Enable or disable the Access Gateway API

The Access Gateway API lets you run many tasks through a programmatic interface. Before you can use the Access Gateway API, you must enable it in the Access Gateway Admin UI console.

See Okta Access Gateway API.

Enable the Access Gateway API

1. Go to the Access Gateway Admin UI console.
2. Click the Settings tab.
3. Click the Access Gateway button.
4. Expand the API section.
5. Click the Scopes dropdown menu.
6. Select a scope from the list. As you select a scope, it appears in the field. Select more scopes if you need them.

   You can't add more scopes after you enable the Access Gateway API. If you need to add more, disable the Access Gateway API, add the correct scopes, and then enable it again.

7. Click the toggle switch so that it displays Enabled. The API Client Private Key dialog appears.
8. Click Copy to Clipboard. This key only appears once and you can't retrieve it later. Paste the API client private key in a secure location. You need this key in your code to interact with the API.
9. The client ID appears in the API section. Copy and paste the client ID in a secure location. You need this ID in your code to interact with the API.
10. Add the API client private key and the client ID in your code. Here's an example. Replace the values with your own:

    [ { "client_id": "nnnnnnnn-nnnn-nnnn-nnnn-nnnnnnnnnnnn", "scope": [ "okta.oag.app.scope" ], "expiration": 0 } ]

11. Sign a JSON web token (JWT). See Okta Access Gateway API.

Disable the Access Gateway API

1. Go to the Access Gateway Admin UI console.
2. Click the Settings tab.
3. Click the Access Gateway button.
4. Expand the API section.
5. Click the toggle switch so that it shows Disabled. The confirmation dialog appears.
6. Click Yes. The client ID that you created is no longer available to the Access Gateway API.
7. Remove references to the client ID that you deleted, and its scopes, from your code that interacts with the Access Gateway API.