This MCP server enables Claude to interact with Okta's user management system, currently providing user information retrieval capabilities.
- Node.js (v16 or higher)
- Claude Desktop App
- Okta Developer Account
- Admin API Token from Okta
- Go to the Okta Developer Console
- Create a new account or sign in to an existing one
- Note your Okta domain (e.g.,
dev-123456.okta.com)
- In the Okta Developer Console, go to Security > API > Tokens
- Click "Create Token"
- Give your token a meaningful name (e.g., "MCP Server Token")
- Copy the token value (you won't be able to see it again)
Install dependencies:
npm installCreate a .env file for local development (don't commit this file):
OKTA_ORG_URL=https://your-domain.okta.com
OKTA_API_TOKEN=your-api-token
Open your Claude Desktop configuration file:
For MacOS:
code ~/Library/Application\ Support/Claude/claude_desktop_config.jsonFor Windows:
code %AppData%\Claude\claude_desktop_config.jsonAdd or update the configuration:
{
"mcpServers": {
"okta": {
"command": "node",
"args": [
"/ABSOLUTE/PATH/TO/YOUR/build/index.js"
],
"env": {
"OKTA_ORG_URL": "https://your-domain.okta.com",
"OKTA_API_TOKEN": "your-api-token"
}
}
}
}Save the file and restart Claude Desktop.
The server currently provides the following tool:
Retrieves detailed user information from Okta, including:
- User Details (ID, Status)
- Account Dates (Created, Activated, Last Login, etc.)
- Personal Information (Name, Email)
- Employment Details
- Contact Information
- Address
- Preferences
After setup, you can use commands like:
- "Show me details for user [email protected]"
- "What's the status of user [email protected]"
- "When was the last login for user [email protected]"
The server includes robust error handling for:
- User not found (404 errors)
- API authentication issues
- Missing or invalid user profiles
- General API errors
Tools not appearing in Claude:
- Check Claude Desktop logs:
tail -f ~/Library/Logs/Claude/mcp*.log - Verify all environment variables are set correctly
- Ensure the path to index.js is absolute and correct
Authentication Errors:
- Verify your API token is valid
- Check if OKTA_ORG_URL includes the full URL with https://
- Ensure your Okta domain is correct
Server Connection Issues:
- Check if the server built successfully
- Verify file permissions on build/index.js (should be 755)
- Try running the server directly:
node /path/to/build/index.js
To view server logs:
For MacOS/Linux:
tail -n 20 -f ~/Library/Logs/Claude/mcp*.logFor Windows:
Get-Content -Path "$env:AppData\Claude\Logs\mcp*.log" -Wait -Tail 20If you're getting environment variable errors, verify:
OKTA_ORG_URL: Should be complete URL (e.g., "https://dev-123456.okta.com")OKTA_API_TOKEN: Should be a valid API token
- Keep your API token secure
- Don't commit credentials to version control
- Use environment variables for sensitive data
- Regularly rotate API tokens
- Monitor API usage in Okta Admin Console
- Implement rate limiting for API calls
- Use minimum required permissions for API token
The server includes TypeScript interfaces for Okta user data:
interface OktaUserProfile {
login: string;
email: string;
secondEmail?: string;
firstName: string;
lastName: string;
displayName: string;
nickName?: string;
organization: string;
title: string;
division: string;
department: string;
employeeNumber: string;
userType: string;
costCenter: string;
mobilePhone?: string;
primaryPhone?: string;
streetAddress: string;
city: string;
state: string;
zipCode: string;
countryCode: string;
preferredLanguage: string;
profileUrl?: string;
}
interface OktaUser {
id: string;
status: string;
created: string;
activated: string;
lastLogin: string;
lastUpdated: string;
statusChanged: string;
passwordChanged: string;
profile: OktaUserProfile;
}MIT License - See LICENSE file for details.
If you encounter any issues:
- Check the troubleshooting section above
- Review Claude Desktop logs
- Examine the server's error output
- Check Okta's developer documentation
Note: PRs welcome!