How to fetch users from Okta using Python

Editor's note: This article is part of a series on building third-party API integrations. Explore Merge if you’re looking to add 180+ integrations across HR, SCIM, payroll, ATS, CRM, accounting, ticketing, marketing automation, and file storage with one unified API.
Okta is a robust and flexible access management tool that offers identity management services. It serves as a consolidated platform for managing employees' identities, encompassing single sign-on, multi-factor authentication, and lifecycle management features. Furthermore, its ability to integrate smoothly with various applications streamlines the HR process and boosts productivity by automating user management tasks.
Integrations with Okta often require pulling user data to other platforms for use cases like auto-provisioning, org chart management, etc. Integrations like these can oftentimes enhance the system's security and efficiency, among other benefits.
In this article, we'll walk through how you can build an integration with Okta by successfully authenticating and and fetch users using Python. Buckle up.
{{blog-cta-100+}}
Authentication configuration in Okta
To make authenticated API requests to Okta, you'll need to include an API token in your HTTP header. Okta has a few different options for authentication, but here we will walk through Okta's Basic Authentication. If you need help finding your API key, we have a help center article with instructions on how to find it.
The header you include in your requests should be in the following format: <code class="blog_inline-code">Authorization: SSWS {API-KEY}</code>. This means that you substitute <code class="blog_inline-code">{API-KEY}</code> with your actual API token. Be cautious to protect this token and avoid exposing it in public places like GitHub, client-side code, etc.
This API token works as a bearer token which is a method that servers and clients communicate authentication and privileges. This token is generated in your Okta dashboard, specifically in the tokens tab of the API section. Each API request you make will need this token included in the header.
Fetching users from Okta
The script below uses the requests library to send the GET request to the Okta API. It then parses the response as JSON and adds the users to a list. The script uses a while loop to continue fetching users as long as there is a next link in the response headers. When there is no next link, it means we've fetched all the users and the script breaks out of the loop.
Remember to replace <code class="blog_inline-code">your-okta-domain</code> and <code class="blog_inline-code">your-api-key</code> with your actual Okta domain and API key.
You should see the list of users from Okta as the output.
Conclusion
And that's it! You've successfully authenticated and fetched users from Okta.
But what happens when Okta is merely one among many integrations that your team must develop and sustain, and your next customer asks you for a JumpCloud, Azure Active Directory or OneLogin integration?
This is where a Unified API, such as Merge, comes into play. At Merge, we’ve built an API that lets you easily integrate once to offer 40+ HRIS, SCIM and Payroll integrations. Our Unified API has also smoothed out pagination and authentication.
You can learn more about Merge by scheduling a demo with one of our integration experts.