okta

This MCP server integrates Claude with Okta to provide comprehensive user and group management along with onboarding automation. After wiring up your Claude Desktop to point at the server (via the PATH_TO_PROJECT_DIRECTORY/dist/index.js file and your Okta credentials), you can use a range of tools to manage Okta users and groups directly from Claude prompts. The key capabilities include retrieving detailed user information, searching and filtering users by multiple attributes, listing and managing groups, and performing onboarding automation tasks for new hires. The onboarding tools are labeled as experimental, so exercise caution in production environments and monitor Okta API usage.

To use the tools, issue Claude prompts that reference the available commands. For example, you can request detailed information about a specific user, search for users by attributes like department or title, list all users in a group, or create and manage groups. The onboarding tools enable bulk user import, group assignments, application provisioning, and running end-to-end onboarding workflows from CSV data. The server exposes both standard user/group management APIs and specialized onboarding operations through the same interface, allowing you to automate common HR-to-IT onboarding scenarios.

Prerequisites:

• Node.js v16 or higher
• Claude Desktop App
• Okta Developer Account with Admin API Token

Step-by-step installation:

1. Clone or download the MCP server project from the repository.
2. Install dependencies:

npm install

3. Create and configure environment variables for Okta access (to be used by Claude Desktop integration):

• OKTA_ORG_URL: Your Okta domain (e.g., https://dev-123456.okta.com)
• OKTA_API_TOKEN: The API token you generated in Okta (Security > API > Tokens)

4. Build or prepare the server distribution if required by the project setup (e.g., npm run build) and ensure the built file exists at dist/index.js.
5. Update Claude Desktop configuration to point to the server script and environment variables as shown in the example configuration.
6. Restart Claude Desktop to load the new MCP server configuration.

Environment variables and configuration:

• Ensure OKTA_ORG_URL uses the full URL including https://
• Treat the OKTA_API_TOKEN as a secret and do not expose it in logs or screenshots
• The onboarding tooling is experimental and subject to change; test thoroughly before using in production Common issues:
• Tools not appearing in Claude: verify the path to index.js and environment variables
• Authentication errors: double-check the Okta domain and API token validity, and ensure the token has the required scopes
• If using SCIM or advanced search features, ensure your Okta tenant supports the requested operations and that the API token has permissions for those actions