GET /api/v1/users/{id}

Retrieves a user from your Okta org.

You can substitute me for the id to fetch the current user linked to an API token or session cookie.

The request returns the user linked to the API token that is specified in the Authorization header, not the user linked to the active session. Details of the admin user who granted the API token is returned.
When the end user has an active Okta session, it is typically a CORS request from the browser. Therefore, it's possible to retrieve the current user without the Authorization header.

When fetching a user by login or login shortname, URL encode the request parameter to ensure that special characters are escaped properly. Logins with a / character can only be fetched by id due to URL issues with escaping the / character. If you don't know a user's ID, you can use the List all users endpoint to find it.

Note: Some browsers block third-party cookies by default, which disrupts Okta functionality in certain flows. See Mitigate the impact of third-party cookie deprecation.

Servers

https://{yourOktaDomain}

Path parameters

Name	Type	Required	Description
`id`	String	Yes	An ID, login, or login shortname (as long as the shortname is unambiguous) of an existing Okta user

Request headers

Name Type Required Description

Name	Type	Required	Description
`Content-Type`	String	No	Specifies the media type of the resource. Optional `okta-response` value can be included for performance optimization. Complex DelAuth configurations may degrade performance when fetching specific parts of the response, and passing this parameter can omit these parts, bypassing the bottleneck. Enum values for `okta-response`: `omitCredentials`: Omits the credentials subobject from the response. `omitCredentialsLinks`: Omits the following HAL links from the response: Update password, Change recovery question, Start forgot password flow, Reset password, Reset factors, Unlock. `omitTransitioningToStatus`: Omits the `transitioningToStatus` field from the response.

Content-Type

String

No

Specifies the media type of the resource. Optional okta-response value can be included for performance optimization.

Complex DelAuth configurations may degrade performance when fetching specific parts of the response, and passing this parameter can omit these parts, bypassing the bottleneck.

Enum values for okta-response:

omitCredentials: Omits the credentials subobject from the response.
omitCredentialsLinks: Omits the following HAL links from the response: Update password, Change recovery question, Start forgot password flow, Reset password, Reset factors, Unlock.
omitTransitioningToStatus: Omits the transitioningToStatus field from the response.

Query parameters

Name	Type	Required	Description
`expand`	String	No	An optional parameter to include metadata in the `_embedded` attribute. Valid values: `blocks` or `classification`.

How to start integrating

Add HTTP Task to your workflow definition.
Search for the API you want to integrate with and click on the name.
- This loads the API reference documentation and prepares the Http request settings.
Click Test request to test run your request to the API and see the API's response.

All third party trademarks (including logos and icons) are the property of their respective owners, which do not sponsor, authorize, or endorse this website.

Pricing Templates Integrations Blog Contact Us Help

Terms of Service Privacy Policy