizationserverandclient
        with:
          authServerId: rest.authServerId
          clientId: rest.clientId
        outputParameters:
        - type: object
          mapping: $.
    - path: /v1/api/v1/authorizationservers/{authserverid}/clients/{clientid}/tokens/{tokenid}
      name: api-v1-authorizationservers-authserverid-clients-clientid-tokens-tokenid
      description: REST surface for api-v1-authorizationServers-authServerId-clients-clientId-tokens-tokenId.
      operations:
      - method: GET
        name: getrefreshtokenforauthorizationserverandclient
        description: Success
        call: okta-authorizationserver.getrefreshtokenforauthorizationserverandclient
        with:
          authServerId: rest.authServerId
          clientId: rest.clientId
          tokenId: rest.tokenId
          expand: rest.expand
        outputParameters:
        - type: object
          mapping: $.
      - method: DELETE
        name: revokerefreshtokenforauthorizationserverandclient
        description: Success
        call: okta-authorizationserver.revokerefreshtokenforauthorizationserverandclient
        with:
          authServerId: rest.authServerId
          clientId: rest.clientId
          tokenId: rest.tokenId
        outputParameters:
        - type: object
          mapping: $.
    - path: /v1/api/v1/authorizationservers/{authserverid}/credentials/keys
      name: api-v1-authorizationservers-authserverid-credentials-keys
      description: REST surface for api-v1-authorizationServers-authServerId-credentials-keys.
      operations:
      - method: GET
        name: listauthorizationserverkeys
        description: Success
        call: okta-authorizationserver.listauthorizationserverkeys
        with:
          authServerId: rest.authServerId
        outputParameters:
        - type: object
          mapping: $.
    - path: /v1/api/v1/authorizationservers/{authserverid}/credentials/lifecycle/keyrotate
      name: api-v1-authorizationservers-authserverid-credentials-lifecycle-keyrotate
      description: REST surface for api-v1-authorizationServers-authServerId-credentials-lifecycle-keyRotate.
      operations:
      - method: POST
        name: rotateauthorizationserverkeys
        description: Success
        call: okta-authorizationserver.rotateauthorizationserverkeys
        with:
          authServerId: rest.authServerId
          body: rest.body
        outputParameters:
        - type: object
          mapping: $.
    - path: /v1/api/v1/authorizationservers/{authserverid}/lifecycle/activate
      name: api-v1-authorizationservers-authserverid-lifecycle-activate
      description: REST surface for api-v1-authorizationServers-authServerId-lifecycle-activate.
      operations:
      - method: POST
        name: activateauthorizationserver
        description: Success
        call: okta-authorizationserver.activateauthorizationserver
        with:
          authServerId: rest.authServerId
        outputParameters:
        - type: object
          mapping: $.
    - path: /v1/api/v1/authorizationservers/{authserverid}/lifecycle/deactivate
      name: api-v1-authorizationservers-authserverid-lifecycle-deactivate
      description: REST surface for api-v1-authorizationServers-authServerId-lifecycle-deactivate.
      operations:
      - method: POST
        name: deactivateauthorizationserver
        description: Success
        call: okta-authorizationserver.deactivateauthorizationserver
        with:
          authServerId: rest.authServerId
        outputParameters:
        - type: object
          mapping: $.
    - path: /v1/api/v1/authorizationservers/{authserverid}/policies
      name: api-v1-authorizationservers-authserverid-policies
      description: REST surface for api-v1-authorizationServers-authServerId-policies.
      operations:
      - method: GET
        name: listauthorizationserverpolicies
        description: Success
        call: okta-authorizationserver.listauthorizationserverpolicies
        with:
          authServerId: rest.authServerId
        outputParameters:
        - type: object
          mapping: $.
      - method: POST
        name: createauthorizationserverpolicy
        description: Success
        call: okta-authorizationserver.createauthorizationserverpolicy
        with:
          authServerId: rest.authServerId
          body: rest.body
        outputParameters:
        - type: object
          mapping: $.
    - path: /v1/api/v1/authorizationservers/{authserverid}/policies/{policyid}
      name: api-v1-authorizationservers-authserverid-policies-policyid
      description: REST surface for api-v1-authorizationServers-authServerId-policies-policyId.
      operations:
      - method: GET
        name: getauthorizationserverpolicy
        description: Success
        call: okta-authorizationserver.getauthorizationserverpolicy
        with:
          authServerId: rest.authServerId
          policyId: rest.policyId
        outputParameters:
     

# --- truncated at 32 KB (54 KB total) ---
# Full source: https://raw.githubusercontent.com/api-evangelist/okta/refs/heads/main/capabilities/okta-authorizationserver.yaml