Skip to main content

Announcing StackOne Defender: leading open-source prompt injection guard for your agent Read More

Connect

Connectors Agent Auth MCP Connector Builder

Optimize

Tool Discovery Falcon Engine

Secure

Defender
Connectors

HRIS / HCM

Employee Onboarding Employee Offboarding

Recruiting

Application Screening Interview Scheduling

Customer Support

Ticket Triage Voice Call Summarization

Sales & CRM

Deal Risk Scoring Lead Qualification

Accounting & Finance

Invoice Processing Month-End Accruals

Marketing

Campaign Reports Lead Nurture Sequences
View all use cases

Developers

Docs Changelog Status

Learn

Blog Case Studies Events Partners
Pricing
Login Book Demo Start Free

Okta MCP Server
for AI Agents

Production-ready Okta MCP server with 32 extensible actions — plus built-in authentication, security, and optimized execution.

Start Free Book Demo Read Docs →
Okta logo
Okta MCP Server
Built by StackOne StackOne

Coverage

32 Agent Actions

Create, read, update, and delete across Okta — and extend your agent's capabilities with custom actions.

MCP Actions → Create Actions →

Authentication

Agent Tool Authentication

Per-user OAuth in one call. Your Okta MCP server gets session-scoped tokens with zero credentials stored on your infra.

Agent Auth →

Security

Agent Protection

Every Okta tool response scanned for prompt injection in milliseconds — 88.7% accuracy, all running on CPU.

Prompt Injection Defense →

Performance

Max Agent Context. Min Cost.

Free up to 96% of your agent's context window to enhance reasoning and reduce cost, on every Okta call.

Tools Discovery →

What is the Okta MCP Server?

A Okta MCP server lets AI agents read and write Okta data through the Model Context Protocol — Anthropic's open standard for connecting LLMs to external tools. StackOne's Okta MCP server ships with 32 pre-built actions, fully extensible via the Connector Builder — plus managed authentication, prompt injection defense, and optimized agent context. Connect it from MCP clients like Claude Desktop, Cursor, and VS Code, or from agent frameworks like OpenAI Agents SDK, LangChain, and Vercel AI SDK.

All Okta MCP Tools and Actions

Every action from Okta's API, ready for your agent. Create, read, update, and delete — scoped to exactly what you need.

Devices

  • List Devices

    Lists all devices with pagination support and flexible search options

  • Get Device

    Retrieves a device by its ID

  • Delete Device

    Permanently deletes a device. Device must be in DEACTIVATED status first.

Activate Devices

  • Activate Device

    Activates a device by setting its status to ACTIVE

Deactivate Devices

  • Deactivate Device

    Deactivates a device by setting its status to DEACTIVATED

Groups

  • Create Group

    Adds a new group with OKTA_GROUP type to your org

  • List Groups

    Lists all groups with pagination support

  • Get Group

    Retrieves a specific group by ID from your org

  • Update Group

    Replaces the profile for a group of OKTA_GROUP type

  • Delete Group

    Deletes a group of OKTA_GROUP or APP_GROUP type from your org

Group Members

  • List Group Members

    Lists all users that are a member of a group

User To Groups

  • Add User To Group

    Assigns a user to a group with OKTA_GROUP type

User From Groups

  • Remove User From Group

    Unassigns a user from a group with OKTA_GROUP type

Realms

  • Create Realm

    Creates a new Realm

  • List Realms

    Lists all Realms with pagination support

  • Get Realm

    Retrieves a Realm by its ID

  • Update Realm

    Replaces the realm profile by its ID

  • Delete Realm

    Deletes a Realm by its ID

User Infos

  • Get User Info

    Retrieves information about the currently authenticated user from the OAuth 2.0 UserInfo endpoint.

Users

  • Create User

    Creates a new user in your Okta org with or without credentials

  • List Users

    Lists all users in your org with pagination and flexible query options

  • Get User

    Retrieves a user from your Okta org by ID, login, or shortname

  • Update User

    Updates a user's profile or credentials with partial update semantics

  • Delete User

    Permanently deletes a user from your Okta organization

Replace Users

  • Replace User

    Replaces a user's profile, credentials, or both using strict-update semantics

User Blocks

  • List User Blocks

    Lists information about how a user is blocked from accessing their account

User Types

  • Create User Type

    Creates a new user type in your Okta organization

  • List User Types

    Lists all user types in your Okta organization

  • Get User Type

    Retrieves a user type by ID

  • Update User Type

    Partially updates an existing user type

  • Delete User Type

    Permanently deletes a user type

Replace User Types

  • Replace User Type

    Fully replaces an existing user type

Set Up Your Okta MCP Server in Minutes

One endpoint. Any framework. Your agent is talking to Okta in under 10 lines of code.

MCP Clients

Agent Frameworks

Claude Desktop
{
  "mcpServers": {
    "stackone": {
      "command": "npx",
      "args": [
        "-y",
        "mcp-remote@latest",
        "https://api.stackone.com/mcp?x-account-id=<account_id>",
        "--header",
        "Authorization: Basic <YOUR_BASE64_TOKEN>"
      ]
    }
  }
}

More Security MCP Servers

Cloudflare

137+ actions

OneLogin

109+ actions

Sentinel XS

69+ actions

Microsoft Entra ID

67+ actions

Drata

57+ actions

JumpCloud

53+ actions

Rippling

37+ actions

All Security MCP Servers →

Okta MCP Server Resources

MCP Code Mode: Keeping Tool Responses Out of Agent Context

Anthropic's code_execution processes data already in context. Custom MCP code mode keeps raw tool responses in a sandbox. 14K tokens vs 500.

11 min

Comparing BM25, TF-IDF, and Hybrid Search for MCP Tool Discovery

Benchmarking BM25, TF-IDF, and hybrid search for MCP tool discovery across 916 tools. The 80/20 TF-IDF/BM25 hybrid hits 21% Top-1 accuracy in under 1ms.

10 min

Indirect Prompt Injection Defense for MCP Tools: A Technical Guide

MCP tools that read emails, CRM records, and tickets are indirect prompt injection vectors. Here's how we built a two-tier defense that scans tool results in ~11ms.

12 min

Okta MCP Server FAQ

Okta MCP server vs direct API integration — what's the difference?
A Okta MCP server and direct API integration serve different use cases. Direct API integration is for software-to-software — backend code calling Okta. A Okta MCP server is for AI agents — MCP clients like Claude and Cursor, plus framework agents built with OpenAI, LangChain, or Vercel AI — discovering and calling Okta at runtime. StackOne provides both.
How does Okta authentication work for AI agents?
Okta authentication for AI agents works through a StackOne Connect Session. Create one via the dashboard or the SDK — you get an auth link and ready-to-paste config for Claude Desktop, Cursor, and other MCP clients. Your user authenticates their own Okta account; StackOne handles token exchange, storage, and refresh. Credentials never reach the LLM, and each user is isolated via origin_owner_id.
Are Okta MCP tools vulnerable to prompt injection?
Yes — Okta MCP tools can be vulnerable to indirect prompt injection. Any tool that reads user-written content — documents, messages, tickets, records, or free-text fields — is a potential vector. StackOne Defender scans every tool response before it enters the agent's context — regex patterns in ~1ms, then a MiniLM classifier in ~4ms. 88.7% accuracy, CPU-only.
What is the context bloat of a Okta agent and how do I avoid it?
Context bloat happens when Okta tool schemas and API responses eat your Okta agent's memory, preventing it from reasoning effectively. A single Okta query can return a massive JSON response, and connecting multiple tools compounds the problem. Tools Discovery and Code Mode reduce context bloat — loading only relevant tools per query and keeping raw responses out of the agent's context.
Can I limit which actions my Okta agent can access?
Yes — you can limit which actions your Okta agent can access directly from the StackOne dashboard. Toggle actions on or off, or restrict them to specific accounts, with no code changes to your agent. Session tokens can be scoped to exact actions so if one leaks, exposure stays contained.
Can I create custom agent actions for my Okta MCP server?
Yes — you can create custom agent actions for your Okta MCP server using Connector Builder. It's an integration agent your coding assistant (Claude Code, Cursor, or Copilot) can invoke to research Okta's API, generate production-ready connector YAML, test against the live API, and validate before you ship.
When should I NOT use a Okta MCP server?
Skip a Okta MCP server if your integration is purely software-to-software — direct Okta API integration is simpler when no AI agent is involved. For deterministic, compliance-critical operations (financial transactions, regulatory reporting), direct API gives you predictable behavior without agent-driven decision-making. MCP shines when AI agents need to dynamically discover and call Okta actions at runtime.
What AI frameworks and AI clients does the StackOne Okta MCP server support?
The StackOne Okta MCP server supports both. MCP clients (paste-and-go apps): Claude Desktop, Claude Code, Cursor, VS Code, Goose. Agent frameworks (code SDKs you build with): OpenAI Agents SDK, Anthropic, Vercel AI, Google ADK, CrewAI, Pydantic AI, LangChain, LangGraph, Azure AI Foundry.

Put your AI agents to work

All the tools you need to build and scale AI agent integrations, with best-in-class connectivity, execution, and security.

Start Free Book Demo