Okta MCP Server

by Okta

Official Okta IAM MCP. Full CRUD on users, groups, applications, and policies via the Okta Python SDK. Two authentication methods (Device Authorization Grant for interactive use, Private Key JWT for server-to-server) and integration with the MCP Elicitation API for confirming destructive operations.

★ 31·6 tools·Released SEP 2025·Apache-2.0

docker-compose up -d # Docker recommended; uv-based path also available

“Official Okta IAM MCP. Pushed yesterday with zero tagged releases yet, which is the central caveat: this server ships from `main` and operators wanting version pinning have to commit-pin. Apache-2.0, Python, 31 stars. The technical surface is the most polished in this batch security category: full CRUD on users, groups, applications, and policies; two authentication methods (Device Authorization Grant for interactive use, Private Key JWT for server-to-server); and integration with the MCP Elicitation API for confirming destructive operations through the client. The official path for agent-driven Okta administration. Built on Okta Python SDK. Distinctive feature: destructive operations (deletes, deactivations) prompt the user for confirmation through the MCP Elicitation API before proceeding, with automatic fallback for clients that omit Elicitation support. Docker-first installation path documented; uv-based path also available.”
Reviewed by M. Nouriel · APR 2026

// Connect

INSTALL THIS SERVER

Requires authenticationDevice Authorization Grant (interactive) for individual operators or Private Key JWT (server-to-server) for automated agent deployments. Pin the issuing application to the minimum required Okta API scopes.

{
  "mcpServers": {
    "okta": {
      "command": "docker",
      "args": [
        "exec",
        "-i",
        "okta-mcp",
        "python",
        "-m",
        "okta_mcp_server"
      ],
      "env": {
        "OKTA_DOMAIN": "<your-okta-domain>",
        "OKTA_CLIENT_ID": "<your-client-id>"
      }
    }
  }
}

PrereqDocker installation recommended: clone github.com/okta/okta-mcp-server, copy .env.example to .env with your Okta credentials, then `docker-compose up -d`. For uv-based install, follow the Python SDK setup in the README. Two auth modes: Device Authorization Grant (interactive, browser) or Private Key JWT (server-to-server, recommended for agents). Path: ~/Library/Application Support/Claude/claude_desktop_config.json (macOS).

{
  "mcpServers": {
    "okta": {
      "command": "docker",
      "args": [
        "exec",
        "-i",
        "okta-mcp",
        "python",
        "-m",
        "okta_mcp_server"
      ],
      "env": {
        "OKTA_DOMAIN": "<your-okta-domain>",
        "OKTA_CLIENT_ID": "<your-client-id>"
      }
    }
  }
}

{
  "mcpServers": {
    "okta": {
      "command": "docker",
      "args": [
        "exec",
        "-i",
        "okta-mcp",
        "python",
        "-m",
        "okta_mcp_server"
      ],
      "env": {
        "OKTA_DOMAIN": "<your-okta-domain>",
        "OKTA_CLIENT_ID": "<your-client-id>"
      }
    }
  }
}

{
  "mcpServers": {
    "okta": {
      "command": "docker",
      "args": [
        "exec",
        "-i",
        "okta-mcp",
        "python",
        "-m",
        "okta_mcp_server"
      ],
      "env": {
        "OKTA_DOMAIN": "<your-okta-domain>",
        "OKTA_CLIENT_ID": "<your-client-id>"
      }
    }
  }
}

{
  "mcpServers": {
    "okta": {
      "command": "docker",
      "args": [
        "exec",
        "-i",
        "okta-mcp",
        "python",
        "-m",
        "okta_mcp_server"
      ],
      "env": {
        "OKTA_DOMAIN": "<your-okta-domain>",
        "OKTA_CLIENT_ID": "<your-client-id>"
      }
    }
  }
}

// Tools

6 TOOLS AVAILABLE

user_crud

Create, get, list, update, deactivate, delete Okta users

Admin

group_crud

Create, get, list, update, delete groups; manage memberships

Admin

application_crud

Create, get, list, update, delete applications; manage assignments

Admin

policy_crud

Create, get, list, update, delete authentication and authorization policies

Admin

factor_management

List and manage user MFA factors

Admin

system_logs

Query Okta system log events for audit trails

Read

// Editorial Review

OUR ASSESSMENT

Strengths

Official Okta GitHub org publication.
Apache-2.0 license.
Python SDK-based (Okta official SDK).
Two authentication methods: Device Authorization Grant (interactive) and Private Key JWT (server-to-server).
MCP Elicitation API integration for confirming destructive operations.
Comprehensive tool surface: full CRUD on users, groups, applications, policies.
Docker-first installation with uv as alternative.
29 forks (high relative to 31 stars) signals active integration work.

Weaknesses

No tagged releases; runs from main. Operators wanting version pinning have to commit-pin.
31 stars; community traction is modest.
0 commits in the last 30 days; push activity reflects branch updates over new commits to main.
Manual installation flow is heavier than a single npx or uvx command.

Security Notes

Okta admin operations have organisation-wide blast radius. Use Private Key JWT authentication for server-to-server agent deployments and pin the issuing application to the minimum required Okta API scopes. The MCP Elicitation API confirmation pattern is a meaningful additional safeguard against agent hallucination on destructive operations; clients that omit Elicitation support fall back to a confirmation-via-tool-call pattern. For evaluation, use Device Authorization Grant against a sandbox Okta org. Rotate Private Key JWT signing keys on schedule.

Best For

Okta administrators wanting natural-language management operations, IAM workflows where confirmation prompts on destructive operations are required, and teams already running Okta and wanting native agent integration through Okta-published code.

// Technical

TECHNICAL DETAILS

Language

python

Transport

stdio

Clients

Claude DesktopClaude CodeCursorVS CodeWindsurf

License

Apache-2.0

GitHub

okta/okta-mcp-server · ★ 31

npm

okta-mcp-server

Last Release

main (no tagged releases)APR 28, 2026

First Released

SEP 23, 2025

// Adoption

ADOPTION METRICS

// GitHub Stars

// Reading this31 stars and 29 forks; the high fork-to-star ratio signals active integration work despite the modest star count.

// Popularity Rank

#23

Globally · #3 in Security

// Reading thisThird-ranked in security category. Tier 2 with the no-tagged-releases caveat; flag for re-evaluation when v0.1 ships.

// How we found this server

SOURCES & VERIFICATION

We don't take any single directory's word for it. Before scoring, we cross-reference 5 public MCP sources, install the server ourselves against the clients we cover, and record when we last re-verified.

Discovered

Manual submission

First indexed APR 29, 2026

Cross-referenced

5 directories

PulseMCP, MCP.so, Glama, Smithery, Official MCP Registry

Verified against

Claude Desktop, Cursor, VS Code

Installed and tested across clients

Last re-checked

APR 29, 2026

Weekly re-verification

// How other directories see it

The same server, 5 different lenses. We reconcile these signals into our editorial score, which is why our number sometimes diverges from a directory-aggregate star count.

Source	Their rating	Their star count	Their downloads	Last synced
AutomationSwitch This page	3.7editorial	31	—	APR 29, 2026
PulseMCP	— unrated	unavailable	unavailable	APR 29, 2026
MCP.so	— unrated	unavailable	unavailable	APR 29, 2026
Glama	— unrated	unavailable	unavailable	APR 29, 2026
Smithery	— unrated	unavailable	unavailable	APR 29, 2026
Official MCP Registry	— unrated	unavailable	unavailable	APR 29, 2026

// Counts are directory-reported; we don't adjust them. Discrepancies usually come from different snapshot times or star-caching.

// Alternatives

OTHER SECURITY MCP SERVERS

Vendor4

Infisical MCP

Infisical

Official Infisical MCP server for secrets management. 10 tools cover the full secret lifecycle plus project, environment, folder, and member management. Two authentication methods (machine identity universal-auth and access-token), self-hostable instance support via INFISICAL_HOST_URL.

10 tools★ 45

Vendor3.8

Trivy MCP

Aqua Security

Official Aqua Security Trivy plugin that turns Trivy scanning capabilities into an MCP server. Distributed as a Trivy plugin: `trivy plugin install mcp`. Three transport modes (stdio, streamable HTTP, SSE), IDE integration for VS Code, Cursor, JetBrains, and Claude Desktop.

4 tools★ 37

// Get in touch

DISCUSS YOUR
MCP REQUIREMENTS.

Evaluating a server, scoping an internal deployment, or working out whether MCP is the right fit at all. Start the conversation and we will point you at the right piece of the ecosystem.

Discuss Your MCP Requirements →

Okta MCP Server

INSTALL THIS SERVER

6 TOOLS AVAILABLE

OUR ASSESSMENT

TECHNICAL DETAILS

ADOPTION METRICS

SOURCES & VERIFICATION

OTHER SECURITY MCP SERVERS

Infisical MCP

Trivy MCP

DISCUSS YOURMCP REQUIREMENTS.

DISCUSS YOUR
MCP REQUIREMENTS.