DEV Community

CuratedMCP profile image curatedmcp
curatedmcp for CuratedMCP

Posted on • Originally published at curatedmcp.com

Okta MCP: Let Your AI Agent Handle Identity Management

#mcp #ai #claude #cursor

Install guide and config at curatedmcp.com

Okta MCP: Let Your AI Agent Handle Identity Management

Identity and access management shouldn't require manual ticket shuffling. Okta MCP is the official Okta integration for AI agents—it lets Claude, Cursor, or Windsurf directly manage users, groups, authentication workflows, and security events within your Okta tenant.

If you're managing identity infrastructure, this means your AI can provision users, enforce access policies, investigate authentication failures, and respond to security incidents without you leaving your IDE or chat window.

What It Does

Okta MCP grants AI agents safe, scoped access to your identity workflows. Your agent can:

  • Manage users at scale: create, update, deactivate accounts, reset passwords, and manage recovery rules
  • Control access: assign users to groups and applications, manage roles, and inspect sign-on policies
  • Monitor security: query authentication events, check MFA status, and analyze access patterns
  • Automate OAuth/OIDC: manage client configurations and token policies

The server is built for security and IT teams who want AI to reduce toil—faster user onboarding, quicker incident response, and easier policy enforcement. Everything is gated by your Okta API token, so permissions stay locked to what you've explicitly authorized.

How to Install 

npx -y @okta/mcp
Enter fullscreen mode Exit fullscreen mode

Then add it to your Claude Desktop config:

{
  "mcpServers": {
    "okta-mcp": {
      "command": "npx -y @okta/mcp",
      "env": {
        "OKTA_DOMAIN": "your-org.okta.com",
        "OKTA_API_TOKEN": "your_api_token_here"
      }
    }
  }
}
Enter fullscreen mode Exit fullscreen mode

Grab your API token from Admin → API → Tokens in your Okta console. Full setup guides for Cursor and Windsurf are in the docs.

Real-World Use Cases

  • Onboarding sprint: Ask Claude to provision 12 new contractors, assign them to the engineering group, activate their Slack app, and send a summary—all in one prompt.
  • Incident response: When a security alert fires, ask your agent to pull MFA status for a suspicious user, review their recent sign-ons, and deactivate sessions—no context switching.
  • Access review automation: Have your agent query who has admin roles, who hasn't logged in this quarter, and which legacy OAuth clients are still active—then generate a compliance report.

Full install guides for Claude Desktop, Cursor, Windsurf, and more at CuratedMCP.

Top comments (0)