{"id":"okta-okta-mcp-server","name":"okta-mcp-server","af_score":54.8,"security_score":71.5,"reliability_score":23.8,"what_it_does":"Provides an MCP (Model Context Protocol) server that lets LLMs/agents perform Okta admin management operations (CRUD on users, groups, apps, policies, etc.) by calling Okta’s Admin Management APIs. Supports interactive Device Authorization Grant and automated Private Key JWT authentication, with confirmation/elicitation for destructive operations via the MCP Elicitation API.","best_when":"You want an LLM-connected, tool-based interface to Okta Admin APIs with scoped permissions and (ideally) elicitation for destructive actions.","avoid_when":"You cannot control or validate prompts/tool invocations, or you cannot securely manage long-lived Okta credentials/keys for the server.","last_evaluated":"2026-03-30T15:30:14.269846+00:00","has_mcp":true,"has_api":false,"auth_methods":["Device Authorization Grant (interactive)","Private Key JWT (browserless server-to-server)"],"has_free_tier":false,"known_gotchas":["Be careful with prompt-to-action behavior for destructive operations (deletes/deactivations). Even with elicitation, clients that don’t support the feature may fall back to a less safe flow.","Ensure scopes are minimally privileged; the tool can potentially perform broad Okta admin actions depending on granted permissions.","Device Authorization flow requires manual browser completion; for automation prefer Private Key JWT.","Token/key material is supplied via environment variables (private key); ensure logs and process inspection are controlled."],"error_quality":0.0}