Application Federated Claims

The federated claims for an application

List all configured federated claims
Early Access
OAuth 2.0: `okta.apps.read`

Lists all federated claims for your app

Request

path Parameters

appId

required

string

Application ID

Example: 0oafxqCAJWWGELFTYASJ

Responses

200

OK

401

Unauthorized

403

Forbidden

404

Not Found

429

Too Many Requests

get/api/v1/apps/{appId}/federated-claims

Request samples

Response samples

200
401
403
404
429

application/json

[{"id": "ofc893fbjaBaqdtoX0g7",
"name": "role",
"expression": "appuser.entitlements.role",
"created": "2024-12-25T03:00:00.000Z",
"lastUpdated": "2024-12-25T03:00:00.000Z"
},
{"id": "ofc893fbjaTxynmo5v93",
"name": "readOnly",
"expression": "appuser.entitlements.readOnly",
"created": "2024-12-25T05:00:00.000Z",
"lastUpdated": "2024-12-25T05:00:00.000Z"
}
]

Create a federated claim
Early Access
OAuth 2.0: `okta.apps.manage`

Creates a claim that will be included in tokens produced by federation protocols (for example: OIDC id_tokens or SAML Assertions)

Request

path Parameters

appId

required

string

Application ID

Example: 0oafxqCAJWWGELFTYASJ

Request Body schema: application/json
required

expression	string The Okta Expression Language expression to be evaluated at runtime
name	string The name of the claim to be used in the produced token

Responses

201

Created

400

Bad Request

401

Unauthorized

403

Forbidden

429

Too Many Requests

post/api/v1/apps/{appId}/federated-claims

Request samples

application/json

{"name": "role",
"expression": "appuser.entitlements.role"
}

Response samples

201
400
401
403
429

application/json

{"id": "ofc893fbjaBaqdtoX0g7",
"name": "role",
"expression": "appuser.entitlements.role",
"created": "2024-12-25T03:00:00.000Z",
"lastUpdated": "2024-12-25T03:00:00.000Z"
}

Retrieve a federated claim
Early Access
OAuth 2.0: `okta.apps.read`

Retrieves a federated claim by claimId

Request

path Parameters

appId required	string Application ID Example: 0oafxqCAJWWGELFTYASJ
claimId required	string The unique `id` of the federated claim Example: ofc2f4zrZbs8nUa7p0g4

Responses

200

OK

401

Unauthorized

403

Forbidden

404

Not Found

429

Too Many Requests

get/api/v1/apps/{appId}/federated-claims/{claimId}

Request samples

Response samples

200
401
403
404
429

application/json

{"id": "ofc893fbjaBaqdtoX0g7",
"name": "role",
"expression": "appuser.entitlements.role",
"created": "2024-12-25T03:00:00.000Z",
"lastUpdated": "2024-12-25T03:00:00.000Z"
}

Replace a federated claim
Early Access
OAuth 2.0: `okta.apps.manage`

Replaces a claim that will be included in tokens produced by federation protocols (for example: OIDC id_tokens or SAML Assertions)

Request

path Parameters

appId required	string Application ID Example: 0oafxqCAJWWGELFTYASJ
claimId required	string The unique `id` of the federated claim Example: ofc2f4zrZbs8nUa7p0g4

Request Body schema: application/json

expression	string The Okta Expression Language expression to be evaluated at runtime
name	string The name of the claim to be used in the produced token

Responses

201

Created

400

Bad Request

401

Unauthorized

403

Forbidden

429

Too Many Requests

put/api/v1/apps/{appId}/federated-claims/{claimId}

Request samples

application/json

{"name": "readOnly",
"expression": "appuser.entitlements.readOnly"
}

Response samples

201
400
401
403
429

application/json

{"id": "ofc893fbjaTxynmo5v93",
"name": "readOnly",
"expression": "appuser.entitlements.readOnly",
"created": "2024-12-25T04:00:00.000Z",
"lastUpdated": "2024-12-25T05:00:00.000Z"
}

Delete a federated claim
Early Access
OAuth 2.0: `okta.apps.manage`

Deletes a federated claim by claimId

Request

path Parameters

appId required	string Application ID Example: 0oafxqCAJWWGELFTYASJ
claimId required	string The unique `id` of the federated claim Example: ofc2f4zrZbs8nUa7p0g4

Responses

204

No Content

401

Unauthorized

403

Forbidden

404

Not Found

429

Too Many Requests

delete/api/v1/apps/{appId}/federated-claims/{claimId}

Request samples

Response samples

401
403
404
429

application/json

{"errorCode": "E0000011",
"errorSummary": "Invalid token provided",
"errorLink": "E0000011",
"errorId": "sampleQPivGUj_ND5v78vbYWW",
"errorCauses": [ ]
}

Application Federated Claims

List all configured federated claimsEarly AccessOAuth 2.0: okta.apps.read

path Parameters

Create a federated claimEarly AccessOAuth 2.0: okta.apps.manage

path Parameters

Request Body schema: application/jsonrequired

Retrieve a federated claimEarly AccessOAuth 2.0: okta.apps.read

path Parameters

Replace a federated claimEarly AccessOAuth 2.0: okta.apps.manage

path Parameters

Request Body schema: application/json

Delete a federated claimEarly AccessOAuth 2.0: okta.apps.manage

path Parameters

List all configured federated claims
Early Access
OAuth 2.0: `okta.apps.read`

Create a federated claim
Early Access
OAuth 2.0: `okta.apps.manage`

Request Body schema: application/json
required

Retrieve a federated claim
Early Access
OAuth 2.0: `okta.apps.read`

Replace a federated claim
Early Access
OAuth 2.0: `okta.apps.manage`

Delete a federated claim
Early Access
OAuth 2.0: `okta.apps.manage`