diff --git a/toolkits/okta_api/.pre-commit-config.yaml b/toolkits/okta_api/.pre-commit-config.yaml
new file mode 100644
index 000000000..669b2eda2
--- /dev/null
+++ b/toolkits/okta_api/.pre-commit-config.yaml
@@ -0,0 +1,18 @@
+files: ^.*/okta_api/.*
+repos:
+ - repo: https://github.com/pre-commit/pre-commit-hooks
+ rev: "v4.4.0"
+ hooks:
+ - id: check-case-conflict
+ - id: check-merge-conflict
+ - id: check-toml
+ - id: check-yaml
+ - id: end-of-file-fixer
+ - id: trailing-whitespace
+
+ - repo: https://github.com/astral-sh/ruff-pre-commit
+ rev: v0.6.7
+ hooks:
+ - id: ruff
+ args: [--fix]
+ - id: ruff-format
\ No newline at end of file
diff --git a/toolkits/okta_api/.ruff.toml b/toolkits/okta_api/.ruff.toml
new file mode 100644
index 000000000..7d21bfcdb
--- /dev/null
+++ b/toolkits/okta_api/.ruff.toml
@@ -0,0 +1,44 @@
+target-version = "py310"
+line-length = 100
+fix = true
+
+[lint]
+select = [
+ # flake8-2020
+ "YTT",
+ # flake8-bandit
+ "S",
+ # flake8-bugbear
+ "B",
+ # flake8-builtins
+ "A",
+ # flake8-comprehensions
+ "C4",
+ # flake8-debugger
+ "T10",
+ # flake8-simplify
+ "SIM",
+ # isort
+ "I",
+ # mccabe
+ "C90",
+ # pycodestyle
+ "E", "W",
+ # pyflakes
+ "F",
+ # pygrep-hooks
+ "PGH",
+ # pyupgrade
+ "UP",
+ # ruff
+ "RUF",
+ # tryceratops
+ "TRY",
+]
+
+[lint.per-file-ignores]
+"**/tests/*" = ["S101"]
+
+[format]
+preview = true
+skip-magic-trailing-comma = false
\ No newline at end of file
diff --git a/toolkits/okta_api/LICENSE b/toolkits/okta_api/LICENSE
new file mode 100644
index 000000000..dfbb8b76d
--- /dev/null
+++ b/toolkits/okta_api/LICENSE
@@ -0,0 +1,21 @@
+MIT License
+
+Copyright (c) 2025, Arcade AI
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.
diff --git a/toolkits/okta_api/Makefile b/toolkits/okta_api/Makefile
new file mode 100644
index 000000000..52c7b44aa
--- /dev/null
+++ b/toolkits/okta_api/Makefile
@@ -0,0 +1,54 @@
+.PHONY: help
+
+help:
+ @echo "🛠️ github Commands:\n"
+ @grep -E '^[a-zA-Z_-]+:.*?## .*$$' $(MAKEFILE_LIST) | sort | awk 'BEGIN {FS = ":.*?## "}; {printf "\033[36m%-30s\033[0m %s\n", $$1, $$2}'
+
+.PHONY: install
+install: ## Install the uv environment and install all packages with dependencies
+ @echo "🚀 Creating virtual environment and installing all packages using uv"
+ @uv sync --active --all-extras --no-sources
+ @if [ -f .pre-commit-config.yaml ]; then uv run --no-sources pre-commit install; fi
+ @echo "✅ All packages and dependencies installed via uv"
+
+.PHONY: install-local
+install-local: ## Install the uv environment and install all packages with dependencies with local Arcade sources
+ @echo "🚀 Creating virtual environment and installing all packages using uv"
+ @uv sync --active --all-extras
+ @if [ -f .pre-commit-config.yaml ]; then uv run pre-commit install; fi
+ @echo "✅ All packages and dependencies installed via uv"
+.PHONY: build
+build: clean-build ## Build wheel file using poetry
+ @echo "🚀 Creating wheel file"
+ uv build
+
+.PHONY: clean-build
+clean-build: ## clean build artifacts
+ @echo "🗑️ Cleaning dist directory"
+ rm -rf dist
+
+.PHONY: test
+test: ## Test the code with pytest
+ @echo "🚀 Testing code: Running pytest"
+ @uv run --no-sources pytest -W ignore -v --cov --cov-config=pyproject.toml --cov-report=xml
+
+.PHONY: coverage
+coverage: ## Generate coverage report
+ @echo "coverage report"
+ @uv run --no-sources coverage report
+ @echo "Generating coverage report"
+ @uv run --no-sources coverage html
+
+.PHONY: bump-version
+bump-version: ## Bump the version in the pyproject.toml file by a patch version
+ @echo "🚀 Bumping version in pyproject.toml"
+ uv version --no-sources --bump patch
+
+.PHONY: check
+check: ## Run code quality tools.
+ @if [ -f .pre-commit-config.yaml ]; then\
+ echo "🚀 Linting code: Running pre-commit";\
+ uv run --no-sources pre-commit run -a;\
+ fi
+ @echo "🚀 Static type checking: Running mypy"
+ @uv run --no-sources mypy --config-file=pyproject.toml
\ No newline at end of file
diff --git a/toolkits/okta_api/arcade_okta_api/__init__.py b/toolkits/okta_api/arcade_okta_api/__init__.py
new file mode 100644
index 000000000..e69de29bb
diff --git a/toolkits/okta_api/arcade_okta_api/tools/__init__.py b/toolkits/okta_api/arcade_okta_api/tools/__init__.py
new file mode 100644
index 000000000..dd1869c79
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/tools/__init__.py
@@ -0,0 +1,15965 @@
+"""Arcade Starter Tools for okta
+
+DO NOT EDIT THIS MODULE DIRECTLY.
+
+THIS MODULE WAS AUTO-GENERATED BY TRANSPILING THE API STARTER TOOL JSON DEFINITIONS
+IN THE ../wrapper_tools DIRECTORY INTO PYTHON CODE. ANY CHANGES TO THIS MODULE WILL
+BE OVERWRITTEN BY THE TRANSPILER.
+"""
+
+import asyncio
+from typing import Annotated, Any
+
+import httpx
+from arcade_tdk import ToolContext, tool
+from arcade_tdk.auth import OAuth2
+
+# Retry configuration
+INITIAL_RETRY_DELAY = 0.5 # seconds
+
+HTTP_CLIENT = httpx.AsyncClient(
+ timeout=httpx.Timeout(60.0, connect=10.0),
+ limits=httpx.Limits(max_keepalive_connections=20, max_connections=100),
+ transport=httpx.AsyncHTTPTransport(retries=3),
+ http2=True,
+ follow_redirects=True,
+)
+
+
+def remove_none_values(data: dict[str, Any]) -> dict[str, Any]:
+ return {k: v for k, v in data.items() if v is not None}
+
+
+async def make_request(
+ url: str,
+ method: str,
+ params: dict[str, Any] | None = None,
+ headers: dict[str, Any] | None = None,
+ data: dict[str, Any] | None = None,
+ max_retries: int = 3,
+) -> httpx.Response:
+ """Make an HTTP request with retry logic for 5xx server errors."""
+ for attempt in range(max_retries):
+ try:
+ response = await HTTP_CLIENT.request(
+ url=url,
+ method=method,
+ params=params,
+ headers=headers,
+ data=data,
+ )
+ response.raise_for_status()
+ except httpx.HTTPStatusError as e:
+ # Only retry on 5xx server errors
+ if e.response.status_code >= 500 and attempt < max_retries - 1:
+ # Exponential backoff: 0.5s, 1s, 2s
+ await asyncio.sleep(INITIAL_RETRY_DELAY * (2**attempt))
+ continue
+ # Re-raise for 4xx errors or if max retries reached
+ raise
+ except httpx.RequestError as e:
+ # Don't retry request errors (network issues are handled by transport)
+ raise
+ else:
+ return response
+
+ # This should never be reached, but satisfies type checker
+ raise httpx.RequestError("Max retries exceeded") # noqa: TRY003
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta"))
+async def fetch_app_authenticator_config(
+ context: ToolContext,
+ filter_by_oauth_client_id: Annotated[
+ str, "Filter the app authenticator configurations using this OAuth Client ID."
+ ],
+) -> Annotated[
+ dict[str, Any], "Response from the API endpoint 'getWellKnownAppAuthenticatorConfiguration'."
+]:
+ """Retrieves the app authenticator configuration details.
+
+ Use this tool to get information about an app authenticator's settings, supported methods, and other relevant details.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/.well-known/app-authenticator-configuration",
+ method="GET",
+ params=remove_none_values({"oauthClientId": filter_by_oauth_client_id}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta"))
+async def get_apple_app_site_association(
+ context: ToolContext,
+) -> Annotated[
+ dict[str, Any], "Response from the API endpoint 'getAppleAppSiteAssociationWellKnownURI'."
+]:
+ """Retrieve the apple-app-site-association well-known URI.
+
+ This tool retrieves the content of the `apple-app-site-association` well-known URI, including Okta's `authsrv` content for seamless Okta Verify integration.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/.well-known/apple-app-site-association",
+ method="GET",
+ params=remove_none_values({}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta"))
+async def retrieve_asset_links(
+ context: ToolContext,
+) -> Annotated[dict[str, Any], "Response from the API endpoint 'getAssetLinksWellKnownURI'."]:
+ """Retrieve the content of the assetlinks.json URI.
+
+ Use this tool to obtain the content of the assetlinks.json well-known URI, often used for app-link verification and asset relationship management.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/.well-known/assetlinks.json",
+ method="GET",
+ params=remove_none_values({}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta"))
+async def get_organization_metadata(
+ context: ToolContext,
+) -> Annotated[dict[str, Any], "Response from the API endpoint 'getWellknownOrgMetadata'."]:
+ """Retrieve organization metadata from Okta.
+
+ Call this tool to get the organization metadata from Okta, including the organization ID, configured custom domains, and authentication pipeline details.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/.well-known/okta-organization",
+ method="GET",
+ params=remove_none_values({}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta"))
+async def get_okta_ssf_metadata(
+ context: ToolContext,
+) -> Annotated[dict[str, Any], "Response from the API endpoint 'getWellknownSsfMetadata'."]:
+ """Retrieve SSF transmitter configuration metadata from Okta.
+
+ Use this tool to get detailed SSF transmitter configuration metadata. It provides all supported endpoints and key information regarding Okta org properties such as delivery methods, issuer, and JWKS URI.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/.well-known/ssf-configuration",
+ method="GET",
+ params=remove_none_values({}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta"))
+async def get_webauthn_well_known_uri(
+ context: ToolContext,
+) -> Annotated[dict[str, Any], "Response from the API endpoint 'getWebAuthnWellKnownURI'."]:
+ """Retrieve the content of the 'webauthn' well-known URI.
+
+ This tool retrieves the content from the '.well-known/webauthn' URI. It is used when needing to access the WebAuthn well-known information for configurations or validations.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/.well-known/webauthn",
+ method="GET",
+ params=remove_none_values({}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.agentPools.read"]))
+async def list_agent_pools(
+ context: ToolContext,
+ maximum_agent_pools: Annotated[
+ int | None, "Maximum number of agent pools to be returned per pool type."
+ ] = None,
+ agent_pool_type: Annotated[
+ str | None,
+ "Specify the agent type to filter the search. Options are AD, IWA, LDAP, MFA, OPP, RUM, or Radius.", # noqa: E501
+ ] = None,
+ pagination_cursor: Annotated[
+ str | None,
+ "An opaque string cursor for pagination, specifying current list position, obtained from the `Link` header.", # noqa: E501
+ ] = None,
+) -> Annotated[dict[str, Any], "Response from the API endpoint 'listAgentPools'."]:
+ """Lists all agent pools with pagination support.
+
+ Use this tool to retrieve a comprehensive list of agent pools, including support for pagination to manage large datasets.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/agentPools",
+ method="GET",
+ params=remove_none_values({
+ "limitPerPoolType": maximum_agent_pools,
+ "poolType": agent_pool_type,
+ "after": pagination_cursor,
+ }),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.agentPools.read"]))
+async def list_agent_pool_updates(
+ context: ToolContext,
+ agent_pool_id: Annotated[str, "ID of the agent pool to retrieve updates for."],
+ return_scheduled_or_adhoc: Annotated[
+ bool | None,
+ "Return only scheduled or ad-hoc updates if true. If false or not provided, returns the full list of updates.", # noqa: E501
+ ] = None,
+) -> Annotated[dict[str, Any], "Response from the API endpoint 'listAgentPoolsUpdates'."]:
+ """Retrieve all updates for a specific agent pool.
+
+ Use this tool to get a list of all updates related to a specific agent pool in Okta. It provides details on changes or modifications to the agent pool identified by the provided pool ID.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/agentPools/{poolId}/updates".format( # noqa: UP032
+ poolId=agent_pool_id
+ ),
+ method="GET",
+ params=remove_none_values({"scheduled": return_scheduled_or_adhoc}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.agentPools.read"]))
+async def get_agent_pool_update_settings(
+ context: ToolContext,
+ agent_pool_id: Annotated[
+ str, "The unique identifier of the agent pool to retrieve update settings for."
+ ],
+) -> Annotated[dict[str, Any], "Response from the API endpoint 'getAgentPoolsUpdateSettings'."]:
+ """Retrieve agent pool update settings information.
+
+ This tool retrieves the current state of the update instance settings for a specific agent pool. It should be called when there's a need to understand or verify the configuration of the update settings for a given pool.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/agentPools/{poolId}/updates/settings".format( # noqa: UP032
+ poolId=agent_pool_id
+ ),
+ method="GET",
+ params=remove_none_values({}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.agentPools.read"]))
+async def retrieve_agent_pool_update(
+ context: ToolContext,
+ agent_pool_id: Annotated[
+ str,
+ "The ID of the agent pool for which you want to retrieve update details. Provide a valid agent pool ID.", # noqa: E501
+ ],
+ update_id: Annotated[
+ str, "The identifier for the specific agent pool update to retrieve details for."
+ ],
+) -> Annotated[dict[str, Any], "Response from the API endpoint 'getAgentPoolsUpdateInstance'."]:
+ """Retrieve details of a specific agent pool update.
+
+ Use this tool to obtain information about a specific agent pool update using its `updateId`. This is useful for tracking update progress or verifying update configurations.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/agentPools/{poolId}/updates/{updateId}".format( # noqa: UP032
+ poolId=agent_pool_id, updateId=update_id
+ ),
+ method="GET",
+ params=remove_none_values({}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.agentPools.manage"]))
+async def delete_agent_pool_update(
+ context: ToolContext,
+ agent_pool_id: Annotated[str, "ID of the agent pool for which the settings apply."],
+ update_id: Annotated[
+ str,
+ "ID of the update to delete from the agent pool. This must be a valid string identifier.",
+ ],
+) -> Annotated[dict[str, Any], "Response from the API endpoint 'deleteAgentPoolsUpdate'."]:
+ """Delete a specific update from an agent pool.
+
+ Use this tool to remove a specific update from an agent pool by providing the necessary identifiers. It performs deletion of agent pool updates.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/agentPools/{poolId}/updates/{updateId}".format( # noqa: UP032
+ poolId=agent_pool_id, updateId=update_id
+ ),
+ method="DELETE",
+ params=remove_none_values({}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.agentPools.manage"]))
+async def activate_agent_pool_update(
+ context: ToolContext,
+ agent_pool_id: Annotated[
+ str,
+ "ID of the agent pool for which the settings apply to. This is required to specify which pool will have the update activated.", # noqa: E501
+ ],
+ update_id: Annotated[
+ str,
+ "The ID of the update to activate. This is required to initiate the update process for the specified agent pool.", # noqa: E501
+ ],
+) -> Annotated[dict[str, Any], "Response from the API endpoint 'activateAgentPoolsUpdate'."]:
+ """Activates a scheduled agent pool update.
+
+ Use this tool to activate an update for a specified agent pool that has been scheduled. Call when you need to confirm and commence the update process for agent pools in your system.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/agentPools/{poolId}/updates/{updateId}/activate".format( # noqa: UP032
+ poolId=agent_pool_id, updateId=update_id
+ ),
+ method="POST",
+ params=remove_none_values({}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.agentPools.manage"]))
+async def deactivate_agent_pool_update(
+ context: ToolContext,
+ agent_pool_id: Annotated[
+ str, "ID of the agent pool for which the deactivation settings apply."
+ ],
+ update_id: Annotated[str, "The unique ID of the scheduled update to deactivate."],
+) -> Annotated[dict[str, Any], "Response from the API endpoint 'deactivateAgentPoolsUpdate'."]:
+ """Deactivate a scheduled agent pool update.
+
+ Use this tool to deactivate a scheduled update for a specific agent pool in Okta. It should be called when you need to stop an update that is already scheduled but not yet executed.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/agentPools/{poolId}/updates/{updateId}/deactivate".format( # noqa: UP032
+ poolId=agent_pool_id, updateId=update_id
+ ),
+ method="POST",
+ params=remove_none_values({}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.agentPools.manage"]))
+async def pause_agent_pools_update(
+ context: ToolContext,
+ agent_pool_id: Annotated[
+ str,
+ "ID of the agent pool for which the update settings apply. Required to specify which pool's update is being paused.", # noqa: E501
+ ],
+ update_id: Annotated[
+ str,
+ "ID of the update to be paused. This is required to identify which specific update to stop within the agent pool.", # noqa: E501
+ ],
+) -> Annotated[dict[str, Any], "Response from the API endpoint 'pauseAgentPoolsUpdate'."]:
+ """Pause a running or queued agent pool update.
+
+ This tool pauses an ongoing or scheduled update for an agent pool, identified by poolId and updateId. Use it to temporarily halt updates you don't want to proceed immediately.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/agentPools/{poolId}/updates/{updateId}/pause".format( # noqa: UP032
+ poolId=agent_pool_id, updateId=update_id
+ ),
+ method="POST",
+ params=remove_none_values({}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.agentPools.manage"]))
+async def resume_agent_pool_update(
+ context: ToolContext,
+ agent_pool_id: Annotated[
+ str,
+ "The ID of the agent pool to resume update for. Required to specify which pool's update is being resumed.", # noqa: E501
+ ],
+ update_id: Annotated[
+ str, "The unique ID of the update to be resumed for the specified agent pool."
+ ],
+) -> Annotated[dict[str, Any], "Response from the API endpoint 'resumeAgentPoolsUpdate'."]:
+ """Resume a running or queued agent pool update.
+
+ Use this tool to resume an update for a specific agent pool that is either running or queued. This is useful when updates need to be restarted or continued after a pause.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/agentPools/{poolId}/updates/{updateId}/resume".format( # noqa: UP032
+ poolId=agent_pool_id, updateId=update_id
+ ),
+ method="POST",
+ params=remove_none_values({}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.agentPools.manage"]))
+async def retry_agent_pool_update(
+ context: ToolContext,
+ agent_pool_id: Annotated[str, "The ID of the agent pool to retry the update for."],
+ update_id: Annotated[str, "The unique ID of the agent pool update to retry."],
+) -> Annotated[dict[str, Any], "Response from the API endpoint 'retryAgentPoolsUpdate'."]:
+ """Retry an agent pool update after failure or interruption.
+
+ Use this tool to retry an agent pool update in Okta if the initial update fails or communication is interrupted during an auto-update process.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/agentPools/{poolId}/updates/{updateId}/retry".format( # noqa: UP032
+ poolId=agent_pool_id, updateId=update_id
+ ),
+ method="POST",
+ params=remove_none_values({}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.agentPools.manage"]))
+async def stop_agent_pool_update(
+ context: ToolContext,
+ agent_pool_id: Annotated[str, "ID of the agent pool to stop the update for."],
+ update_id: Annotated[str, "ID of the specific update to be stopped in the agent pool."],
+) -> Annotated[dict[str, Any], "Response from the API endpoint 'stopAgentPoolsUpdate'."]:
+ """Stops an agent pool update process.
+
+ Use this tool to stop an ongoing update for a specific agent pool in Okta. Ideal for halting updates when unexpected issues arise.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/agentPools/{poolId}/updates/{updateId}/stop".format( # noqa: UP032
+ poolId=agent_pool_id, updateId=update_id
+ ),
+ method="POST",
+ params=remove_none_values({}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.apiTokens.read"]))
+async def list_active_api_tokens(
+ context: ToolContext,
+) -> Annotated[dict[str, Any], "Response from the API endpoint 'listApiTokens'."]:
+ """Lists metadata of all active API tokens.
+
+ Use this tool to retrieve metadata of all active API tokens in the system."""
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/api-tokens",
+ method="GET",
+ params=remove_none_values({}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.apiTokens.read"]))
+async def retrieve_api_token_metadata(
+ context: ToolContext,
+ api_token_id: Annotated[
+ str, "The unique identifier for the API token to retrieve its metadata."
+ ],
+) -> Annotated[dict[str, Any], "Response from the API endpoint 'getApiToken'."]:
+ """Retrieve metadata for a specific API token.
+
+ This tool retrieves metadata for an active API token using the `apiTokenId`. It should be called when there's a need to understand the details or status of a specific API token.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/api-tokens/{apiTokenId}".format( # noqa: UP032
+ apiTokenId=api_token_id
+ ),
+ method="GET",
+ params=remove_none_values({}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.apiTokens.manage"]))
+async def revoke_api_token(
+ context: ToolContext,
+ api_token_id: Annotated[str, "The unique ID of the API token to revoke."],
+) -> Annotated[dict[str, Any], "Response from the API endpoint 'revokeApiToken'."]:
+ """Revoke an API token using its ID.
+
+ Use this tool to revoke an API token by providing its unique ID. It will disable the specified token, preventing any further access or operations using that token.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/api-tokens/{apiTokenId}".format( # noqa: UP032
+ apiTokenId=api_token_id
+ ),
+ method="DELETE",
+ params=remove_none_values({}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.apps.read"]))
+async def list_organization_applications(
+ context: ToolContext,
+ search_query: Annotated[
+ str | None,
+ "Search for applications with names or labels starting with this value using the `startsWith` operation.", # noqa: E501
+ ] = None,
+ pagination_cursor: Annotated[
+ str | None,
+ "Opaque string to fetch the next page of results. Obtained from the 'next' link.",
+ ] = None,
+ results_per_page: Annotated[
+ int | None, "Specifies the number of results per page for pagination."
+ ] = None,
+ filter_expression_for_applications: Annotated[
+ str | None,
+ "Filters applications using `status`, `user.id`, `group.id`, `credentials.signing.kid`, or `name` with `eq` operator.", # noqa: E501
+ ] = None,
+ expand_user_resources: Annotated[
+ str | None,
+ 'Embeds more resources in the response, supports `expand=user/{userId}`. Requires the `user.id eq "{userId}"` filter.', # noqa: E501
+ ] = None,
+ use_query_optimization: Annotated[
+ bool | None,
+ "Set to true to use query optimization, returning a subset of app instance properties.",
+ ] = None,
+ include_non_deleted_apps: Annotated[
+ bool | None, "Include non-active but not deleted apps in the results."
+ ] = None,
+) -> Annotated[dict[str, Any], "Response from the API endpoint 'listApplications'."]:
+ """Lists all applications in the organization with filters.
+
+ Use this tool to retrieve a list of all applications within the organization. Supports filtering and pagination to manage large sets of applications efficiently.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/apps",
+ method="GET",
+ params=remove_none_values({
+ "q": search_query,
+ "after": pagination_cursor,
+ "useOptimization": use_query_optimization,
+ "limit": results_per_page,
+ "filter": filter_expression_for_applications,
+ "expand": expand_user_resources,
+ "includeNonDeleted": include_non_deleted_apps,
+ }),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.apps.read"]))
+async def retrieve_okta_application(
+ context: ToolContext,
+ application_id: Annotated[str, "The unique identifier of the application in Okta."],
+ expand_user_info: Annotated[
+ str | None,
+ "Specifies if the details of a particular Application User should be returned in the response. Use the format `user/{userId}` to expand.", # noqa: E501
+ ] = None,
+) -> Annotated[dict[str, Any], "Response from the API endpoint 'getApplication'."]:
+ """Retrieves application details from Okta by ID.
+
+ Use this tool to get detailed information about a specific application in your Okta organization by providing the application's ID.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/apps/{appId}".format(appId=application_id), # noqa: UP032
+ method="GET",
+ params=remove_none_values({"expand": expand_user_info}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.apps.manage"]))
+async def delete_inactive_application(
+ context: ToolContext,
+ application_id: Annotated[
+ str,
+ "The unique identifier for the application to be deleted. This ID is required to specify which inactive application should be removed from Okta.", # noqa: E501
+ ],
+) -> Annotated[dict[str, Any], "Response from the API endpoint 'deleteApplication'."]:
+ """Delete an inactive application from the system.
+
+ This tool deletes an inactive application by providing its application ID. Call this tool when you need to permanently remove an inactive application from the Okta system.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/apps/{appId}".format(appId=application_id), # noqa: UP032
+ method="DELETE",
+ params=remove_none_values({}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.apps.read"]))
+async def get_default_provisioning_connection(
+ context: ToolContext,
+ application_id: Annotated[
+ str,
+ "Provide the unique Application ID to retrieve its default provisioning connection details.", # noqa: E501
+ ],
+) -> Annotated[
+ dict[str, Any],
+ "Response from the API endpoint 'getDefaultProvisioningConnectionForApplication'.",
+]:
+ """Retrieve the default provisioning connection for an app.
+
+ Call this tool to get details about the default provisioning connection associated with a specific application using its app ID. This is useful for understanding how an application is configured to provision resources or users.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/apps/{appId}/connections/default".format( # noqa: UP032
+ appId=application_id
+ ),
+ method="GET",
+ params=remove_none_values({}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.apps.manage"]))
+async def update_default_provisioning_connection(
+ context: ToolContext,
+ application_id: Annotated[
+ str,
+ "The unique identifier for the specific application whose provisioning connection is to be updated.", # noqa: E501
+ ],
+ request_body_data: Annotated[
+ dict[str, str],
+ "JSON object with data needed to update the provisioning connection. Ensure it includes necessary fields for the app.", # noqa: E501
+ ],
+ activate_provisioning_connection: Annotated[
+ bool | None,
+ "Set to true to activate the provisioning connection; false to keep it inactive.",
+ ] = None,
+) -> Annotated[
+ dict[str, Any],
+ "Response from the API endpoint 'updateDefaultProvisioningConnectionForApplication'.",
+]:
+ """Updates the default provisioning connection for an app.
+
+ Use this tool to update the default provisioning connection for a specific application in Okta. This is typically called when changes to app provisioning configurations are needed.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/apps/{appId}/connections/default".format( # noqa: UP032
+ appId=application_id
+ ),
+ method="POST",
+ params=remove_none_values({"activate": activate_provisioning_connection}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({"requestBody": request_body_data}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.apps.read"]))
+async def get_provisioning_connection_jwks(
+ context: ToolContext,
+ application_id: Annotated[
+ str, "The unique identifier of the application to retrieve its JWKS."
+ ],
+) -> Annotated[
+ dict[str, Any], "Response from the API endpoint 'getUserProvisioningConnectionJWKS'."
+]:
+ """Retrieve JWKS for an app's default provisioning connection.
+
+ Fetches the JSON Web Key Set (JWKS) for the default provisioning connection of a specified app. This is useful for OAuth 2.0 applications needing the `jwk_uri` property for integration in the target organization.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/apps/{appId}/connections/default/jwks".format( # noqa: UP032
+ appId=application_id
+ ),
+ method="GET",
+ params=remove_none_values({}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.apps.manage"]))
+async def activate_default_provisioning_connection(
+ context: ToolContext,
+ application_id: Annotated[
+ str,
+ "The unique identifier for the application to activate its default provisioning connection.", # noqa: E501
+ ],
+) -> Annotated[
+ dict[str, Any],
+ "Response from the API endpoint 'activateDefaultProvisioningConnectionForApplication'.",
+]:
+ """Activate the default provisioning connection for an app.
+
+ This tool activates the default provisioning connection for a specified application. It should be called when you need to enable the provisioning connection of an app managed in Okta.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/apps/{appId}/connections/default/lifecycle/activate".format( # noqa: UP032
+ appId=application_id
+ ),
+ method="POST",
+ params=remove_none_values({}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.apps.manage"]))
+async def deactivate_app_provisioning_connection(
+ context: ToolContext,
+ application_id: Annotated[
+ str,
+ "The unique identifier for the application whose provisioning connection you want to deactivate.", # noqa: E501
+ ],
+) -> Annotated[
+ dict[str, Any],
+ "Response from the API endpoint 'deactivateDefaultProvisioningConnectionForApplication'.",
+]:
+ """Deactivate an application's default provisioning connection.
+
+ Use this tool to deactivate the default provisioning connection for a specific application. It is useful when you need to disable automatic provisioning for app management.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/apps/{appId}/connections/default/lifecycle/deactivate".format( # noqa: UP032
+ appId=application_id
+ ),
+ method="POST",
+ params=remove_none_values({}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.apps.read"]))
+async def list_application_csrs(
+ context: ToolContext,
+ application_id: Annotated[str, "The unique identifier for the application to retrieve CSRs."],
+) -> Annotated[dict[str, Any], "Response from the API endpoint 'listCsrsForApplication'."]:
+ """Retrieve all Certificate Signing Requests for a specific application.
+
+ Use this tool to obtain a list of all Certificate Signing Requests (CSRs) associated with a specific application. This is helpful for managing or auditing CSRs within the Okta platform.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/apps/{appId}/credentials/csrs".format( # noqa: UP032
+ appId=application_id
+ ),
+ method="GET",
+ params=remove_none_values({}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.apps.read"]))
+async def retrieve_csr_for_app(
+ context: ToolContext,
+ application_id: Annotated[
+ str, "The unique identifier of the application for which to retrieve the CSR."
+ ],
+ certificate_signing_request_id: Annotated[
+ str, "The unique identifier of the Certificate Signing Request (CSR) to retrieve."
+ ],
+) -> Annotated[dict[str, Any], "Response from the API endpoint 'getCsrForApplication'."]:
+ """Retrieve a CSR for a specific application.
+
+ Use this tool to obtain a Certificate Signing Request (CSR) for a given application, identified by the CSR ID. The CSR can be returned as a Base64-encoded string or a JSON object, depending on the requested media type.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/apps/{appId}/credentials/csrs/{csrId}".format( # noqa: UP032
+ appId=application_id, csrId=certificate_signing_request_id
+ ),
+ method="GET",
+ params=remove_none_values({}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.apps.manage"]))
+async def revoke_csr_from_application(
+ context: ToolContext,
+ application_id: Annotated[
+ str, "The ID of the application from which to revoke the CSR and delete the key pair."
+ ],
+ csr_id: Annotated[str, "The unique ID of the Certificate Signing Request to revoke."],
+) -> Annotated[dict[str, Any], "Response from the API endpoint 'revokeCsrFromApplication'."]:
+ """Revoke a CSR and delete its key pair from an app.
+
+ Use this tool to revoke a Certificate Signing Request and delete the associated key pair from a specified application. This is useful for managing certificate credentials within applications.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/apps/{appId}/credentials/csrs/{csrId}".format( # noqa: UP032
+ appId=application_id, csrId=csr_id
+ ),
+ method="DELETE",
+ params=remove_none_values({}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.apps.manage"]))
+async def publish_certificate(
+ context: ToolContext,
+ application_id: Annotated[
+ str, "Unique identifier for the application to which the CSR belongs."
+ ],
+ csr_id: Annotated[
+ str, "The ID of the Certificate Signing Request (CSR) to publish for the application."
+ ],
+ certificate_content: Annotated[
+ str, "The signed X.509 certificate content to be published for the CSR."
+ ],
+ certificate_data: Annotated[
+ str, "The signed X.509 certificate content in PEM format to be published with the CSR."
+ ],
+ signed_certificate: Annotated[
+ str, "The signed X.509 certificate content to be published for the application CSR."
+ ],
+) -> Annotated[dict[str, Any], "Response from the API endpoint 'publishCsrFromApplication'."]:
+ """Publish a signed certificate for an application's CSR.
+
+ Use this tool to publish a Certificate Signing Request (CSR) for an application by attaching a signed X.509 certificate. This completes the CSR's lifecycle, making it inaccessible afterwards.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/apps/{appId}/credentials/csrs/{csrId}/lifecycle/publish".format( # noqa: UP032
+ appId=application_id, csrId=csr_id
+ ),
+ method="POST",
+ params=remove_none_values({}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({"requestBody": signed_certificate}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.apps.read"]))
+async def list_oauth_jwks(
+ context: ToolContext,
+ application_id: Annotated[
+ str,
+ "The ID of the OAuth 2.0 client application for which to list JSON Web Keys. This is required to identify the specific application's keys.", # noqa: E501
+ ],
+) -> Annotated[dict[str, Any], "Response from the API endpoint 'listJwk'."]:
+ """Retrieve JSON Web Keys for an OAuth 2.0 client app.
+
+ Use this tool to fetch all JSON Web Keys associated with a specific OAuth 2.0 client application. This is essential for managing or inspecting the keys used in the app's OAuth security setup.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/apps/{appId}/credentials/jwks".format( # noqa: UP032
+ appId=application_id
+ ),
+ method="GET",
+ params=remove_none_values({}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.apps.read"]))
+async def retrieve_oauth_client_jwk(
+ context: ToolContext,
+ application_id: Annotated[
+ str,
+ "The unique ID of the application. Used to identify which application's OAuth 2.0 Client JSON Web Key to retrieve.", # noqa: E501
+ ],
+ key_id: Annotated[
+ str, "Unique ID of the Custom Authorization Server JSON Web Key for OAuth 2.0 clients."
+ ],
+) -> Annotated[dict[str, Any], "Response from the API endpoint 'getJwk'."]:
+ """Retrieve an OAuth 2.0 Client JSON Web Key by keyId.
+
+ Use this tool to obtain the JSON Web Key associated with a specific OAuth 2.0 client using the provided keyId. Useful for verifying signatures and encrypting/un-decrypting data.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/apps/{appId}/credentials/jwks/{keyId}".format( # noqa: UP032
+ appId=application_id, keyId=key_id
+ ),
+ method="GET",
+ params=remove_none_values({}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.apps.manage"]))
+async def delete_inactive_oauth2_client_jwk(
+ context: ToolContext,
+ application_id: Annotated[
+ str, "The ID of the application for which the OAuth 2.0 client JWK should be deleted."
+ ],
+ oauth2_client_jwk_id: Annotated[
+ str, "Unique `id` of the Custom Authorization Server JSON Web Key to be deleted."
+ ],
+) -> Annotated[dict[str, Any], "Response from the API endpoint 'deletejwk'."]:
+ """Delete an inactive OAuth 2.0 Client JSON Web Key.
+
+ Use this tool to delete an inactive JSON Web Key (JWK) for an OAuth 2.0 client by specifying the key ID. It ensures that only inactive keys can be removed.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/apps/{appId}/credentials/jwks/{keyId}".format( # noqa: UP032
+ appId=application_id, keyId=oauth2_client_jwk_id
+ ),
+ method="DELETE",
+ params=remove_none_values({}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.apps.manage"]))
+async def activate_oauth_client_key(
+ context: ToolContext,
+ application_id: Annotated[
+ str,
+ "The unique identifier for the application. It specifies which application's JSON Web Key to activate.", # noqa: E501
+ ],
+ key_id: Annotated[
+ str, "Unique ID of the Custom Authorization Server JSON Web Key to activate."
+ ],
+) -> Annotated[dict[str, Any], "Response from the API endpoint 'activateOAuth2ClientJsonWebKey'."]:
+ """Activate an OAuth 2.0 Client JSON Web Key using its key ID.
+
+ Use this tool to activate an OAuth 2.0 Client JSON Web Key for a specific application. Note: Only one encryption key can be active at a time. Activating a new key will deactivate the current active key.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/apps/{appId}/credentials/jwks/{keyId}/lifecycle/activate".format( # noqa: UP032
+ appId=application_id, keyId=key_id
+ ),
+ method="POST",
+ params=remove_none_values({}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.apps.manage"]))
+async def deactivate_oauth2_client_key(
+ context: ToolContext,
+ application_id: Annotated[
+ str,
+ "The ID of the application for which the OAuth 2.0 Client JSON Web Key should be deactivated.", # noqa: E501
+ ],
+ key_id: Annotated[
+ str, "Unique ID of the Custom Authorization Server JSON Web Key for deactivation."
+ ],
+) -> Annotated[
+ dict[str, Any], "Response from the API endpoint 'deactivateOAuth2ClientJsonWebKey'."
+]:
+ """Deactivate an OAuth 2.0 Client JSON Web Key by key ID.
+
+ Use this tool to deactivate a specific OAuth 2.0 Client JSON Web Key using its key ID. Note: Only signing keys can be deactivated, and active encryption keys cannot be deactivated if ID token encryption is enabled.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/apps/{appId}/credentials/jwks/{keyId}/lifecycle/deactivate".format( # noqa: UP032
+ appId=application_id, keyId=key_id
+ ),
+ method="POST",
+ params=remove_none_values({}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.apps.read"]))
+async def list_app_keys(
+ context: ToolContext,
+ application_id: Annotated[
+ str, "The unique identifier for the application. Required to retrieve key credentials."
+ ],
+) -> Annotated[dict[str, Any], "Response from the API endpoint 'listApplicationKeys'."]:
+ """Retrieve all key credentials for a specific app.
+
+ Call this tool to obtain all key credentials associated with a specific application in Okta. Useful for managing or auditing application key data.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/apps/{appId}/credentials/keys".format( # noqa: UP032
+ appId=application_id
+ ),
+ method="GET",
+ params=remove_none_values({}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.apps.manage"]))
+async def generate_app_key_certificate(
+ context: ToolContext,
+ certificate_validity_years: Annotated[
+ int, "The number of years until the X.509 certificate for the application key expires."
+ ],
+ application_id: Annotated[
+ str,
+ "The unique identifier of the application for which the certificate is being generated.",
+ ],
+) -> Annotated[dict[str, Any], "Response from the API endpoint 'generateApplicationKey'."]:
+ """Generate a new X.509 certificate for an app key.
+
+ This tool generates a new X.509 certificate for an application's key credential. Use it to update an application's signing credentials with the newly generated key.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/apps/{appId}/credentials/keys/generate".format( # noqa: UP032
+ appId=application_id
+ ),
+ method="POST",
+ params=remove_none_values({"validityYears": certificate_validity_years}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.apps.read"]))
+async def retrieve_application_key(
+ context: ToolContext,
+ application_id: Annotated[
+ str,
+ "The unique identifier for the application in Okta. Required to retrieve a key credential.",
+ ],
+ key_credential_id: Annotated[
+ str,
+ "The unique identifier of the Key Credential for the application. Used to specify which key to retrieve.", # noqa: E501
+ ],
+) -> Annotated[dict[str, Any], "Response from the API endpoint 'getApplicationKey'."]:
+ """Retrieve a specific application key credential.
+
+ Use this tool to retrieve a specific application key credential by its key ID ('kid') for a particular application in Okta.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/apps/{appId}/credentials/keys/{keyId}".format( # noqa: UP032
+ appId=application_id, keyId=key_credential_id
+ ),
+ method="GET",
+ params=remove_none_values({}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.apps.manage"]))
+async def clone_okta_application_key(
+ context: ToolContext,
+ target_application_key: Annotated[
+ str, "Unique key of the target application for cloning the X.509 certificate."
+ ],
+ source_application_id: Annotated[
+ str, "The ID of the source application from which the X.509 certificate will be cloned."
+ ],
+ key_credential_id: Annotated[str, "ID of the Key Credential for the application to clone."],
+) -> Annotated[dict[str, Any], "Response from the API endpoint 'cloneApplicationKey'."]:
+ """Clone X.509 certificate between Okta applications.
+
+ This tool clones an X.509 certificate from a source application to a target application within Okta. It should be called when you need to share application key credentials across different applications. Note that sharing certificates is not a recommended security practice.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/apps/{appId}/credentials/keys/{keyId}/clone".format( # noqa: UP032
+ appId=source_application_id, keyId=key_credential_id
+ ),
+ method="POST",
+ params=remove_none_values({"targetAid": target_application_key}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.apps.read"]))
+async def list_oauth2_client_secrets(
+ context: ToolContext,
+ application_id: Annotated[
+ str, "The ID of the OAuth 2.0 client application for which to list client secrets."
+ ],
+) -> Annotated[dict[str, Any], "Response from the API endpoint 'listOAuth2ClientSecrets'."]:
+ """List all client secrets for an OAuth 2.0 client app.
+
+ Use this tool to retrieve all client secrets associated with a specific OAuth 2.0 client application. It should be called when you need to access or manage the secrets for an app.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/apps/{appId}/credentials/secrets".format( # noqa: UP032
+ appId=application_id
+ ),
+ method="GET",
+ params=remove_none_values({}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.apps.read"]))
+async def retrieve_oauth2_client_secret(
+ context: ToolContext,
+ application_id: Annotated[
+ str, "The unique identifier for the application to retrieve the client secret for."
+ ],
+ oauth_client_secret_id: Annotated[
+ str, "The unique identifier for the OAuth 2.0 client secret you want to retrieve."
+ ],
+) -> Annotated[dict[str, Any], "Response from the API endpoint 'getOAuth2ClientSecret'."]:
+ """Retrieve an OAuth 2.0 client secret by secret ID.
+
+ This tool is used to retrieve the details of an OAuth 2.0 client secret using its secret ID and app ID. It should be called when you need information about a specific OAuth client secret for an application.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/apps/{appId}/credentials/secrets/{secretId}".format( # noqa: UP032
+ appId=application_id, secretId=oauth_client_secret_id
+ ),
+ method="GET",
+ params=remove_none_values({}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.apps.manage"]))
+async def delete_oauth_client_secret(
+ context: ToolContext,
+ application_id: Annotated[
+ str,
+ "The ID of the application for which the OAuth 2.0 client secret will be deleted. Must be a valid string.", # noqa: E501
+ ],
+ oauth_client_secret_id: Annotated[
+ str,
+ "The unique ID of the OAuth 2.0 client secret to be deleted. Ensure the secret is inactive before deletion.", # noqa: E501
+ ],
+) -> Annotated[dict[str, Any], "Response from the API endpoint 'deleteOAuth2ClientSecret'."]:
+ """Delete an inactive OAuth 2.0 client secret.
+
+ Use this tool to delete an inactive OAuth 2.0 client secret by specifying the secret ID. Call this when you need to remove credentials that are no longer in use.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/apps/{appId}/credentials/secrets/{secretId}".format( # noqa: UP032
+ appId=application_id, secretId=oauth_client_secret_id
+ ),
+ method="DELETE",
+ params=remove_none_values({}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.apps.manage"]))
+async def activate_oauth2_client_secret(
+ context: ToolContext,
+ application_id: Annotated[
+ str,
+ "The unique identifier for the application whose OAuth 2.0 Client Secret you want to activate.", # noqa: E501
+ ],
+ oauth2_client_secret_id: Annotated[
+ str, "The unique identifier for the OAuth 2.0 Client Secret to be activated."
+ ],
+) -> Annotated[dict[str, Any], "Response from the API endpoint 'activateOAuth2ClientSecret'."]:
+ """Activates an OAuth 2.0 Client Secret for an app.
+
+ Use this tool to activate a specific OAuth 2.0 Client Secret using the `secretId` for a designated application.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/apps/{appId}/credentials/secrets/{secretId}/lifecycle/activate".format( # noqa: UP032
+ appId=application_id, secretId=oauth2_client_secret_id
+ ),
+ method="POST",
+ params=remove_none_values({}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.apps.manage"]))
+async def deactivate_oauth2_client_secret(
+ context: ToolContext,
+ application_id: Annotated[
+ str,
+ "The ID of the application for which the OAuth 2.0 client secret should be deactivated.",
+ ],
+ oauth2_client_secret_id: Annotated[
+ str, "Unique identifier for the OAuth 2.0 client secret to deactivate."
+ ],
+) -> Annotated[dict[str, Any], "Response from the API endpoint 'deactivateOAuth2ClientSecret'."]:
+ """Deactivate an OAuth 2.0 client secret for a specific app.
+
+ This tool deactivates an OAuth 2.0 client secret specified by `secretId` for a given app (`appId`). It cannot deactivate a secret if it is the only secret of the client.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/apps/{appId}/credentials/secrets/{secretId}/lifecycle/deactivate".format( # noqa: UP032
+ appId=application_id, secretId=oauth2_client_secret_id
+ ),
+ method="POST",
+ params=remove_none_values({}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.apps.read"]))
+async def get_cross_app_access_connections(
+ context: ToolContext,
+ application_id: Annotated[
+ str,
+ "The unique identifier of the application for which Cross App Access connections are retrieved.", # noqa: E501
+ ],
+ pagination_cursor: Annotated[
+ str | None,
+ "Specifies the pagination cursor for retrieving the next page of connection results.",
+ ] = None,
+ results_per_page: Annotated[
+ int | None,
+ "Number of results per page: -1 for all results, 0 for empty, or a positive integer for specific count.", # noqa: E501
+ ] = None,
+) -> Annotated[dict[str, Any], "Response from the API endpoint 'getAllCrossAppAccessConnections'."]:
+ """Retrieve Cross App Access connections for a specified app.
+
+ Use this tool to obtain information about inbound and outbound Cross App Access connections linked to a specific application. It provides the necessary details about the connections associated with the app.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/apps/{appId}/cwo/connections".format( # noqa: UP032
+ appId=application_id
+ ),
+ method="GET",
+ params=remove_none_values({"after": pagination_cursor, "limit": results_per_page}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.apps.read"]))
+async def retrieve_cross_app_access_connection(
+ context: ToolContext,
+ application_id: Annotated[
+ str,
+ "The unique ID of the application for which to retrieve the cross app access connection.",
+ ],
+ connection_id: Annotated[
+ str, "The unique identifier for the Cross App Access connection you want to retrieve."
+ ],
+) -> Annotated[dict[str, Any], "Response from the API endpoint 'getCrossAppAccessConnection'."]:
+ """Retrieve details of a Cross App Access connection by ID.
+
+ Use this tool to fetch information about a specific Cross App Access connection using the app and connection IDs.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/apps/{appId}/cwo/connections/{connectionId}".format( # noqa: UP032
+ appId=application_id, connectionId=connection_id
+ ),
+ method="GET",
+ params=remove_none_values({}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.apps.manage"]))
+async def delete_cross_app_access_connection(
+ context: ToolContext,
+ application_id: Annotated[
+ str,
+ "The ID of the application for which the Cross App Access connection needs to be deleted.",
+ ],
+ connection_id: Annotated[
+ str,
+ "The ID of the Cross App Access connection to delete. This ID is required for identifying which connection to remove.", # noqa: E501
+ ],
+) -> Annotated[dict[str, Any], "Response from the API endpoint 'deleteCrossAppAccessConnection'."]:
+ """Deletes a specified Cross App Access connection.
+
+ Use this tool to delete a Cross App Access connection for a specified app and connection ID within Okta.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/apps/{appId}/cwo/connections/{connectionId}".format( # noqa: UP032
+ appId=application_id, connectionId=connection_id
+ ),
+ method="DELETE",
+ params=remove_none_values({}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.apps.read"]))
+async def list_application_features(
+ context: ToolContext,
+ application_id: Annotated[
+ str,
+ "The unique identifier for the application whose features are to be listed. Required for retrieving feature details.", # noqa: E501
+ ],
+) -> Annotated[dict[str, Any], "Response from the API endpoint 'listFeaturesForApplication'."]:
+ """Retrieve all features for a specific app.
+
+ Use this tool to list all features associated with a specific application. Note that it will return an error if provisioning isn't enabled for the app.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/apps/{appId}/features".format(appId=application_id), # noqa: UP032
+ method="GET",
+ params=remove_none_values({}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.apps.read"]))
+async def retrieve_app_feature(
+ context: ToolContext,
+ application_id: Annotated[
+ str, "The unique ID of the application for which the feature should be retrieved."
+ ],
+ feature_name: Annotated[
+ str,
+ "Specify the feature name to retrieve. Options are 'USER_PROVISIONING' or 'INBOUND_PROVISIONING'.", # noqa: E501
+ ],
+) -> Annotated[dict[str, Any], "Response from the API endpoint 'getFeatureForApplication'."]:
+ """Retrieve a feature for a specific application.
+
+ Use this tool to get detailed information about a specific feature in an application by providing the app ID and feature name. It helps in understanding the feature's status and properties for a given app.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/apps/{appId}/features/{featureName}".format( # noqa: UP032
+ appId=application_id, featureName=feature_name
+ ),
+ method="GET",
+ params=remove_none_values({}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.apps.read"]))
+async def list_federated_claims(
+ context: ToolContext,
+ application_id: Annotated[str, "The ID of the application for which to list federated claims."],
+) -> Annotated[dict[str, Any], "Response from the API endpoint 'listFederatedClaims'."]:
+ """Retrieve all federated claims for a specified app.
+
+ This tool retrieves all federated claims associated with a specific app. It should be called when you need to list or review federated claims for application management or auditing purposes.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/apps/{appId}/federated-claims".format( # noqa: UP032
+ appId=application_id
+ ),
+ method="GET",
+ params=remove_none_values({}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.apps.read"]))
+async def retrieve_federated_claim(
+ context: ToolContext,
+ application_id: Annotated[
+ str,
+ "The ID of the application for which the federated claim is retrieved. Required to specify which application the claim is associated with.", # noqa: E501
+ ],
+ federated_claim_id: Annotated[
+ str, "The unique ID of the federated claim to retrieve details for."
+ ],
+) -> Annotated[dict[str, Any], "Response from the API endpoint 'getFederatedClaim'."]:
+ """Retrieve a federated claim by its ID.
+
+ Use this tool to retrieve details of a federated claim by providing the specific claim ID and application ID. This is useful for obtaining information about a particular federated identity claim in an Okta application.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/apps/{appId}/federated-claims/{claimId}".format( # noqa: UP032
+ appId=application_id, claimId=federated_claim_id
+ ),
+ method="GET",
+ params=remove_none_values({}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.apps.manage"]))
+async def delete_federated_claim(
+ context: ToolContext,
+ application_id: Annotated[
+ str, "The ID of the application associated with the federated claim to be deleted."
+ ],
+ federated_claim_id: Annotated[str, "The unique ID of the federated claim to be deleted."],
+) -> Annotated[dict[str, Any], "Response from the API endpoint 'deleteFederatedClaim'."]:
+ """Deletes a specific federated claim by its ID.
+
+ This tool removes a federated claim given the specific claim ID. It should be used when there's a need to delete a federated claim associated with an application in Okta.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/apps/{appId}/federated-claims/{claimId}".format( # noqa: UP032
+ appId=application_id, claimId=federated_claim_id
+ ),
+ method="DELETE",
+ params=remove_none_values({}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.appGrants.read"]))
+async def list_app_scope_consent_grants(
+ context: ToolContext,
+ application_id: Annotated[
+ str,
+ "The unique identifier of the application for which you want to list scope consent grants.",
+ ],
+ include_scope_details: Annotated[
+ str | None,
+ "Set to `scope` to include scope details in the `_embedded` property. This is optional.",
+ ] = None,
+) -> Annotated[dict[str, Any], "Response from the API endpoint 'listScopeConsentGrants'."]:
+ """Lists all scope consent grants for a specific app.
+
+ Use this tool to retrieve all scope consent grants associated with a specific application in Okta. It should be called when you need to understand which grants have been issued for an app.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/apps/{appId}/grants".format(appId=application_id), # noqa: UP032
+ method="GET",
+ params=remove_none_values({"expand": include_scope_details}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.appGrants.read"]))
+async def retrieve_scope_consent_grant(
+ context: ToolContext,
+ application_id: Annotated[
+ str,
+ "The unique identifier for the application. Used to specify which application's scope consent grant to retrieve.", # noqa: E501
+ ],
+ grant_id: Annotated[
+ str,
+ "The unique identifier for the grant to retrieve details for the specific scope consent grant.", # noqa: E501
+ ],
+ include_scope_details: Annotated[
+ str | None, "Set to 'scope' to include scope details in the `_embedded` property."
+ ] = None,
+) -> Annotated[dict[str, Any], "Response from the API endpoint 'getScopeConsentGrant'."]:
+ """Retrieve a single scope consent grant for an app.
+
+ Use this tool to get details of a specific scope consent grant object for a given application, using app and grant identifiers.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/apps/{appId}/grants/{grantId}".format( # noqa: UP032
+ appId=application_id, grantId=grant_id
+ ),
+ method="GET",
+ params=remove_none_values({"expand": include_scope_details}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.appGrants.manage"]))
+async def revoke_app_scope_consent(
+ context: ToolContext,
+ application_id: Annotated[
+ str, "The unique identifier for the application whose scope consent is being revoked."
+ ],
+ grant_id: Annotated[
+ str,
+ "The ID of the grant to be revoked. This identifies the specific permission grant associated with the app.", # noqa: E501
+ ],
+) -> Annotated[dict[str, Any], "Response from the API endpoint 'revokeScopeConsentGrant'."]:
+ """Revoke an app's permission for a specific scope grant.
+
+ Use this tool to revoke the permission of an application to use a specific scope. This is useful for managing app permissions and ensuring security by withdrawing unnecessary or outdated consents.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/apps/{appId}/grants/{grantId}".format( # noqa: UP032
+ appId=application_id, grantId=grant_id
+ ),
+ method="DELETE",
+ params=remove_none_values({}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.groups.read", "okta.apps.read"]))
+async def list_group_push_mappings(
+ context: ToolContext,
+ application_id: Annotated[str, "The ID of the application to filter group push mappings for."],
+ pagination_cursor: Annotated[
+ str | None,
+ "Specifies the pagination cursor for retrieving the next page of group push mappings.",
+ ] = None,
+ results_limit: Annotated[
+ int | None,
+ "Specifies the number of group push mappings to return in the response. Useful for pagination to limit the number of items retrieved per request.", # noqa: E501
+ ] = None,
+ filter_by_last_updated_date: Annotated[
+ str | None,
+ "Filters mappings updated on or after the specified date and time in UTC. Use `YYYY-MM-DDTHH:mm:ssZ` format.", # noqa: E501
+ ] = None,
+ source_group_id: Annotated[
+ str | None,
+ "Filters group push mappings by source group ID. When omitted, returns all mappings.",
+ ] = None,
+ filter_by_status: Annotated[
+ str | None,
+ "Filters group push mappings by status. Valid options include 'ACTIVE', 'ERROR', 'INACTIVE'. If omitted, all statuses are included.", # noqa: E501
+ ] = None,
+) -> Annotated[dict[str, Any], "Response from the API endpoint 'listGroupPushMappings'."]:
+ """Retrieve a list of group push mappings for a specific app.
+
+ This tool is used to list all group push mappings for a specific app, identified by the app ID, with support for pagination if there are many mappings.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/apps/{appId}/group-push/mappings".format( # noqa: UP032
+ appId=application_id
+ ),
+ method="GET",
+ params=remove_none_values({
+ "after": pagination_cursor,
+ "limit": results_limit,
+ "lastUpdated": filter_by_last_updated_date,
+ "sourceGroupId": source_group_id,
+ "status": filter_by_status,
+ }),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.groups.read", "okta.apps.read"]))
+async def retrieve_group_push_mapping(
+ context: ToolContext,
+ application_id: Annotated[
+ str, "The ID of the application. This is required to retrieve the group push mapping."
+ ],
+ group_push_mapping_id: Annotated[str, "The ID of the group push mapping to retrieve."],
+) -> Annotated[dict[str, Any], "Response from the API endpoint 'getGroupPushMapping'."]:
+ """Retrieve a group push mapping by ID.
+
+ Use this tool to get details of a specific group push mapping by providing the application and mapping IDs.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/apps/{appId}/group-push/mappings/{mappingId}".format( # noqa: UP032
+ appId=application_id, mappingId=group_push_mapping_id
+ ),
+ method="GET",
+ params=remove_none_values({}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.groups.manage", "okta.apps.manage"]))
+async def delete_inactive_group_push_mapping(
+ context: ToolContext,
+ application_id: Annotated[
+ str, "The unique identifier for the application associated with the group push mapping."
+ ],
+ group_push_mapping_id: Annotated[
+ str, "ID of the group push mapping to be deleted. Must be in an 'INACTIVE' state."
+ ],
+ delete_target_group: Annotated[
+ bool,
+ "Set to `true` to delete the target group; `false` to retain it. Controls whether the target group is also deleted.", # noqa: E501
+ ],
+) -> Annotated[dict[str, Any], "Response from the API endpoint 'deleteGroupPushMapping'."]:
+ """Delete an inactive group push mapping.
+
+ Use this tool to delete a specific group push mapping that is in an 'INACTIVE' state. This is useful for managing and maintaining group configurations within an application.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/apps/{appId}/group-push/mappings/{mappingId}".format( # noqa: UP032
+ appId=application_id, mappingId=group_push_mapping_id
+ ),
+ method="DELETE",
+ params=remove_none_values({"deleteTargetGroup": delete_target_group}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.apps.read"]))
+async def list_app_group_assignments(
+ context: ToolContext,
+ application_id: Annotated[
+ str,
+ "The unique identifier for the application. Use this to specify which application's group assignments to list.", # noqa: E501
+ ],
+ group_name_starts_with_filter: Annotated[
+ str | None,
+ "A filter to match group names that start with the specified string for assigned groups.",
+ ] = None,
+ pagination_cursor: Annotated[
+ str | None,
+ "Specifies the pagination cursor for the next page of results. Use the value from the 'next' link in the Link header.", # noqa: E501
+ ] = None,
+ results_per_page: Annotated[
+ int | None,
+ "Specifies the number of objects to return per page. Supports pagination by using the `next` link for additional pages.", # noqa: E501
+ ] = None,
+ return_assigned_group_or_metadata: Annotated[
+ str | None,
+ "Optional query to return the assigned group or assignment metadata in the `_embedded` property.", # noqa: E501
+ ] = None,
+) -> Annotated[dict[str, Any], "Response from the API endpoint 'listApplicationGroupAssignments'."]:
+ """List all group assignments for a specific application.
+
+ Use this tool to retrieve a list of app group assignments for a given application by specifying the app ID.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/apps/{appId}/groups".format(appId=application_id), # noqa: UP032
+ method="GET",
+ params=remove_none_values({
+ "q": group_name_starts_with_filter,
+ "after": pagination_cursor,
+ "limit": results_per_page,
+ "expand": return_assigned_group_or_metadata,
+ }),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.apps.read"]))
+async def retrieve_app_group_assignment(
+ context: ToolContext,
+ application_id: Annotated[
+ str, "The unique identifier of the application to retrieve group assignment details."
+ ],
+ group_id: Annotated[str, "The unique identifier for the group to retrieve assignment details."],
+ include_assigned_group_details: Annotated[
+ str | None,
+ "Specifies whether to include assigned group or assignment metadata details in the `_embedded` property.", # noqa: E501
+ ] = None,
+) -> Annotated[dict[str, Any], "Response from the API endpoint 'getApplicationGroupAssignment'."]:
+ """Retrieve details of an app group assignment from Okta.
+
+ Use this tool to get information about a specific application group assignment within Okta. It requires the application ID and group ID to retrieve the relevant details.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/apps/{appId}/groups/{groupId}".format( # noqa: UP032
+ appId=application_id, groupId=group_id
+ ),
+ method="GET",
+ params=remove_none_values({"expand": include_assigned_group_details}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.apps.manage"]))
+async def unassign_group_from_app(
+ context: ToolContext,
+ application_id: Annotated[
+ str, "The unique identifier of the application to unassign the group from."
+ ],
+ group_id: Annotated[
+ str, "The unique identifier for the group to be unassigned from the application."
+ ],
+) -> Annotated[dict[str, Any], "Response from the API endpoint 'unassignApplicationFromGroup'."]:
+ """Unassign a group from a specific application.
+
+ Use this tool to remove the association between a group and an application in Okta. It should be called when you need to revoke a group's access to a specific app.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/apps/{appId}/groups/{groupId}".format( # noqa: UP032
+ appId=application_id, groupId=group_id
+ ),
+ method="DELETE",
+ params=remove_none_values({}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.apps.manage"]))
+async def activate_inactive_application(
+ context: ToolContext,
+ application_id: Annotated[
+ str,
+ "The unique identifier of the application to be activated. This ID is required to specify which inactive application should be activated in the Okta system.", # noqa: E501
+ ],
+) -> Annotated[dict[str, Any], "Response from the API endpoint 'activateApplication'."]:
+ """Activate an inactive application in Okta.
+
+ This tool activates an inactive application in the Okta system. It should be used when you need to enable an application that was previously inactive, using the application's ID.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/apps/{appId}/lifecycle/activate".format( # noqa: UP032
+ appId=application_id
+ ),
+ method="POST",
+ params=remove_none_values({}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.apps.manage"]))
+async def deactivate_application(
+ context: ToolContext,
+ application_id: Annotated[str, "The unique identifier for the application to be deactivated."],
+) -> Annotated[dict[str, Any], "Response from the API endpoint 'deactivateApplication'."]:
+ """Deactivate an active application in Okta.
+
+ This tool deactivates an active application in Okta, triggering a reconciliation process that removes all user assignments to the app. Useful for managing application lifecycle and user access control.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/apps/{appId}/lifecycle/deactivate".format( # noqa: UP032
+ appId=application_id
+ ),
+ method="POST",
+ params=remove_none_values({}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.apps.manage"]))
+async def assign_app_to_policy(
+ context: ToolContext,
+ application_id: Annotated[
+ str,
+ "The unique identifier for the application to be assigned to the authentication policy.",
+ ],
+ policy_id: Annotated[
+ str,
+ "The ID of the authentication policy to assign the application to. This replaces any previous policy assignments.", # noqa: E501
+ ],
+) -> Annotated[dict[str, Any], "Response from the API endpoint 'assignApplicationPolicy'."]:
+ """Assign an app to a specified authentication policy.
+
+ Use this tool to assign an application to a specific authentication policy in Okta, replacing any previous assignments. Note that if authentication policies are being merged, this operation may be temporarily unavailable.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/apps/{appId}/policies/{policyId}".format( # noqa: UP032
+ appId=application_id, policyId=policy_id
+ ),
+ method="PUT",
+ params=remove_none_values({}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.apps.read"]))
+async def preview_saml_metadata(
+ context: ToolContext,
+ key_identifier: Annotated[str, "The Key Identifier (kid) used in the SAML metadata request."],
+ application_id: Annotated[
+ str,
+ "The ID of the application for which to preview the SSO SAML metadata. This is required to specify which application's metadata to retrieve.", # noqa: E501
+ ],
+) -> Annotated[
+ dict[str, Any], "Response from the API endpoint 'previewSAMLmetadataForApplication'."
+]:
+ """Preview SSO SAML metadata for a specific application.
+
+ This tool retrieves the SSO SAML metadata for a given application using its appId. It should be called when you need to preview or validate the SAML settings for an application.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/apps/{appId}/sso/saml/metadata".format( # noqa: UP032
+ appId=application_id
+ ),
+ method="GET",
+ params=remove_none_values({"kid": key_identifier}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.apps.read"]))
+async def list_refresh_tokens_for_app(
+ context: ToolContext,
+ application_id: Annotated[
+ str, "The unique identifier for the application to retrieve refresh tokens."
+ ],
+ include_scope_details: Annotated[
+ str | None, "Set to 'scope' to include scope details in the response (_embedded property)."
+ ] = None,
+ pagination_cursor: Annotated[
+ str | None,
+ "Pagination cursor for retrieving the next page of results. Use the opaque value from the next link.", # noqa: E501
+ ] = None,
+ max_tokens_to_return: Annotated[
+ int | None, "Sets the maximum number of refresh tokens to retrieve for the application."
+ ] = None,
+) -> Annotated[dict[str, Any], "Response from the API endpoint 'listOAuth2TokensForApplication'."]:
+ """Retrieve all refresh tokens for a specific app in Okta.
+
+ Use this tool to get a list of all OAuth2 refresh tokens associated with a specified application in Okta. Useful for managing and auditing app tokens.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/apps/{appId}/tokens".format(appId=application_id), # noqa: UP032
+ method="GET",
+ params=remove_none_values({
+ "expand": include_scope_details,
+ "after": pagination_cursor,
+ "limit": max_tokens_to_return,
+ }),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.apps.manage"]))
+async def revoke_oauth2_tokens_app(
+ context: ToolContext,
+ application_id: Annotated[
+ str, "The unique identifier for the application whose OAuth 2.0 tokens are to be revoked."
+ ],
+) -> Annotated[
+ dict[str, Any], "Response from the API endpoint 'revokeOAuth2TokensForApplication'."
+]:
+ """Revoke all OAuth 2.0 tokens for a specific app.
+
+ Use this tool to revoke all OAuth 2.0 refresh tokens and associated access tokens for a given application. It does not affect access tokens issued without a refresh token.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/apps/{appId}/tokens".format(appId=application_id), # noqa: UP032
+ method="DELETE",
+ params=remove_none_values({}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.apps.read"]))
+async def retrieve_oauth2_token(
+ context: ToolContext,
+ application_id: Annotated[
+ str, "The ID of the application for which you wish to retrieve the refresh token."
+ ],
+ token_id: Annotated[str, "The `id` of the token for which a refresh token is to be retrieved."],
+ include_scope_details: Annotated[
+ str | None, "Set to 'scope' to return scope details in the `_embedded` property."
+ ] = None,
+) -> Annotated[dict[str, Any], "Response from the API endpoint 'getOAuth2TokenForApplication'."]:
+ """Retrieve a refresh token for a specified application.
+
+ This tool retrieves a refresh token for a specified application using its app ID and token ID. It should be called when there's a need to obtain a new refresh token for app authentication.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/apps/{appId}/tokens/{tokenId}".format( # noqa: UP032
+ appId=application_id, tokenId=token_id
+ ),
+ method="GET",
+ params=remove_none_values({"expand": include_scope_details}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.apps.manage"]))
+async def revoke_app_oauth2_token(
+ context: ToolContext,
+ application_id: Annotated[
+ str, "The unique identifier for the application whose token is to be revoked."
+ ],
+ token_id: Annotated[
+ str, "The ID of the OAuth2 token to be revoked for the specified application."
+ ],
+) -> Annotated[dict[str, Any], "Response from the API endpoint 'revokeOAuth2TokenForApplication'."]:
+ """Revoke a specific OAuth2 token for an application.
+
+ Use this tool to revoke a specific OAuth2 token associated with a particular application. Ideal for cases where you want to invalidate a token, ensuring it can no longer be used for authorization.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/apps/{appId}/tokens/{tokenId}".format( # noqa: UP032
+ appId=application_id, tokenId=token_id
+ ),
+ method="DELETE",
+ params=remove_none_values({}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.apps.read"]))
+async def list_app_users(
+ context: ToolContext,
+ application_id: Annotated[
+ str, "The unique identifier for the application whose assigned users you want to list."
+ ],
+ pagination_cursor: Annotated[
+ str | None,
+ "Specifies the pagination cursor for the next page of results. Use this as an opaque value from the next link.", # noqa: E501
+ ] = None,
+ results_per_page: Annotated[
+ int | None,
+ "Specifies the number of user records to return per page. Use this to control pagination effectively. Refer to the pagination guidelines for handling multiple pages.", # noqa: E501
+ ] = None,
+ filter_user_profile: Annotated[
+ str | None,
+ "Filter users based on profile attributes like `userName`, `firstName`, `lastName`, or `email`. Supports `startsWith` filtering.", # noqa: E501
+ ] = None,
+ include_user_object: Annotated[
+ str | None,
+ "Include this parameter to return the corresponding User object in the embedded property. Use 'user' as the value.", # noqa: E501
+ ] = None,
+) -> Annotated[dict[str, Any], "Response from the API endpoint 'listApplicationUsers'."]:
+ """Retrieve all users assigned to a specific app.
+
+ Use this tool to list all users who have been assigned to a particular application in Okta. Useful for managing app users and access control.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/apps/{appId}/users".format(appId=application_id), # noqa: UP032
+ method="GET",
+ params=remove_none_values({
+ "after": pagination_cursor,
+ "limit": results_per_page,
+ "q": filter_user_profile,
+ "expand": include_user_object,
+ }),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.apps.read"]))
+async def retrieve_app_user_assignment(
+ context: ToolContext,
+ application_id: Annotated[
+ str,
+ "The unique identifier for the application. Used to specify which application's user assignment to retrieve.", # noqa: E501
+ ],
+ okta_user_id: Annotated[
+ str,
+ "Specify the ID of an existing Okta user to retrieve their assignment information for a specific app.", # noqa: E501
+ ],
+ include_user_in_response: Annotated[
+ str | None,
+ "Optionally include the corresponding user object in the response. Valid value: 'user'.",
+ ] = None,
+) -> Annotated[dict[str, Any], "Response from the API endpoint 'getApplicationUser'."]:
+ """Retrieve a specific user's assignment for an app.
+
+ Use this tool to get information about a user's assignment for a particular application in Okta. It should be called when you need to verify or inspect user access and assignments related to specific applications.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/apps/{appId}/users/{userId}".format( # noqa: UP032
+ appId=application_id, userId=okta_user_id
+ ),
+ method="GET",
+ params=remove_none_values({"expand": include_user_in_response}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.apps.manage"]))
+async def unassign_user_from_app(
+ context: ToolContext,
+ application_id: Annotated[
+ str,
+ "The unique identifier for the application from which the user will be unassigned. This ID is necessary to specify the target application.", # noqa: E501
+ ],
+ user_id: Annotated[
+ str,
+ "The unique identifier for an existing Okta user to be unassigned from the application.",
+ ],
+ send_deactivation_email: Annotated[
+ bool | None,
+ "Set to true to send a deactivation email to the administrator upon unassignment.",
+ ] = None,
+) -> Annotated[dict[str, Any], "Response from the API endpoint 'unassignUserFromApplication'."]:
+ """Unassign a user from a specified application.
+
+ Use this tool to unassign a user from an application when managing directory services like Active Directory or LDAP. Note that this operation is irreversible and may deactivate the user in the target application if provisioning is enabled.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/apps/{appId}/users/{userId}".format( # noqa: UP032
+ appId=application_id, userId=user_id
+ ),
+ method="DELETE",
+ params=remove_none_values({"sendEmail": send_deactivation_email}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.apps.manage"]))
+async def verify_oauth2_connection(
+ context: ToolContext,
+ application_name: Annotated[
+ str,
+ "Specifies the application for OAuth 2.0 provisioning. Must be one of: google, office365, slack, zoomus.", # noqa: E501
+ ],
+ application_id: Annotated[
+ str,
+ "The unique identifier for the application. Use this to specify which application's OAuth 2.0 connection is being verified.", # noqa: E501
+ ],
+ authorization_code: Annotated[
+ str | None,
+ "The authorization code received after the OAuth 2.0 consent flow. This code is used to verify the provisioning connection for the application.", # noqa: E501
+ ] = None,
+ oauth2_state_parameter: Annotated[
+ str | None,
+ "A unique string to maintain state between the request and callback in the OAuth consent process.", # noqa: E501
+ ] = None,
+) -> Annotated[
+ dict[str, Any], "Response from the API endpoint 'verifyProvisioningConnectionForApplication'."
+]:
+ """Verify OAuth 2.0 provisioning for specific applications.
+
+ This tool verifies the OAuth 2.0-based connection as part of the consent flow for provisioning setup. It is specifically used with Office 365, Google, Zoom, and Slack applications. Use this tool to confirm that the last step of the OAuth provisioning process is complete.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/apps/{appName}/{appId}/oauth2/callback".format( # noqa: UP032
+ appName=application_name, appId=application_id
+ ),
+ method="POST",
+ params=remove_none_values({"code": authorization_code, "state": oauth2_state_parameter}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.authenticators.read"]))
+async def list_all_authenticators(
+ context: ToolContext,
+) -> Annotated[dict[str, Any], "Response from the API endpoint 'listAuthenticators'."]:
+ """Fetches a list of all authenticators."""
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/authenticators",
+ method="GET",
+ params=remove_none_values({}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.authenticators.manage"]))
+async def create_authenticator(
+ context: ToolContext,
+ activate_authenticator_on_creation: Annotated[
+ bool | None,
+ "Set to true to execute the activation lifecycle operation when creating the authenticator.", # noqa: E501
+ ] = None,
+) -> Annotated[dict[str, Any], "Response from the API endpoint 'createAuthenticator'."]:
+ """Creates a new authenticator in Okta.
+
+ Call this tool to add a new authenticator to your Okta account. It is useful for setting up new authentication methods or devices.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/authenticators",
+ method="POST",
+ params=remove_none_values({"activate": activate_authenticator_on_creation}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.authenticators.read"]))
+async def retrieve_okta_authenticator(
+ context: ToolContext,
+ authenticator_id: Annotated[str, "The unique `id` of the authenticator to retrieve from Okta."],
+) -> Annotated[dict[str, Any], "Response from the API endpoint 'getAuthenticator'."]:
+ """Fetches an authenticator from Okta using its ID.
+
+ Use this tool to retrieve detailed information about a specific authenticator in your Okta organization by providing its ID.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/authenticators/{authenticatorId}".format( # noqa: UP032
+ authenticatorId=authenticator_id
+ ),
+ method="GET",
+ params=remove_none_values({}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.authenticators.manage"]))
+async def replace_authenticator_properties(
+ context: ToolContext,
+ authenticator_id: Annotated[
+ str, "The unique identifier of the authenticator whose properties need to be replaced."
+ ],
+) -> Annotated[dict[str, Any], "Response from the API endpoint 'replaceAuthenticator'."]:
+ """Replace properties of a specified authenticator.
+
+ Invoke this tool to update the properties of an authenticator using its `authenticatorId`. Use when you need to modify authenticator settings in the Okta system.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/authenticators/{authenticatorId}".format( # noqa: UP032
+ authenticatorId=authenticator_id
+ ),
+ method="PUT",
+ params=remove_none_values({}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.authenticators.read"]))
+async def list_custom_aaguids(
+ context: ToolContext,
+ authenticator_id: Annotated[
+ str, "The unique identifier for the authenticator to list custom AAGUIDs for."
+ ],
+) -> Annotated[dict[str, Any], "Response from the API endpoint 'listAllCustomAAGUIDs'."]:
+ """Retrieve all custom AAGUIDs from the organization.
+
+ This tool retrieves all custom Authenticator Attestation Global Unique Identifiers (AAGUIDs) created by an admin in the organization. Use this tool to get a list of custom AAGUIDs associated with a specific authenticator ID.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/authenticators/{authenticatorId}/aaguids".format( # noqa: UP032
+ authenticatorId=authenticator_id
+ ),
+ method="GET",
+ params=remove_none_values({}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.authenticators.read"]))
+async def retrieve_custom_aaguid(
+ context: ToolContext,
+ authenticator_id: Annotated[
+ str, "The ID of the authenticator for which to retrieve the custom AAGUID."
+ ],
+ custom_aaguid: Annotated[
+ str,
+ "The unique identifier for a custom AAGUID. This is used to specify which AAGUID to retrieve.", # noqa: E501
+ ],
+) -> Annotated[dict[str, Any], "Response from the API endpoint 'getCustomAAGUID'."]:
+ """Retrieve a custom AAGUID for a specific authenticator.
+
+ Call this tool to obtain the custom AAGUID for a given authenticator using its ID. This is useful for authentication processes requiring specific AAGUID details.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/authenticators/{authenticatorId}/aaguids/{aaguid}".format( # noqa: UP032
+ authenticatorId=authenticator_id, aaguid=custom_aaguid
+ ),
+ method="GET",
+ params=remove_none_values({}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.authenticators.manage"]))
+async def delete_custom_aaguid(
+ context: ToolContext,
+ authenticator_id: Annotated[
+ str,
+ "The unique identifier of the authenticator from which the custom AAGUID will be deleted.",
+ ],
+ custom_aaguid_id: Annotated[
+ str, "The unique ID of the custom AAGUID to be deleted, created by an admin."
+ ],
+) -> Annotated[dict[str, Any], "Response from the API endpoint 'deleteCustomAAGUID'."]:
+ """Deletes a custom AAGUID created by an admin.
+
+ This tool deletes a custom AAGUID created by an admin. It should be used when there's a need to remove specific custom AAGUIDs from the Okta system.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/authenticators/{authenticatorId}/aaguids/{aaguid}".format( # noqa: UP032
+ authenticatorId=authenticator_id, aaguid=custom_aaguid_id
+ ),
+ method="DELETE",
+ params=remove_none_values({}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.authenticators.manage"]))
+async def activate_authenticator(
+ context: ToolContext,
+ authenticator_id: Annotated[
+ str,
+ "The unique identifier for the authenticator to be activated. It must be a valid string matching the authenticator's ID.", # noqa: E501
+ ],
+) -> Annotated[dict[str, Any], "Response from the API endpoint 'activateAuthenticator'."]:
+ """Activates an authenticator using its ID.
+
+ Use this tool to activate a specific authenticator by providing its ID. It is useful when an authenticator needs to be enabled for user verification processes.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/authenticators/{authenticatorId}/lifecycle/activate".format( # noqa: UP032
+ authenticatorId=authenticator_id
+ ),
+ method="POST",
+ params=remove_none_values({}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.authenticators.manage"]))
+async def deactivate_authenticator(
+ context: ToolContext,
+ authenticator_id: Annotated[
+ str,
+ "The ID of the authenticator to deactivate. Provide the specific `id` to disable the authenticator in Okta.", # noqa: E501
+ ],
+) -> Annotated[dict[str, Any], "Response from the API endpoint 'deactivateAuthenticator'."]:
+ """Deactivate an authenticator by its ID.
+
+ Use this tool to deactivate an authenticator in Okta using the specific authenticator ID. This is useful when an authenticator needs to be temporarily or permanently disabled.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/authenticators/{authenticatorId}/lifecycle/deactivate".format( # noqa: UP032
+ authenticatorId=authenticator_id
+ ),
+ method="POST",
+ params=remove_none_values({}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.authenticators.read"]))
+async def list_authenticator_methods(
+ context: ToolContext,
+ authenticator_id: Annotated[
+ str, "The unique identifier of the authenticator to list its methods."
+ ],
+) -> Annotated[dict[str, Any], "Response from the API endpoint 'listAuthenticatorMethods'."]:
+ """Retrieve all methods of a specified authenticator.
+
+ Call this tool to get a list of all available methods for a specific authenticator using its authenticatorId.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/authenticators/{authenticatorId}/methods".format( # noqa: UP032
+ authenticatorId=authenticator_id
+ ),
+ method="GET",
+ params=remove_none_values({}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.authenticators.read"]))
+async def retrieve_authenticator_method(
+ context: ToolContext,
+ authenticator_id: Annotated[
+ str, "The unique identifier for the authenticator to retrieve the method from."
+ ],
+ authenticator_method_type: Annotated[
+ str,
+ "The type of authenticator method. Possible values include: 'cert', 'duo', 'email', 'idp', 'otp', 'password', 'push', 'security_question', 'signed_nonce', 'sms', 'totp', 'voice', 'webauthn', 'tac'.", # noqa: E501
+ ],
+) -> Annotated[dict[str, Any], "Response from the API endpoint 'getAuthenticatorMethod'."]:
+ """Retrieve a specific authenticator method by ID and type.
+
+ This tool is used to get details of a specific authentication method identified by method type and authenticator ID. It is useful for retrieving information about how users authenticate using specific methods.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/authenticators/{authenticatorId}/methods/{methodType}".format( # noqa: UP032
+ authenticatorId=authenticator_id, methodType=authenticator_method_type
+ ),
+ method="GET",
+ params=remove_none_values({}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.authenticators.manage"]))
+async def activate_authenticator_method(
+ context: ToolContext,
+ authenticator_id: Annotated[
+ str, "The unique identifier of the authenticator to activate a method for."
+ ],
+ authenticator_method_type: Annotated[
+ str,
+ "Specifies the type of authenticator method to activate. Must be one of: 'cert', 'duo', 'email', 'idp', 'otp', 'password', 'push', 'security_question', 'signed_nonce', 'sms', 'totp', 'voice', 'webauthn', or 'tac'.", # noqa: E501
+ ],
+) -> Annotated[dict[str, Any], "Response from the API endpoint 'activateAuthenticatorMethod'."]:
+ """Activate a specific method for an authenticator.
+
+ This tool activates a specified method for an authenticator based on the provided `authenticatorId` and `methodType`. Call this tool when you need to enable a particular authentication method in the Okta system.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/authenticators/{authenticatorId}/methods/{methodType}/lifecycle/activate".format( # noqa: UP032
+ authenticatorId=authenticator_id, methodType=authenticator_method_type
+ ),
+ method="POST",
+ params=remove_none_values({}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.authenticators.manage"]))
+async def deactivate_authenticator_method(
+ context: ToolContext,
+ authenticator_id: Annotated[str, "The unique ID of the authenticator to be deactivated."],
+ authenticator_method_type: Annotated[
+ str, "Type of authenticator method to deactivate, such as 'cert', 'duo', 'email', etc."
+ ],
+) -> Annotated[dict[str, Any], "Response from the API endpoint 'deactivateAuthenticatorMethod'."]:
+ """Deactivate a specific authenticator method.
+
+ Use this tool to deactivate a particular method for an authenticator by providing the `authenticatorId` and `methodType`.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/authenticators/{authenticatorId}/methods/{methodType}/lifecycle/deactivate".format( # noqa: UP032
+ authenticatorId=authenticator_id, methodType=authenticator_method_type
+ ),
+ method="POST",
+ params=remove_none_values({}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.authorizationServers.read"]))
+async def list_custom_authorization_servers(
+ context: ToolContext,
+ search_query: Annotated[
+ str | None,
+ "Search for matching values in the `name` and `audiences` of authorization servers.",
+ ] = None,
+ results_per_page: Annotated[
+ int | None,
+ "The number of authorization server results to return per page. Maximum value is 200.",
+ ] = None,
+ pagination_cursor: Annotated[
+ str | None,
+ "Specifies the pagination cursor for the next page of authorization servers. Use the value obtained from the next link of the previous response.", # noqa: E501
+ ] = None,
+) -> Annotated[dict[str, Any], "Response from the API endpoint 'listAuthorizationServers'."]:
+ """Retrieve all custom authorization servers for the organization.
+
+ Use this tool to get a list of all custom authorization servers configured in the Okta organization. Useful for managing and reviewing authorization server configurations.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/authorizationServers",
+ method="GET",
+ params=remove_none_values({
+ "q": search_query,
+ "limit": results_per_page,
+ "after": pagination_cursor,
+ }),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.authorizationServers.read"]))
+async def retrieve_authorization_server(
+ context: ToolContext,
+ authorization_server_id: Annotated[
+ str,
+ "ID of the authorization server to retrieve. This is required to identify which server's details to fetch.", # noqa: E501
+ ],
+) -> Annotated[dict[str, Any], "Response from the API endpoint 'getAuthorizationServer'."]:
+ """Retrieve details of a specific authorization server.
+
+ Call this tool to get information about a specific authorization server using its ID. Useful for managing or reviewing authorization server configurations.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/authorizationServers/{authServerId}".format( # noqa: UP032
+ authServerId=authorization_server_id
+ ),
+ method="GET",
+ params=remove_none_values({}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.authorizationServers.manage"]))
+async def delete_authorization_server(
+ context: ToolContext,
+ authorization_server_id: Annotated[
+ str, "The unique ID of the authorization server to be deleted. This action is irreversible."
+ ],
+) -> Annotated[dict[str, Any], "Response from the API endpoint 'deleteAuthorizationServer'."]:
+ """Deletes an authorization server by ID.
+
+ Use this tool to delete a specific authorization server by providing its unique ID. This action is irreversible and should be used when an authorization server is no longer needed.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/authorizationServers/{authServerId}".format( # noqa: UP032
+ authServerId=authorization_server_id
+ ),
+ method="DELETE",
+ params=remove_none_values({}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.authorizationServers.read"]))
+async def list_authorization_servers_by_trusted_type(
+ context: ToolContext,
+ authorization_server_id: Annotated[
+ str, "The unique ID of the Authorization Server to retrieve associated servers for."
+ ],
+ search_name_or_audience: Annotated[
+ str | None,
+ "A string to search for the name or audience of associated authorization servers.",
+ ] = None,
+ page_size: Annotated[int | None, "Specifies the number of results to return per page."] = None,
+ pagination_cursor: Annotated[
+ str | None, "Specifies the cursor for fetching the next page of authorization servers."
+ ] = None,
+ search_trusted_authorization_servers: Annotated[
+ bool | None,
+ "Set to `true` to search for trusted authorization servers, or `false` for untrusted ones.",
+ ] = None,
+) -> Annotated[
+ dict[str, Any], "Response from the API endpoint 'listAssociatedServersByTrustedType'."
+]:
+ """List associated authorization servers by trusted type.
+
+ Use this tool to retrieve all authorization servers associated with a specific trusted type for a given `authServerId`.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/authorizationServers/{authServerId}/associatedServers".format( # noqa: UP032
+ authServerId=authorization_server_id
+ ),
+ method="GET",
+ params=remove_none_values({
+ "trusted": search_trusted_authorization_servers,
+ "q": search_name_or_audience,
+ "limit": page_size,
+ "after": pagination_cursor,
+ }),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.authorizationServers.manage"]))
+async def delete_authorization_server_association(
+ context: ToolContext,
+ authorization_server_id: Annotated[
+ str, "The ID of the primary Authorization Server to remove the association from."
+ ],
+ associated_server_id: Annotated[
+ str, "The `id` of the associated Authorization Server to be deleted."
+ ],
+) -> Annotated[dict[str, Any], "Response from the API endpoint 'deleteAssociatedServer'."]:
+ """Deletes an associated Authorization Server for an ID pair.
+
+ This tool deletes an association between a specified Authorization Server and an associated server, using their IDs. Call this tool when you need to remove such an association.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/authorizationServers/{authServerId}/associatedServers/{associatedServerId}".format( # noqa: UP032
+ authServerId=authorization_server_id, associatedServerId=associated_server_id
+ ),
+ method="DELETE",
+ params=remove_none_values({}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.authorizationServers.read"]))
+async def list_oauth2_claims(
+ context: ToolContext,
+ authorization_server_id: Annotated[
+ str, "`id` of the Authorization Server to list custom token claims for."
+ ],
+) -> Annotated[dict[str, Any], "Response from the API endpoint 'listOAuth2Claims'."]:
+ """Retrieve all custom token claims for a specified authorization server.
+
+ This tool should be called to list all custom token claims defined for a specified custom authorization server in Okta. It's useful for managing token customization and understanding what claims are currently configured.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/authorizationServers/{authServerId}/claims".format( # noqa: UP032
+ authServerId=authorization_server_id
+ ),
+ method="GET",
+ params=remove_none_values({}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.authorizationServers.read"]))
+async def retrieve_oauth2_claim(
+ context: ToolContext,
+ authorization_server_id: Annotated[
+ str, "The ID of the Authorization Server whose claim is being retrieved."
+ ],
+ claim_id: Annotated[str, "The unique identifier of the custom token claim to retrieve."],
+) -> Annotated[dict[str, Any], "Response from the API endpoint 'getOAuth2Claim'."]:
+ """Retrieve a custom OAuth2 token claim by ID.
+
+ This tool retrieves a specific custom token claim from an authorization server using the provided claim ID. It is used when you need to access detailed information about a particular OAuth2 custom token claim.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/authorizationServers/{authServerId}/claims/{claimId}".format( # noqa: UP032
+ authServerId=authorization_server_id, claimId=claim_id
+ ),
+ method="GET",
+ params=remove_none_values({}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.authorizationServers.manage"]))
+async def delete_oauth2_claim(
+ context: ToolContext,
+ authorization_server_id: Annotated[
+ str, "The ID of the Authorization Server from which the OAuth2 claim will be deleted."
+ ],
+ claim_id: Annotated[
+ str,
+ "The ID of the OAuth2 token claim to delete. This ID specifies which claim to remove from the authorization server.", # noqa: E501
+ ],
+) -> Annotated[dict[str, Any], "Response from the API endpoint 'deleteOAuth2Claim'."]:
+ """Delete a custom OAuth2 token claim by ID.
+
+ Use this tool to delete a specific custom OAuth2 token claim by providing the claim ID. Ideal for managing and removing unnecessary or outdated claims in Okta authorization servers.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/authorizationServers/{authServerId}/claims/{claimId}".format( # noqa: UP032
+ authServerId=authorization_server_id, claimId=claim_id
+ ),
+ method="DELETE",
+ params=remove_none_values({}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.authorizationServers.read"]))
+async def list_auth_server_oauth2_clients(
+ context: ToolContext,
+ authorization_server_id: Annotated[
+ str, "The ID of the Authorization Server to list OAuth2 clients for."
+ ],
+) -> Annotated[
+ dict[str, Any], "Response from the API endpoint 'listOAuth2ClientsForAuthorizationServer'."
+]:
+ """List OAuth2 clients for a specific authorization server.
+
+ Retrieve all client resources associated with a specified authorization server that have tokens. Useful for managing client applications and understanding access scopes within an authorization environment.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/authorizationServers/{authServerId}/clients".format( # noqa: UP032
+ authServerId=authorization_server_id
+ ),
+ method="GET",
+ params=remove_none_values({}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.authorizationServers.read"]))
+async def list_refresh_tokens(
+ context: ToolContext,
+ authorization_server_id: Annotated[
+ str, "The unique identifier of the Authorization Server. Required to list tokens."
+ ],
+ client_application_id: Annotated[
+ str, "The ID of the client application to fetch refresh tokens for."
+ ],
+ include_scope_details: Annotated[
+ str | None, "Specify 'scope' to include scope details in the embedded attribute."
+ ] = None,
+ next_page_cursor: Annotated[
+ str | None,
+ "Specifies the pagination cursor for retrieving the next page of tokens. Use this for navigating through pages of results.", # noqa: E501
+ ] = None,
+ maximum_tokens_to_return: Annotated[
+ int | None, "Specify the maximum number of tokens to return. It must not exceed 200."
+ ] = None,
+) -> Annotated[
+ dict[str, Any],
+ "Response from the API endpoint 'listRefreshTokensForAuthorizationServerAndClient'.",
+]:
+ """List refresh tokens for a specific client and authorization server.
+
+ Use this tool to retrieve all refresh tokens issued by an authorization server for a particular client. Ideal for managing client access and monitoring tokens.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/authorizationServers/{authServerId}/clients/{clientId}/tokens".format( # noqa: UP032
+ authServerId=authorization_server_id, clientId=client_application_id
+ ),
+ method="GET",
+ params=remove_none_values({
+ "expand": include_scope_details,
+ "after": next_page_cursor,
+ "limit": maximum_tokens_to_return,
+ }),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.authorizationServers.manage"]))
+async def revoke_refresh_tokens_for_client(
+ context: ToolContext,
+ authorization_server_id: Annotated[
+ str, "The ID of the Authorization Server to revoke tokens from."
+ ],
+ client_app_id: Annotated[
+ str, "The unique ID of the client application whose refresh tokens need to be revoked."
+ ],
+) -> Annotated[
+ dict[str, Any],
+ "Response from the API endpoint 'revokeRefreshTokensForAuthorizationServerAndClient'.",
+]:
+ """Revokes all refresh tokens for a specific client.
+
+ Use this tool to revoke all refresh tokens associated with a particular client within a specific authorization server. This is useful for managing client access and ensuring security by invalidating existing tokens.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/authorizationServers/{authServerId}/clients/{clientId}/tokens".format( # noqa: UP032
+ authServerId=authorization_server_id, clientId=client_app_id
+ ),
+ method="DELETE",
+ params=remove_none_values({}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.authorizationServers.read"]))
+async def retrieve_refresh_token(
+ context: ToolContext,
+ authorization_server_id: Annotated[
+ str, "The ID of the Authorization Server for which the refresh token is retrieved."
+ ],
+ client_app_id: Annotated[
+ str, "The ID of the client application for which the refresh token is being retrieved."
+ ],
+ token_id: Annotated[
+ str,
+ "The ID of the token to retrieve a refresh token for a specific client within an authorization server.", # noqa: E501
+ ],
+ include_scope_details: Annotated[
+ str | None, "Specify 'scope' to include scope details in the `_embedded` attribute."
+ ] = None,
+) -> Annotated[
+ dict[str, Any],
+ "Response from the API endpoint 'getRefreshTokenForAuthorizationServerAndClient'.",
+]:
+ """Retrieve a refresh token for a client.
+
+ Use this tool to get a refresh token for a specified client within an authorization server."""
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/authorizationServers/{authServerId}/clients/{clientId}/tokens/{tokenId}".format( # noqa: UP032
+ authServerId=authorization_server_id, clientId=client_app_id, tokenId=token_id
+ ),
+ method="GET",
+ params=remove_none_values({"expand": include_scope_details}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.authorizationServers.manage"]))
+async def revoke_refresh_token(
+ context: ToolContext,
+ authorization_server_id: Annotated[
+ str, "The ID of the Authorization Server to revoke the refresh token from."
+ ],
+ client_app_id: Annotated[
+ str, "The ID of the client application for which the refresh token is being revoked."
+ ],
+ token_id: Annotated[
+ str,
+ "The ID of the refresh token to be revoked. It is a string that uniquely identifies the token.", # noqa: E501
+ ],
+) -> Annotated[
+ dict[str, Any],
+ "Response from the API endpoint 'revokeRefreshTokenForAuthorizationServerAndClient'.",
+]:
+ """Revoke a refresh token for a specific client.
+
+ Use this tool to revoke a refresh token for a specific client within an authorization server. It is useful for managing and invalidating existing refresh tokens when they are no longer needed or should be explicitly invalidated.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/authorizationServers/{authServerId}/clients/{clientId}/tokens/{tokenId}".format( # noqa: UP032
+ authServerId=authorization_server_id, clientId=client_app_id, tokenId=token_id
+ ),
+ method="DELETE",
+ params=remove_none_values({}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.authorizationServers.read"]))
+async def list_authorization_server_keys(
+ context: ToolContext,
+ authorization_server_id: Annotated[
+ str, "ID of the Authorization Server whose keys are to be listed."
+ ],
+) -> Annotated[dict[str, Any], "Response from the API endpoint 'listAuthorizationServerKeys'."]:
+ """Lists keys for a custom authorization server.
+
+ Retrieves all current, future, and expired keys for a specified custom authorization server. Use this tool to manage and review authorization keys.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/authorizationServers/{authServerId}/credentials/keys".format( # noqa: UP032
+ authServerId=authorization_server_id
+ ),
+ method="GET",
+ params=remove_none_values({}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.authorizationServers.read"]))
+async def retrieve_auth_server_key(
+ context: ToolContext,
+ authorization_server_id: Annotated[
+ str,
+ "The unique identifier of the Authorization Server whose key details are to be retrieved.",
+ ],
+ certificate_key_id: Annotated[
+ str, "The unique identifier (`id`) of the certificate key to retrieve."
+ ],
+) -> Annotated[dict[str, Any], "Response from the API endpoint 'getAuthorizationServerKey'."]:
+ """Retrieve specific Authorization Server Key details.
+
+ Used to fetch details of a specified Authorization Server Key using the `keyId`. This is helpful when verifying or utilizing specific keys in the Okta system.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/authorizationServers/{authServerId}/credentials/keys/{keyId}".format( # noqa: UP032
+ authServerId=authorization_server_id, keyId=certificate_key_id
+ ),
+ method="GET",
+ params=remove_none_values({}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.authorizationServers.manage"]))
+async def activate_auth_server(
+ context: ToolContext,
+ authorization_server_id: Annotated[
+ str, "The unique identifier (`id`) of the authorization server to activate."
+ ],
+) -> Annotated[dict[str, Any], "Response from the API endpoint 'activateAuthorizationServer'."]:
+ """Activates an authorization server.
+
+ Use this tool to activate an authorization server in Okta. Call this when you need to enable an authorization server that is currently inactive.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/authorizationServers/{authServerId}/lifecycle/activate".format( # noqa: UP032
+ authServerId=authorization_server_id
+ ),
+ method="POST",
+ params=remove_none_values({}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.authorizationServers.manage"]))
+async def deactivate_auth_server(
+ context: ToolContext,
+ authorization_server_id: Annotated[str, "The ID of the authorization server to deactivate."],
+) -> Annotated[dict[str, Any], "Response from the API endpoint 'deactivateAuthorizationServer'."]:
+ """Deactivates an authorization server.
+
+ Use this tool to deactivate an authorization server by providing its ID. This is useful for temporarily disabling access control without deleting configuration.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/authorizationServers/{authServerId}/lifecycle/deactivate".format( # noqa: UP032
+ authServerId=authorization_server_id
+ ),
+ method="POST",
+ params=remove_none_values({}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.authorizationServers.read"]))
+async def list_auth_server_policies(
+ context: ToolContext,
+ authorization_server_id: Annotated[
+ str, "The ID of the specific Authorization Server to retrieve policies for."
+ ],
+) -> Annotated[dict[str, Any], "Response from the API endpoint 'listAuthorizationServerPolicies'."]:
+ """Retrieve all policies for a specific authorization server.
+
+ This tool retrieves a list of all policies associated with a specific authorization server using its ID. It should be used to obtain policy details for management or review purposes.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/authorizationServers/{authServerId}/policies".format( # noqa: UP032
+ authServerId=authorization_server_id
+ ),
+ method="GET",
+ params=remove_none_values({}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.authorizationServers.read"]))
+async def retrieve_auth_policy(
+ context: ToolContext,
+ authorization_server_id: Annotated[
+ str, "The ID of the Authorization Server to retrieve the policy from."
+ ],
+ policy_id: Annotated[str, "The unique `id` of the Policy to retrieve its details."],
+) -> Annotated[dict[str, Any], "Response from the API endpoint 'getAuthorizationServerPolicy'."]:
+ """Retrieve details of an authorization server policy.
+
+ This tool retrieves the details of a specific policy from an authorization server using the provided authorization server ID and policy ID. It should be called when detailed information about an authorization server policy is needed.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/authorizationServers/{authServerId}/policies/{policyId}".format( # noqa: UP032
+ authServerId=authorization_server_id, policyId=policy_id
+ ),
+ method="GET",
+ params=remove_none_values({}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.authorizationServers.manage"]))
+async def delete_auth_server_policy(
+ context: ToolContext,
+ authorization_server_id: Annotated[
+ str,
+ "The unique `id` of the Authorization Server from which the policy needs to be deleted.",
+ ],
+ policy_id: Annotated[str, "The unique identifier for the policy to be deleted."],
+) -> Annotated[dict[str, Any], "Response from the API endpoint 'deleteAuthorizationServerPolicy'."]:
+ """Delete a policy from the authorization server.
+
+ Use this tool to delete a specific policy from an authorization server by providing the authorization server ID and policy ID. It should be called when a policy is no longer needed or requires removal.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/authorizationServers/{authServerId}/policies/{policyId}".format( # noqa: UP032
+ authServerId=authorization_server_id, policyId=policy_id
+ ),
+ method="DELETE",
+ params=remove_none_values({}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.authorizationServers.manage"]))
+async def activate_auth_server_policy(
+ context: ToolContext,
+ authorization_server_id: Annotated[
+ str, "The unique identifier of the Authorization Server to activate a policy for."
+ ],
+ policy_id: Annotated[
+ str,
+ "The `id` of the Policy to activate. This should be a string representing the unique identifier of the policy.", # noqa: E501
+ ],
+) -> Annotated[
+ dict[str, Any], "Response from the API endpoint 'activateAuthorizationServerPolicy'."
+]:
+ """Activates an authorization server policy in Okta.
+
+ This tool is used to activate a specific authorization server policy on Okta. It should be called when there is a need to enable a policy that is currently inactive. The tool confirms the successful activation of the policy.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/authorizationServers/{authServerId}/policies/{policyId}/lifecycle/activate".format( # noqa: UP032
+ authServerId=authorization_server_id, policyId=policy_id
+ ),
+ method="POST",
+ params=remove_none_values({}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.authorizationServers.manage"]))
+async def deactivate_auth_server_policy(
+ context: ToolContext,
+ authorization_server_id: Annotated[
+ str, "Identifier for the Authorization Server to be deactivated."
+ ],
+ policy_id: Annotated[str, "The ID of the policy to deactivate in the authorization server."],
+) -> Annotated[
+ dict[str, Any], "Response from the API endpoint 'deactivateAuthorizationServerPolicy'."
+]:
+ """Deactivates a specific authorization server policy.
+
+ Use this tool to deactivate an authorization server policy by specifying the server and policy IDs. Ideal for managing access control settings.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/authorizationServers/{authServerId}/policies/{policyId}/lifecycle/deactivate".format( # noqa: UP032
+ authServerId=authorization_server_id, policyId=policy_id
+ ),
+ method="POST",
+ params=remove_none_values({}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.authorizationServers.read"]))
+async def list_auth_server_policy_rules(
+ context: ToolContext,
+ authorization_server_id: Annotated[
+ str, "The ID of the specified Custom Authorization Server to retrieve policy rules from."
+ ],
+ policy_id: Annotated[str, "The unique identifier of the Policy for which to list rules."],
+) -> Annotated[
+ dict[str, Any], "Response from the API endpoint 'listAuthorizationServerPolicyRules'."
+]:
+ """Retrieve policy rules for a Custom Authorization Server.
+
+ Fetches a list of all policy rules for a specified Custom Authorization Server and Policy, useful for managing access policies.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/authorizationServers/{authServerId}/policies/{policyId}/rules".format( # noqa: UP032
+ authServerId=authorization_server_id, policyId=policy_id
+ ),
+ method="GET",
+ params=remove_none_values({}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.authorizationServers.read"]))
+async def get_policy_rule(
+ context: ToolContext,
+ authorization_server_id: Annotated[
+ str, "The ID of the Authorization Server needed to retrieve the specified policy rule."
+ ],
+ policy_id: Annotated[str, "The unique identifier of the policy associated with the rule."],
+ policy_rule_id: Annotated[str, "The unique identifier of the policy rule to retrieve."],
+) -> Annotated[
+ dict[str, Any], "Response from the API endpoint 'getAuthorizationServerPolicyRule'."
+]:
+ """Retrieve details of a specific policy rule using its rule ID.
+
+ Use this tool to fetch the details of a policy rule from an authorization server by providing the rule ID. It’s useful for accessing specific configurations or settings of a particular rule within a policy.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/authorizationServers/{authServerId}/policies/{policyId}/rules/{ruleId}".format( # noqa: UP032
+ authServerId=authorization_server_id, policyId=policy_id, ruleId=policy_rule_id
+ ),
+ method="GET",
+ params=remove_none_values({}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.authorizationServers.manage"]))
+async def delete_auth_server_policy_rule(
+ context: ToolContext,
+ authorization_server_id: Annotated[
+ str, "ID of the Authorization Server to target for policy rule deletion."
+ ],
+ policy_id: Annotated[
+ str,
+ "The ID of the policy to be deleted from the authorization server. This is required to specify which policy rule is being targeted.", # noqa: E501
+ ],
+ policy_rule_id: Annotated[str, "The unique identifier for the policy rule to be deleted."],
+) -> Annotated[
+ dict[str, Any], "Response from the API endpoint 'deleteAuthorizationServerPolicyRule'."
+]:
+ """Delete a policy rule in an authorization server.
+
+ Use this tool to delete a specific policy rule from a custom authorization server in Okta. This is useful when you need to manage or clean up authorization rules.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/authorizationServers/{authServerId}/policies/{policyId}/rules/{ruleId}".format( # noqa: UP032
+ authServerId=authorization_server_id, policyId=policy_id, ruleId=policy_rule_id
+ ),
+ method="DELETE",
+ params=remove_none_values({}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.authorizationServers.manage"]))
+async def activate_auth_server_policy_rule(
+ context: ToolContext,
+ authorization_server_id: Annotated[str, "The ID of the Authorization Server to be activated."],
+ policy_id: Annotated[
+ str, "The `id` of the Policy to be activated within the authorization server."
+ ],
+ policy_rule_id: Annotated[
+ str, "The unique identifier for the policy rule to be activated in Okta."
+ ],
+) -> Annotated[
+ dict[str, Any], "Response from the API endpoint 'activateAuthorizationServerPolicyRule'."
+]:
+ """Activates an authorization server policy rule in Okta.
+
+ This tool is used to activate a specific policy rule within an authorization server on the Okta platform. Call this tool when you need to enable a specific policy rule that is currently inactive.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/authorizationServers/{authServerId}/policies/{policyId}/rules/{ruleId}/lifecycle/activate".format( # noqa: UP032
+ authServerId=authorization_server_id, policyId=policy_id, ruleId=policy_rule_id
+ ),
+ method="POST",
+ params=remove_none_values({}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.authorizationServers.manage"]))
+async def deactivate_policy_rule(
+ context: ToolContext,
+ authorization_server_id: Annotated[
+ str, "ID of the Authorization Server to target for deactivation."
+ ],
+ policy_id: Annotated[str, "The unique `id` of the policy to be deactivated."],
+ policy_rule_id: Annotated[str, "The unique identifier of the policy rule to deactivate."],
+) -> Annotated[
+ dict[str, Any], "Response from the API endpoint 'deactivateAuthorizationServerPolicyRule'."
+]:
+ """Deactivates an authorization server policy rule.
+
+ Use this tool to deactivate a specific policy rule in an Okta authorization server. This is useful when managing access control policies and you need to disable a particular rule.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/authorizationServers/{authServerId}/policies/{policyId}/rules/{ruleId}/lifecycle/deactivate".format( # noqa: UP032
+ authServerId=authorization_server_id, policyId=policy_id, ruleId=policy_rule_id
+ ),
+ method="POST",
+ params=remove_none_values({}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.authorizationServers.read"]))
+async def list_public_keys(
+ context: ToolContext,
+ authorization_server_id: Annotated[
+ str,
+ "The unique identifier of the authorization server for which public keys are requested.",
+ ],
+) -> Annotated[
+ dict[str, Any], "Response from the API endpoint 'listOAuth2ResourceServerJsonWebKeys'."
+]:
+ """Retrieve public keys for the custom authorization server.
+
+ This tool retrieves all public keys used by a specified custom authorization server for OAuth2. Use it when you need to verify JWTs or manage security keys for your authorization server.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/authorizationServers/{authServerId}/resourceservercredentials/keys".format( # noqa: UP032
+ authServerId=authorization_server_id
+ ),
+ method="GET",
+ params=remove_none_values({}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.authorizationServers.read"]))
+async def retrieve_oauth2_server_key(
+ context: ToolContext,
+ authorization_server_id: Annotated[
+ str, "The unique `id` of the Authorization Server to retrieve the JSON web key from."
+ ],
+ custom_auth_server_jwk_id: Annotated[
+ str, "Unique identifier of the custom authorization server JSON web key."
+ ],
+) -> Annotated[
+ dict[str, Any], "Response from the API endpoint 'getOAuth2ResourceServerJsonWebKey'."
+]:
+ """Retrieve a custom authorization server's public JSON web key.
+
+ Use this tool to obtain a public JSON web key for a specified custom authorization server by providing the server and key identifiers.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/authorizationServers/{authServerId}/resourceservercredentials/keys/{keyId}".format( # noqa: UP032
+ authServerId=authorization_server_id, keyId=custom_auth_server_jwk_id
+ ),
+ method="GET",
+ params=remove_none_values({}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.authorizationServers.manage"]))
+async def delete_inactive_oauth2_jwk(
+ context: ToolContext,
+ authorization_server_id: Annotated[
+ str, "`ID` of the Authorization Server required for deleting an inactive JSON web key."
+ ],
+ json_web_key_id: Annotated[
+ str,
+ "The unique identifier for the custom authorization server JSON web key to delete. Must be inactive before deletion.", # noqa: E501
+ ],
+) -> Annotated[
+ dict[str, Any], "Response from the API endpoint 'deleteOAuth2ResourceServerJsonWebKey'."
+]:
+ """Deletes an inactive public JSON web key from an auth server.
+
+ Use this tool to delete a custom authorization server's public JSON web key by providing the key's ID. Ensure the key is inactive before deletion.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/authorizationServers/{authServerId}/resourceservercredentials/keys/{keyId}".format( # noqa: UP032
+ authServerId=authorization_server_id, keyId=json_web_key_id
+ ),
+ method="DELETE",
+ params=remove_none_values({}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.authorizationServers.manage"]))
+async def activate_oauth2_server_key(
+ context: ToolContext,
+ authorization_server_id: Annotated[
+ str, "Unique `id` of the Authorization Server whose key is being activated."
+ ],
+ json_web_key_id: Annotated[
+ str, "Unique identifier for the Custom Authorization Server JSON Web Key to activate."
+ ],
+) -> Annotated[
+ dict[str, Any], "Response from the API endpoint 'activateOAuth2ResourceServerJsonWebKey'."
+]:
+ """Activate an OAuth2 resource server JSON web key.
+
+ This tool activates a custom authorization server's public JSON web key by its `id`. Note that only one key can be active at a time, so activating a new key will deactivate the current one.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/authorizationServers/{authServerId}/resourceservercredentials/keys/{keyId}/lifecycle/activate".format( # noqa: UP032
+ authServerId=authorization_server_id, keyId=json_web_key_id
+ ),
+ method="POST",
+ params=remove_none_values({}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.authorizationServers.manage"]))
+async def deactivate_custom_authorization_server_key(
+ context: ToolContext,
+ authorization_server_id: Annotated[
+ str, "The ID of the Authorization Server whose JSON web key you want to deactivate."
+ ],
+ json_web_key_id: Annotated[
+ str, "Unique `id` of the Custom Authorization Server JSON Web Key to deactivate."
+ ],
+) -> Annotated[
+ dict[str, Any], "Response from the API endpoint 'deactivateOAuth2ResourceServerJsonWebKey'."
+]:
+ """Deactivate a custom authorization server JSON web key.
+
+ Use this tool to deactivate a public JSON web key for a custom authorization server by its `id`. Note that you cannot deactivate an active key if access token encryption is enabled.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/authorizationServers/{authServerId}/resourceservercredentials/keys/{keyId}/lifecycle/deactivate".format( # noqa: UP032
+ authServerId=authorization_server_id, keyId=json_web_key_id
+ ),
+ method="POST",
+ params=remove_none_values({}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.authorizationServers.read"]))
+async def list_custom_oauth2_scopes(
+ context: ToolContext,
+ authorization_server_id: Annotated[
+ str, "The ID of the Authorization Server to retrieve custom token scopes."
+ ],
+ query_custom_scope_name: Annotated[
+ str | None, "Search for custom token scopes by matching values in their names."
+ ] = None,
+ custom_token_scopes_filter: Annotated[
+ str | None, "Filter the list of custom token scopes using a specific expression."
+ ] = None,
+ pagination_cursor_next_page: Annotated[
+ str | None,
+ "Specify the pagination cursor for fetching the next page of scopes. Use the cursor from the next link as an opaque value.", # noqa: E501
+ ] = None,
+ results_per_page: Annotated[
+ int | None,
+ "Specifies the number of OAuth2 scopes to return per page. Handles pagination automatically.", # noqa: E501
+ ] = None,
+) -> Annotated[dict[str, Any], "Response from the API endpoint 'listOAuth2Scopes'."]:
+ """Retrieve all custom OAuth2 token scopes.
+
+ This tool is used to list all custom OAuth2 token scopes for a specific authorization server identified by its ID. Call this tool when you need to access or display the custom scopes defined in an OAuth2 authorization server.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/authorizationServers/{authServerId}/scopes".format( # noqa: UP032
+ authServerId=authorization_server_id
+ ),
+ method="GET",
+ params=remove_none_values({
+ "q": query_custom_scope_name,
+ "filter": custom_token_scopes_filter,
+ "after": pagination_cursor_next_page,
+ "limit": results_per_page,
+ }),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.authorizationServers.read"]))
+async def retrieve_custom_token_scope(
+ context: ToolContext,
+ authorization_server_id: Annotated[
+ str,
+ "`id` of the Authorization Server. Required to specify which authorization server to use.",
+ ],
+ scope_id: Annotated[str, "The `id` of the OAuth2 custom token scope to be retrieved."],
+) -> Annotated[dict[str, Any], "Response from the API endpoint 'getOAuth2Scope'."]:
+ """Retrieve details of a specific OAuth2 custom token scope.
+
+ This tool is used to obtain details of a particular OAuth2 custom token scope from a specified authorization server using the Auth Server ID and Scope ID.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/authorizationServers/{authServerId}/scopes/{scopeId}".format( # noqa: UP032
+ authServerId=authorization_server_id, scopeId=scope_id
+ ),
+ method="GET",
+ params=remove_none_values({}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.authorizationServers.manage"]))
+async def delete_oauth2_scope(
+ context: ToolContext,
+ authorization_server_id: Annotated[
+ str,
+ "The unique ID of the authorization server from which the custom token scope is to be deleted.", # noqa: E501
+ ],
+ scope_id: Annotated[str, "The ID of the custom token scope to be deleted."],
+) -> Annotated[dict[str, Any], "Response from the API endpoint 'deleteOAuth2Scope'."]:
+ """Deletes a custom OAuth2 token scope by its ID.
+
+ Call this tool to remove a specific custom token scope from an authorization server using its ID. Useful for managing and updating authentication configurations.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/authorizationServers/{authServerId}/scopes/{scopeId}".format( # noqa: UP032
+ authServerId=authorization_server_id, scopeId=scope_id
+ ),
+ method="DELETE",
+ params=remove_none_values({}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.behaviors.read"]))
+async def list_behavior_detection_rules(
+ context: ToolContext,
+) -> Annotated[dict[str, Any], "Response from the API endpoint 'listBehaviorDetectionRules'."]:
+ """Retrieve all behavior detection rules with pagination.
+
+ Use this tool to obtain a complete list of behavior detection rules from the Okta API. It supports pagination for handling large datasets.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/behaviors",
+ method="GET",
+ params=remove_none_values({}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.behaviors.read"]))
+async def retrieve_behavior_detection_rule(
+ context: ToolContext,
+ behavior_detection_rule_id: Annotated[
+ str, "The unique ID of the Behavior Detection Rule to retrieve details for."
+ ],
+) -> Annotated[dict[str, Any], "Response from the API endpoint 'getBehaviorDetectionRule'."]:
+ """Retrieve details of a Behavior Detection Rule by ID.
+
+ This tool retrieves information about a specific Behavior Detection Rule using its unique behaviorId. It's useful for obtaining rule configurations and settings.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/behaviors/{behaviorId}".format( # noqa: UP032
+ behaviorId=behavior_detection_rule_id
+ ),
+ method="GET",
+ params=remove_none_values({}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.behaviors.manage"]))
+async def delete_behavior_detection_rule(
+ context: ToolContext,
+ behavior_detection_rule_id: Annotated[
+ str, "ID of the Behavior Detection Rule to delete in Okta."
+ ],
+) -> Annotated[dict[str, Any], "Response from the API endpoint 'deleteBehaviorDetectionRule'."]:
+ """Delete a Behavior Detection Rule by behaviorId.
+
+ Use this tool to delete a specific Behavior Detection Rule in Okta by providing the behaviorId. This can be useful for managing and updating security rules in an Okta environment.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/behaviors/{behaviorId}".format( # noqa: UP032
+ behaviorId=behavior_detection_rule_id
+ ),
+ method="DELETE",
+ params=remove_none_values({}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.behaviors.manage"]))
+async def activate_behavior_detection_rule(
+ context: ToolContext,
+ behavior_detection_rule_id: Annotated[
+ str, "The ID of the Behavior Detection Rule to activate in Okta."
+ ],
+) -> Annotated[dict[str, Any], "Response from the API endpoint 'activateBehaviorDetectionRule'."]:
+ """Activates a behavior detection rule.
+
+ Use this tool to activate a behavior detection rule in Okta by providing the behavior ID."""
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/behaviors/{behaviorId}/lifecycle/activate".format( # noqa: UP032
+ behaviorId=behavior_detection_rule_id
+ ),
+ method="POST",
+ params=remove_none_values({}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.behaviors.manage"]))
+async def deactivate_behavior_detection_rule(
+ context: ToolContext,
+ behavior_id: Annotated[
+ str, "The unique identifier for the Behavior Detection Rule to deactivate in Okta."
+ ],
+) -> Annotated[dict[str, Any], "Response from the API endpoint 'deactivateBehaviorDetectionRule'."]:
+ """Deactivates a specified behavior detection rule in Okta.
+
+ Use this tool to deactivate a behavior detection rule in Okta by providing the behavior ID. This is useful for managing security settings and updating detection configurations.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/behaviors/{behaviorId}/lifecycle/deactivate".format( # noqa: UP032
+ behaviorId=behavior_id
+ ),
+ method="POST",
+ params=remove_none_values({}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.brands.read"]))
+async def list_all_brands(
+ context: ToolContext,
+ include_additional_metadata: Annotated[
+ list[str] | None,
+ "Specifies additional metadata to be included in the response. Provide a list of metadata fields to expand.", # noqa: E501
+ ] = None,
+ pagination_cursor: Annotated[
+ str | None,
+ "The cursor for pagination. It is an opaque string obtained from the `Link` response header to specify your current location in the brand list.", # noqa: E501
+ ] = None,
+ object_limit: Annotated[
+ int | None,
+ "Sets an upper limit on the number of brand objects to return in the response. Accepts an integer value.", # noqa: E501
+ ] = None,
+ search_query: Annotated[
+ str | None, "Search string to filter the brand records for matching values."
+ ] = None,
+) -> Annotated[dict[str, Any], "Response from the API endpoint 'listBrands'."]:
+ """Retrieve all brands within your organization.
+
+ Use this tool to get a comprehensive list of all the brands associated with your organization using Okta.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/brands",
+ method="GET",
+ params=remove_none_values({
+ "expand": include_additional_metadata,
+ "after": pagination_cursor,
+ "limit": object_limit,
+ "q": search_query,
+ }),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.brands.read"]))
+async def retrieve_brand_details(
+ context: ToolContext,
+ brand_id: Annotated[str, "The unique identifier for the brand to retrieve details for."],
+ include_additional_metadata: Annotated[
+ list[str] | None,
+ "An array of strings specifying additional metadata to be included in the response.",
+ ] = None,
+) -> Annotated[dict[str, Any], "Response from the API endpoint 'getBrand'."]:
+ """Fetches brand details using the brand ID.
+
+ Use this tool to retrieve detailed information about a specific brand by providing the brand ID.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/brands/{brandId}".format(brandId=brand_id), # noqa: UP032
+ method="GET",
+ params=remove_none_values({"expand": include_additional_metadata}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.brands.manage"]))
+async def delete_brand(
+ context: ToolContext,
+ brand_id: Annotated[str, "The unique ID of the brand to be deleted. Required for deletion."],
+) -> Annotated[dict[str, Any], "Response from the API endpoint 'deleteBrand'."]:
+ """Delete a specific brand by its ID.
+
+ Use this tool to delete a brand by providing its unique identifier. This is useful for removing brands that are no longer needed.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/brands/{brandId}".format(brandId=brand_id), # noqa: UP032
+ method="DELETE",
+ params=remove_none_values({}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.brands.read"]))
+async def list_brand_domains(
+ context: ToolContext,
+ brand_id: Annotated[
+ str, "The unique ID used to identify the brand whose domains are to be listed."
+ ],
+) -> Annotated[dict[str, Any], "Response from the API endpoint 'listBrandDomains'."]:
+ """Retrieve all domains linked to a specific brand.
+
+ Use this tool to get a list of all domains associated with a particular brand identified by `brandId`.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/brands/{brandId}/domains".format(brandId=brand_id), # noqa: UP032
+ method="GET",
+ params=remove_none_values({}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.brands.read"]))
+async def retrieve_error_page_details(
+ context: ToolContext,
+ brand_id: Annotated[
+ str, "The unique identifier for the brand whose error page details you want to retrieve."
+ ],
+ include_sub_resources: Annotated[
+ list[str] | None,
+ "A list of sub-resource names to include additional metadata in the response.",
+ ] = None,
+) -> Annotated[dict[str, Any], "Response from the API endpoint 'getErrorPage'."]:
+ """Retrieve error page sub-resource details.
+
+ This tool retrieves the error page sub-resources for a specified brand using the Okta service. Use this tool to obtain detailed information about error pages, tailored by the `expand` parameter to specify included sub-resources.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/brands/{brandId}/pages/error".format(brandId=brand_id), # noqa: UP032
+ method="GET",
+ params=remove_none_values({"expand": include_sub_resources}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.brands.read"]))
+async def get_customized_error_page(
+ context: ToolContext,
+ brand_id: Annotated[
+ str, "The unique identifier for the brand whose error page is being retrieved."
+ ],
+) -> Annotated[dict[str, Any], "Response from the API endpoint 'getCustomizedErrorPage'."]:
+ """Retrieves the live customized error page for a brand.
+
+ Use this tool to get the customized error page that appears in the live environment for a specified brand.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/brands/{brandId}/pages/error/customized".format( # noqa: UP032
+ brandId=brand_id
+ ),
+ method="GET",
+ params=remove_none_values({}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.brands.manage"]))
+async def delete_custom_error_page(
+ context: ToolContext,
+ brand_id: Annotated[
+ str, "The unique ID of the brand from which to delete the customized error page."
+ ],
+) -> Annotated[dict[str, Any], "Response from the API endpoint 'deleteCustomizedErrorPage'."]:
+ """Delete a customized error page to revert to the default.
+
+ Use this tool to delete a customized error page, reverting the display to the default error page in your live environment. Useful when restoration to default settings is needed.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/brands/{brandId}/pages/error/customized".format( # noqa: UP032
+ brandId=brand_id
+ ),
+ method="DELETE",
+ params=remove_none_values({}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.brands.read"]))
+async def retrieve_default_error_page(
+ context: ToolContext,
+ brand_id: Annotated[
+ str, "The unique identifier for the brand to retrieve its default error page."
+ ],
+) -> Annotated[dict[str, Any], "Response from the API endpoint 'getDefaultErrorPage'."]:
+ """Retrieve the default error page for a brand.
+
+ This tool retrieves the default error page for a specified brand when no customized error page is present.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/brands/{brandId}/pages/error/default".format( # noqa: UP032
+ brandId=brand_id
+ ),
+ method="GET",
+ params=remove_none_values({}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.brands.read"]))
+async def get_preview_error_page(
+ context: ToolContext,
+ brand_id: Annotated[
+ str, "The unique ID of the brand to retrieve its unpublished error page preview."
+ ],
+) -> Annotated[dict[str, Any], "Response from the API endpoint 'getPreviewErrorPage'."]:
+ """Retrieve the unpublished error page preview for a specific brand.
+
+ Use this tool to access the preview error page associated with a brand, which includes changes that have not been published yet. This preview is not visible in the live environment.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/brands/{brandId}/pages/error/preview".format( # noqa: UP032
+ brandId=brand_id
+ ),
+ method="GET",
+ params=remove_none_values({}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.brands.manage"]))
+async def delete_preview_error_page(
+ context: ToolContext,
+ brand_id: Annotated[
+ str, "The ID of the brand for which the preview error page is to be deleted."
+ ],
+) -> Annotated[dict[str, Any], "Response from the API endpoint 'deletePreviewErrorPage'."]:
+ """Delete the preview error page with unpublished changes.
+
+ Use this tool to delete the preview error page that contains unpublished changes. It affects only the preview version and not the live environment.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/brands/{brandId}/pages/error/preview".format( # noqa: UP032
+ brandId=brand_id
+ ),
+ method="DELETE",
+ params=remove_none_values({}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.brands.read"]))
+async def retrieve_sign_in_page(
+ context: ToolContext,
+ brand_id: Annotated[
+ str,
+ "The unique identifier for the brand. Required to retrieve specific sign-in page resources.", # noqa: E501
+ ],
+ include_additional_metadata: Annotated[
+ list[str] | None,
+ "List specific sub-resources to include in the sign-in page response as metadata.",
+ ] = None,
+) -> Annotated[dict[str, Any], "Response from the API endpoint 'getSignInPage'."]:
+ """Retrieve sign-in page sub-resources for a brand.
+
+ This tool retrieves the sub-resources of a sign-in page for a specified brand on Okta. You can specify which sub-resources to include using the `expand` query parameter. Call this tool to access detailed elements of the sign-in page configuration.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/brands/{brandId}/pages/sign-in".format( # noqa: UP032
+ brandId=brand_id
+ ),
+ method="GET",
+ params=remove_none_values({"expand": include_additional_metadata}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.brands.read"]))
+async def get_customized_sign_in_page(
+ context: ToolContext,
+ brand_id: Annotated[
+ str,
+ "The unique ID of the brand for which you want to retrieve the customized sign-in page.",
+ ],
+) -> Annotated[dict[str, Any], "Response from the API endpoint 'getCustomizedSignInPage'."]:
+ """Retrieve the customized sign-in page for a brand.
+
+ Call this tool to get details of the customized sign-in page for a specific brand in your live environment.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/brands/{brandId}/pages/sign-in/customized".format( # noqa: UP032
+ brandId=brand_id
+ ),
+ method="GET",
+ params=remove_none_values({}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.brands.manage"]))
+async def delete_custom_signin_page(
+ context: ToolContext,
+ brand_id: Annotated[
+ str, "The ID of the brand whose customized sign-in page you want to delete."
+ ],
+) -> Annotated[dict[str, Any], "Response from the API endpoint 'deleteCustomizedSignInPage'."]:
+ """Delete the customized sign-in page to revert to default.
+
+ Use this tool to delete a customized sign-in page, which will revert to the default sign-in page in the live environment.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/brands/{brandId}/pages/sign-in/customized".format( # noqa: UP032
+ brandId=brand_id
+ ),
+ method="DELETE",
+ params=remove_none_values({}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.brands.read"]))
+async def get_default_sign_in_page(
+ context: ToolContext,
+ brand_id: Annotated[
+ str, "The unique ID of the brand to specify which default sign-in page to retrieve."
+ ],
+) -> Annotated[dict[str, Any], "Response from the API endpoint 'getDefaultSignInPage'."]:
+ """Retrieve the default sign-in page when no custom page exists.
+
+ This tool retrieves the default sign-in page for a specified brand when no customized sign-in page is set. It should be called to access the standard Okta sign-in page template.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/brands/{brandId}/pages/sign-in/default".format( # noqa: UP032
+ brandId=brand_id
+ ),
+ method="GET",
+ params=remove_none_values({}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.brands.read"]))
+async def retrieve_preview_sign_in_page(
+ context: ToolContext,
+ brand_identifier: Annotated[
+ str, "The unique identifier for the brand whose preview sign-in page you want to retrieve."
+ ],
+) -> Annotated[dict[str, Any], "Response from the API endpoint 'getPreviewSignInPage'."]:
+ """Retrieve the preview sign-in page for unpublished changes.
+
+ This tool retrieves the preview version of the sign-in page, which includes any unpublished changes. Use this to view the page at `${yourOktaDomain}/login/preview` before it goes live.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/brands/{brandId}/pages/sign-in/preview".format( # noqa: UP032
+ brandId=brand_identifier
+ ),
+ method="GET",
+ params=remove_none_values({}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.brands.manage"]))
+async def delete_preview_sign_in_page(
+ context: ToolContext,
+ brand_id: Annotated[
+ str, "The unique identifier for the brand whose preview sign-in page you wish to delete."
+ ],
+) -> Annotated[dict[str, Any], "Response from the API endpoint 'deletePreviewSignInPage'."]:
+ """Delete the preview sign-in page with unpublished changes.
+
+ Use this tool to delete the preview version of a sign-in page, which includes changes not yet published to the live environment. Call this when you want to discard these changes.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/brands/{brandId}/pages/sign-in/preview".format( # noqa: UP032
+ brandId=brand_id
+ ),
+ method="DELETE",
+ params=remove_none_values({}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.brands.read"]))
+async def list_sign_in_widget_versions(
+ context: ToolContext,
+ brand_id: Annotated[
+ str,
+ "The unique identifier of the brand for which you want to list all supported sign-in widget versions. This is required to specify the brand associated with your organization.", # noqa: E501
+ ],
+) -> Annotated[dict[str, Any], "Response from the API endpoint 'listAllSignInWidgetVersions'."]:
+ """Retrieve all sign-in widget versions for your organization.
+
+ Call this tool to obtain a list of all sign-in widget versions supported by your organization. This is useful for overseeing compatibility and versioning of authentication interfaces within your system.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/brands/{brandId}/pages/sign-in/widget-versions".format( # noqa: UP032
+ brandId=brand_id
+ ),
+ method="GET",
+ params=remove_none_values({}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.brands.read"]))
+async def get_sign_out_page_settings(
+ context: ToolContext,
+ brand_id: Annotated[
+ str, "The unique ID of the brand whose sign-out page settings are to be retrieved."
+ ],
+) -> Annotated[dict[str, Any], "Response from the API endpoint 'getSignOutPageSettings'."]:
+ """Retrieves the sign-out page settings for a given brand.
+
+ Use this tool to get the customized sign-out page settings for a specified brand. Ideal for applications needing to display or manage sign-out page configurations.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/brands/{brandId}/pages/sign-out/customized".format( # noqa: UP032
+ brandId=brand_id
+ ),
+ method="GET",
+ params=remove_none_values({}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.templates.read"]))
+async def list_email_templates(
+ context: ToolContext,
+ brand_id: Annotated[
+ str, "The unique identifier of the brand for which to list email templates."
+ ],
+ pagination_cursor: Annotated[
+ str | None,
+ "The cursor used for pagination, obtained from the response header, to continue from the current position in the list.", # noqa: E501
+ ] = None,
+ result_limit: Annotated[int | None, "The maximum number of email templates to return."] = None,
+ include_additional_metadata: Annotated[
+ list[str] | None,
+ "Array of strings specifying additional metadata to include in the response.",
+ ] = None,
+) -> Annotated[dict[str, Any], "Response from the API endpoint 'listEmailTemplates'."]:
+ """Lists all supported email templates for a brand.
+
+ Use this tool to retrieve all supported email templates for a specified brand in Okta. It is helpful when you need to review or manage the email templates available for customization.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/brands/{brandId}/templates/email".format( # noqa: UP032
+ brandId=brand_id
+ ),
+ method="GET",
+ params=remove_none_values({
+ "after": pagination_cursor,
+ "limit": result_limit,
+ "expand": include_additional_metadata,
+ }),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.templates.read"]))
+async def retrieve_email_template_details(
+ context: ToolContext,
+ brand_id: Annotated[
+ str,
+ "The unique identifier for the brand. It's required to specify which brand's email template details to retrieve.", # noqa: E501
+ ],
+ email_template_name: Annotated[
+ str, "The name of the email template you want to retrieve details for."
+ ],
+ include_additional_metadata: Annotated[
+ list[str] | None,
+ "A list of strings specifying additional metadata to include in the response.",
+ ] = None,
+) -> Annotated[dict[str, Any], "Response from the API endpoint 'getEmailTemplate'."]:
+ """Retrieve details of an email template by its name.
+
+ This tool retrieves detailed information about a specific email template by its name, for a given brand ID. It should be called when you need to access or display the details of an email template managed by Okta.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/brands/{brandId}/templates/email/{templateName}".format( # noqa: UP032
+ brandId=brand_id, templateName=email_template_name
+ ),
+ method="GET",
+ params=remove_none_values({"expand": include_additional_metadata}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.templates.read"]))
+async def list_email_customizations(
+ context: ToolContext,
+ brand_id: Annotated[
+ str,
+ "The unique identifier for the brand whose email template customizations are to be retrieved.", # noqa: E501
+ ],
+ email_template_name: Annotated[
+ str, "The name of the email template to retrieve customizations for."
+ ],
+ pagination_cursor: Annotated[
+ str | None,
+ "The cursor string for pagination, used to specify the current list position. Obtain this from the 'Link' response header.", # noqa: E501
+ ] = None,
+ result_limit: Annotated[
+ int | None,
+ "An integer specifying the maximum number of email template customizations to return.",
+ ] = None,
+) -> Annotated[dict[str, Any], "Response from the API endpoint 'listEmailCustomizations'."]:
+ """Retrieve all customizations for an email template.
+
+ Use this tool to list all available customizations of a specific email template. If custom languages are enabled, it retrieves customizations for those languages as well. Ideal for managing template variations.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/brands/{brandId}/templates/email/{templateName}/customizations".format( # noqa: UP032
+ brandId=brand_id, templateName=email_template_name
+ ),
+ method="GET",
+ params=remove_none_values({"after": pagination_cursor, "limit": result_limit}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.templates.manage"]))
+async def delete_email_template_customizations(
+ context: ToolContext,
+ brand_id: Annotated[
+ str, "The ID of the brand whose email template customizations are to be deleted."
+ ],
+ email_template_name: Annotated[str, "The name of the email template to delete customizations."],
+) -> Annotated[dict[str, Any], "Response from the API endpoint 'deleteAllCustomizations'."]:
+ """Deletes all customizations for an email template.
+
+ Use this tool to delete all customizations for a specific email template in Okta. If Custom languages for Okta Email Templates is enabled, all customizations, including those in additional languages, are removed. Otherwise, only customizations in Okta-supported languages are deleted.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/brands/{brandId}/templates/email/{templateName}/customizations".format( # noqa: UP032
+ brandId=brand_id, templateName=email_template_name
+ ),
+ method="DELETE",
+ params=remove_none_values({}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.templates.read"]))
+async def retrieve_email_customization(
+ context: ToolContext,
+ brand_id: Annotated[
+ str,
+ "The unique identifier for the brand to retrieve the email customization associated with it.", # noqa: E501
+ ],
+ email_template_name: Annotated[str, "The name of the email template to customize."],
+ email_customization_id: Annotated[
+ str, "The unique identifier for the specific email customization to retrieve."
+ ],
+) -> Annotated[dict[str, Any], "Response from the API endpoint 'getEmailCustomization'."]:
+ """Retrieve email customization details by ID.
+
+ Use this tool to fetch the details of a specific email customization in Okta by its unique identifier. Note that if custom languages for Okta Email Templates are disabled, attempting to retrieve a customization by ID for an additional language will result in a '404 Not Found' error.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/brands/{brandId}/templates/email/{templateName}/customizations/{customizationId}".format( # noqa: UP032
+ brandId=brand_id,
+ templateName=email_template_name,
+ customizationId=email_customization_id,
+ ),
+ method="GET",
+ params=remove_none_values({}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.templates.manage"]))
+async def delete_email_customization(
+ context: ToolContext,
+ brand_id: Annotated[
+ str, "The unique identifier for the brand whose email customization is to be deleted."
+ ],
+ email_template_name: Annotated[str, "The name of the email template to be deleted."],
+ email_customization_id: Annotated[
+ str, "The unique identifier for the email customization to delete."
+ ],
+) -> Annotated[dict[str, Any], "Response from the API endpoint 'deleteEmailCustomization'."]:
+ """Deletes an Email Customization by its unique identifier.
+
+ Use this tool to delete an email customization in Okta using its unique ID. Note that if custom languages for Okta Email Templates are disabled, the deletion of additional language customizations by ID won't be registered.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/brands/{brandId}/templates/email/{templateName}/customizations/{customizationId}".format( # noqa: UP032
+ brandId=brand_id,
+ templateName=email_template_name,
+ customizationId=email_customization_id,
+ ),
+ method="DELETE",
+ params=remove_none_values({}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.templates.read"]))
+async def email_customization_preview(
+ context: ToolContext,
+ brand_id: Annotated[
+ str, "The ID of the brand for which the email customization preview is requested."
+ ],
+ email_template_name: Annotated[
+ str, "The name of the email template to retrieve a customization preview."
+ ],
+ email_customization_id: Annotated[
+ str, "The unique identifier for the email customization preview to retrieve."
+ ],
+) -> Annotated[dict[str, Any], "Response from the API endpoint 'getCustomizationPreview'."]:
+ """Retrieve a preview of an email customization with user-context.
+
+ Fetches a preview of an email customization, filling in variable references from the current user's context. Works unless custom language settings are disabled, in which case it may return a 404 error for additional languages.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/brands/{brandId}/templates/email/{templateName}/customizations/{customizationId}/preview".format( # noqa: UP032
+ brandId=brand_id,
+ templateName=email_template_name,
+ customizationId=email_customization_id,
+ ),
+ method="GET",
+ params=remove_none_values({}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.templates.read"]))
+async def retrieve_email_template_default_content(
+ context: ToolContext,
+ brand_id: Annotated[
+ str, "The unique ID of the brand for which the email template content is being retrieved."
+ ],
+ email_template_name: Annotated[
+ str, "Specify the name of the email template to retrieve its default content."
+ ],
+ email_language: Annotated[
+ str | None,
+ "Specify the language for the email content. Defaults to the user's current language if unspecified.", # noqa: E501
+ ] = None,
+) -> Annotated[dict[str, Any], "Response from the API endpoint 'getEmailDefaultContent'."]:
+ """Retrieves the default content of a specific email template.
+
+ Use this tool to retrieve the default content for a specified email template in Okta. The content defaults to the current user's language, considering Okta's custom language settings and any additional language specified.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/brands/{brandId}/templates/email/{templateName}/default-content".format( # noqa: UP032
+ brandId=brand_id, templateName=email_template_name
+ ),
+ method="GET",
+ params=remove_none_values({"language": email_language}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.templates.read"]))
+async def preview_email_template_content(
+ context: ToolContext,
+ brand_id: Annotated[
+ str, "The ID of the brand for which the email template preview is to be retrieved."
+ ],
+ email_template_name: Annotated[
+ str,
+ "The name of the email template to preview. This specifies which template's content will be retrieved.", # noqa: E501
+ ],
+ email_language: Annotated[
+ str | None,
+ "The language for the email template. Defaults to the current user's language if unspecified.", # noqa: E501
+ ] = None,
+) -> Annotated[dict[str, Any], "Response from the API endpoint 'getEmailDefaultPreview'."]:
+ """Retrieve a preview of an email template's default content.
+
+ This tool fetches a preview of an email template's default content with populated variable references using the current user's context. It considers the user's language if custom languages for Okta Email Templates are enabled.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/brands/{brandId}/templates/email/{templateName}/default-content/preview".format( # noqa: UP032
+ brandId=brand_id, templateName=email_template_name
+ ),
+ method="GET",
+ params=remove_none_values({"language": email_language}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.templates.read"]))
+async def get_email_template_settings(
+ context: ToolContext,
+ brand_id: Annotated[
+ str, "The unique ID of the brand whose email template settings are to be retrieved."
+ ],
+ email_template_name: Annotated[str, "The name of the email template to retrieve settings for."],
+) -> Annotated[dict[str, Any], "Response from the API endpoint 'getEmailSettings'."]:
+ """Retrieve email template settings for a specified brand.
+
+ This tool retrieves the settings of an email template based on the provided brand ID and template name. It should be called when there's a need to access or review the configuration details of a particular email template within Okta's system.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/brands/{brandId}/templates/email/{templateName}/settings".format( # noqa: UP032
+ brandId=brand_id, templateName=email_template_name
+ ),
+ method="GET",
+ params=remove_none_values({}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.templates.read"]))
+async def send_test_email(
+ context: ToolContext,
+ brand_id: Annotated[
+ str,
+ "The ID of the brand for which the test email is sent. Required if the brand is applicable.", # noqa: E501
+ ],
+ email_template_name: Annotated[
+ str, "Specify the name of the email template to use for the test email."
+ ],
+ email_language: Annotated[
+ str | None,
+ "The language to use for the email. Defaults to the current user's language if unspecified.", # noqa: E501
+ ] = None,
+) -> Annotated[dict[str, Any], "Response from the API endpoint 'sendTestEmail'."]:
+ """Send a test email to user's primary and secondary emails.
+
+ This tool sends a test email using the Okta service to the current user's primary and secondary email addresses. The email content is determined by customizations based on language priority and defaults if required. Ideal for verifying email template configurations.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/brands/{brandId}/templates/email/{templateName}/test".format( # noqa: UP032
+ brandId=brand_id, templateName=email_template_name
+ ),
+ method="POST",
+ params=remove_none_values({"language": email_language}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.brands.read"]))
+async def list_brand_themes(
+ context: ToolContext,
+ brand_id: Annotated[
+ str, "The ID of the brand for which to list themes. Required for identifying the brand."
+ ],
+) -> Annotated[dict[str, Any], "Response from the API endpoint 'listBrandThemes'."]:
+ """Retrieve all themes for a specific brand.
+
+ Use this tool to list all the themes associated with a brand in your organization. Note that currently, each organization supports only one theme.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/brands/{brandId}/themes".format(brandId=brand_id), # noqa: UP032
+ method="GET",
+ params=remove_none_values({}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.brands.read"]))
+async def retrieve_brand_theme(
+ context: ToolContext,
+ brand_id: Annotated[str, "The unique identifier for the brand to retrieve the theme."],
+ theme_id: Annotated[
+ str, "Specify the ID of the theme to retrieve details for a particular brand."
+ ],
+) -> Annotated[dict[str, Any], "Response from the API endpoint 'getBrandTheme'."]:
+ """Retrieve the theme for a specific brand.
+
+ Use this tool to get the theme associated with a particular brand by specifying the brand and theme IDs.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/brands/{brandId}/themes/{themeId}".format( # noqa: UP032
+ brandId=brand_id, themeId=theme_id
+ ),
+ method="GET",
+ params=remove_none_values({}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.brands.manage"]))
+async def delete_theme_background_image(
+ context: ToolContext,
+ brand_id: Annotated[
+ str, "The unique ID of the brand whose theme background image is to be deleted."
+ ],
+ theme_id: Annotated[
+ str,
+ "The unique identifier for the theme whose background image is to be deleted. This is required to specify which theme's image will be removed within the brand.", # noqa: E501
+ ],
+) -> Annotated[dict[str, Any], "Response from the API endpoint 'deleteBrandThemeBackgroundImage'."]:
+ """Deletes the background image for a specified theme.
+
+ Use this tool when you need to delete the background image of a specific theme within a brand. This is useful for managing theme visuals in applications that utilize Okta services.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/brands/{brandId}/themes/{themeId}/background-image".format( # noqa: UP032
+ brandId=brand_id, themeId=theme_id
+ ),
+ method="DELETE",
+ params=remove_none_values({}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.brands.manage"]))
+async def delete_theme_favicon(
+ context: ToolContext,
+ brand_id: Annotated[
+ str, "The unique identifier for the brand whose theme favicon is to be deleted."
+ ],
+ theme_id: Annotated[str, "The ID of the theme you wish to delete the favicon from."],
+) -> Annotated[dict[str, Any], "Response from the API endpoint 'deleteBrandThemeFavicon'."]:
+ """Delete a theme's favicon, reverting to the default.
+
+ This tool removes the custom favicon for a specific theme in Okta, causing the theme to use the default Okta favicon. Use this tool when you want to revert to using the default favicon for a theme.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/brands/{brandId}/themes/{themeId}/favicon".format( # noqa: UP032
+ brandId=brand_id, themeId=theme_id
+ ),
+ method="DELETE",
+ params=remove_none_values({}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.brands.manage"]))
+async def delete_theme_logo(
+ context: ToolContext,
+ brand_id: Annotated[
+ str, "The unique identifier for the brand whose theme logo is to be deleted."
+ ],
+ theme_id: Annotated[
+ str,
+ "The unique identifier of the theme to delete the logo from. This will revert the theme to the default Okta logo.", # noqa: E501
+ ],
+) -> Annotated[dict[str, Any], "Response from the API endpoint 'deleteBrandThemeLogo'."]:
+ """Deletes a theme logo and reverts to the default Okta logo.
+
+ Use this tool to delete a specific theme logo for a brand in Okta, reverting the theme to the default Okta logo. This is useful when a custom logo needs to be removed from a theme.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/brands/{brandId}/themes/{themeId}/logo".format( # noqa: UP032
+ brandId=brand_id, themeId=theme_id
+ ),
+ method="DELETE",
+ params=remove_none_values({}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.brands.read"]))
+async def retrieve_well_known_uris(
+ context: ToolContext,
+ brand_id: Annotated[
+ str,
+ "The unique identifier for the brand whose well-known URIs you want to retrieve. This is required to specify which brand's data to access.", # noqa: E501
+ ],
+ additional_metadata: Annotated[
+ list[str] | None,
+ "An array of strings specifying additional metadata to include in the response.",
+ ] = None,
+) -> Annotated[dict[str, Any], "Response from the API endpoint 'getAllWellKnownURIs'."]:
+ """Retrieve well-known URIs for a specified brand.
+
+ This tool retrieves the content from each of the well-known URIs for a specified brand. It should be called when you need to access information hosted at these URIs for a particular brand in Okta.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/brands/{brandId}/well-known-uris".format( # noqa: UP032
+ brandId=brand_id
+ ),
+ method="GET",
+ params=remove_none_values({"expand": additional_metadata}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.brands.read"]))
+async def get_well_known_uri(
+ context: ToolContext,
+ brand_id: Annotated[str, "The unique identifier for the brand to retrieve its well-known URI."],
+ well_known_uri_path: Annotated[
+ str,
+ "Specifies the path for the well-known URI. Choose from options like 'apple-app-site-association', 'assetlinks.json', or 'webauthn'.", # noqa: E501
+ ],
+ include_metadata: Annotated[
+ list[str] | None,
+ "A list of metadata fields to include in the response. Provides extra details about the brand and URI.", # noqa: E501
+ ] = None,
+) -> Annotated[dict[str, Any], "Response from the API endpoint 'getRootBrandWellKnownURI'."]:
+ """Retrieve the well-known URI for a specified brand and path.
+
+ Use this tool to obtain the well-known URI associated with a specific brand and URI path. Ideal for configurations or integrations requiring brand-specific information.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/brands/{brandId}/well-known-uris/{path}".format( # noqa: UP032
+ brandId=brand_id, path=well_known_uri_path
+ ),
+ method="GET",
+ params=remove_none_values({"expand": include_metadata}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.brands.read"]))
+async def retrieve_brand_well_known_uri(
+ context: ToolContext,
+ brand_id: Annotated[
+ str,
+ "The unique identifier of the brand for which the well-known URI content is being retrieved.", # noqa: E501
+ ],
+ well_known_uri_path: Annotated[
+ str,
+ "The specific path of the well-known URI. Expected values are 'apple-app-site-association', 'assetlinks.json', or 'webauthn'.", # noqa: E501
+ ],
+) -> Annotated[dict[str, Any], "Response from the API endpoint 'getBrandWellKnownURI'."]:
+ """Retrieve customized content for a brand's well-known URI.
+
+ This tool retrieves the customized content of a specific well-known URI for a given brand and URI path. It should be used when you need information on the customized settings or configurations associated with a brand's specific URI.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/brands/{brandId}/well-known-uris/{path}/customized".format( # noqa: UP032
+ brandId=brand_id, path=well_known_uri_path
+ ),
+ method="GET",
+ params=remove_none_values({}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.captchas.read"]))
+async def list_captcha_instances(
+ context: ToolContext,
+) -> Annotated[dict[str, Any], "Response from the API endpoint 'listCaptchaInstances'."]:
+ """Retrieve and list all CAPTCHA instances with filters.
+
+ This tool retrieves all CAPTCHA instances, supporting pagination and filtering to match specific criteria. Use it to obtain a comprehensive list of CAPTCHA instances available in the system.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/captchas",
+ method="GET",
+ params=remove_none_values({}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.captchas.read"]))
+async def retrieve_captcha_details(
+ context: ToolContext,
+ captcha_instance_id: Annotated[
+ str, "The unique key identifying the CAPTCHA instance to retrieve details for in Okta."
+ ],
+) -> Annotated[dict[str, Any], "Response from the API endpoint 'getCaptchaInstance'."]:
+ """Retrieve properties of a CAPTCHA instance.
+
+ This tool fetches detailed properties of a specified CAPTCHA instance in the Okta system. Use it when you need information about a particular CAPTCHA by providing its ID.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/captchas/{captchaId}".format( # noqa: UP032
+ captchaId=captcha_instance_id
+ ),
+ method="GET",
+ params=remove_none_values({}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.captchas.manage"]))
+async def delete_captcha_instance(
+ context: ToolContext,
+ captcha_instance_id: Annotated[
+ str,
+ "The unique key used to identify your CAPTCHA instance. Ensure it is not associated with the organization settings before deletion.", # noqa: E501
+ ],
+) -> Annotated[dict[str, Any], "Response from the API endpoint 'deleteCaptchaInstance'."]:
+ """Delete a specified CAPTCHA instance from Okta.
+
+ Use this tool to delete a specific CAPTCHA instance in Okta. Ensure the CAPTCHA is not associated with your organization settings before deletion to avoid request failure.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/captchas/{captchaId}".format( # noqa: UP032
+ captchaId=captcha_instance_id
+ ),
+ method="DELETE",
+ params=remove_none_values({}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.deviceAssurance.read"]))
+async def list_device_assurance_policies(
+ context: ToolContext,
+) -> Annotated[dict[str, Any], "Response from the API endpoint 'listDeviceAssurancePolicies'."]:
+ """Retrieve all device assurance policies from Okta.
+
+ Use this tool to get an overview of all device assurance policies available in Okta, which can help in managing and securing devices.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/device-assurances",
+ method="GET",
+ params=remove_none_values({}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.deviceAssurance.read"]))
+async def get_device_assurance_policy(
+ context: ToolContext,
+ device_assurance_policy_id: Annotated[
+ str, "The unique identifier for the device assurance policy to retrieve."
+ ],
+) -> Annotated[dict[str, Any], "Response from the API endpoint 'getDeviceAssurancePolicy'."]:
+ """Retrieve a specific device assurance policy by ID.
+
+ Use this tool to get details about a device assurance policy using its unique ID. This can be helpful for verifying or reviewing policy specifications.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/device-assurances/{deviceAssuranceId}".format( # noqa: UP032
+ deviceAssuranceId=device_assurance_policy_id
+ ),
+ method="GET",
+ params=remove_none_values({}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.deviceAssurance.manage"]))
+async def delete_device_assurance_policy(
+ context: ToolContext,
+ device_assurance_policy_id: Annotated[
+ str,
+ "The unique identifier of the device assurance policy to delete. Ensure the policy is not used in authentication policies before deletion.", # noqa: E501
+ ],
+) -> Annotated[dict[str, Any], "Response from the API endpoint 'deleteDeviceAssurancePolicy'."]:
+ """Deletes a device assurance policy if not in use.
+
+ Use this tool to delete a device assurance policy by specifying the deviceAssuranceId. Deletion will be prevented if the policy is active in the organization's Authentication Policies.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/device-assurances/{deviceAssuranceId}".format( # noqa: UP032
+ deviceAssuranceId=device_assurance_policy_id
+ ),
+ method="DELETE",
+ params=remove_none_values({}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.deviceIntegrations.read"]))
+async def list_device_integrations(
+ context: ToolContext,
+) -> Annotated[dict[str, Any], "Response from the API endpoint 'listDeviceIntegrations'."]:
+ """Retrieve all device integrations for your organization.
+
+ Use this tool to list all the device integrations configured for your organization, such as Device Posture Provider, Windows Security Center, Chrome Device Trust, OSQuery, and Android Device Trust.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/device-integrations",
+ method="GET",
+ params=remove_none_values({}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.deviceIntegrations.read"]))
+async def retrieve_device_integration(
+ context: ToolContext,
+ device_integration_id: Annotated[
+ str, "The unique ID of the device integration to retrieve details for."
+ ],
+) -> Annotated[dict[str, Any], "Response from the API endpoint 'getDeviceIntegration'."]:
+ """Retrieve details of a device integration by ID.
+
+ Use this tool to get specific information about a device integration using its unique ID."""
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/device-integrations/{deviceIntegrationId}".format( # noqa: UP032
+ deviceIntegrationId=device_integration_id
+ ),
+ method="GET",
+ params=remove_none_values({}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.deviceIntegrations.manage"]))
+async def activate_device_integration(
+ context: ToolContext,
+ device_integration_id: Annotated[
+ str,
+ "The unique ID of the device integration to activate. This ID specifies which device integration to activate and update configurations for.", # noqa: E501
+ ],
+) -> Annotated[dict[str, Any], "Response from the API endpoint 'activateDeviceIntegration'."]:
+ """Activate a device integration using the deviceIntegrationId.
+
+ Activates a specified device integration and updates the configurations accordingly. This should be called when a device integration needs to be activated by providing its ID.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/device-integrations/{deviceIntegrationId}/lifecycle/activate".format( # noqa: UP032
+ deviceIntegrationId=device_integration_id
+ ),
+ method="POST",
+ params=remove_none_values({}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.deviceIntegrations.manage"]))
+async def deactivate_device_integration(
+ context: ToolContext,
+ device_integration_id: Annotated[
+ str, "The unique identifier for the device integration to deactivate."
+ ],
+) -> Annotated[dict[str, Any], "Response from the API endpoint 'deactivateDeviceIntegration'."]:
+ """Deactivate a device integration using its ID.
+
+ Deactivate a specific device integration by providing the deviceIntegrationId. This tool should be called when you need to disable a previously active device integration.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/device-integrations/{deviceIntegrationId}/lifecycle/deactivate".format( # noqa: UP032
+ deviceIntegrationId=device_integration_id
+ ),
+ method="POST",
+ params=remove_none_values({}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.devicePostureChecks.read"]))
+async def list_device_posture_checks(
+ context: ToolContext,
+) -> Annotated[dict[str, Any], "Response from the API endpoint 'listDevicePostureChecks'."]:
+ """Lists all device posture checks from Okta.
+
+ Use this tool to retrieve details of all device posture checks registered in Okta. This information is useful for security assessments and compliance monitoring within an organization.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/device-posture-checks",
+ method="GET",
+ params=remove_none_values({}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.devicePostureChecks.read"]))
+async def list_default_device_posture_checks(
+ context: ToolContext,
+) -> Annotated[dict[str, Any], "Response from the API endpoint 'listDefaultDevicePostureChecks'."]:
+ """Retrieve all default device posture checks from Okta.
+
+ This tool should be called to get a list of all default device posture checks defined by Okta. These posture checks are predefined and their type is always `BUILTIN`.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/device-posture-checks/default",
+ method="GET",
+ params=remove_none_values({}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.devicePostureChecks.read"]))
+async def retrieve_device_posture_check(
+ context: ToolContext,
+ device_posture_check_id: Annotated[
+ str, "The unique identifier for the device posture check to retrieve."
+ ],
+) -> Annotated[dict[str, Any], "Response from the API endpoint 'getDevicePostureCheck'."]:
+ """Retrieve a device posture check by ID.
+
+ Use this tool to retrieve details of a specific device posture check using the `postureCheckId`. This is helpful for managing or verifying device compliance and security status.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/device-posture-checks/{postureCheckId}".format( # noqa: UP032
+ postureCheckId=device_posture_check_id
+ ),
+ method="GET",
+ params=remove_none_values({}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.devicePostureChecks.manage"]))
+async def delete_device_posture_check(
+ context: ToolContext,
+ device_posture_check_id: Annotated[str, "ID of the specific device posture check to delete."],
+) -> Annotated[dict[str, Any], "Response from the API endpoint 'deleteDevicePostureCheck'."]:
+ """Deletes a specified device posture check.
+
+ Use this tool to delete a device posture check using its postureCheckId, unless it is used in a device assurance policy.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/device-posture-checks/{postureCheckId}".format( # noqa: UP032
+ postureCheckId=device_posture_check_id
+ ),
+ method="DELETE",
+ params=remove_none_values({}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.devices.read"]))
+async def list_all_devices(
+ context: ToolContext,
+ pagination_cursor: Annotated[
+ str | None,
+ "A string used to paginate and retrieve the next set of results. Use this from the previous response to access more data.", # noqa: E501
+ ] = None,
+ device_list_limit: Annotated[
+ int | None, "Maximum number of devices to return. It's recommended to set this at 20."
+ ] = None,
+ scim_filter_expression: Annotated[
+ str | None,
+ "A SCIM filter expression to filter devices based on profile, id, status, or lastUpdated properties. Supports 'co' operator with specific attributes like profile.displayName, profile.serialNumber, etc.", # noqa: E501
+ ] = None,
+ include_user_details_and_management_status: Annotated[
+ str | None,
+ "Specify whether to include associated user details and management status in the `_embedded` attribute. Options are 'user' or 'userSummary'.", # noqa: E501
+ ] = None,
+) -> Annotated[dict[str, Any], "Response from the API endpoint 'listDevices'."]:
+ """Fetches a paginated list of devices with optional search criteria.
+
+ This tool retrieves a list of all devices with support for pagination. It allows specifying search criteria to filter devices based on properties using SCIM filter specifications. It's important to note that search results are not suitable for critical flows due to potential data staleness. This tool is useful for querying device information, but not for operations needing real-time accuracy.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/devices",
+ method="GET",
+ params=remove_none_values({
+ "after": pagination_cursor,
+ "limit": device_list_limit,
+ "search": scim_filter_expression,
+ "expand": include_user_details_and_management_status,
+ }),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.devices.read"]))
+async def retrieve_device_information(
+ context: ToolContext,
+ device_id: Annotated[str, "The unique ID of the device to retrieve information for."],
+) -> Annotated[dict[str, Any], "Response from the API endpoint 'getDevice'."]:
+ """Retrieve information about a specific device using its ID.
+
+ This tool is used to get detailed information about a device by its `deviceId`. It should be called when you need to access specific details or status of a device managed in the Okta system.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/devices/{deviceId}".format(deviceId=device_id), # noqa: UP032
+ method="GET",
+ params=remove_none_values({}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.devices.manage"]))
+async def delete_deactivated_device(
+ context: ToolContext,
+ device_id: Annotated[
+ str,
+ "The unique identifier of the device to be permanently deleted. Must be in 'DEACTIVATED' status.", # noqa: E501
+ ],
+) -> Annotated[dict[str, Any], "Response from the API endpoint 'deleteDevice'."]:
+ """Permanently delete a device with deactivated status.
+
+ Use this tool to permanently delete a device if it is deactivated. This action cannot be undone and removes all associated profile data. Ensure the device is deactivated before proceeding to avoid errors.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/devices/{deviceId}".format(deviceId=device_id), # noqa: UP032
+ method="DELETE",
+ params=remove_none_values({}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.devices.manage"]))
+async def activate_device(
+ context: ToolContext,
+ device_id: Annotated[str, "The unique identifier (`id`) of the device to be activated."],
+) -> Annotated[dict[str, Any], "Response from the API endpoint 'activateDevice'."]:
+ """Activate a device by setting its status to ACTIVE.
+
+ Use this tool to activate a device by its `deviceId`, changing its status to `ACTIVE`. This is typically needed for managing device-user links and ensuring the device is operational.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/devices/{deviceId}/lifecycle/activate".format( # noqa: UP032
+ deviceId=device_id
+ ),
+ method="POST",
+ params=remove_none_values({}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.devices.manage"]))
+async def deactivate_device(
+ context: ToolContext,
+ device_id: Annotated[
+ str,
+ "The ID of the device to deactivate. This identifier is required to set the device status to `DEACTIVATED`.", # noqa: E501
+ ],
+) -> Annotated[dict[str, Any], "Response from the API endpoint 'deactivateDevice'."]:
+ """Deactivate a device by setting its status to DEACTIVATED.
+
+ Use this tool to deactivate a device in Okta. Deactivation sets the device status to `DEACTIVATED`, causing it to lose all user links. Ensure the device is deactivated before deletion as this process is destructive for device factors and client certificates. Reenrollment allows users to set up new factors.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/devices/{deviceId}/lifecycle/deactivate".format( # noqa: UP032
+ deviceId=device_id
+ ),
+ method="POST",
+ params=remove_none_values({}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.devices.manage"]))
+async def suspend_device(
+ context: ToolContext,
+ device_id: Annotated[
+ str,
+ "The unique identifier (ID) of the device to be suspended. This ID is required for executing the suspension operation.", # noqa: E501
+ ],
+) -> Annotated[dict[str, Any], "Response from the API endpoint 'suspendDevice'."]:
+ """Suspend a device by setting its status to 'SUSPENDED'.
+
+ This tool is used to suspend a device in Okta by changing its status to 'SUSPENDED'. This status allows for temporary suspension intended for operations like creating and deleting device user links. It is a non-destructive, reversible status that can be lifted by unsuspending or deactivating the device.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/devices/{deviceId}/lifecycle/suspend".format( # noqa: UP032
+ deviceId=device_id
+ ),
+ method="POST",
+ params=remove_none_values({}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.devices.manage"]))
+async def unsuspend_device(
+ context: ToolContext,
+ device_id: Annotated[
+ str,
+ "The unique `id` of the device to unsuspend. This ID is required and should refer to a device with a `SUSPENDED` status.", # noqa: E501
+ ],
+) -> Annotated[dict[str, Any], "Response from the API endpoint 'unsuspendDevice'."]:
+ """Unsuspend a device to return its status to ACTIVE.
+
+ Use this tool to change a device's status from SUSPENDED to ACTIVE. It is applicable only for devices that are currently suspended.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/devices/{deviceId}/lifecycle/unsuspend".format( # noqa: UP032
+ deviceId=device_id
+ ),
+ method="POST",
+ params=remove_none_values({}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.devices.read"]))
+async def list_device_users(
+ context: ToolContext,
+ device_id: Annotated[
+ str,
+ "The ID of the device to fetch users for. This should match the device's unique identifier in the system.", # noqa: E501
+ ],
+) -> Annotated[dict[str, Any], "Response from the API endpoint 'listDeviceUsers'."]:
+ """Retrieve all users for a specific device by device ID.
+
+ Use this tool to get a list of users associated with a particular device, identified by its device ID. Call this tool when you need to find out which users have associated accounts with a specific device.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/devices/{deviceId}/users".format(deviceId=device_id), # noqa: UP032
+ method="GET",
+ params=remove_none_values({}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.domains.read"]))
+async def list_verified_custom_domains(
+ context: ToolContext,
+) -> Annotated[dict[str, Any], "Response from the API endpoint 'listCustomDomains'."]:
+ """Retrieve verified custom domains for the organization.
+
+ Use this tool to get a list of all the verified custom domains associated with your organization. It is useful for managing and reviewing domain settings.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/domains",
+ method="GET",
+ params=remove_none_values({}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.domains.read"]))
+async def retrieve_custom_domain(
+ context: ToolContext,
+ domain_id: Annotated[str, "The unique ID of the custom domain to retrieve details for."],
+) -> Annotated[dict[str, Any], "Response from the API endpoint 'getCustomDomain'."]:
+ """Retrieve details of a custom domain by ID.
+
+ Use this tool to obtain information about a specific custom domain in Okta by providing its domain ID.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/domains/{domainId}".format(domainId=domain_id), # noqa: UP032
+ method="GET",
+ params=remove_none_values({}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.domains.manage"]))
+async def delete_custom_domain(
+ context: ToolContext,
+ domain_id: Annotated[
+ str,
+ "The ID of the custom domain to be deleted. This should match the existing domain's identifier in Okta.", # noqa: E501
+ ],
+) -> Annotated[dict[str, Any], "Response from the API endpoint 'deleteCustomDomain'."]:
+ """Deletes a custom domain using the specified domain ID.
+
+ This tool is used to delete a custom domain in Okta by providing the domain ID. It should be called when a specific custom domain needs to be removed from the system.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/domains/{domainId}".format(domainId=domain_id), # noqa: UP032
+ method="DELETE",
+ params=remove_none_values({}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.domains.manage"]))
+async def verify_domain_status(
+ context: ToolContext,
+ domain_id: Annotated[str, "The unique identifier for the domain to verify."],
+) -> Annotated[dict[str, Any], "Response from the API endpoint 'verifyDomain'."]:
+ """Verify the status of a custom domain and DNS records.
+
+ This tool checks the verification status of a custom domain by domainId and validates DNS records. If the certificate source is OKTA_MANAGED, it attempts to manage, obtain, and install a certificate.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/domains/{domainId}/verify".format(domainId=domain_id), # noqa: UP032
+ method="POST",
+ params=remove_none_values({}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.emailDomains.read"]))
+async def list_email_domains(
+ context: ToolContext,
+ include_metadata: Annotated[
+ list[str] | None,
+ "A list of metadata fields to include in the response. Each entry is a string specifying a field name.", # noqa: E501
+ ] = None,
+) -> Annotated[dict[str, Any], "Response from the API endpoint 'listEmailDomains'."]:
+ """Lists all email domains in your organization.
+
+ This tool retrieves all the email domains configured within your organization. It should be called when you need to view or manage the existing email domains.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/email-domains",
+ method="GET",
+ params=remove_none_values({"expand": include_metadata}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.emailDomains.read"]))
+async def retrieve_email_domain(
+ context: ToolContext,
+ email_domain_id: Annotated[
+ str, "The unique identifier for the email domain to retrieve information about in Okta."
+ ],
+ include_additional_metadata: Annotated[
+ list[str] | None,
+ "List of strings specifying additional metadata to include in the response.",
+ ] = None,
+) -> Annotated[dict[str, Any], "Response from the API endpoint 'getEmailDomain'."]:
+ """Retrieve email domain details by ID.
+
+ Fetches details of a specific email domain using the given `emailDomainId`. Ideal for obtaining information about a particular domain managed by Okta.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/email-domains/{emailDomainId}".format( # noqa: UP032
+ emailDomainId=email_domain_id
+ ),
+ method="GET",
+ params=remove_none_values({"expand": include_additional_metadata}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.emailDomains.manage"]))
+async def delete_email_domain(
+ context: ToolContext,
+ email_domain_id: Annotated[str, "The unique identifier for the email domain to be deleted."],
+ include_additional_metadata: Annotated[
+ list[str] | None,
+ "Specifies which additional metadata should be included in the response. Provide as an array of strings.", # noqa: E501
+ ] = None,
+) -> Annotated[dict[str, Any], "Response from the API endpoint 'deleteEmailDomain'."]:
+ """Deletes a specified email domain from Okta.
+
+ Use this tool to delete an email domain by providing the `emailDomainId`. It is called when an email domain needs to be removed from the system.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/email-domains/{emailDomainId}".format( # noqa: UP032
+ emailDomainId=email_domain_id
+ ),
+ method="DELETE",
+ params=remove_none_values({"expand": include_additional_metadata}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.emailDomains.manage"]))
+async def verify_email_domain(
+ context: ToolContext,
+ email_domain_id: Annotated[str, "The unique identifier for the email domain to be verified."],
+) -> Annotated[dict[str, Any], "Response from the API endpoint 'verifyEmailDomain'."]:
+ """Verify the status of an email domain.
+
+ This tool verifies an email domain using the unique `emailDomainId`. It should be called when there's a need to confirm the verification status of a specific email domain.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/email-domains/{emailDomainId}/verify".format( # noqa: UP032
+ emailDomainId=email_domain_id
+ ),
+ method="POST",
+ params=remove_none_values({}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.emailServers.read"]))
+async def list_custom_email_servers(
+ context: ToolContext,
+) -> Annotated[dict[str, Any], "Response from the API endpoint 'listEmailServers'."]:
+ """Fetch all enrolled custom SMTP server configurations.
+
+ Use this tool to retrieve all configured custom SMTP server settings from Okta."""
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/email-servers",
+ method="GET",
+ params=remove_none_values({}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.emailServers.read"]))
+async def retrieve_smtp_server_config(
+ context: ToolContext,
+ email_server_identifier: Annotated[
+ str, "The unique identifier for the custom SMTP server to retrieve its configuration."
+ ],
+) -> Annotated[dict[str, Any], "Response from the API endpoint 'getEmailServer'."]:
+ """Retrieve custom SMTP server configuration details.
+
+ Use this tool to get the configuration details of a specified custom SMTP server by providing the email server identifier.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/email-servers/{emailServerId}".format( # noqa: UP032
+ emailServerId=email_server_identifier
+ ),
+ method="GET",
+ params=remove_none_values({}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.emailServers.manage"]))
+async def delete_email_server(
+ context: ToolContext,
+ email_server_id: Annotated[
+ str, "The unique identifier of the custom SMTP server to be deleted."
+ ],
+) -> Annotated[dict[str, Any], "Response from the API endpoint 'deleteEmailServer'."]:
+ """Delete a specified custom SMTP server configuration.
+
+ Use this tool to delete a specific custom SMTP server configuration by providing the server's ID.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/email-servers/{emailServerId}".format( # noqa: UP032
+ emailServerId=email_server_id
+ ),
+ method="DELETE",
+ params=remove_none_values({}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.eventHooks.read"]))
+async def list_event_hooks(
+ context: ToolContext,
+) -> Annotated[dict[str, Any], "Response from the API endpoint 'listEventHooks'."]:
+ """Retrieve all event hooks from the Okta API.
+
+ Use this tool to get a list of all event hooks configured in Okta. It should be called when you need to audit, review, or manage event hooks in your Okta setup.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/eventHooks",
+ method="GET",
+ params=remove_none_values({}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.eventHooks.read"]))
+async def retrieve_event_hook(
+ context: ToolContext,
+ event_hook_id: Annotated[str, "The unique `id` of the event hook to retrieve details for."],
+) -> Annotated[dict[str, Any], "Response from the API endpoint 'getEventHook'."]:
+ """Retrieve details of a specific event hook by ID.
+
+ Call this tool to get detailed information about a specific event hook in Okta using the eventHookId.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/eventHooks/{eventHookId}".format( # noqa: UP032
+ eventHookId=event_hook_id
+ ),
+ method="GET",
+ params=remove_none_values({}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.eventHooks.manage"]))
+async def delete_inactive_event_hook(
+ context: ToolContext,
+ event_hook_id: Annotated[
+ str, "The ID of the event hook to delete. It must have a status of `INACTIVE`."
+ ],
+) -> Annotated[dict[str, Any], "Response from the API endpoint 'deleteEventHook'."]:
+ """Delete an inactive event hook by ID.
+
+ Use this tool to delete an event hook with a status of `INACTIVE` by providing its ID. Deletion is irreversible, so ensure that the event hook is no longer needed.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/eventHooks/{eventHookId}".format( # noqa: UP032
+ eventHookId=event_hook_id
+ ),
+ method="DELETE",
+ params=remove_none_values({}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.eventHooks.manage"]))
+async def activate_event_hook(
+ context: ToolContext,
+ event_hook_id: Annotated[
+ str,
+ "The ID of the Event Hook to be activated. This string identifies the event hook in Okta.",
+ ],
+) -> Annotated[dict[str, Any], "Response from the API endpoint 'activateEventHook'."]:
+ """Activates an Okta event hook by ID.
+
+ This tool activates the Okta event hook that matches the provided ID. It should be used when you need to enable an event hook to start receiving events. The confirmation of activation status is returned.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/eventHooks/{eventHookId}/lifecycle/activate".format( # noqa: UP032
+ eventHookId=event_hook_id
+ ),
+ method="POST",
+ params=remove_none_values({}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.eventHooks.manage"]))
+async def deactivate_event_hook(
+ context: ToolContext,
+ event_hook_id: Annotated[str, "The unique identifier of the event hook to deactivate."],
+) -> Annotated[dict[str, Any], "Response from the API endpoint 'deactivateEventHook'."]:
+ """Deactivates a specified event hook by its ID.
+
+ Use this tool to deactivate an event hook by providing its unique ID. It is useful for managing event hooks that are no longer needed or need to be temporarily disabled.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/eventHooks/{eventHookId}/lifecycle/deactivate".format( # noqa: UP032
+ eventHookId=event_hook_id
+ ),
+ method="POST",
+ params=remove_none_values({}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.eventHooks.manage"]))
+async def verify_event_hook(
+ context: ToolContext,
+ event_hook_id: Annotated[
+ str, "The unique identifier for the Event Hook to verify its setup and status."
+ ],
+) -> Annotated[dict[str, Any], "Response from the API endpoint 'verifyEventHook'."]:
+ """Verify the status of an Okta event hook.
+
+ This tool verifies if an Okta event hook is correctly set up by matching the `eventHookId`. It ensures the event hook can receive events by confirming its status as either `ACTIVE` or `VERIFIED`. Call this tool to check the readiness of an event hook in Okta.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/eventHooks/{eventHookId}/lifecycle/verify".format( # noqa: UP032
+ eventHookId=event_hook_id
+ ),
+ method="POST",
+ params=remove_none_values({}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.features.read"]))
+async def list_self_service_features(
+ context: ToolContext,
+) -> Annotated[dict[str, Any], "Response from the API endpoint 'listFeatures'."]:
+ """Lists all self-service features for your organization.
+
+ Use this tool to retrieve a comprehensive list of self-service features available in your organization. Useful for understanding or displaying the capabilities enabled for users.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/features",
+ method="GET",
+ params=remove_none_values({}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.features.read"]))
+async def retrieve_okta_feature_by_id(
+ context: ToolContext,
+ feature_id: Annotated[
+ str,
+ "The ID of the Okta feature to retrieve. This should be a string representing the unique identifier of the feature.", # noqa: E501
+ ],
+) -> Annotated[dict[str, Any], "Response from the API endpoint 'getFeature'."]:
+ """Retrieve details of a specific Okta feature by ID.
+
+ Use this tool to get detailed information about a specific feature in Okta using its ID. Useful for accessing configuration or status of Okta features.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/features/{featureId}".format(featureId=feature_id), # noqa: UP032
+ method="GET",
+ params=remove_none_values({}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.features.read"]))
+async def list_feature_dependencies(
+ context: ToolContext,
+ feature_id: Annotated[
+ str, "The unique identifier of the feature for which you want to list dependencies."
+ ],
+) -> Annotated[dict[str, Any], "Response from the API endpoint 'listFeatureDependencies'."]:
+ """Retrieve dependencies for a specific feature.
+
+ Use this tool to get a list of all features required to enable a specified feature. Ideal for understanding prerequisite features.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/features/{featureId}/dependencies".format( # noqa: UP032
+ featureId=feature_id
+ ),
+ method="GET",
+ params=remove_none_values({}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.features.read"]))
+async def list_feature_dependents(
+ context: ToolContext,
+ feature_id: Annotated[
+ str,
+ "The unique identifier for the feature to check dependencies for. This should be a string representing the feature's ID.", # noqa: E501
+ ],
+) -> Annotated[dict[str, Any], "Response from the API endpoint 'listFeatureDependents'."]:
+ """Lists all feature dependents for a specified feature.
+
+ This tool retrieves a list of features that must be disabled for the specified feature to be disabled. It is useful for understanding dependencies between features.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/features/{featureId}/dependents".format( # noqa: UP032
+ featureId=feature_id
+ ),
+ method="GET",
+ params=remove_none_values({}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.features.manage"]))
+async def update_feature_lifecycle(
+ context: ToolContext,
+ feature_id: Annotated[str, "The unique ID of the feature to update its lifecycle status."],
+ feature_lifecycle_status: Annotated[str, "Indicates whether to ENABLE or DISABLE the feature."],
+ force_mode: Annotated[
+ str | None, "Set to 'force' to override dependencies when enabling or disabling a feature."
+ ] = None,
+) -> Annotated[dict[str, Any], "Response from the API endpoint 'updateFeatureLifecycle'."]:
+ """Enable or disable a feature's lifecycle status in Okta.
+
+ Use this tool to update the lifecycle status of a feature, enabling or disabling it within your organization in Okta. Optionally, use 'mode=force' to override dependencies and ensure the feature's status change.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/features/{featureId}/{lifecycle}".format( # noqa: UP032
+ featureId=feature_id, lifecycle=feature_lifecycle_status
+ ),
+ method="POST",
+ params=remove_none_values({"mode": force_mode}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.apps.read"]))
+async def get_okta_app_settings(
+ context: ToolContext,
+ okta_app_key_name: Annotated[
+ str, "The key name for the Okta app. Supported apps include 'admin-console'."
+ ],
+) -> Annotated[dict[str, Any], "Response from the API endpoint 'getFirstPartyAppSettings'."]:
+ """Retrieve settings for a specific Okta app.
+
+ Use this tool to get the configuration settings of an Okta first-party app specified by its name.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/first-party-app-settings/{appName}".format( # noqa: UP032
+ appName=okta_app_key_name
+ ),
+ method="GET",
+ params=remove_none_values({}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.groups.read"]))
+async def get_all_okta_groups(
+ context: ToolContext,
+ group_search_expression: Annotated[
+ str | None,
+ "A URL-encoded filtering expression to search for groups based on various properties like profile attributes or top-level properties. Supported operators are `sw`, `eq`, and `co` for select attributes. Can involve pagination.", # noqa: E501
+ ] = None,
+ group_filter_expression: Annotated[
+ str | None,
+ "URL-encoded filter expression to narrow down groups. Follow Okta's filter guidelines for proper syntax.", # noqa: E501
+ ] = None,
+ group_name_query: Annotated[
+ str | None,
+ "Search for a group by its name. Note: This query returns up to 300 results and cannot be used with pagination.", # noqa: E501
+ ] = None,
+ pagination_cursor_after: Annotated[
+ str | None,
+ "Specifies the cursor for retrieving the next page of groups. Obtain from the 'next' link relation for pagination.", # noqa: E501
+ ] = None,
+ group_result_limit: Annotated[
+ int | None,
+ "Specifies the number of group results in a page. It is recommended to set a limit under 200 for optimal performance. If a request times out, try a smaller limit.", # noqa: E501
+ ] = None,
+ include_additional_metadata: Annotated[
+ str | None,
+ "Specify additional metadata to include in the response. Options: 'stats' or 'app'.",
+ ] = None,
+ sort_by_field: Annotated[
+ str | None,
+ "Specifies the field to sort by for search queries. Can be any single property, like `profile.name`.", # noqa: E501
+ ] = None,
+ sort_order_for_search: Annotated[
+ str | None,
+ "Defines the sort order (asc or desc) for search queries. Ignored if sortBy isn't specified.", # noqa: E501
+ ] = None,
+) -> Annotated[dict[str, Any], "Response from the API endpoint 'listGroups'."]:
+ """Retrieve a list of all Okta groups with pagination.
+
+ This tool retrieves all groups in Okta with optional pagination. It can filter, search, or query to return specific subsets of groups based on given criteria. Recommended usage includes setting a limit under 200 for optimal performance. Note that the results are driven by an eventually consistent datasource with minimal synchronization lag.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/groups",
+ method="GET",
+ params=remove_none_values({
+ "search": group_search_expression,
+ "filter": group_filter_expression,
+ "q": group_name_query,
+ "after": pagination_cursor_after,
+ "limit": group_result_limit,
+ "expand": include_additional_metadata,
+ "sortBy": sort_by_field,
+ "sortOrder": sort_order_for_search,
+ }),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.groups.manage"]))
+async def create_okta_group(
+ context: ToolContext,
+ group_profile_details: Annotated[
+ dict[str, dict[str, str]],
+ "A JSON object containing the group's name and description for the new OKTA group. Must include a `name` key for the group name and a `description` key for the group description.", # noqa: E501
+ ],
+) -> Annotated[dict[str, Any], "Response from the API endpoint 'addGroup'."]:
+ """Create a new OKTA group in your organization.
+
+ Use this tool to add a new group with the `OKTA_GROUP` type in your Okta organization. It should be called when there's a need to organize users into a new group for collaboration or permissions management.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/groups",
+ method="POST",
+ params=remove_none_values({}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({"requestBody": group_profile_details}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.groups.read"]))
+async def list_group_rules(
+ context: ToolContext,
+ page_result_limit: Annotated[
+ int | None,
+ "Specifies the number of rule results to display per page. Provide an integer value.",
+ ] = None,
+ pagination_cursor_for_next_page: Annotated[
+ str | None, "Specifies the pagination cursor for retrieving the next page of group rules."
+ ] = None,
+ search_keyword: Annotated[str | None, "Keyword to search for specific group rules."] = None,
+ display_group_names: Annotated[
+ str | None, "Set to `groupIdToGroupNameMap` to display group names in the response."
+ ] = None,
+) -> Annotated[dict[str, Any], "Response from the API endpoint 'listGroupRules'."]:
+ """Retrieve all group rules in your organization.
+
+ This tool fetches a list of all group rules configured within your organization. Use it to review or manage group rules effectively.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/groups/rules",
+ method="GET",
+ params=remove_none_values({
+ "limit": page_result_limit,
+ "after": pagination_cursor_for_next_page,
+ "search": search_keyword,
+ "expand": display_group_names,
+ }),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.groups.read"]))
+async def retrieve_group_rule_by_id(
+ context: ToolContext,
+ group_rule_id: Annotated[str, "The ID of the group rule to retrieve."],
+ show_group_names: Annotated[
+ str | None, "Set to 'groupIdToGroupNameMap' to show group names in the response."
+ ] = None,
+) -> Annotated[dict[str, Any], "Response from the API endpoint 'getGroupRule'."]:
+ """Retrieve detailed information about a group rule by ID.
+
+ Use this tool to obtain details of a specific group rule from your organization by providing the rule ID.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/groups/rules/{groupRuleId}".format( # noqa: UP032
+ groupRuleId=group_rule_id
+ ),
+ method="GET",
+ params=remove_none_values({"expand": show_group_names}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.groups.manage"]))
+async def delete_group_rule(
+ context: ToolContext,
+ group_rule_id: Annotated[
+ str,
+ "The unique ID of the group rule to be deleted. Required for identifying which group rule to remove.", # noqa: E501
+ ],
+ remove_users: Annotated[
+ bool | None, "Set to true to remove users from groups assigned by this rule."
+ ] = None,
+) -> Annotated[dict[str, Any], "Response from the API endpoint 'deleteGroupRule'."]:
+ """Deletes a specific group rule by its ID.
+
+ Use this tool to delete a group rule from the Okta system by providing the specific group rule ID when the rule is no longer needed.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/groups/rules/{groupRuleId}".format( # noqa: UP032
+ groupRuleId=group_rule_id
+ ),
+ method="DELETE",
+ params=remove_none_values({"removeUsers": remove_users}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.groups.manage"]))
+async def activate_group_rule(
+ context: ToolContext,
+ group_rule_id: Annotated[str, "The ID of the group rule to activate in Okta."],
+) -> Annotated[dict[str, Any], "Response from the API endpoint 'activateGroupRule'."]:
+ """Activate a specific group rule by ID in Okta.
+
+ Use this tool to activate a group rule in your Okta organization by providing the specific rule ID. This is useful for managing and enforcing policies in your organization's group behaviors.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/groups/rules/{groupRuleId}/lifecycle/activate".format( # noqa: UP032
+ groupRuleId=group_rule_id
+ ),
+ method="POST",
+ params=remove_none_values({}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.groups.manage"]))
+async def deactivate_group_rule(
+ context: ToolContext,
+ group_rule_id: Annotated[
+ str,
+ "The ID of the group rule to be deactivated. This is a unique string identifier for the group rule in your organization.", # noqa: E501
+ ],
+) -> Annotated[dict[str, Any], "Response from the API endpoint 'deactivateGroupRule'."]:
+ """Deactivate a specific group rule by ID.
+
+ Use this tool to deactivate a specific group rule in your organization by providing the group rule ID.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/groups/rules/{groupRuleId}/lifecycle/deactivate".format( # noqa: UP032
+ groupRuleId=group_rule_id
+ ),
+ method="POST",
+ params=remove_none_values({}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.groups.read"]))
+async def retrieve_group_by_id(
+ context: ToolContext,
+ group_id: Annotated[
+ str, "The unique identifier for the group to retrieve from the organization."
+ ],
+) -> Annotated[dict[str, Any], "Response from the API endpoint 'getGroup'."]:
+ """Retrieve specific group details by ID from your org.
+
+ Use this tool to get information about a specific group in your organization by providing the group's ID.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/groups/{groupId}".format(groupId=group_id), # noqa: UP032
+ method="GET",
+ params=remove_none_values({}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.groups.manage"]))
+async def update_okta_group_profile(
+ context: ToolContext,
+ group_id: Annotated[
+ str,
+ "The unique identifier for the group to be updated in Okta. This must be an OKTA_GROUP type.", # noqa: E501
+ ],
+ group_profile: Annotated[
+ dict[str, dict[str, str]],
+ "JSON object containing standard and custom profile properties for an OKTA_GROUP type. It includes fields like 'name' and 'description'.", # noqa: E501
+ ],
+) -> Annotated[dict[str, Any], "Response from the API endpoint 'replaceGroup'."]:
+ """Update the profile of an OKTA_GROUP type in your organization.
+
+ Use this tool to replace the profile for a group of the OKTA_GROUP type in your Okta organization. This tool is suitable for modifying group profiles not managed by app imports. Ensure the group type is OKTA_GROUP, as APP_GROUP types like Active Directory groups cannot be modified with this tool.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/groups/{groupId}".format(groupId=group_id), # noqa: UP032
+ method="PUT",
+ params=remove_none_values({}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({"requestBody": group_profile}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.groups.manage"]))
+async def delete_group(
+ context: ToolContext,
+ group_id: Annotated[str, "The unique identifier of the group to be deleted."],
+) -> Annotated[dict[str, Any], "Response from the API endpoint 'deleteGroup'."]:
+ """Remove a specified group from your organization.
+
+ Use this tool to delete a group of `OKTA_GROUP` or `APP_GROUP` type from your organization. Note: Groups of type `APP_GROUP` cannot be removed if they are used in a group push mapping.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/groups/{groupId}".format(groupId=group_id), # noqa: UP032
+ method="DELETE",
+ params=remove_none_values({}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.groups.read"]))
+async def list_group_assigned_apps(
+ context: ToolContext,
+ group_id: Annotated[
+ str, "The unique identifier for the group. Used to fetch the assigned applications."
+ ],
+ pagination_cursor_next_page: Annotated[
+ str | None,
+ "The pagination cursor that indicates the starting point for the next page of app results. Use this to navigate through multiple pages of app data.", # noqa: E501
+ ] = None,
+ page_result_limit: Annotated[
+ int | None, "The number of application results to return per page."
+ ] = None,
+) -> Annotated[
+ dict[str, Any], "Response from the API endpoint 'listAssignedApplicationsForGroup'."
+]:
+ """Retrieve all applications assigned to a specific group in Okta.
+
+ Use this tool to get a list of all the applications that have been assigned to a particular group in Okta. Useful for managing group access and permissions.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/groups/{groupId}/apps".format(groupId=group_id), # noqa: UP032
+ method="GET",
+ params=remove_none_values({
+ "after": pagination_cursor_next_page,
+ "limit": page_result_limit,
+ }),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.groups.read"]))
+async def list_group_owners(
+ context: ToolContext,
+ group_id: Annotated[str, "The unique identifier of the group whose owners you want to list."],
+ scim_filter_expression: Annotated[
+ str | None, "SCIM filter expression to filter group owners by type in Okta."
+ ] = None,
+ pagination_cursor: Annotated[
+ str | None, "Pagination cursor for fetching the next page of group owners."
+ ] = None,
+ owner_results_per_page: Annotated[
+ int | None, "Specifies the number of owner results to return per page."
+ ] = None,
+) -> Annotated[dict[str, Any], "Response from the API endpoint 'listGroupOwners'."]:
+ """Retrieve owners for a specific group in Okta.
+
+ Use this tool to obtain a list of all owners for a specified group using the group ID in Okta.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/groups/{groupId}/owners".format(groupId=group_id), # noqa: UP032
+ method="GET",
+ params=remove_none_values({
+ "search": scim_filter_expression,
+ "after": pagination_cursor,
+ "limit": owner_results_per_page,
+ }),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.groups.manage"]))
+async def remove_group_owner(
+ context: ToolContext,
+ group_identifier: Annotated[
+ str, "The unique identifier of the group from which the owner will be removed."
+ ],
+ group_owner_id: Annotated[str, "The ID of the group owner to be removed."],
+) -> Annotated[dict[str, Any], "Response from the API endpoint 'deleteGroupOwner'."]:
+ """Removes a specific group owner from a group.
+
+ This tool should be called when a user needs to delete an owner from a specified group. It removes the association of an owner with a particular group in Okta.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/groups/{groupId}/owners/{ownerId}".format( # noqa: UP032
+ groupId=group_identifier, ownerId=group_owner_id
+ ),
+ method="DELETE",
+ params=remove_none_values({}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.roles.read"]))
+async def list_group_assigned_roles(
+ context: ToolContext,
+ group_id: Annotated[
+ str,
+ "The unique identifier for the group whose roles are being retrieved. This ID is required to list the assigned roles for the group.", # noqa: E501
+ ],
+ expand_targets: Annotated[
+ str | None,
+ "Optional parameter to specify targets configured for standard role assignment. Supported values: 'targets/groups' or 'targets/catalog/apps'.", # noqa: E501
+ ] = None,
+) -> Annotated[dict[str, Any], "Response from the API endpoint 'listGroupAssignedRoles'."]:
+ """Retrieves all roles assigned to a specific group.
+
+ Use this tool to get a list of all roles assigned to a group by providing the group's ID."""
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/groups/{groupId}/roles".format(groupId=group_id), # noqa: UP032
+ method="GET",
+ params=remove_none_values({"expand": expand_targets}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.roles.read"]))
+async def retrieve_group_role_assignment(
+ context: ToolContext,
+ group_id: Annotated[str, "The unique ID of the group to retrieve the assigned role for."],
+ role_assignment_id: Annotated[
+ str, "The unique ID of the role assignment to fetch details for a group."
+ ],
+) -> Annotated[dict[str, Any], "Response from the API endpoint 'getGroupAssignedRole'."]:
+ """Retrieve a role assignment for a specified group.
+
+ Fetches the details of a role assigned to a group using group and role assignment identifiers. Use this to understand the role binding for a specific group in the system.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/groups/{groupId}/roles/{roleAssignmentId}".format( # noqa: UP032
+ groupId=group_id, roleAssignmentId=role_assignment_id
+ ),
+ method="GET",
+ params=remove_none_values({}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.roles.manage"]))
+async def unassign_role_from_group(
+ context: ToolContext,
+ group_id: Annotated[
+ str, "The unique identifier of the group from which the role will be unassigned."
+ ],
+ role_assignment_id: Annotated[str, "The ID of the role assignment to unassign from a group."],
+) -> Annotated[dict[str, Any], "Response from the API endpoint 'unassignRoleFromGroup'."]:
+ """Unassign a role from a specified group.
+
+ Use this tool to unassign a specific role from a group by providing the roleAssignmentId and groupId. This tool is helpful for managing group roles within an organization.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/groups/{groupId}/roles/{roleAssignmentId}".format( # noqa: UP032
+ groupId=group_id, roleAssignmentId=role_assignment_id
+ ),
+ method="DELETE",
+ params=remove_none_values({}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.roles.read"]))
+async def list_app_targets_for_group_app_admin(
+ context: ToolContext,
+ group_id: Annotated[str, "The unique identifier of the group for which to list app targets."],
+ role_assignment_id: Annotated[
+ str,
+ "The identifier for the role assignment to a group. Use this to specify the role for which app targets are listed.", # noqa: E501
+ ],
+ pagination_cursor: Annotated[
+ str | None,
+ "The cursor for pagination indicating current position in the list, obtained from the `Link` header.", # noqa: E501
+ ] = None,
+ max_number_of_objects_returned: Annotated[
+ int | None, "Specifies the maximum number of application targets to return in the response."
+ ] = None,
+) -> Annotated[
+ dict[str, Any],
+ "Response from the API endpoint 'listApplicationTargetsForApplicationAdministratorRoleForGroup'.", # noqa: E501
+]:
+ """Retrieve app targets for APP_ADMIN group role assignments.
+
+ Use this tool to list all application targets for a specific application's administrative role assigned to a group. It returns a list of either OIN-cataloged apps or specific app instances associated with the role within the group.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/groups/{groupId}/roles/{roleAssignmentId}/targets/catalog/apps".format( # noqa: UP032
+ groupId=group_id, roleAssignmentId=role_assignment_id
+ ),
+ method="GET",
+ params=remove_none_values({
+ "after": pagination_cursor,
+ "limit": max_number_of_objects_returned,
+ }),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.roles.manage"]))
+async def assign_app_target_to_admin_role(
+ context: ToolContext,
+ group_id: Annotated[str, "The unique identifier of the group to assign the app target to."],
+ role_assignment_id: Annotated[
+ str, "The unique identifier for the role assignment to which the app target is to be added."
+ ],
+ app_name: Annotated[
+ str, "Name of the app definition from the OIN catalog, used as the key name."
+ ],
+) -> Annotated[
+ dict[str, Any], "Response from the API endpoint 'assignAppTargetToAdminRoleForGroup'."
+]:
+ """Assign an app target to a group's admin role.
+
+ Use this tool to assign an OIN app target to the \"APP_ADMIN\" role for a group, reducing the role's scope to the specified app target. This action overrides any existing specific role assignments for that app.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/groups/{groupId}/roles/{roleAssignmentId}/targets/catalog/apps/{appName}".format( # noqa: UP032
+ groupId=group_id, roleAssignmentId=role_assignment_id, appName=app_name
+ ),
+ method="PUT",
+ params=remove_none_values({}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.roles.manage"]))
+async def unassign_app_target_from_admin_role(
+ context: ToolContext,
+ group_id: Annotated[
+ str, "The unique identifier of the group from which the app target is unassigned."
+ ],
+ role_assignment_id: Annotated[
+ str, "The ID of the role assignment to be unassigned from the group."
+ ],
+ app_name: Annotated[
+ str, "Name of the app definition, corresponding to the OIN catalog app key name."
+ ],
+) -> Annotated[
+ dict[str, Any], "Response from the API endpoint 'unassignAppTargetToAdminRoleForGroup'."
+]:
+ """Unassign an app target from an admin role for a group.
+
+ Use this tool to remove an OIN app target from an `APP_ADMIN` role assigned to a group in Okta. Note: You can't remove the last app target from a role assignment. If needed, delete the entire `APP_ADMIN` role and create a new one for all apps.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/groups/{groupId}/roles/{roleAssignmentId}/targets/catalog/apps/{appName}".format( # noqa: UP032
+ groupId=group_id, roleAssignmentId=role_assignment_id, appName=app_name
+ ),
+ method="DELETE",
+ params=remove_none_values({}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.roles.manage"]))
+async def assign_app_instance_to_admin_role(
+ context: ToolContext,
+ group_id: Annotated[
+ str, "The unique identifier of the group to which the app instance will be assigned."
+ ],
+ role_assignment_id: Annotated[
+ str,
+ "The `id` of the role assignment to which the app instance is being assigned. Required for scoping the admin role to the specific app instance.", # noqa: E501
+ ],
+ app_name: Annotated[
+ str,
+ "Name of the app definition from the OIN catalog. This key identifies the specific app.",
+ ],
+ application_id: Annotated[
+ str,
+ "The unique identifier of the application to which the admin role will be assigned for the group.", # noqa: E501
+ ],
+) -> Annotated[
+ dict[str, Any],
+ "Response from the API endpoint 'assignAppInstanceTargetToAppAdminRoleForGroup'.",
+]:
+ """Assign an app instance to a group admin role in Okta.
+
+ Use this tool to assign a specific app instance to an `APP_ADMIN` role for a group in Okta. This action scopes the role assignment to the specified app instance, rather than applying it broadly to all apps. It is useful when you need to manage specific applications or configurations for a group.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/groups/{groupId}/roles/{roleAssignmentId}/targets/catalog/apps/{appName}/{appId}".format( # noqa: UP032
+ groupId=group_id,
+ roleAssignmentId=role_assignment_id,
+ appName=app_name,
+ appId=application_id,
+ ),
+ method="PUT",
+ params=remove_none_values({}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.roles.manage"]))
+async def unassign_app_instance_role_group(
+ context: ToolContext,
+ group_id: Annotated[
+ str,
+ "The unique identifier of the group from which the app instance target will be unassigned.",
+ ],
+ role_assignment_id: Annotated[
+ str, "The ID of the role assignment to be unassigned from the group."
+ ],
+ app_name: Annotated[
+ str, "Name of the app definition from the OIN catalog used to identify the app instance."
+ ],
+ application_id: Annotated[
+ str, "The unique identifier for the application to be unassigned from the group role."
+ ],
+) -> Annotated[
+ dict[str, Any],
+ "Response from the API endpoint 'unassignAppInstanceTargetToAppAdminRoleForGroup'.",
+]:
+ """Unassign an app instance target from a group's APP_ADMIN role.
+
+ Use this tool to remove an app instance target from a group's APP_ADMIN role assignment. Note that this operation cannot remove the last app instance target. For a role assignment that applies to all apps, delete the role assignment instead.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/groups/{groupId}/roles/{roleAssignmentId}/targets/catalog/apps/{appName}/{appId}".format( # noqa: UP032
+ groupId=group_id,
+ roleAssignmentId=role_assignment_id,
+ appName=app_name,
+ appId=application_id,
+ ),
+ method="DELETE",
+ params=remove_none_values({}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.roles.read"]))
+async def list_group_targets_for_role(
+ context: ToolContext,
+ group_id: Annotated[str, "The ID of the group for which to list role assignment targets."],
+ role_assignment_id: Annotated[
+ str, "The unique identifier of the role assignment for which group targets are listed."
+ ],
+ pagination_cursor: Annotated[
+ str | None,
+ "The cursor for pagination, specifying the current location in the list. It is an opaque string obtained from the 'Link' response header.", # noqa: E501
+ ] = None,
+ max_number_of_objects: Annotated[
+ int | None, "Specify the maximum number of group targets to return."
+ ] = None,
+) -> Annotated[dict[str, Any], "Response from the API endpoint 'listGroupTargetsForGroupRole'."]:
+ """Retrieve group targets for specific role assignments to a group.
+
+ Use this tool to get all group targets associated with a `USER_ADMIN`, `HELP_DESK_ADMIN`, or `GROUP_MEMBERSHIP_ADMIN` role assigned to a group. If no specific targets are scoped, the response will be an empty list.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/groups/{groupId}/roles/{roleAssignmentId}/targets/groups".format( # noqa: UP032
+ groupId=group_id, roleAssignmentId=role_assignment_id
+ ),
+ method="GET",
+ params=remove_none_values({"after": pagination_cursor, "limit": max_number_of_objects}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.roles.manage"]))
+async def assign_group_target_to_role(
+ context: ToolContext,
+ group_id: Annotated[
+ str, "The unique identifier for the group to which the role target is assigned."
+ ],
+ role_assignment_id: Annotated[
+ str,
+ "The unique identifier for the role assignment to which the group target is being assigned.", # noqa: E501
+ ],
+ target_group_id: Annotated[
+ str,
+ "The ID of the group to be set as the target, narrowing the role scope to this group only.",
+ ],
+) -> Annotated[
+ dict[str, Any], "Response from the API endpoint 'assignGroupTargetToGroupAdminRole'."
+]:
+ """Assign a group target to specific admin roles.
+
+ Use this tool to assign a group target to a USER_ADMIN, HELP_DESK_ADMIN, or GROUP_MEMBERSHIP_ADMIN role for a specific group. It limits the role's scope to the specified target, removing its previous global application.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/groups/{groupId}/roles/{roleAssignmentId}/targets/groups/{targetGroupId}".format( # noqa: UP032
+ groupId=group_id, roleAssignmentId=role_assignment_id, targetGroupId=target_group_id
+ ),
+ method="PUT",
+ params=remove_none_values({}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.roles.manage"]))
+async def unassign_group_admin_role(
+ context: ToolContext,
+ group_id: Annotated[
+ str, "The unique identifier of the group from which an admin role is being unassigned."
+ ],
+ role_assignment_id: Annotated[str, "The ID of the role assignment to unassign from the group."],
+ target_group_id: Annotated[
+ str, "The unique identifier of the group target to be unassigned from the admin role."
+ ],
+) -> Annotated[
+ dict[str, Any], "Response from the API endpoint 'unassignGroupTargetFromGroupAdminRole'."
+]:
+ """Unassign a group target from an admin role.
+
+ Remove a group target from admin roles such as USER_ADMIN, HELP_DESK_ADMIN, or GROUP_MEMBERSHIP_ADMIN assigned to a group.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/groups/{groupId}/roles/{roleAssignmentId}/targets/groups/{targetGroupId}".format( # noqa: UP032
+ groupId=group_id, roleAssignmentId=role_assignment_id, targetGroupId=target_group_id
+ ),
+ method="DELETE",
+ params=remove_none_values({}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.groups.read"]))
+async def list_group_users(
+ context: ToolContext,
+ group_id: Annotated[str, "The unique identifier of the group whose members you want to list."],
+ pagination_cursor: Annotated[
+ str | None,
+ "The cursor for pagination, obtained from the `Link` header indicating the current location in the list.", # noqa: E501
+ ] = None,
+ page_user_limit: Annotated[
+ int | None,
+ "Specifies the maximum number of user results returned per page. Recommended limit is 200.",
+ ] = None,
+) -> Annotated[dict[str, Any], "Response from the API endpoint 'listGroupUsers'."]:
+ """Retrieve users from a specified group in Okta.
+
+ Use this tool to get a list of users who are members of a specific group in Okta. Suitable for managing group memberships and auditing user lists within an organization.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/groups/{groupId}/users".format(groupId=group_id), # noqa: UP032
+ method="GET",
+ params=remove_none_values({"after": pagination_cursor, "limit": page_user_limit}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.groups.manage"]))
+async def assign_user_to_group(
+ context: ToolContext,
+ group_id: Annotated[
+ str, "The unique identifier for the OKTA_GROUP to which the user will be assigned."
+ ],
+ okta_user_id: Annotated[str, "ID of an existing Okta user to be assigned to the group."],
+) -> Annotated[dict[str, Any], "Response from the API endpoint 'assignUserToGroup'."]:
+ """Assign a user to a specified OKTA_GROUP.
+
+ Use this tool to assign a user to a specific group of type `OKTA_GROUP` within Okta. This operation is only applicable for `OKTA_GROUP` type groups and is important for managing user memberships. Note that app imports handle memberships for `APP_GROUP` type groups, such as Active Directory.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/groups/{groupId}/users/{userId}".format( # noqa: UP032
+ groupId=group_id, userId=okta_user_id
+ ),
+ method="PUT",
+ params=remove_none_values({}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.groups.manage"]))
+async def remove_user_from_okta_group(
+ context: ToolContext,
+ group_id: Annotated[
+ str,
+ "The ID of the OKTA group. Required to specify which group the user will be removed from.",
+ ],
+ user_id: Annotated[str, "The ID of an existing Okta user to be removed from the group."],
+) -> Annotated[dict[str, Any], "Response from the API endpoint 'unassignUserFromGroup'."]:
+ """Remove a user from an OKTA group.
+
+ Use this tool to unassign a user from a specified OKTA group. It only works with groups of the 'OKTA_GROUP' type. This action cannot be performed on 'APP_GROUP' types, such as Active Directory groups.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/groups/{groupId}/users/{userId}".format( # noqa: UP032
+ groupId=group_id, userId=user_id
+ ),
+ method="DELETE",
+ params=remove_none_values({}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.inlineHooks.read"]))
+async def list_hook_keys(
+ context: ToolContext,
+) -> Annotated[dict[str, Any], "Response from the API endpoint 'listHookKeys'."]:
+ """Retrieve all hook keys from the API.
+
+ This tool is used to call the Okta API endpoint that lists all available hook keys. It should be called when you need to obtain a complete list of hook keys for management or integration purposes.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/hook-keys",
+ method="GET",
+ params=remove_none_values({}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.inlineHooks.read"]))
+async def retrieve_public_key(
+ context: ToolContext,
+ public_key_id: Annotated[
+ str,
+ "The unique identifier for the public key to retrieve. This is used for obtaining the specific public key details.", # noqa: E501
+ ],
+) -> Annotated[dict[str, Any], "Response from the API endpoint 'getPublicKey'."]:
+ """Retrieve a public key by its keyId.
+
+ Use the tool to obtain the public key details associated with a specified keyId. This is useful for validating signatures or for other security operations requiring the public key.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/hook-keys/public/{keyId}".format(keyId=public_key_id), # noqa: UP032
+ method="GET",
+ params=remove_none_values({}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.inlineHooks.read"]))
+async def retrieve_hook_key(
+ context: ToolContext,
+ key_id: Annotated[
+ str | None, "A valid key ID to retrieve the public portion of the Key object."
+ ] = None,
+) -> Annotated[dict[str, Any], "Response from the API endpoint 'getHookKey'."]:
+ """Retrieve the public portion of a Key object by ID.
+
+ Use this tool to obtain the public portion of a Key object using the specified ID. Optionally, you can expand the response to include full details of the public key.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/hook-keys/{id}".format(id=key_id), # noqa: UP032
+ method="GET",
+ params=remove_none_values({}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.inlineHooks.manage"]))
+async def delete_hook_key(
+ context: ToolContext,
+ hook_key_id: Annotated[
+ str, "The unique identifier for the hook key to be deleted. Ensure the key is unused."
+ ],
+) -> Annotated[dict[str, Any], "Response from the API endpoint 'deleteHookKey'."]:
+ """Delete an unused hook key by ID.
+
+ Use this tool to permanently delete a hook key by its ID. Only keys that are not in use can be deleted. Once deleted, a key cannot be recovered.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/hook-keys/{id}".format(id=hook_key_id), # noqa: UP032
+ method="DELETE",
+ params=remove_none_values({}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.roles.read"]))
+async def list_users_with_roles(
+ context: ToolContext,
+ pagination_cursor: Annotated[
+ str | None,
+ "Specifies the pagination cursor for retrieving the next page of users with roles.",
+ ] = None,
+ results_limit: Annotated[
+ int | None,
+ "Specifies the maximum number of user results to return. Defaults to 100 if not set.",
+ ] = None,
+) -> Annotated[dict[str, Any], "Response from the API endpoint 'listUsersWithRoleAssignments'."]:
+ """Lists all users with their role assignments.
+
+ Use this tool to retrieve a list of users along with their assigned roles. This can be useful for managing user permissions and roles within an organization.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/iam/assignees/users",
+ method="GET",
+ params=remove_none_values({"after": pagination_cursor, "limit": results_limit}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.roles.read"]))
+async def list_governance_bundles(
+ context: ToolContext,
+ pagination_cursor: Annotated[
+ str | None,
+ "The cursor string for pagination, obtained from the `Link` response header, to specify the current location in the list.", # noqa: E501
+ ] = None,
+ object_limit: Annotated[
+ int | None,
+ "Specify the maximum number of governance bundles to return. This helps in controlling the size of the response.", # noqa: E501
+ ] = None,
+) -> Annotated[dict[str, Any], "Response from the API endpoint 'listGovernanceBundles'."]:
+ """Retrieve all Governance Bundles for your organization's Admin Console.
+
+ Use this tool to access a list of all Governance Bundles available in your organization's Admin Console. This is useful for administrators who need to manage or review available governance resources.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/iam/governance/bundles",
+ method="GET",
+ params=remove_none_values({"after": pagination_cursor, "limit": object_limit}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.roles.read"]))
+async def retrieve_governance_bundle(
+ context: ToolContext,
+ bundle_id: Annotated[str, "The unique identifier of the Governance Bundle to retrieve."],
+) -> Annotated[dict[str, Any], "Response from the API endpoint 'getGovernanceBundle'."]:
+ """Retrieve a Governance Bundle from Okta RAMP.
+
+ Use this tool to fetch information about a specific Governance Bundle from Okta's RAMP service using the bundle ID.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/iam/governance/bundles/{bundleId}".format( # noqa: UP032
+ bundleId=bundle_id
+ ),
+ method="GET",
+ params=remove_none_values({}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.roles.manage"]))
+async def delete_governance_bundle(
+ context: ToolContext,
+ bundle_id: Annotated[
+ str, "The unique identifier of a governance bundle to delete from RAMP in Okta."
+ ],
+) -> Annotated[dict[str, Any], "Response from the API endpoint 'deleteGovernanceBundle'."]:
+ """Deletes a Governance Bundle from RAMP in Okta.
+
+ Use this tool to delete a specific governance bundle by its ID from Okta's RAMP. This is useful when a bundle is no longer needed or needs to be removed for compliance reasons.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/iam/governance/bundles/{bundleId}".format( # noqa: UP032
+ bundleId=bundle_id
+ ),
+ method="DELETE",
+ params=remove_none_values({}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.roles.read"]))
+async def list_governance_bundle_entitlements(
+ context: ToolContext,
+ bundle_id: Annotated[
+ str, "The ID of the governance bundle whose entitlements you want to list."
+ ],
+ pagination_cursor: Annotated[
+ str | None,
+ "The opaque cursor string for pagination, indicating the current position in the list. Obtainable from the `Link` response header.", # noqa: E501
+ ] = None,
+ max_objects_to_return: Annotated[
+ int | None,
+ "Specifies the maximum number of entitlements to return in the response. Use to limit the results.", # noqa: E501
+ ] = None,
+) -> Annotated[dict[str, Any], "Response from the API endpoint 'listBundleEntitlements'."]:
+ """Retrieve entitlements for a specific governance bundle.
+
+ Use this tool to obtain a list of all entitlements associated with a specific governance bundle in Okta. It is useful when you need to review or manage the entitlements tied to a particular bundle.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/iam/governance/bundles/{bundleId}/entitlements".format( # noqa: UP032
+ bundleId=bundle_id
+ ),
+ method="GET",
+ params=remove_none_values({"after": pagination_cursor, "limit": max_objects_to_return}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.roles.read"]))
+async def list_entitlement_values(
+ context: ToolContext,
+ bundle_id: Annotated[
+ str,
+ "The ID of the bundle to retrieve entitlement values for. This is required to specify which bundle you are querying.", # noqa: E501
+ ],
+ bundle_entitlement_id: Annotated[
+ str, "The ID of the bundle entitlement for which to retrieve entitlement values."
+ ],
+ pagination_cursor: Annotated[
+ str | None,
+ "The cursor for pagination, indicating your current position in the list. Obtainable from the `Link` response header.", # noqa: E501
+ ] = None,
+ max_results_to_return: Annotated[
+ int | None,
+ "Sets the maximum number of entitlement values to return in the response. Use to limit the returned data size.", # noqa: E501
+ ] = None,
+) -> Annotated[dict[str, Any], "Response from the API endpoint 'listBundleEntitlementValues'."]:
+ """Retrieve entitlement values for a specified bundle.
+
+ Use this tool to get all entitlement values linked to a particular bundle entitlement. It is useful for accessing detailed governance information.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/iam/governance/bundles/{bundleId}/entitlements/{entitlementId}/values".format( # noqa: UP032
+ bundleId=bundle_id, entitlementId=bundle_entitlement_id
+ ),
+ method="GET",
+ params=remove_none_values({"after": pagination_cursor, "limit": max_results_to_return}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.roles.read"]))
+async def retrieve_admin_console_opt_in_status(
+ context: ToolContext,
+) -> Annotated[dict[str, Any], "Response from the API endpoint 'getOptInStatus'."]:
+ """Retrieve the Admin Console opt-in status from RAMP.
+
+ Use this tool to check the opt-in status of the Admin Console via the RAMP service."""
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/iam/governance/optIn",
+ method="GET",
+ params=remove_none_values({}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.roles.manage"]))
+async def opt_in_admin_console_ramp(
+ context: ToolContext,
+) -> Annotated[dict[str, Any], "Response from the API endpoint 'optIn'."]:
+ """Opt in the Admin Console to RAMP in Okta.
+
+ This tool opts in the Admin Console to RAMP using Okta's API. Call this tool when you need to enable RAMP in the Admin Console.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/iam/governance/optIn",
+ method="POST",
+ params=remove_none_values({}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.roles.manage"]))
+async def opt_out_admin_console_ramp(
+ context: ToolContext,
+) -> Annotated[dict[str, Any], "Response from the API endpoint 'optOut'."]:
+ """Opt out the Admin Console from RAMP.
+
+ This tool should be called to opt the Admin Console out of RAMP. Use this when you need to discontinue the RAMP service for the Admin Console.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/iam/governance/optOut",
+ method="POST",
+ params=remove_none_values({}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.roles.read"]))
+async def list_resource_sets(
+ context: ToolContext,
+ pagination_cursor: Annotated[
+ str | None,
+ "The opaque cursor string for pagination, obtained from the `Link` response header.",
+ ] = None,
+) -> Annotated[dict[str, Any], "Response from the API endpoint 'listResourceSets'."]:
+ """Retrieve all resource sets with pagination support.
+
+ This tool calls the Okta API to list all resource sets, including pagination information. Use it to fetch comprehensive details about existing resource sets in your organization.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/iam/resource-sets",
+ method="GET",
+ params=remove_none_values({"after": pagination_cursor}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.roles.read"]))
+async def retrieve_resource_set_okta(
+ context: ToolContext,
+ resource_set_identifier: Annotated[
+ str, "The ID or label of the resource set to retrieve from Okta."
+ ],
+) -> Annotated[dict[str, Any], "Response from the API endpoint 'getResourceSet'."]:
+ """Retrieve a resource set by its ID or label from Okta.
+
+ This tool is used to fetch details of a specific resource set from Okta using a resource set ID or label. It should be called when information about a particular resource set is needed.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/iam/resource-sets/{resourceSetIdOrLabel}".format( # noqa: UP032
+ resourceSetIdOrLabel=resource_set_identifier
+ ),
+ method="GET",
+ params=remove_none_values({}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.roles.manage"]))
+async def delete_resource_set(
+ context: ToolContext,
+ resource_set_identifier: Annotated[str, "The ID or label of the resource set to be deleted."],
+) -> Annotated[dict[str, Any], "Response from the API endpoint 'deleteResourceSet'."]:
+ """Deletes a resource set by ID or label.
+
+ Use this tool to delete a specific resource set from the system by providing the resource set's ID or label. It is useful for managing and organizing resource allocations within the platform.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/iam/resource-sets/{resourceSetIdOrLabel}".format( # noqa: UP032
+ resourceSetIdOrLabel=resource_set_identifier
+ ),
+ method="DELETE",
+ params=remove_none_values({}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.roles.read"]))
+async def list_resource_set_bindings(
+ context: ToolContext,
+ resource_set_id_or_label: Annotated[
+ str, "The ID or label of the resource set to list bindings for."
+ ],
+ pagination_cursor: Annotated[
+ str | None,
+ "A string cursor for pagination, specifying the current position in the list. Obtained from the `Link` response header.", # noqa: E501
+ ] = None,
+) -> Annotated[dict[str, Any], "Response from the API endpoint 'listBindings'."]:
+ """Retrieve all bindings and roles for a specified resource set.
+
+ Use this tool to list all bindings associated with a specified resource set in Okta. It supports pagination if there are more than 100 bindings. Useful for managing access and roles in a resource set.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/iam/resource-sets/{resourceSetIdOrLabel}/bindings".format( # noqa: UP032
+ resourceSetIdOrLabel=resource_set_id_or_label
+ ),
+ method="GET",
+ params=remove_none_values({"after": pagination_cursor}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.roles.read"]))
+async def get_role_binding_for_resource(
+ context: ToolContext,
+ resource_set_identifier_or_label: Annotated[
+ str,
+ "The ID or label of the resource set to retrieve the role binding for. This identifies the specific resource set in the IAM system.", # noqa: E501
+ ],
+ role_id_or_label: Annotated[
+ str,
+ "The ID or label of the role to retrieve the binding for. This identifies the specific role in the system.", # noqa: E501
+ ],
+) -> Annotated[dict[str, Any], "Response from the API endpoint 'getBinding'."]:
+ """Retrieve a role binding for a specified resource set.
+
+ Use this tool to get the binding details of a specific role for a given resource set by their identifiers or labels. This is useful for managing and reviewing access permissions in an IAM system.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/iam/resource-sets/{resourceSetIdOrLabel}/bindings/{roleIdOrLabel}".format( # noqa: UP032
+ resourceSetIdOrLabel=resource_set_identifier_or_label, roleIdOrLabel=role_id_or_label
+ ),
+ method="GET",
+ params=remove_none_values({}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.roles.manage"]))
+async def delete_role_binding(
+ context: ToolContext,
+ resource_set_id_or_label: Annotated[
+ str, "The `id` or `label` of the resource set to be unbound from the role."
+ ],
+ role_id_or_label: Annotated[
+ str, "The identifier or label of the role to unbind from the resource set."
+ ],
+) -> Annotated[dict[str, Any], "Response from the API endpoint 'deleteBinding'."]:
+ """Deletes a binding between a role and a resource set.
+
+ Use this tool to remove the association between a specific role and a resource set in Okta by providing the role and resource set identifiers.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/iam/resource-sets/{resourceSetIdOrLabel}/bindings/{roleIdOrLabel}".format( # noqa: UP032
+ resourceSetIdOrLabel=resource_set_id_or_label, roleIdOrLabel=role_id_or_label
+ ),
+ method="DELETE",
+ params=remove_none_values({}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.roles.read"]))
+async def list_role_resource_members(
+ context: ToolContext,
+ resource_set_id_or_label: Annotated[
+ str, "The ID or label of the resource set to list members from."
+ ],
+ role_identifier: Annotated[
+ str,
+ "The ID or label of the role to list members for. It helps specify the role resource set binding.", # noqa: E501
+ ],
+ pagination_cursor: Annotated[
+ str | None,
+ "The opaque cursor string for pagination, indicating your current position in the list. Obtain this from the `Link` response header.", # noqa: E501
+ ] = None,
+) -> Annotated[dict[str, Any], "Response from the API endpoint 'listMembersOfBinding'."]:
+ """List all members of a role resource set binding.
+
+ This tool retrieves all members associated with a specified role resource set binding, supporting pagination for large datasets.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/iam/resource-sets/{resourceSetIdOrLabel}/bindings/{roleIdOrLabel}/members".format( # noqa: UP032
+ resourceSetIdOrLabel=resource_set_id_or_label, roleIdOrLabel=role_identifier
+ ),
+ method="GET",
+ params=remove_none_values({"after": pagination_cursor}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.roles.read"]))
+async def retrieve_role_member(
+ context: ToolContext,
+ resource_set_identifier: Annotated[
+ str,
+ "The `id` or `label` of the resource set to identify which set to retrieve the member from.", # noqa: E501
+ ],
+ role_id_or_label: Annotated[
+ str, "The `id` or `label` of the role to identify which role the member belongs to."
+ ],
+ member_id: Annotated[str, "ID of the member to look up in the role resource set binding."],
+) -> Annotated[dict[str, Any], "Response from the API endpoint 'getMemberOfBinding'."]:
+ """Retrieve member details in a role resource set binding.
+
+ This tool retrieves information about a specific member identified by `memberId` within a role resource set binding using the given resource set and role identifiers. It should be called when you need details about a member's role or permissions in a resource set.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/iam/resource-sets/{resourceSetIdOrLabel}/bindings/{roleIdOrLabel}/members/{memberId}".format( # noqa: UP032
+ resourceSetIdOrLabel=resource_set_identifier,
+ roleIdOrLabel=role_id_or_label,
+ memberId=member_id,
+ ),
+ method="GET",
+ params=remove_none_values({}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.roles.manage"]))
+async def unassign_member_from_role(
+ context: ToolContext,
+ resource_set_id_or_label: Annotated[
+ str, "The `id` or `label` of the resource set to unassign a member from a role."
+ ],
+ role_identifier_or_label: Annotated[
+ str, "Provide the ID or label of the role for unassignment."
+ ],
+ member_id: Annotated[
+ str, "The unique identifier for the member to be unassigned from the role."
+ ],
+) -> Annotated[dict[str, Any], "Response from the API endpoint 'unassignMemberFromBinding'."]:
+ """Unassign a member from a role resource set binding.
+
+ Use this tool to remove a member from a specific role resource set binding in Okta by providing the member ID, role ID, and resource set ID.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/iam/resource-sets/{resourceSetIdOrLabel}/bindings/{roleIdOrLabel}/members/{memberId}".format( # noqa: UP032
+ resourceSetIdOrLabel=resource_set_id_or_label,
+ roleIdOrLabel=role_identifier_or_label,
+ memberId=member_id,
+ ),
+ method="DELETE",
+ params=remove_none_values({}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.roles.read"]))
+async def list_resource_set_resources(
+ context: ToolContext,
+ resource_set_id_or_label: Annotated[
+ str, "The ID or label of the resource set to list resources for."
+ ],
+) -> Annotated[dict[str, Any], "Response from the API endpoint 'listResourceSetResources'."]:
+ """Lists all resources for a specified resource set in Okta.
+
+ Use this tool to retrieve all resources associated with a specific resource set in Okta, identified by the resource set ID or label.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/iam/resource-sets/{resourceSetIdOrLabel}/resources".format( # noqa: UP032
+ resourceSetIdOrLabel=resource_set_id_or_label
+ ),
+ method="GET",
+ params=remove_none_values({}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.roles.read"]))
+async def retrieve_resource_set_details(
+ context: ToolContext,
+ resource_set_identifier: Annotated[
+ str, "The ID or label of the resource set to retrieve the resource from."
+ ],
+ resource_identifier: Annotated[
+ str, "The unique ID of the resource to be retrieved from the resource set."
+ ],
+) -> Annotated[dict[str, Any], "Response from the API endpoint 'getResourceSetResource'."]:
+ """Retrieve details of a resource in a specific resource set.
+
+ Use this tool to obtain details about a specific resource within a resource set using the resource ID.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/iam/resource-sets/{resourceSetIdOrLabel}/resources/{resourceId}".format( # noqa: UP032
+ resourceSetIdOrLabel=resource_set_identifier, resourceId=resource_identifier
+ ),
+ method="GET",
+ params=remove_none_values({}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.roles.manage"]))
+async def delete_resource_from_set(
+ context: ToolContext,
+ resource_set_id_or_label: Annotated[
+ str, "Provide the id or label of the resource set from which to delete the resource."
+ ],
+ resource_id: Annotated[
+ str, "The unique ID of the resource to be deleted from the specified resource set."
+ ],
+) -> Annotated[dict[str, Any], "Response from the API endpoint 'deleteResourceSetResource'."]:
+ """Delete a resource from a specified resource set.
+
+ Use this tool to delete a specific resource from a resource set identified by its ID or label in Okta. Ideal for managing and updating resource allocations efficiently.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/iam/resource-sets/{resourceSetIdOrLabel}/resources/{resourceId}".format( # noqa: UP032
+ resourceSetIdOrLabel=resource_set_id_or_label, resourceId=resource_id
+ ),
+ method="DELETE",
+ params=remove_none_values({}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.roles.read"]))
+async def list_custom_roles(
+ context: ToolContext,
+ pagination_cursor: Annotated[
+ str | None,
+ "The cursor for pagination, an opaque string indicating your current location in the list. Obtained from the `Link` response header.", # noqa: E501
+ ] = None,
+) -> Annotated[dict[str, Any], "Response from the API endpoint 'listRoles'."]:
+ """Retrieve a paginated list of all custom roles.
+
+ Use this tool to fetch and view all custom roles available in the system, with support for pagination to manage large sets of data.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/iam/roles",
+ method="GET",
+ params=remove_none_values({"after": pagination_cursor}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.roles.read"]))
+async def retrieve_okta_role(
+ context: ToolContext,
+ role_id_or_label: Annotated[str, "The ID or label of the role to retrieve details from Okta."],
+) -> Annotated[dict[str, Any], "Response from the API endpoint 'getRole'."]:
+ """Retrieve role details from Okta using role ID or label.
+
+ This tool is used to obtain detailed information about a specific role from Okta by providing either the role ID or its label. Use this tool when you need to access role specifications, permissions, or other role-related data within Okta.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/iam/roles/{roleIdOrLabel}".format( # noqa: UP032
+ roleIdOrLabel=role_id_or_label
+ ),
+ method="GET",
+ params=remove_none_values({}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.roles.manage"]))
+async def delete_custom_role(
+ context: ToolContext,
+ role_id_or_label: Annotated[
+ str, "The ID or label of the custom role to delete in the Okta system."
+ ],
+) -> Annotated[dict[str, Any], "Response from the API endpoint 'deleteRole'."]:
+ """Delete a custom role using its role ID or label.
+
+ Use this tool to delete a custom role in the Okta system by specifying the role ID or label. This tool is helpful for managing role configurations and ensuring only required roles exist.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/iam/roles/{roleIdOrLabel}".format( # noqa: UP032
+ roleIdOrLabel=role_id_or_label
+ ),
+ method="DELETE",
+ params=remove_none_values({}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.roles.read"]))
+async def list_custom_role_permissions(
+ context: ToolContext,
+ role_identifier: Annotated[
+ str, "The ID or label of the custom role to retrieve permissions for."
+ ],
+) -> Annotated[dict[str, Any], "Response from the API endpoint 'listRolePermissions'."]:
+ """Retrieve permissions for a specified custom role.
+
+ Use this tool to list all permissions associated with a specific custom role in Okta by providing the role ID or label.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/iam/roles/{roleIdOrLabel}/permissions".format( # noqa: UP032
+ roleIdOrLabel=role_identifier
+ ),
+ method="GET",
+ params=remove_none_values({}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.roles.read"]))
+async def retrieve_role_permission(
+ context: ToolContext,
+ role_id_or_label: Annotated[
+ str, "Identifier or label of the custom role to retrieve permission for."
+ ],
+ permission_type: Annotated[
+ str, "Specify the type of permission to retrieve for a custom role in Okta."
+ ],
+) -> Annotated[dict[str, Any], "Response from the API endpoint 'getRolePermission'."]:
+ """Retrieve a specific permission for a custom role by type.
+
+ Use this tool to obtain details about a specific permission associated with a custom role in Okta, identified by the permission type.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/iam/roles/{roleIdOrLabel}/permissions/{permissionType}".format( # noqa: UP032
+ roleIdOrLabel=role_id_or_label, permissionType=permission_type
+ ),
+ method="GET",
+ params=remove_none_values({}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.roles.manage"]))
+async def remove_role_permission(
+ context: ToolContext,
+ role_identifier: Annotated[
+ str, "The `id` or `label` of the Okta role from which the permission will be removed."
+ ],
+ permission_type: Annotated[
+ str,
+ "Specify the type of Okta permission to remove from the custom role. It should match the defined permissions in Okta.", # noqa: E501
+ ],
+) -> Annotated[dict[str, Any], "Response from the API endpoint 'deleteRolePermission'."]:
+ """Remove a permission from a custom role in Okta.
+
+ Use this tool to delete a specific permission from a custom role in Okta by specifying the role and permission type.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/iam/roles/{roleIdOrLabel}/permissions/{permissionType}".format( # noqa: UP032
+ roleIdOrLabel=role_identifier, permissionType=permission_type
+ ),
+ method="DELETE",
+ params=remove_none_values({}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.identitySources.read"]))
+async def list_identity_source_sessions(
+ context: ToolContext,
+ identity_source_id: Annotated[
+ str, "The ID of the identity source instance to list sessions for."
+ ],
+) -> Annotated[dict[str, Any], "Response from the API endpoint 'listIdentitySourceSessions'."]:
+ """Retrieve sessions for a specific identity source instance.
+
+ This tool lists all identity source sessions for a specified identity source ID. It should be used to monitor or audit sessions associated with a particular identity source instance.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/identity-sources/{identitySourceId}/sessions".format( # noqa: UP032
+ identitySourceId=identity_source_id
+ ),
+ method="GET",
+ params=remove_none_values({}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.identitySources.manage"]))
+async def create_identity_source_session(
+ context: ToolContext,
+ identity_source_id: Annotated[
+ str, "The unique ID of the identity source to create a session for."
+ ],
+) -> Annotated[dict[str, Any], "Response from the API endpoint 'createIdentitySourceSession'."]:
+ """Create a session for an identity source instance.
+
+ This tool creates an identity source session for a specified identity source instance, allowing further authenticated interactions with that source.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/identity-sources/{identitySourceId}/sessions".format( # noqa: UP032
+ identitySourceId=identity_source_id
+ ),
+ method="POST",
+ params=remove_none_values({}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.identitySources.read"]))
+async def retrieve_identity_source_session(
+ context: ToolContext,
+ identity_source_id: Annotated[
+ str,
+ "The ID of the identity source for which the session is created. This ID is used to specify which identity source's session details are to be retrieved.", # noqa: E501
+ ],
+ identity_source_session_id: Annotated[
+ str, "The ID used to identify the specific identity source session."
+ ],
+) -> Annotated[dict[str, Any], "Response from the API endpoint 'getIdentitySourceSession'."]:
+ """Retrieve an identity source session by ID and session.
+
+ This tool fetches session details for a specified identity source and session ID, helping manage authentication and identity processes.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/identity-sources/{identitySourceId}/sessions/{sessionId}".format( # noqa: UP032
+ identitySourceId=identity_source_id, sessionId=identity_source_session_id
+ ),
+ method="GET",
+ params=remove_none_values({}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.identitySources.manage"]))
+async def delete_identity_source_session(
+ context: ToolContext,
+ identity_source_id: Annotated[
+ str, "The ID of the identity source for which the session is created."
+ ],
+ identity_source_session_id: Annotated[
+ str, "The ID of the identity source session to be deleted."
+ ],
+) -> Annotated[dict[str, Any], "Response from the API endpoint 'deleteIdentitySourceSession'."]:
+ """Deletes an identity source session by ID.
+
+ Call this tool to delete a specific identity source session using the session's and the identity source's IDs.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/identity-sources/{identitySourceId}/sessions/{sessionId}".format( # noqa: UP032
+ identitySourceId=identity_source_id, sessionId=identity_source_session_id
+ ),
+ method="DELETE",
+ params=remove_none_values({}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.identitySources.manage"]))
+async def initiate_identity_import(
+ context: ToolContext,
+ identity_source_id: Annotated[
+ str, "The ID of the identity source to start the import session for."
+ ],
+ identity_source_session_id: Annotated[
+ str, "The ID of the identity source session to initiate the import process."
+ ],
+) -> Annotated[dict[str, Any], "Response from the API endpoint 'startImportFromIdentitySource'."]:
+ """Initiate import from a specified identity source.
+
+ Use this tool to start the import process from an identity source specified by the uploaded bulk operations. Useful for syncing identity data into the system.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/identity-sources/{identitySourceId}/sessions/{sessionId}/start-import".format( # noqa: UP032
+ identitySourceId=identity_source_id, sessionId=identity_source_session_id
+ ),
+ method="POST",
+ params=remove_none_values({}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.idps.read"]))
+async def list_identity_providers(
+ context: ToolContext,
+ search_identity_provider_name: Annotated[
+ str | None, "Search for matching identity provider names in the list."
+ ] = None,
+ pagination_cursor: Annotated[
+ str | None, "The cursor to use for pagination, obtained from the `Link` response header."
+ ] = None,
+ object_limit: Annotated[
+ int | None, "Specify the maximum number of identity provider objects to return."
+ ] = None,
+ filter_by_idp_type: Annotated[
+ str | None,
+ "Specify the type of IdP to filter the list. Options include providers like 'GOOGLE', 'FACEBOOK', etc.", # noqa: E501
+ ] = None,
+) -> Annotated[dict[str, Any], "Response from the API endpoint 'listIdentityProviders'."]:
+ """Retrieve a list of all identity provider integrations.
+
+ This tool retrieves all identity provider (IdP) integrations from Okta, with support for filtering and pagination. Use this tool to obtain information about connected IdPs.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/idps",
+ method="GET",
+ params=remove_none_values({
+ "q": search_identity_provider_name,
+ "after": pagination_cursor,
+ "limit": object_limit,
+ "type": filter_by_idp_type,
+ }),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.idps.read"]))
+async def list_identity_provider_keys(
+ context: ToolContext,
+ pagination_cursor: Annotated[
+ str | None,
+ "Cursor for pagination, specifying current location in the list; obtained from the `Link` response header.", # noqa: E501
+ ] = None,
+ maximum_number_of_objects_to_return: Annotated[
+ int | None, "Sets the maximum number of IdP key credentials to retrieve."
+ ] = None,
+) -> Annotated[dict[str, Any], "Response from the API endpoint 'listIdentityProviderKeys'."]:
+ """Retrieve all identity provider key credentials.
+
+ Use this tool to obtain a list of all identity provider (IdP) key credentials. This is useful for managing and reviewing authentication setups.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/idps/credentials/keys",
+ method="GET",
+ params=remove_none_values({
+ "after": pagination_cursor,
+ "limit": maximum_number_of_objects_to_return,
+ }),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.idps.read"]))
+async def retrieve_identity_provider_key(
+ context: ToolContext,
+ identity_provider_key_id: Annotated[
+ str,
+ "The unique identifier (`kid`) of the identity provider key credential needed to retrieve its details.", # noqa: E501
+ ],
+) -> Annotated[dict[str, Any], "Response from the API endpoint 'getIdentityProviderKey'."]:
+ """Retrieve a specific IdP key credential by `kid`.
+
+ Use this tool to obtain details of an identity provider key credential by providing the `kid` (key ID). This is useful for managing and auditing identity provider configurations.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/idps/credentials/keys/{kid}".format( # noqa: UP032
+ kid=identity_provider_key_id
+ ),
+ method="GET",
+ params=remove_none_values({}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.idps.manage"]))
+async def delete_idp_key(
+ context: ToolContext,
+ idp_key_id: Annotated[
+ str, "Unique ID of the IdP key credential to be deleted. Ensure it's not in use by any IdP."
+ ],
+) -> Annotated[dict[str, Any], "Response from the API endpoint 'deleteIdentityProviderKey'."]:
+ """Delete an unused identity provider key by ID.
+
+ Use this tool to delete a specific identity provider key credential by its key ID if it's not being used by any active or inactive IdPs.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/idps/credentials/keys/{kid}".format(kid=idp_key_id), # noqa: UP032
+ method="DELETE",
+ params=remove_none_values({}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.idps.read"]))
+async def retrieve_identity_provider(
+ context: ToolContext,
+ identity_provider_id: Annotated[
+ str, "The unique ID of the identity provider (IdP) to retrieve details for."
+ ],
+) -> Annotated[dict[str, Any], "Response from the API endpoint 'getIdentityProvider'."]:
+ """Retrieves an identity provider integration by ID.
+
+ Use this tool to retrieve details about a specific identity provider (IdP) integration using its unique ID.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/idps/{idpId}".format(idpId=identity_provider_id), # noqa: UP032
+ method="GET",
+ params=remove_none_values({}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.idps.manage"]))
+async def delete_identity_provider(
+ context: ToolContext,
+ identity_provider_id: Annotated[
+ str, "The unique identifier for the identity provider to be deleted."
+ ],
+) -> Annotated[dict[str, Any], "Response from the API endpoint 'deleteIdentityProvider'."]:
+ """Delete an identity provider integration by ID.
+
+ This tool deletes an identity provider (IdP) integration using the specified `idpId`. Upon deletion, all existing IdP users are unlinked, with the highest order profile source taking precedence for each user. Unlinked users retain their current authentication provider, such as `FEDERATION` or `SOCIAL`.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/idps/{idpId}".format(idpId=identity_provider_id), # noqa: UP032
+ method="DELETE",
+ params=remove_none_values({}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.idps.read"]))
+async def list_idp_certificate_signing_requests(
+ context: ToolContext,
+ identity_provider_id: Annotated[str, "The ID of the Identity Provider to retrieve CSRs for."],
+) -> Annotated[dict[str, Any], "Response from the API endpoint 'listCsrsForIdentityProvider'."]:
+ """Retrieve CSRs for a given identity provider from Okta."""
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/idps/{idpId}/credentials/csrs".format( # noqa: UP032
+ idpId=identity_provider_id
+ ),
+ method="GET",
+ params=remove_none_values({}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.idps.read"]))
+async def get_identity_provider_csr(
+ context: ToolContext,
+ identity_provider_id: Annotated[str, "The unique identifier of the Identity Provider (IdP)."],
+ identity_provider_csr_id: Annotated[
+ str,
+ "The ID of the Identity Provider's CSR used to retrieve the specific certificate signing request.", # noqa: E501
+ ],
+) -> Annotated[dict[str, Any], "Response from the API endpoint 'getCsrForIdentityProvider'."]:
+ """Retrieve CSR for a specific Identity Provider.
+
+ Use this tool to fetch a specific certificate signing request (CSR) using the ID and CSR ID of an Identity Provider.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/idps/{idpId}/credentials/csrs/{idpCsrId}".format( # noqa: UP032
+ idpId=identity_provider_id, idpCsrId=identity_provider_csr_id
+ ),
+ method="GET",
+ params=remove_none_values({}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.idps.manage"]))
+async def revoke_identity_provider_csr(
+ context: ToolContext,
+ identity_provider_id: Annotated[str, "The unique identifier for the identity provider (IdP)."],
+ identity_provider_csr_id: Annotated[
+ str, "The unique identifier for the CSR of the identity provider that needs to be revoked."
+ ],
+) -> Annotated[dict[str, Any], "Response from the API endpoint 'revokeCsrForIdentityProvider'."]:
+ """Revoke a CSR and delete key pair from an IdP.
+
+ This tool revokes a certificate signing request and deletes the associated key pair from a specified identity provider. It should be used when you need to remove an IdP's CSR and its keys from the system.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/idps/{idpId}/credentials/csrs/{idpCsrId}".format( # noqa: UP032
+ idpId=identity_provider_id, idpCsrId=identity_provider_csr_id
+ ),
+ method="DELETE",
+ params=remove_none_values({}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.idps.manage"]))
+async def publish_csr_certificate(
+ context: ToolContext,
+ identity_provider_id: Annotated[
+ str, "The unique `id` of the Identity Provider (IdP) for which the CSR is being published."
+ ],
+ identity_provider_csr_id: Annotated[
+ str, "The unique identifier for the Identity Provider's Certificate Signing Request (CSR)."
+ ],
+ signed_x509_certificate: Annotated[
+ str, "The signed X.509 certificate in string format to be published for the CSR."
+ ],
+ signed_certificate_x509: Annotated[
+ str, "A string containing the signed X.509 certificate to be published for the IdP CSR."
+ ],
+ certificate_content: Annotated[
+ str, "The signed X.509 certificate content in string format to publish for the IdP CSR."
+ ],
+) -> Annotated[dict[str, Any], "Response from the API endpoint 'publishCsrForIdentityProvider'."]:
+ """Publishes a signed X.509 certificate for an IdP CSR.
+
+ Use this tool to complete the certificate signing request lifecycle by publishing a signed X.509 certificate for an identity provider (IdP). Note that once published, the CSR is no longer accessible. Publishing will fail if the certificate validity is under 90 days.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/idps/{idpId}/credentials/csrs/{idpCsrId}/lifecycle/publish".format( # noqa: UP032
+ idpId=identity_provider_id, idpCsrId=identity_provider_csr_id
+ ),
+ method="POST",
+ params=remove_none_values({}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({"requestBody": certificate_content}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.idps.read"]))
+async def list_idp_signing_keys(
+ context: ToolContext,
+ identity_provider_id: Annotated[
+ str,
+ "The unique identifier for the identity provider (IdP) whose signing keys are to be listed.", # noqa: E501
+ ],
+) -> Annotated[dict[str, Any], "Response from the API endpoint 'listIdentityProviderSigningKeys'."]:
+ """Retrieve signing key credentials for an identity provider.
+
+ This tool lists all signing key credentials associated with a specific identity provider (IdP). It should be called when there's a need to view or manage the signing keys for authentication or integration purposes.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/idps/{idpId}/credentials/keys".format( # noqa: UP032
+ idpId=identity_provider_id
+ ),
+ method="GET",
+ params=remove_none_values({}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.idps.read"]))
+async def list_active_signing_key_credential(
+ context: ToolContext,
+ identity_provider_id: Annotated[
+ str, "The unique identifier of the identity provider (IdP) to retrieve the signing key for."
+ ],
+) -> Annotated[
+ dict[str, Any], "Response from the API endpoint 'listActiveIdentityProviderSigningKey'."
+]:
+ """Retrieve the active signing key for an identity provider.
+
+ This tool retrieves the active signing key credential for a specified identity provider (IdP) in Okta.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/idps/{idpId}/credentials/keys/active".format( # noqa: UP032
+ idpId=identity_provider_id
+ ),
+ method="GET",
+ params=remove_none_values({}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.idps.manage"]))
+async def generate_idp_signing_key(
+ context: ToolContext,
+ idp_key_credential_expiry_years: Annotated[
+ int, "Enter the number of years the IdP certificate should remain valid."
+ ],
+ identity_provider_id: Annotated[str, "The unique identifier for the identity provider (IdP)."],
+) -> Annotated[
+ dict[str, Any], "Response from the API endpoint 'generateIdentityProviderSigningKey'."
+]:
+ """Generate a new X.509 certificate for IdP signing.
+
+ This tool generates a new X.509 certificate for an identity provider (IdP) signing key, used for signing assertions sent to the IdP. To utilize the new key, update your IdP using the returned key's `kid` in the signing credential.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/idps/{idpId}/credentials/keys/generate".format( # noqa: UP032
+ idpId=identity_provider_id
+ ),
+ method="POST",
+ params=remove_none_values({"validityYears": idp_key_credential_expiry_years}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.idps.read"]))
+async def get_idp_signing_key(
+ context: ToolContext,
+ identity_provider_id: Annotated[str, "The unique identifier for the identity provider (IdP)."],
+ key_id: Annotated[str, "Unique identifier of the IdP key credential to retrieve."],
+) -> Annotated[dict[str, Any], "Response from the API endpoint 'getIdentityProviderSigningKey'."]:
+ """Retrieve a specific IdP key credential by key ID.
+
+ This tool calls the API to obtain details of a particular identity provider signing key using the provided key ID. It should be called when you need to access specific credential information for identity providers.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/idps/{idpId}/credentials/keys/{kid}".format( # noqa: UP032
+ idpId=identity_provider_id, kid=key_id
+ ),
+ method="GET",
+ params=remove_none_values({}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.idps.manage"]))
+async def clone_idp_certificate(
+ context: ToolContext,
+ target_identity_provider_id: Annotated[
+ str, "The `id` of the target identity provider (IdP) where the certificate will be cloned."
+ ],
+ source_idp_id: Annotated[
+ str,
+ "The `id` of the source identity provider (IdP) from which the certificate is being cloned.", # noqa: E501
+ ],
+ key_credential_id: Annotated[
+ str, "Unique ID of the identity provider key credential to clone."
+ ],
+) -> Annotated[dict[str, Any], "Response from the API endpoint 'cloneIdentityProviderKey'."]:
+ """Clone an X.509 certificate between identity providers.
+
+ This tool clones an X.509 certificate for an identity provider (IdP) signing key credential from a source IdP to a target IdP. Note that sharing certificates isn't recommended for security reasons, and if the key already exists for the target IdP, a 400 error will be returned.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/idps/{idpId}/credentials/keys/{kid}/clone".format( # noqa: UP032
+ idpId=source_idp_id, kid=key_credential_id
+ ),
+ method="POST",
+ params=remove_none_values({"targetIdpId": target_identity_provider_id}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.idps.manage"]))
+async def activate_identity_provider(
+ context: ToolContext,
+ identity_provider_id: Annotated[
+ str, "The unique identifier of the identity provider to be activated."
+ ],
+) -> Annotated[dict[str, Any], "Response from the API endpoint 'activateIdentityProvider'."]:
+ """Activates an inactive identity provider.
+
+ Use this tool to activate an inactive identity provider (IdP) for Okta services."""
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/idps/{idpId}/lifecycle/activate".format( # noqa: UP032
+ idpId=identity_provider_id
+ ),
+ method="POST",
+ params=remove_none_values({}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.idps.manage"]))
+async def deactivate_identity_provider(
+ context: ToolContext,
+ identity_provider_id: Annotated[
+ str, "The unique identifier for the identity provider you wish to deactivate."
+ ],
+) -> Annotated[dict[str, Any], "Response from the API endpoint 'deactivateIdentityProvider'."]:
+ """Deactivate an active identity provider (IdP).
+
+ Use this tool to deactivate an active identity provider when it's no longer needed or needs to be temporarily disabled.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/idps/{idpId}/lifecycle/deactivate".format( # noqa: UP032
+ idpId=identity_provider_id
+ ),
+ method="POST",
+ params=remove_none_values({}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.idps.read"]))
+async def list_idp_linked_users(
+ context: ToolContext,
+ identity_provider_id: Annotated[
+ str,
+ "The unique identifier for the identity provider (IdP) whose linked users are to be listed.", # noqa: E501
+ ],
+ search_query: Annotated[
+ str | None, "A string to search records for matching values in linked user data."
+ ] = None,
+ pagination_cursor: Annotated[
+ str | None,
+ "The cursor for pagination, an opaque string indicating current list position. Retrieved from `Link` response header.", # noqa: E501
+ ] = None,
+ result_limit: Annotated[
+ int | None,
+ "The maximum number of user records to return. Useful for controlling pagination and large dataset handling.", # noqa: E501
+ ] = None,
+ expand_user_data: Annotated[
+ str | None,
+ "Specify if additional user details should be included in the response. Use the string 'user' to expand user data.", # noqa: E501
+ ] = None,
+) -> Annotated[
+ dict[str, Any], "Response from the API endpoint 'listIdentityProviderApplicationUsers'."
+]:
+ """Lists users linked to an identity provider.
+
+ Call this tool to obtain a list of users associated with a specific identity provider. It helps in managing and auditing user access linked with identity providers.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/idps/{idpId}/users".format(idpId=identity_provider_id), # noqa: UP032
+ method="GET",
+ params=remove_none_values({
+ "q": search_query,
+ "after": pagination_cursor,
+ "limit": result_limit,
+ "expand": expand_user_data,
+ }),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.idps.read"]))
+async def retrieve_idp_user(
+ context: ToolContext,
+ identity_provider_id: Annotated[
+ str, "The ID of the Identity Provider to retrieve the linked user from."
+ ],
+ okta_user_id: Annotated[
+ str, "The unique ID of an existing Okta user to retrieve information for."
+ ],
+) -> Annotated[
+ dict[str, Any], "Response from the API endpoint 'getIdentityProviderApplicationUser'."
+]:
+ """Retrieve a linked identity provider user by ID.
+
+ This tool retrieves a linked identity provider (IdP) user by their ID, useful for accessing detailed IdP user information.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/idps/{idpId}/users/{userId}".format( # noqa: UP032
+ idpId=identity_provider_id, userId=okta_user_id
+ ),
+ method="GET",
+ params=remove_none_values({}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.idps.manage"]))
+async def unlink_user_from_identity_provider(
+ context: ToolContext,
+ identity_provider_id: Annotated[
+ str, "The unique identifier for the Identity Provider (IdP) to unlink the user from."
+ ],
+ okta_user_id: Annotated[
+ str, "The unique identifier of an existing Okta user to be unlinked from the IdP."
+ ],
+) -> Annotated[dict[str, Any], "Response from the API endpoint 'unlinkUserFromIdentityProvider'."]:
+ """Unlink a user from their identity provider in Okta.
+
+ This tool unlinks an Okta user from their associated identity provider, requiring them to re-link their account upon next federation. Use this when you need to disconnect a user from a specific IdP.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/idps/{idpId}/users/{userId}".format( # noqa: UP032
+ idpId=identity_provider_id, userId=okta_user_id
+ ),
+ method="DELETE",
+ params=remove_none_values({}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.idps.read"]))
+async def get_social_auth_tokens(
+ context: ToolContext,
+ identity_provider_id: Annotated[
+ str, "The ID of the Identity Provider (IdP) for the social authentication."
+ ],
+ okta_user_id: Annotated[
+ str,
+ "The Okta user ID for whom to retrieve the social auth tokens. It must be a valid string identifying an existing Okta user.", # noqa: E501
+ ],
+) -> Annotated[dict[str, Any], "Response from the API endpoint 'listSocialAuthTokens'."]:
+ """Retrieve tokens from social auth providers via Okta.
+
+ Use this tool to list tokens minted by social authentication providers when a user authenticates using Okta via Social Auth. These tokens can be used by applications to obtain additional user information from the social provider.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/idps/{idpId}/users/{userId}/credentials/tokens".format( # noqa: UP032
+ idpId=identity_provider_id, userId=okta_user_id
+ ),
+ method="GET",
+ params=remove_none_values({}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.inlineHooks.read"]))
+async def list_okta_inline_hooks(
+ context: ToolContext,
+ inline_hook_type: Annotated[
+ str | None,
+ "Specify one of the supported inline hook types to filter results. Options include user import, token transformation, SAML assertion, telephony provider, password import, and registration.", # noqa: E501
+ ] = None,
+) -> Annotated[dict[str, Any], "Response from the API endpoint 'listInlineHooks'."]:
+ """Retrieve all inline hooks or those of a specific type in Okta.
+
+ This tool retrieves all Okta inline hooks or can be used to list inline hooks of a specific type. Supported types include user import, token transformation, SAML assertion, telephony provider, password import, and registration inline hooks.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/inlineHooks",
+ method="GET",
+ params=remove_none_values({"type": inline_hook_type}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.inlineHooks.read"]))
+async def retrieve_inline_hook(
+ context: ToolContext,
+ inline_hook_id: Annotated[
+ str,
+ "The ID of the inline hook to retrieve details for. This should be a string representing the unique identifier of the hook.", # noqa: E501
+ ],
+) -> Annotated[dict[str, Any], "Response from the API endpoint 'getInlineHook'."]:
+ """Fetches details of a specific inline hook by its ID.
+
+ Use this tool to obtain detailed information about an inline hook specified by its ID. Ideal for scenarios where identification and configuration details of a specific inline hook are required.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/inlineHooks/{inlineHookId}".format( # noqa: UP032
+ inlineHookId=inline_hook_id
+ ),
+ method="GET",
+ params=remove_none_values({}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.inlineHooks.manage"]))
+async def delete_inactive_inline_hook(
+ context: ToolContext,
+ inline_hook_id: Annotated[
+ str,
+ "The unique identifier of the inline hook to be deleted. Ensure the hook is inactive before deletion.", # noqa: E501
+ ],
+) -> Annotated[dict[str, Any], "Response from the API endpoint 'deleteInlineHook'."]:
+ """Delete an inactive inline hook in Okta.
+
+ Use this tool to permanently delete an inline hook from Okta, provided it is in an inactive state. Once deleted, the hook cannot be recovered, so ensure the status is 'INACTIVE' before proceeding.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/inlineHooks/{inlineHookId}".format( # noqa: UP032
+ inlineHookId=inline_hook_id
+ ),
+ method="DELETE",
+ params=remove_none_values({}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.inlineHooks.manage"]))
+async def activate_inline_hook(
+ context: ToolContext,
+ inline_hook_id: Annotated[str, "The ID of the inline hook to activate in Okta."],
+) -> Annotated[dict[str, Any], "Response from the API endpoint 'activateInlineHook'."]:
+ """Activates a specified inline hook in Okta by its ID.
+
+ Use this tool to activate an inline hook in Okta by providing the inlineHookId. This is typically used when you need to enable a specific hook for processing logic in the Okta service.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/inlineHooks/{inlineHookId}/lifecycle/activate".format( # noqa: UP032
+ inlineHookId=inline_hook_id
+ ),
+ method="POST",
+ params=remove_none_values({}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.inlineHooks.manage"]))
+async def deactivate_inline_hook(
+ context: ToolContext,
+ inline_hook_id: Annotated[str, "Unique identifier of the inline hook to be deactivated."],
+) -> Annotated[dict[str, Any], "Response from the API endpoint 'deactivateInlineHook'."]:
+ """Deactivates a specified inline hook.
+
+ Use this tool to deactivate an inline hook by providing its unique identifier. Useful for managing hooks in web applications.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/inlineHooks/{inlineHookId}/lifecycle/deactivate".format( # noqa: UP032
+ inlineHookId=inline_hook_id
+ ),
+ method="POST",
+ params=remove_none_values({}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.logStreams.read"]))
+async def list_log_streams(
+ context: ToolContext,
+ pagination_cursor: Annotated[
+ str | None,
+ "The opaque string cursor used for pagination, obtained from the `Link` response header.",
+ ] = None,
+ max_number_of_log_streams: Annotated[
+ int | None, "The maximum number of log stream objects to return."
+ ] = None,
+ filter_expression: Annotated[
+ str | None,
+ "A filter expression using the 'eq' operator on 'status' or 'type' properties to filter log streams.", # noqa: E501
+ ] = None,
+) -> Annotated[dict[str, Any], "Response from the API endpoint 'listLogStreams'."]:
+ """Retrieve all log stream objects in your organization.
+
+ Use this tool to get a list of all log streams in your organization, with options for pagination and filtering.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/logStreams",
+ method="GET",
+ params=remove_none_values({
+ "after": pagination_cursor,
+ "limit": max_number_of_log_streams,
+ "filter": filter_expression,
+ }),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.logStreams.read"]))
+async def fetch_log_stream_by_id(
+ context: ToolContext,
+ log_stream_id: Annotated[str, "Unique identifier for the log stream to be retrieved."],
+) -> Annotated[dict[str, Any], "Response from the API endpoint 'getLogStream'."]:
+ """Retrieve log stream details by ID from Okta.
+
+ Use this tool to access detailed information about a specific log stream in Okta by providing the log stream ID.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/logStreams/{logStreamId}".format( # noqa: UP032
+ logStreamId=log_stream_id
+ ),
+ method="GET",
+ params=remove_none_values({}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.logStreams.manage"]))
+async def delete_log_stream(
+ context: ToolContext,
+ log_stream_id: Annotated[str, "Unique identifier for the log stream you want to delete."],
+) -> Annotated[dict[str, Any], "Response from the API endpoint 'deleteLogStream'."]:
+ """Delete a log stream from your organization by ID.
+
+ Use this tool when you need to delete a specific log stream from your Okta organization. Provide the log stream ID to complete the operation.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/logStreams/{logStreamId}".format( # noqa: UP032
+ logStreamId=log_stream_id
+ ),
+ method="DELETE",
+ params=remove_none_values({}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.logStreams.manage"]))
+async def activate_log_stream(
+ context: ToolContext,
+ log_stream_id: Annotated[str, "Unique identifier for the log stream to be activated."],
+) -> Annotated[dict[str, Any], "Response from the API endpoint 'activateLogStream'."]:
+ """Activate a log stream using its ID.
+
+ This tool activates a specified log stream by its logStreamId, enabling the log stream to begin operation.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/logStreams/{logStreamId}/lifecycle/activate".format( # noqa: UP032
+ logStreamId=log_stream_id
+ ),
+ method="POST",
+ params=remove_none_values({}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.logStreams.manage"]))
+async def deactivate_log_stream(
+ context: ToolContext,
+ log_stream_id: Annotated[str, "The unique identifier for the log stream to be deactivated."],
+) -> Annotated[dict[str, Any], "Response from the API endpoint 'deactivateLogStream'."]:
+ """Deactivate a specified log stream using its ID.
+
+ Use this tool to deactivate a log stream by providing the `logStreamId`. It is useful for managing log stream activity within the system.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/logStreams/{logStreamId}/lifecycle/deactivate".format( # noqa: UP032
+ logStreamId=log_stream_id
+ ),
+ method="POST",
+ params=remove_none_values({}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.logs.read"]))
+async def list_system_log_events(
+ context: ToolContext,
+ start_time_filter: Annotated[
+ str | None,
+ "Filters events to those published after this time. Use ISO 8601 format, e.g., '2023-01-01T00:00:00Z'.", # noqa: E501
+ ] = None,
+ upper_time_bound_for_events: Annotated[
+ str | None,
+ "Specifies the upper time boundary for filtering Okta log events, using the 'published' property.", # noqa: E501
+ ] = None,
+ pagination_after_cursor: Annotated[
+ str | None,
+ "Retrieves the next page of log events using the token provided in the HTTP header ('rel=next').", # noqa: E501
+ ] = None,
+ filter_expression: Annotated[
+ str | None,
+ "Filter the System Log events using a specific filter expression. All operators, except brackets, are supported. Refer to Okta's Filter and Operator documentation for detailed usage.", # noqa: E501
+ ] = None,
+ keyword_filter: Annotated[
+ str | None, "Filters log events by one or more case-insensitive keywords."
+ ] = None,
+ result_limit: Annotated[
+ int | None,
+ "Sets the number of results to be returned in the response. Default is 100; adjust to increase or decrease.", # noqa: E501
+ ] = None,
+ event_sort_order: Annotated[
+ str | None,
+ "Specifies the sort order for returned events based on the `published` property. Choose either 'ASCENDING' or 'DESCENDING'.", # noqa: E501
+ ] = None,
+) -> Annotated[dict[str, Any], "Response from the API endpoint 'listLogEvents'."]:
+ """Fetches recent Okta System Log events.
+
+ Use this tool to retrieve Okta System Log events for monitoring and auditing purposes. It returns up to 100 events by default, with options to paginate or modify the limit.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/logs",
+ method="GET",
+ params=remove_none_values({
+ "since": start_time_filter,
+ "until": upper_time_bound_for_events,
+ "after": pagination_after_cursor,
+ "filter": filter_expression,
+ "q": keyword_filter,
+ "limit": result_limit,
+ "sortOrder": event_sort_order,
+ }),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.profileMappings.read"]))
+async def list_profile_mappings(
+ context: ToolContext,
+ pagination_cursor_after: Annotated[
+ str | None, "Mapping ID for pagination cursor to fetch the next page of profile mappings."
+ ] = None,
+ results_per_page: Annotated[
+ int | None, "Number of profile mappings to return per page, used for pagination."
+ ] = None,
+ source_id: Annotated[
+ str | None,
+ "The user type or app instance ID acting as the source for the mappings. Filters results by this ID.", # noqa: E501
+ ] = None,
+ target_id: Annotated[
+ str | None,
+ "The user type or app instance ID to be used as the target for expressions in a mapping. Filters returned mappings to have this as their `target.id`.", # noqa: E501
+ ] = None,
+) -> Annotated[dict[str, Any], "Response from the API endpoint 'listProfileMappings'."]:
+ """Retrieve all profile mappings in your Okta organization.
+
+ Use this tool to list all profile mappings available in your Okta organization. It supports pagination and can filter results by `sourceId` and/or `targetId`. This helps users understand how properties map between Okta user profiles and app user profiles.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/mappings",
+ method="GET",
+ params=remove_none_values({
+ "after": pagination_cursor_after,
+ "limit": results_per_page,
+ "sourceId": source_id,
+ "targetId": target_id,
+ }),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.profileMappings.read"]))
+async def retrieve_profile_mapping_by_id(
+ context: ToolContext,
+ profile_mapping_id: Annotated[str, "The unique ID of the profile mapping to retrieve."],
+) -> Annotated[dict[str, Any], "Response from the API endpoint 'getProfileMapping'."]:
+ """Retrieve profile mapping details by ID.
+
+ Use this tool to get detailed information about a specific profile mapping using its unique identifier. Call this tool when you need to access details of a profile mapping from Okta.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/mappings/{mappingId}".format( # noqa: UP032
+ mappingId=profile_mapping_id
+ ),
+ method="GET",
+ params=remove_none_values({}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.schemas.read"]))
+async def get_app_user_schema(
+ context: ToolContext,
+ application_id: Annotated[
+ str, "The unique identifier of the application for which the user schema is retrieved."
+ ],
+) -> Annotated[dict[str, Any], "Response from the API endpoint 'getApplicationUserSchema'."]:
+ """Retrieve the default schema for an app user.
+
+ Use this tool to get the default schema for a user assigned to a specific app. This is useful when you need to understand the attributes and structure that apply uniformly to all users associated with the app.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/meta/schemas/apps/{appId}/default".format( # noqa: UP032
+ appId=application_id
+ ),
+ method="GET",
+ params=remove_none_values({}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.schemas.read"]))
+async def get_group_schema(
+ context: ToolContext,
+) -> Annotated[dict[str, Any], "Response from the API endpoint 'getGroupSchema'."]:
+ """Retrieve the group schema from Okta.
+
+ Use this tool to fetch the default group schema from Okta. This schema is used for all groups as Okta does not extend user types to groups. Useful for understanding the group structure and attributes.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/meta/schemas/group/default",
+ method="GET",
+ params=remove_none_values({}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.logStreams.read"]))
+async def list_log_stream_schemas(
+ context: ToolContext,
+) -> Annotated[dict[str, Any], "Response from the API endpoint 'listLogStreamSchemas'."]:
+ """Retrieve schema for all log stream types for an organization.
+
+ Use this tool to obtain the schema details for every log stream type accessible to the organization. This is useful for understanding the data structure and fields available for each log stream type.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/meta/schemas/logStream",
+ method="GET",
+ params=remove_none_values({}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.logStreams.read"]))
+async def retrieve_log_stream_schema(
+ context: ToolContext,
+ log_stream_type: Annotated[
+ str,
+ "Specify the log stream type: 'aws_eventbridge' for AWS EventBridge or 'splunk_cloud_logstreaming' for Splunk Cloud.", # noqa: E501
+ ],
+) -> Annotated[dict[str, Any], "Response from the API endpoint 'getLogStreamSchema'."]:
+ """Retrieve the schema for a specific log stream type.
+
+ This tool retrieves the schema for a specified log stream type in Okta. Use it to obtain schema details for either AWS EventBridge or Splunk Cloud log streaming by specifying the appropriate type.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/meta/schemas/logStream/{logStreamType}".format( # noqa: UP032
+ logStreamType=log_stream_type
+ ),
+ method="GET",
+ params=remove_none_values({}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.linkedObjects.read"]))
+async def list_linked_object_definitions(
+ context: ToolContext,
+) -> Annotated[dict[str, Any], "Response from the API endpoint 'listLinkedObjectDefinitions'."]:
+ """Retrieve all Linked Object definitions from Okta.
+
+ Use this tool to list all Linked Object definitions in your Okta instance. This is helpful for understanding relationships between different object schemas in your Okta environment.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/meta/schemas/user/linkedObjects",
+ method="GET",
+ params=remove_none_values({}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.linkedObjects.read"]))
+async def retrieve_linked_object_definition(
+ context: ToolContext,
+ linked_object_name: Annotated[
+ str,
+ "The Primary or Associated name of the Linked Object to retrieve its definition from Okta.",
+ ],
+) -> Annotated[dict[str, Any], "Response from the API endpoint 'getLinkedObjectDefinition'."]:
+ """Retrieve a Linked Object definition from Okta.
+
+ Use this tool to get details about a specific Linked Object definition in Okta. It should be called when you need to understand the configuration or schema of a Linked Object by its name.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/meta/schemas/user/linkedObjects/{linkedObjectName}".format( # noqa: UP032
+ linkedObjectName=linked_object_name
+ ),
+ method="GET",
+ params=remove_none_values({}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.linkedObjects.manage"]))
+async def delete_linked_object_definition(
+ context: ToolContext,
+ linked_object_name: Annotated[
+ str, "The primary or associated name of the linked object definition to delete in Okta."
+ ],
+) -> Annotated[dict[str, Any], "Response from the API endpoint 'deleteLinkedObjectDefinition'."]:
+ """Delete a specified linked object definition in Okta.
+
+ Use this tool to delete a linked object definition in Okta by specifying its primary or associated name. This action removes the entire definition.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/meta/schemas/user/linkedObjects/{linkedObjectName}".format( # noqa: UP032
+ linkedObjectName=linked_object_name
+ ),
+ method="DELETE",
+ params=remove_none_values({}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.schemas.read"]))
+async def retrieve_user_schema(
+ context: ToolContext,
+ schema_identifier: Annotated[
+ str, "The ID for the user type schema to retrieve. Use 'default' for the default schema."
+ ],
+) -> Annotated[dict[str, Any], "Response from the API endpoint 'getUserSchema'."]:
+ """Retrieve the schema for a specified user type.
+
+ This tool retrieves the schema information for a given user type using the provided schema ID. It is useful for obtaining details about the attributes and structure of specific user types.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/meta/schemas/user/{schemaId}".format( # noqa: UP032
+ schemaId=schema_identifier
+ ),
+ method="GET",
+ params=remove_none_values({}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.userTypes.read"]))
+async def list_all_user_types(
+ context: ToolContext,
+) -> Annotated[dict[str, Any], "Response from the API endpoint 'listUserTypes'."]:
+ """Retrieve a list of all user types in your organization.
+
+ Use this tool to get an overview of all user types defined in your Okta organization. Useful for managing user roles and permissions.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/meta/types/user",
+ method="GET",
+ params=remove_none_values({}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.userTypes.read"]))
+async def retrieve_user_type_by_id(
+ context: ToolContext,
+ user_type_id: Annotated[
+ str, "The ID of the user type to retrieve. Use 'default' to fetch the default user type."
+ ],
+) -> Annotated[dict[str, Any], "Response from the API endpoint 'getUserType'."]:
+ """Retrieve user type information by ID from Okta.
+
+ Use this tool to get details about a specific user type using its ID, including fetching the default type with 'default' as the ID.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/meta/types/user/{typeId}".format(typeId=user_type_id), # noqa: UP032
+ method="GET",
+ params=remove_none_values({}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.userTypes.manage"]))
+async def delete_user_type(
+ context: ToolContext,
+ user_type_id: Annotated[
+ str,
+ "The ID of the user type to delete. Must not be the default type or assigned to any users.",
+ ],
+) -> Annotated[dict[str, Any], "Response from the API endpoint 'deleteUserType'."]:
+ """Permantly remove a user type in Okta.
+
+ Deletes a user type permanently unless it's the default or currently assigned to users."""
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/meta/types/user/{typeId}".format(typeId=user_type_id), # noqa: UP032
+ method="DELETE",
+ params=remove_none_values({}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.uischemas.read"]))
+async def list_ui_schemas(
+ context: ToolContext,
+) -> Annotated[dict[str, Any], "Response from the API endpoint 'listUISchemas'."]:
+ """Retrieve all UI Schemas in your organization.
+
+ This tool retrieves a list of all UI Schemas available in your organization from Okta. It should be called when you need to access or manage the UI configurations for various applications and components in your environment.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/meta/uischemas",
+ method="GET",
+ params=remove_none_values({}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.uischemas.read"]))
+async def retrieve_ui_schema(
+ context: ToolContext,
+ ui_schema_id: Annotated[str, "The unique ID of the UI Schema to retrieve from Okta."],
+) -> Annotated[dict[str, Any], "Response from the API endpoint 'getUISchema'."]:
+ """Retrieve UI Schema details by ID from Okta.
+
+ Use this tool to fetch the UI Schema details from Okta by providing a specific ID. This is useful for accessing configuration details of the user interface schema.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/meta/uischemas/{id}".format(id=ui_schema_id), # noqa: UP032
+ method="GET",
+ params=remove_none_values({}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.uischemas.manage"]))
+async def delete_ui_schema(
+ context: ToolContext,
+ ui_schema_id: Annotated[str, "The unique identifier of the UI Schema to delete."],
+) -> Annotated[dict[str, Any], "Response from the API endpoint 'deleteUISchemas'."]:
+ """Delete a UI Schema by its ID.
+
+ Use this tool to delete a specific UI Schema in the Okta platform by providing the schema ID."""
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/meta/uischemas/{id}".format(id=ui_schema_id), # noqa: UP032
+ method="DELETE",
+ params=remove_none_values({}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.orgs.read"]))
+async def retrieve_org_general_settings(
+ context: ToolContext,
+) -> Annotated[dict[str, Any], "Response from the API endpoint 'getOrgSettings'."]:
+ """Retrieve the organization's general settings.
+
+ This tool calls the Okta API to retrieve the organization's general settings, providing essential configuration details.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/org",
+ method="GET",
+ params=remove_none_values({}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.captchas.read"]))
+async def get_org_captcha_settings(
+ context: ToolContext,
+) -> Annotated[dict[str, Any], "Response from the API endpoint 'getOrgCaptchaSettings'."]:
+ """Retrieve CAPTCHA settings for your organization.
+
+ Call this tool to get the current CAPTCHA settings configured for your organization. If no settings are configured, the tool returns an empty object.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/org/captcha",
+ method="GET",
+ params=remove_none_values({}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.captchas.manage"]))
+async def delete_org_captcha_settings(
+ context: ToolContext,
+) -> Annotated[dict[str, Any], "Response from the API endpoint 'deleteOrgCaptchaSettings'."]:
+ """Deletes the CAPTCHA settings for your organization.
+
+ Use this tool to delete the CAPTCHA settings object for your organization in Okta. This is useful when CAPTCHA protections are no longer needed or being replaced. The tool confirms the deletion of the settings.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/org/captcha",
+ method="DELETE",
+ params=remove_none_values({}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.orgs.read"]))
+async def list_okta_org_contact_types(
+ context: ToolContext,
+) -> Annotated[dict[str, Any], "Response from the API endpoint 'listOrgContactTypes'."]:
+ """List all organization contact types in Okta.
+
+ Use this tool to retrieve all organization contact types for your Okta organization. This can help in understanding the roles and contact information available within the organization.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/org/contacts",
+ method="GET",
+ params=remove_none_values({}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.orgs.read"]))
+async def retrieve_org_contact_user(
+ context: ToolContext,
+ contact_type: Annotated[
+ str,
+ "Specify the contact type within the organization. Possible values: 'BILLING', 'TECHNICAL'.", # noqa: E501
+ ],
+) -> Annotated[dict[str, Any], "Response from the API endpoint 'getOrgContactUser'."]:
+ """Retrieve ID and user resource for a specific contact type in an organization.
+
+ This tool retrieves the ID and user resource associated with a specified contact type within an organization using Okta. It is useful for accessing contact details for organizational roles or responsibilities.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/org/contacts/{contactType}".format( # noqa: UP032
+ contactType=contact_type
+ ),
+ method="GET",
+ params=remove_none_values({}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.users.read"]))
+async def list_yubikey_otp_tokens(
+ context: ToolContext,
+ pagination_cursor_for_next_page: Annotated[
+ str | None, "Specifies the pagination cursor for the next page of YubiKey OTP tokens."
+ ] = None,
+ expand_user_resource: Annotated[
+ str | None, "Set to 'user' to embed the User resource if assigned to a YubiKey token."
+ ] = None,
+ filter_tokens_by: Annotated[
+ str | None,
+ "Filter expression to narrow down tokens (e.g., by email, serial, status, etc.).",
+ ] = None,
+ results_per_page: Annotated[
+ int | None, "Specifies the number of YubiKey OTP tokens returned per page."
+ ] = None,
+ sort_tokens_by: Annotated[
+ str | None,
+ "Specify how to sort the YubiKey tokens. Options: profile.email, profile.serial, activated, user.id, created, status, lastVerified.", # noqa: E501
+ ] = None,
+ sort_order: Annotated[
+ str | None,
+ "Specifies the sort order for the YubiKey OTP tokens, either `ASC` for ascending or `DESC` for descending.", # noqa: E501
+ ] = None,
+ download_as_csv: Annotated[
+ bool | None,
+ "Set to True to return tokens as a downloadable CSV. The default limit changes to 1000.",
+ ] = None,
+) -> Annotated[dict[str, Any], "Response from the API endpoint 'listYubikeyOtpTokens'."]:
+ """Lists all YubiKey OTP tokens in the organization.
+
+ Use this tool to retrieve all YubiKey OTP tokens associated with the organization. It helps in managing and auditing YubiKey token deployments.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/org/factors/yubikey_token/tokens",
+ method="GET",
+ params=remove_none_values({
+ "after": pagination_cursor_for_next_page,
+ "expand": expand_user_resource,
+ "filter": filter_tokens_by,
+ "forDownload": download_as_csv,
+ "limit": results_per_page,
+ "sortBy": sort_tokens_by,
+ "sortOrder": sort_order,
+ }),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.users.read"]))
+async def retrieve_yubikey_otp_token(
+ context: ToolContext,
+ yubikey_otp_token_id: Annotated[str, "The unique ID of the YubiKey OTP token to retrieve."],
+) -> Annotated[dict[str, Any], "Response from the API endpoint 'getYubikeyOtpTokenById'."]:
+ """Retrieve a YubiKey OTP token using its ID.
+
+ This tool retrieves detailed information about a specific YubiKey OTP token by its ID. Use this tool when you need to access the details of a YubiKey OTP token from Okta.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/org/factors/yubikey_token/tokens/{tokenId}".format( # noqa: UP032
+ tokenId=yubikey_otp_token_id
+ ),
+ method="GET",
+ params=remove_none_values({}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.orgs.read"]))
+async def retrieve_third_party_admin_setting(
+ context: ToolContext,
+) -> Annotated[dict[str, Any], "Response from the API endpoint 'getThirdPartyAdminSetting'."]:
+ """Retrieve the third-party admin setting from Okta.
+
+ Call this tool to obtain the current third-party admin settings configured in Okta. Useful for managing and auditing access settings.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/org/orgSettings/thirdPartyAdminSetting",
+ method="GET",
+ params=remove_none_values({}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.orgs.read"]))
+async def get_okta_org_preferences(
+ context: ToolContext,
+) -> Annotated[dict[str, Any], "Response from the API endpoint 'getOrgPreferences'."]:
+ """Retrieve preferences of your Okta organization.
+
+ Use this tool to fetch the preferences set up for your Okta organization, helping you stay informed about organizational settings.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/org/preferences",
+ method="GET",
+ params=remove_none_values({}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.orgs.manage"]))
+async def hide_okta_user_dashboard_footer(
+ context: ToolContext,
+) -> Annotated[dict[str, Any], "Response from the API endpoint 'setOrgHideOktaUIFooter'."]:
+ """Hide the Okta End-User Dashboard footer for all users.
+
+ This tool configures the Okta organization settings to hide the footer on the End-User Dashboard for all users. It should be called when there is a need to remove the dashboard footer for a cleaner UI experience.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/org/preferences/hideEndUserFooter",
+ method="POST",
+ params=remove_none_values({}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.orgs.manage"]))
+async def set_show_footer_preference(
+ context: ToolContext,
+) -> Annotated[dict[str, Any], "Response from the API endpoint 'setOrgShowOktaUIFooter'."]:
+ """Set the preference to show the Okta UI footer for end users.
+
+ This tool is used to configure the display of the Okta UI footer for all end users in your organization. It should be called when there is a need to update the visibility of the footer across the end-user interface.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/org/preferences/showEndUserFooter",
+ method="POST",
+ params=remove_none_values({}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.orgs.manage"]))
+async def get_aerial_consent_details(
+ context: ToolContext,
+) -> Annotated[dict[str, Any], "Response from the API endpoint 'getAerialConsent'."]:
+ """Retrieve Okta Aerial consent grant details for your Org.
+
+ Use this tool to check if your organization has granted consent for Okta Aerial. It returns detailed consent information or a 404 error if no consent has been granted.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/org/privacy/aerial",
+ method="GET",
+ params=remove_none_values({}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.orgs.read"]))
+async def get_okta_communication_settings(
+ context: ToolContext,
+) -> Annotated[dict[str, Any], "Response from the API endpoint 'getOktaCommunicationSettings'."]:
+ """Retrieve the Okta communication settings for your organization.
+
+ Use this tool to access the communication settings configured in Okta for your organization. It retrieves preferences related to communication with Okta.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/org/privacy/oktaCommunication",
+ method="GET",
+ params=remove_none_values({}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.orgs.manage"]))
+async def opt_in_users_to_okta_emails(
+ context: ToolContext,
+) -> Annotated[
+ dict[str, Any], "Response from the API endpoint 'optInUsersToOktaCommunicationEmails'."
+]:
+ """Opt in all users to Okta communication emails.
+
+ Use this tool to opt in all users of an organization to receive communication emails from Okta.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/org/privacy/oktaCommunication/optIn",
+ method="POST",
+ params=remove_none_values({}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.orgs.manage"]))
+async def opt_out_okta_emails(
+ context: ToolContext,
+) -> Annotated[
+ dict[str, Any], "Response from the API endpoint 'optOutUsersFromOktaCommunicationEmails'."
+]:
+ """Opt out all users from Okta communication emails.
+
+ Use this tool to opt out all users in the organization from receiving Okta communication emails.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/org/privacy/oktaCommunication/optOut",
+ method="POST",
+ params=remove_none_values({}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.orgs.read"]))
+async def get_okta_support_settings(
+ context: ToolContext,
+) -> Annotated[dict[str, Any], "Response from the API endpoint 'getOrgOktaSupportSettings'."]:
+ """Retrieves Okta Support Settings for your organization.
+
+ Call this tool to get the current Okta Support Settings for your organization. Useful for understanding support configuration and privacy details in your Okta setup.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/org/privacy/oktaSupport",
+ method="GET",
+ params=remove_none_values({}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.orgs.read"]))
+async def list_okta_support_cases(
+ context: ToolContext,
+) -> Annotated[dict[str, Any], "Response from the API endpoint 'listOktaSupportCases'."]:
+ """Retrieve a list of Okta Support cases.
+
+ This tool retrieves all Okta Support cases that the user has permission to view. It should be called when a user needs to access their Okta Support cases.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/org/privacy/oktaSupport/cases",
+ method="GET",
+ params=remove_none_values({}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.orgs.read"]))
+async def get_auto_assign_admin_app_setting(
+ context: ToolContext,
+) -> Annotated[dict[str, Any], "Response from the API endpoint 'getAutoAssignAdminAppSetting'."]:
+ """Fetches the setting for auto-assigning the Okta Admin Console.
+
+ Use this tool to retrieve the organization setting that determines if the Okta Admin Console is automatically assigned when an admin role is given.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/org/settings/autoAssignAdminAppSetting",
+ method="GET",
+ params=remove_none_values({}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.orgs.read"]))
+async def get_super_admin_privilege_setting(
+ context: ToolContext,
+) -> Annotated[dict[str, Any], "Response from the API endpoint 'getClientPrivilegesSetting'."]:
+ """Retrieve Super Admin privilege setting for client apps.
+
+ Use this tool to get the organization setting that determines if the Super Admin role is assigned to new public client applications.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/org/settings/clientPrivilegesSetting",
+ method="GET",
+ params=remove_none_values({}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.policies.read"]))
+async def list_policies_by_type(
+ context: ToolContext,
+ policy_type: Annotated[
+ str,
+ "Specifies the type of policy to return. Available types include `OKTA_SIGN_ON`, `PASSWORD`, `MFA_ENROLL`, `IDP_DISCOVERY`, and those exclusive to Okta Identity Engine like `ACCESS_POLICY`, `DEVICE_SIGNAL_COLLECTION`, `PROFILE_ENROLLMENT`, `POST_AUTH_SESSION`, and `ENTITY_RISK`.", # noqa: E501
+ ],
+ filter_by_policy_status: Annotated[
+ str | None, "Filter policies by their status. Acceptable values are `ACTIVE` or `INACTIVE`."
+ ] = None,
+ policy_name_prefix_query: Annotated[
+ str | None,
+ "Refines the query by specifying the prefix of the policy name using the startWith method.",
+ ] = None,
+ expand_policy_details: Annotated[
+ str | None, "Determines if additional policy details should be included in the response."
+ ] = None,
+ sort_policies_by_name: Annotated[
+ str | None,
+ "Set to refine the query by sorting policies based on their names in ascending order.",
+ ] = None,
+ max_policies_to_return: Annotated[
+ str | None,
+ "Specifies the maximum number of policies to return. Use this for controlling pagination size.", # noqa: E501
+ ] = None,
+ authorization_server_reference: Annotated[
+ str | None, "Reference ID for the associated authorization server to filter policies."
+ ] = None,
+ pagination_end_cursor: Annotated[
+ str | None,
+ "End page cursor for pagination. Use to retrieve the next set of results in a paginated list.", # noqa: E501
+ ] = None,
+) -> Annotated[dict[str, Any], "Response from the API endpoint 'listPolicies'."]:
+ """Lists all policies of a specified type.
+
+ Use this tool to retrieve a list of policies filtered by a specified type. It is useful for managing or reviewing specific policy sets within the Okta platform.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/policies",
+ method="GET",
+ params=remove_none_values({
+ "type": policy_type,
+ "status": filter_by_policy_status,
+ "q": policy_name_prefix_query,
+ "expand": expand_policy_details,
+ "sortBy": sort_policies_by_name,
+ "limit": max_policies_to_return,
+ "resourceId": authorization_server_reference,
+ "after": pagination_end_cursor,
+ }),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.policies.read"]))
+async def retrieve_policy(
+ context: ToolContext,
+ policy_id: Annotated[str, "The unique ID of the policy to retrieve details for."],
+ expand_policy_details: Annotated[
+ str | None,
+ "Include additional policy details in the response. Provide parameters like 'groups'.",
+ ] = None,
+) -> Annotated[dict[str, Any], "Response from the API endpoint 'getPolicy'."]:
+ """Retrieve details of a specific policy using its ID.
+
+ This tool should be called when a user wants to retrieve detailed information about a specific policy by providing the policy ID.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/policies/{policyId}".format(policyId=policy_id), # noqa: UP032
+ method="GET",
+ params=remove_none_values({"expand": expand_policy_details}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.policies.manage"]))
+async def delete_policy(
+ context: ToolContext,
+ policy_id: Annotated[str, "The ID of the policy to be deleted in Okta."],
+) -> Annotated[dict[str, Any], "Response from the API endpoint 'deletePolicy'."]:
+ """Deletes a specified policy in Okta.
+
+ Use this tool to delete a specific policy in Okta by its ID. Appropriate when you need to remove an existing policy from the system.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/policies/{policyId}".format(policyId=policy_id), # noqa: UP032
+ method="DELETE",
+ params=remove_none_values({}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.policies.manage"]))
+async def clone_policy(
+ context: ToolContext,
+ policy_id: Annotated[
+ str, "The unique identifier of the policy to be cloned. It must be a valid string ID."
+ ],
+) -> Annotated[dict[str, Any], "Response from the API endpoint 'clonePolicy'."]:
+ """Clone an existing policy in the system.
+
+ Use this tool to create a copy of an existing policy by cloning it. This can be useful for quickly setting up similar policies without manually configuring each one.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/policies/{policyId}/clone".format(policyId=policy_id), # noqa: UP032
+ method="POST",
+ params=remove_none_values({}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.policies.manage"]))
+async def activate_policy(
+ context: ToolContext,
+ policy_id: Annotated[str, "The unique identifier for the policy to be activated."],
+) -> Annotated[dict[str, Any], "Response from the API endpoint 'activatePolicy'."]:
+ """Activates a specified policy in Okta.
+
+ Use this tool to activate a policy by its ID using Okta's API. It should be called when a policy needs to be enabled.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/policies/{policyId}/lifecycle/activate".format( # noqa: UP032
+ policyId=policy_id
+ ),
+ method="POST",
+ params=remove_none_values({}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.policies.manage"]))
+async def deactivate_policy(
+ context: ToolContext,
+ policy_id: Annotated[str, "The unique identifier (`id`) of the policy to deactivate in Okta."],
+) -> Annotated[dict[str, Any], "Response from the API endpoint 'deactivatePolicy'."]:
+ """Deactivate a specified policy in Okta.
+
+ This tool deactivates a policy in Okta using its policy ID. It should be called when a policy needs to be disabled, preventing it from being applied.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/policies/{policyId}/lifecycle/deactivate".format( # noqa: UP032
+ policyId=policy_id
+ ),
+ method="POST",
+ params=remove_none_values({}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.policies.read"]))
+async def list_policy_mappings(
+ context: ToolContext,
+ policy_id: Annotated[str, "The unique `id` of the policy to list its mapped resources."],
+) -> Annotated[dict[str, Any], "Response from the API endpoint 'listPolicyMappings'."]:
+ """Retrieve resources mapped to a specific policy using its ID.
+
+ Use this tool to obtain a list of all resources that are associated with a given policy, identified by its `policyId`. This can be helpful for auditing and managing policy resource links.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/policies/{policyId}/mappings".format( # noqa: UP032
+ policyId=policy_id
+ ),
+ method="GET",
+ params=remove_none_values({}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.policies.read"]))
+async def retrieve_policy_mapping(
+ context: ToolContext,
+ policy_id: Annotated[
+ str, "The unique identifier of the policy to retrieve the resource mapping for."
+ ],
+ policy_resource_mapping_id: Annotated[
+ str,
+ "The unique `id` of the policy resource Mapping. Required to retrieve the specific mapping details.", # noqa: E501
+ ],
+) -> Annotated[dict[str, Any], "Response from the API endpoint 'getPolicyMapping'."]:
+ """Retrieves resource mapping for a specific policy.
+
+ Use this tool to get the resource mapping for a policy by providing the `policyId` and `mappingId`. It is useful for viewing the details of how a policy is mapped to resources.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/policies/{policyId}/mappings/{mappingId}".format( # noqa: UP032
+ policyId=policy_id, mappingId=policy_resource_mapping_id
+ ),
+ method="GET",
+ params=remove_none_values({}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.policies.manage"]))
+async def delete_policy_resource_mapping(
+ context: ToolContext,
+ policy_id: Annotated[
+ str, "ID of the policy to identify which policy's resource mapping to delete."
+ ],
+ policy_resource_mapping_id: Annotated[
+ str, "The unique ID of the policy resource mapping to be deleted."
+ ],
+) -> Annotated[dict[str, Any], "Response from the API endpoint 'deletePolicyResourceMapping'."]:
+ """Deletes a specific resource mapping for a policy identified by policyId and mappingId.
+
+ Use this tool to remove the resource mapping associated with a specified policy in Okta by providing the policy ID and mapping ID.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/policies/{policyId}/mappings/{mappingId}".format( # noqa: UP032
+ policyId=policy_id, mappingId=policy_resource_mapping_id
+ ),
+ method="DELETE",
+ params=remove_none_values({}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.policies.read"]))
+async def list_policy_rules(
+ context: ToolContext,
+ policy_id: Annotated[str, "The unique `id` of the Okta policy to retrieve rules for."],
+ number_of_policy_rules: Annotated[
+ str | None,
+ "Defines the maximum number of policy rules to return. Refer to Okta's pagination guidelines for more information.", # noqa: E501
+ ] = None,
+) -> Annotated[dict[str, Any], "Response from the API endpoint 'listPolicyRules'."]:
+ """Retrieve all rules for a specified Okta policy.
+
+ Call this tool to fetch all the policy rules associated with a specific Okta policy. Useful for managing policy configurations and understanding rule details.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/policies/{policyId}/rules".format(policyId=policy_id), # noqa: UP032
+ method="GET",
+ params=remove_none_values({"limit": number_of_policy_rules}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.policies.read"]))
+async def retrieve_policy_rule(
+ context: ToolContext,
+ policy_id: Annotated[str, "The unique ID of the Policy to retrieve the rule from."],
+ policy_rule_id: Annotated[str, "The unique ID of the policy rule to retrieve from Okta."],
+) -> Annotated[dict[str, Any], "Response from the API endpoint 'getPolicyRule'."]:
+ """Retrieve details of a specific policy rule by its ID.
+
+ This tool is used to retrieve the details of a specific policy rule from Okta by providing the policy ID and rule ID. Use this when you need information about a particular rule within a policy.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/policies/{policyId}/rules/{ruleId}".format( # noqa: UP032
+ policyId=policy_id, ruleId=policy_rule_id
+ ),
+ method="GET",
+ params=remove_none_values({}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.policies.manage"]))
+async def delete_policy_rule(
+ context: ToolContext,
+ policy_id: Annotated[str, "The unique ID of the policy to be deleted."],
+ policy_rule_id: Annotated[str, "The unique identifier of the policy rule to be deleted."],
+) -> Annotated[dict[str, Any], "Response from the API endpoint 'deletePolicyRule'."]:
+ """Deletes a specified policy rule in Okta.
+
+ Use this tool to delete a policy rule by providing the appropriate `policyId` and `ruleId`."""
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/policies/{policyId}/rules/{ruleId}".format( # noqa: UP032
+ policyId=policy_id, ruleId=policy_rule_id
+ ),
+ method="DELETE",
+ params=remove_none_values({}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.policies.manage"]))
+async def activate_policy_rule(
+ context: ToolContext,
+ policy_id: Annotated[str, "The unique identifier of the Policy to be activated."],
+ policy_rule_id: Annotated[
+ str, "The unique identifier of the policy rule to be activated in Okta."
+ ],
+) -> Annotated[dict[str, Any], "Response from the API endpoint 'activatePolicyRule'."]:
+ """Activates a specific Okta policy rule.
+
+ This tool activates a policy rule in Okta identified by the given `policyId` and `ruleId`. Use it to enable specific rules within a policy.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/policies/{policyId}/rules/{ruleId}/lifecycle/activate".format( # noqa: UP032
+ policyId=policy_id, ruleId=policy_rule_id
+ ),
+ method="POST",
+ params=remove_none_values({}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.policies.manage"]))
+async def disable_policy_rule(
+ context: ToolContext,
+ policy_id: Annotated[str, "The ID of the policy to be deactivated."],
+ policy_rule_id: Annotated[str, "The `id` of the policy rule to be deactivated in Okta."],
+) -> Annotated[dict[str, Any], "Response from the API endpoint 'deactivatePolicyRule'."]:
+ """Deactivates a specified policy rule in Okta.
+
+ Use this tool to deactivate a policy rule by providing the `policyId` and `ruleId`. It should be called when a policy rule needs to be deactivated within an Okta system.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/policies/{policyId}/rules/{ruleId}/lifecycle/deactivate".format( # noqa: UP032
+ policyId=policy_id, ruleId=policy_rule_id
+ ),
+ method="POST",
+ params=remove_none_values({}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.principalRateLimits.read"]))
+async def list_principal_rate_limit_entities(
+ context: ToolContext,
+ principal_type_filter: Annotated[
+ str, "Filters the list by principal type, e.g., `SSWS_TOKEN` or `OAUTH_CLIENT`."
+ ],
+ pagination_cursor: Annotated[
+ str | None,
+ "The cursor for pagination, an opaque string specifying current location in the list, obtained from the `Link` response header.", # noqa: E501
+ ] = None,
+ page_size: Annotated[
+ int | None, "The number of items to return in a single response page."
+ ] = None,
+) -> Annotated[dict[str, Any], "Response from the API endpoint 'listPrincipalRateLimitEntities'."]:
+ """Retrieve all Principal Rate Limit entities.
+
+ This tool lists all Principal Rate Limit entities considering the provided parameters, helping to manage and monitor rate limits effectively.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/principal-rate-limits",
+ method="GET",
+ params=remove_none_values({
+ "filter": principal_type_filter,
+ "after": pagination_cursor,
+ "limit": page_size,
+ }),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.principalRateLimits.read"]))
+async def retrieve_principal_rate_limit(
+ context: ToolContext,
+ principal_rate_limit_id: Annotated[
+ str, "The ID of the principal rate limit entity to retrieve details for."
+ ],
+) -> Annotated[dict[str, Any], "Response from the API endpoint 'getPrincipalRateLimitEntity'."]:
+ """Retrieve details of a principal rate limit entity by ID.
+
+ Use this tool to obtain comprehensive information about a specific principal rate limit entity by providing the `principalRateLimitId`. This helps in understanding the rate limits applied to a principal.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/principal-rate-limits/{principalRateLimitId}".format( # noqa: UP032
+ principalRateLimitId=principal_rate_limit_id
+ ),
+ method="GET",
+ params=remove_none_values({}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.pushProviders.read"]))
+async def list_push_providers(
+ context: ToolContext,
+ provider_type_filter: Annotated[
+ str | None,
+ "Filters push providers by `providerType`. Possible values are 'APNS' and 'FCM'.",
+ ] = None,
+) -> Annotated[dict[str, Any], "Response from the API endpoint 'listPushProviders'."]:
+ """Retrieve a list of all push providers.
+
+ This tool should be called when there's a need to obtain information about all available push providers. It returns a list detailing each provider.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/push-providers",
+ method="GET",
+ params=remove_none_values({"type": provider_type_filter}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.pushProviders.read"]))
+async def retrieve_push_provider(
+ context: ToolContext,
+ push_provider_id: Annotated[str, "The ID of the push provider to retrieve details for."],
+) -> Annotated[dict[str, Any], "Response from the API endpoint 'getPushProvider'."]:
+ """Fetch details of a push provider by ID.
+
+ Use this tool to get information about a specific push provider using its ID. It's helpful when you need to retrieve detailed information about push notification configurations.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/push-providers/{pushProviderId}".format( # noqa: UP032
+ pushProviderId=push_provider_id
+ ),
+ method="GET",
+ params=remove_none_values({}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.pushProviders.manage"]))
+async def delete_push_provider(
+ context: ToolContext,
+ push_provider_id: Annotated[
+ str, "The unique identifier for the push provider to be deleted. Must be a valid ID string."
+ ],
+) -> Annotated[dict[str, Any], "Response from the API endpoint 'deletePushProvider'."]:
+ """Delete a push provider by ID with usage checks.
+
+ Call this tool to delete a specified push provider by ID. If the push provider is in use by a custom authenticator within the organization, the deletion will not proceed.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/push-providers/{pushProviderId}".format( # noqa: UP032
+ pushProviderId=push_provider_id
+ ),
+ method="DELETE",
+ params=remove_none_values({}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.rateLimits.read"]))
+async def get_rate_limit_notification_settings(
+ context: ToolContext,
+) -> Annotated[
+ dict[str, Any], "Response from the API endpoint 'getRateLimitSettingsAdminNotifications'."
+]:
+ """Retrieve rate limit admin notification settings.
+
+ This tool retrieves the currently configured settings for admin notifications related to rate limits. It should be called to check or review the notification settings for rate limit alerts.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/rate-limit-settings/admin-notifications",
+ method="GET",
+ params=remove_none_values({}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.rateLimits.read"]))
+async def get_okta_rate_limit_settings(
+ context: ToolContext,
+) -> Annotated[dict[str, Any], "Response from the API endpoint 'getRateLimitSettingsPerClient'."]:
+ """Retrieve Okta's per-client rate limit settings.
+
+ This tool retrieves the current configuration of Per-Client Rate Limit Settings from Okta. It's used when you need to understand or review the rate limit settings applied per client in Okta.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/rate-limit-settings/per-client",
+ method="GET",
+ params=remove_none_values({}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.rateLimits.read"]))
+async def get_rate_limit_warning_threshold(
+ context: ToolContext,
+) -> Annotated[
+ dict[str, Any], "Response from the API endpoint 'getRateLimitSettingsWarningThreshold'."
+]:
+ """Fetches the warning threshold for API rate limit notifications.
+
+ Use this tool to retrieve the configured threshold for sending warning notifications when the API's rate limit is exceeded.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/rate-limit-settings/warning-threshold",
+ method="GET",
+ params=remove_none_values({}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.realmAssignments.read"]))
+async def list_realm_assignments(
+ context: ToolContext,
+ max_results: Annotated[int | None, "The maximum number of realm assignments to return."] = None,
+ pagination_cursor: Annotated[
+ str | None,
+ "The cursor for pagination to continue listing from the last fetched realm assignment.",
+ ] = None,
+) -> Annotated[dict[str, Any], "Response from the API endpoint 'listRealmAssignments'."]:
+ """Retrieve all realm assignments from Okta.
+
+ Use this tool to list all realm assignments in Okta. It is helpful for managing and reviewing current realm assignments.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/realm-assignments",
+ method="GET",
+ params=remove_none_values({"limit": max_results, "after": pagination_cursor}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.realmAssignments.read"]))
+async def list_realm_assignment_operations(
+ context: ToolContext,
+ return_limit: Annotated[
+ int | None,
+ "The maximum number of realm assignment operations to return. The upper limit is 200.",
+ ] = None,
+ pagination_cursor: Annotated[
+ str | None,
+ "The cursor for pagination. An opaque string from the `Link` response header indicating the current list position.", # noqa: E501
+ ] = None,
+) -> Annotated[dict[str, Any], "Response from the API endpoint 'listRealmAssignmentOperations'."]:
+ """Retrieve a list of realm assignment operations.
+
+ This tool lists all realm assignment operations, with a limit of 200, sorted from most recent to oldest by ID.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/realm-assignments/operations",
+ method="GET",
+ params=remove_none_values({"limit": return_limit, "after": pagination_cursor}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.realmAssignments.read"]))
+async def get_realm_assignment(
+ context: ToolContext,
+ realm_assignment_id: Annotated[str, "ID of the realm assignment to retrieve details for."],
+) -> Annotated[dict[str, Any], "Response from the API endpoint 'getRealmAssignment'."]:
+ """Retrieve a specific realm assignment using its ID.
+
+ Use this tool to get details of a realm assignment by providing the assignment ID. This can be useful for managing user access and permissions within a specific realm.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/realm-assignments/{assignmentId}".format( # noqa: UP032
+ assignmentId=realm_assignment_id
+ ),
+ method="GET",
+ params=remove_none_values({}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.realmAssignments.manage"]))
+async def delete_realm_assignment(
+ context: ToolContext,
+ realm_assignment_id: Annotated[
+ str, "The unique identifier for the realm assignment to be deleted."
+ ],
+) -> Annotated[dict[str, Any], "Response from the API endpoint 'deleteRealmAssignment'."]:
+ """Deletes a realm assignment by ID.
+
+ This tool removes a specified realm assignment in Okta. It should be called when an assignment needs to be deleted based on its assignment ID.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/realm-assignments/{assignmentId}".format( # noqa: UP032
+ assignmentId=realm_assignment_id
+ ),
+ method="DELETE",
+ params=remove_none_values({}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.realmAssignments.manage"]))
+async def activate_realm_assignment(
+ context: ToolContext,
+ realm_assignment_id: Annotated[
+ str, "The unique ID of the realm assignment to activate in Okta."
+ ],
+) -> Annotated[dict[str, Any], "Response from the API endpoint 'activateRealmAssignment'."]:
+ """Activates a specified realm assignment in Okta.
+
+ Use this tool to activate a specific realm assignment by providing the assignment ID. This is useful for enabling access or functionality related to a realm assignment in Okta.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/realm-assignments/{assignmentId}/lifecycle/activate".format( # noqa: UP032
+ assignmentId=realm_assignment_id
+ ),
+ method="POST",
+ params=remove_none_values({}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.realmAssignments.manage"]))
+async def deactivate_realm_assignment(
+ context: ToolContext,
+ realm_assignment_id: Annotated[
+ str, "The unique identifier for the realm assignment to deactivate."
+ ],
+) -> Annotated[dict[str, Any], "Response from the API endpoint 'deactivateRealmAssignment'."]:
+ """Deactivate a specified realm assignment in Okta.
+
+ This tool deactivates a realm assignment using the specified assignment ID. Useful for disabling specific realm assignments in Okta.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/realm-assignments/{assignmentId}/lifecycle/deactivate".format( # noqa: UP032
+ assignmentId=realm_assignment_id
+ ),
+ method="POST",
+ params=remove_none_values({}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.realms.read"]))
+async def list_realms(
+ context: ToolContext,
+ results_limit: Annotated[
+ int | None,
+ "Specifies the number of results to return. Defaults to 10 when `search` is used.",
+ ] = None,
+ pagination_cursor: Annotated[
+ str | None,
+ "The opaque string cursor for pagination, obtained from the `Link` response header to specify the current location in the list.", # noqa: E501
+ ] = None,
+ search_expression: Annotated[
+ str | None,
+ "Filter realms using the 'co' operator with 'profile.name'. Only supports searching by 'profile.name'.", # noqa: E501
+ ] = None,
+ sort_by_field: Annotated[
+ str | None,
+ "Specifies the field to sort the search results by. Only applicable if `search` is used.",
+ ] = None,
+ sort_order_for_search: Annotated[
+ str | None,
+ "Specifies the sorting order as 'asc' or 'desc' when search queries are used. Ignored if 'sort_by' isn't present.", # noqa: E501
+ ] = None,
+) -> Annotated[dict[str, Any], "Response from the API endpoint 'listRealms'."]:
+ """Retrieve a list of all Realms available.
+
+ Use this tool to obtain a comprehensive list of all Realms from the service, providing essential information about the Realms configuration and availability.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/realms",
+ method="GET",
+ params=remove_none_values({
+ "limit": results_limit,
+ "after": pagination_cursor,
+ "search": search_expression,
+ "sortBy": sort_by_field,
+ "sortOrder": sort_order_for_search,
+ }),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.realms.read"]))
+async def retrieve_realm_info(
+ context: ToolContext,
+ realm_id: Annotated[str, "The unique identifier for the realm to retrieve information for."],
+) -> Annotated[dict[str, Any], "Response from the API endpoint 'getRealm'."]:
+ """Retrieve information about a specified realm.
+
+ This tool retrieves details about a specific realm identified by its ID. Use it to access information such as configuration and properties associated with a realm.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/realms/{realmId}".format(realmId=realm_id), # noqa: UP032
+ method="GET",
+ params=remove_none_values({}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.realms.manage"]))
+async def delete_realm(
+ context: ToolContext,
+ realm_id: Annotated[str, "The unique ID of the realm to be permanently deleted."],
+) -> Annotated[dict[str, Any], "Response from the API endpoint 'deleteRealm'."]:
+ """Permanently delete a realm in Okta after disassociation.
+
+ Use this tool to permanently delete a realm from Okta, ensuring all associated entities like users and identity providers are disassociated beforehand.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/realms/{realmId}".format(realmId=realm_id), # noqa: UP032
+ method="DELETE",
+ params=remove_none_values({}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.roles.read"]))
+async def list_role_subscriptions(
+ context: ToolContext,
+ role_reference: Annotated[
+ str,
+ "A reference to an existing role. Use `roleType` for standard roles and `roleId` for custom roles.", # noqa: E501
+ ],
+) -> Annotated[dict[str, Any], "Response from the API endpoint 'listSubscriptionsRole'."]:
+ """Retrieve all subscriptions for a specific role.
+
+ Use this tool to get a detailed list of all subscriptions associated with a particular role in Okta, providing insight into the role's permissions and access.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/roles/{roleRef}/subscriptions".format( # noqa: UP032
+ roleRef=role_reference
+ ),
+ method="GET",
+ params=remove_none_values({}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.roles.read"]))
+async def get_role_subscription_notification(
+ context: ToolContext,
+ role_reference: Annotated[
+ str,
+ "The reference to an existing role. Provide `roleType` for standard roles and `roleId` for custom roles. Refer to Okta documentation for [Standard Roles](https://example.com/okta-management/guides/roles/#standard-roles).", # noqa: E501
+ ],
+ notification_type: Annotated[
+ str,
+ "The type of notification to retrieve for the role. Options include AD_AGENT, AGENT_AUTO_UPDATE_NOTIFICATION, and others.", # noqa: E501
+ ],
+) -> Annotated[
+ dict[str, Any], "Response from the API endpoint 'getSubscriptionsNotificationTypeRole'."
+]:
+ """Get subscription details by role and notification type.
+
+ This tool retrieves subscription information for a given notification type associated with a specified role. It is useful for understanding which notifications are enabled for certain roles.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/roles/{roleRef}/subscriptions/{notificationType}".format( # noqa: UP032
+ roleRef=role_reference, notificationType=notification_type
+ ),
+ method="GET",
+ params=remove_none_values({}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.roles.manage"]))
+async def subscribe_role_to_notification(
+ context: ToolContext,
+ role_reference: Annotated[
+ str,
+ "Reference to an existing role. Use `roleType` for standard roles and `roleId` for custom roles. Check documentation for details.", # noqa: E501
+ ],
+ notification_type: Annotated[
+ str,
+ "The type of notification to subscribe the role to. Choose from: AD_AGENT, AGENT_AUTO_UPDATE_NOTIFICATION, AGENT_AUTO_UPDATE_NOTIFICATION_LDAP, APP_IMPORT, CONNECTOR_AGENT, IWA_AGENT, LDAP_AGENT, OKTA_ANNOUNCEMENT, OKTA_UPDATE, RATELIMIT_NOTIFICATION, REPORT_SUSPICIOUS_ACTIVITY, USER_DEPROVISION, USER_LOCKED_OUT.", # noqa: E501
+ ],
+) -> Annotated[dict[str, Any], "Response from the API endpoint 'subscribeByNotificationTypeRole'."]:
+ """Subscribe a role to a specific notification type.
+
+ This tool subscribes a specific role to a designated notification type in Okta, overriding individual user subscriptions within that role.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/roles/{roleRef}/subscriptions/{notificationType}/subscribe".format( # noqa: UP032
+ roleRef=role_reference, notificationType=notification_type
+ ),
+ method="POST",
+ params=remove_none_values({}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.roles.manage"]))
+async def unsubscribe_role_from_notification(
+ context: ToolContext,
+ role_reference: Annotated[
+ str,
+ "A reference to an existing role. Standard roles require a `roleType`, while Custom Roles require a `roleId`.", # noqa: E501
+ ],
+ notification_type: Annotated[
+ str,
+ "Specifies the type of notification to unsubscribe the role from. Options include system updates, user actions, and agent alerts.", # noqa: E501
+ ],
+) -> Annotated[
+ dict[str, Any], "Response from the API endpoint 'unsubscribeByNotificationTypeRole'."
+]:
+ """Unsubscribes a role from a specific notification type.
+
+ Use this tool to unsubscribe a specified role from a particular notification type in Okta. Role unsubscriptions take precedence over individual user settings for notifications.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/roles/{roleRef}/subscriptions/{notificationType}/unsubscribe".format( # noqa: UP032
+ roleRef=role_reference, notificationType=notification_type
+ ),
+ method="POST",
+ params=remove_none_values({}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.securityEventsProviders.read"]))
+async def list_security_events_providers(
+ context: ToolContext,
+) -> Annotated[
+ dict[str, Any], "Response from the API endpoint 'listSecurityEventsProviderInstances'."
+]:
+ """Retrieve all Security Events Provider instances from Okta.
+
+ This tool is used to list all instances of Security Events Providers configured in Okta. It should be called when there is a need to retrieve information about these provider instances.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/security-events-providers",
+ method="GET",
+ params=remove_none_values({}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.securityEventsProviders.read"]))
+async def retrieve_security_event_provider(
+ context: ToolContext,
+ security_event_provider_id: Annotated[
+ str, "The ID of the Security Events Provider instance to retrieve details for."
+ ],
+) -> Annotated[
+ dict[str, Any], "Response from the API endpoint 'getSecurityEventsProviderInstance'."
+]:
+ """Retrieve details of a specific Security Events Provider.
+
+ This tool retrieves the details of a Security Events Provider instance using the specified ID. It is useful when you need to obtain information about a particular security events provider associated with your organization.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/security-events-providers/{securityEventProviderId}".format( # noqa: UP032
+ securityEventProviderId=security_event_provider_id
+ ),
+ method="GET",
+ params=remove_none_values({}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.securityEventsProviders.manage"]))
+async def delete_security_events_provider_instance(
+ context: ToolContext,
+ security_events_provider_id: Annotated[
+ str,
+ "The ID of the security events provider instance to be deleted. This is a required field and must be a valid string representing the instance ID.", # noqa: E501
+ ],
+) -> Annotated[
+ dict[str, Any], "Response from the API endpoint 'deleteSecurityEventsProviderInstance'."
+]:
+ """Deletes a specified security events provider instance.
+
+ Use this tool to delete a specific security events provider instance by its ID. This action is irreversible and should be called when you need to remove an existing security events provider.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/security-events-providers/{securityEventProviderId}".format( # noqa: UP032
+ securityEventProviderId=security_events_provider_id
+ ),
+ method="DELETE",
+ params=remove_none_values({}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.securityEventsProviders.manage"]))
+async def activate_security_events_provider(
+ context: ToolContext,
+ security_event_provider_id: Annotated[
+ str, "The `id` of the Security Events Provider instance to activate."
+ ],
+) -> Annotated[
+ dict[str, Any], "Response from the API endpoint 'activateSecurityEventsProviderInstance'."
+]:
+ """Activate a Security Events Provider instance.
+
+ Use this tool to set the status of a Security Events Provider instance to 'ACTIVE', resuming the flow of events from the provider to Okta.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/security-events-providers/{securityEventProviderId}/lifecycle/activate".format( # noqa: UP032
+ securityEventProviderId=security_event_provider_id
+ ),
+ method="POST",
+ params=remove_none_values({}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.securityEventsProviders.manage"]))
+async def deactivate_security_events_provider(
+ context: ToolContext,
+ security_event_provider_id: Annotated[
+ str, "The unique `id` of the Security Events Provider instance to be deactivated."
+ ],
+) -> Annotated[
+ dict[str, Any], "Response from the API endpoint 'deactivateSecurityEventsProviderInstance'."
+]:
+ """Deactivate a Security Events Provider instance in Okta.
+
+ Use this tool to deactivate a Security Events Provider instance, stopping the flow of events from the provider to Okta.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/security-events-providers/{securityEventProviderId}/lifecycle/deactivate".format( # noqa: UP032
+ securityEventProviderId=security_event_provider_id
+ ),
+ method="POST",
+ params=remove_none_values({}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta"))
+async def get_user_session_status(
+ context: ToolContext,
+ session_cookie: Annotated[
+ str | None,
+ "The session cookie for the current user, required to retrieve session information.",
+ ] = None,
+) -> Annotated[dict[str, Any], "Response from the API endpoint 'getCurrentSession'."]:
+ """Retrieve session info for the current signed-in user.
+
+ Use this tool in browser-based applications to check if a user is signed in. Requires a session cookie for the user.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/sessions/me",
+ method="GET",
+ params=remove_none_values({}),
+ headers=remove_none_values({
+ "Cookie": session_cookie,
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ ),
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta"))
+async def sign_out_current_user(
+ context: ToolContext,
+ session_cookie: Annotated[
+ str | None,
+ "The session cookie string required to identify and terminate the active user session. This must be obtained from the user's browser to log them out.", # noqa: E501
+ ] = None,
+) -> Annotated[dict[str, Any], "Response from the API endpoint 'closeCurrentSession'."]:
+ """Terminate the current user's session in a browser-based app.
+
+ This tool closes the session for a user currently signed in. It should be used in browser-based applications to log out a user. Note that a session cookie is required, and an API token is not allowed for this operation.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/sessions/me",
+ method="DELETE",
+ params=remove_none_values({}),
+ headers=remove_none_values({
+ "Cookie": session_cookie,
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ ),
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta"))
+async def refresh_user_session(
+ context: ToolContext,
+ session_cookie: Annotated[
+ str | None,
+ "The session cookie for the current user is required to refresh their session. Must be a valid session cookie.", # noqa: E501
+ ] = None,
+) -> Annotated[dict[str, Any], "Response from the API endpoint 'refreshCurrentSession'."]:
+ """Refresh the current user's session.
+
+ Use this tool to refresh the session for the current user. This requires a session cookie and cannot be performed with an API token.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/sessions/me/lifecycle/refresh",
+ method="POST",
+ params=remove_none_values({}),
+ headers=remove_none_values({
+ "Cookie": session_cookie,
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ ),
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.sessions.read"]))
+async def retrieve_session_info(
+ context: ToolContext,
+ session_id: Annotated[
+ str,
+ "The ID of the session to retrieve information for. Required to identify and obtain session details.", # noqa: E501
+ ],
+) -> Annotated[dict[str, Any], "Response from the API endpoint 'getSession'."]:
+ """Retrieve session details using a session ID.
+
+ Use this tool to obtain detailed information about a specific session by providing the session ID. Ideal for managing user sessions and tracking session activities.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/sessions/{sessionId}".format(sessionId=session_id), # noqa: UP032
+ method="GET",
+ params=remove_none_values({}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.sessions.manage"]))
+async def revoke_user_session(
+ context: ToolContext,
+ session_id: Annotated[
+ str, "The ID of the session to be revoked. Must be a valid session identifier string."
+ ],
+) -> Annotated[dict[str, Any], "Response from the API endpoint 'revokeSession'."]:
+ """Revoke a user's session using their session ID.
+
+ This tool is used to revoke a specific user session by providing the session ID. It should be called when a user's session needs to be terminated for security or administrative purposes.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/sessions/{sessionId}".format(sessionId=session_id), # noqa: UP032
+ method="DELETE",
+ params=remove_none_values({}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.sessions.manage"]))
+async def update_session_expiry(
+ context: ToolContext,
+ session_id: Annotated[
+ str,
+ "The unique ID of the session to be refreshed. This ID is necessary to identify and update the session's expiration.", # noqa: E501
+ ],
+) -> Annotated[dict[str, Any], "Response from the API endpoint 'refreshSession'."]:
+ """Refresh an existing user session by ID for updated expiration.
+
+ This tool is used to refresh an existing user session by providing the session ID. It returns the refreshed session with an updated expiration timestamp after a successful operation.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/sessions/{sessionId}/lifecycle/refresh".format( # noqa: UP032
+ sessionId=session_id
+ ),
+ method="POST",
+ params=remove_none_values({}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["ssf.read"]))
+async def retrieve_ssf_streams(
+ context: ToolContext,
+ stream_id: Annotated[
+ str | None,
+ "The ID of the specified SSF Stream configuration to retrieve. If not provided, all configurations are retrieved.", # noqa: E501
+ ] = None,
+) -> Annotated[dict[str, Any], "Response from the API endpoint 'getSsfStreams'."]:
+ """Retrieve SSF Stream configurations by client ID.
+
+ This tool retrieves either a list of all known SSF Stream configurations or an individual configuration specified by ID. Only streams associated with the Client ID of the OAuth 2.0 access token can be viewed.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/ssf/stream",
+ method="GET",
+ params=remove_none_values({"stream_id": stream_id}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["ssf.manage"]))
+async def delete_ssf_stream(
+ context: ToolContext,
+ stream_id_for_deletion: Annotated[
+ str | None,
+ "The ID of the SSF Stream to delete. If not provided, deletes the stream associated with the Client ID from the OAuth token.", # noqa: E501
+ ] = None,
+) -> Annotated[dict[str, Any], "Response from the API endpoint 'deleteSsfStream'."]:
+ """Delete a specified SSF Stream.
+
+ Use this tool to delete an SSF Stream by providing a stream ID. If no stream ID is provided, it deletes the stream associated with the Client ID from the OAuth token.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/ssf/stream",
+ method="DELETE",
+ params=remove_none_values({"stream_id": stream_id_for_deletion}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["ssf.read"]))
+async def retrieve_ssf_stream_status(
+ context: ToolContext,
+ ssf_stream_id: Annotated[
+ str, "The unique ID of the specified SSF Stream configuration to retrieve its status."
+ ],
+) -> Annotated[dict[str, Any], "Response from the API endpoint 'getSsfStreamStatus'."]:
+ """Retrieve the status of an SSF Stream transmission.
+
+ Use this tool to check if the SSF Stream is able to transmit events. It returns the current status of the stream's transmission capability.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/ssf/stream/status",
+ method="GET",
+ params=remove_none_values({"stream_id": ssf_stream_id}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.templates.read"]))
+async def list_sms_templates(
+ context: ToolContext,
+ sms_template_type: Annotated[
+ str | None, "Specify the type of SMS templates to filter, e.g., 'SMS_VERIFY_CODE'."
+ ] = None,
+) -> Annotated[dict[str, Any], "Response from the API endpoint 'listSmsTemplates'."]:
+ """Retrieve all custom SMS templates from Okta.
+
+ Use this tool to get a list of custom SMS templates. You can optionally filter the templates by type if needed.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/templates/sms",
+ method="GET",
+ params=remove_none_values({"templateType": sms_template_type}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.templates.read"]))
+async def retrieve_sms_template(
+ context: ToolContext,
+ template_id: Annotated[str, "The unique identifier for the SMS template to be retrieved."],
+) -> Annotated[dict[str, Any], "Response from the API endpoint 'getSmsTemplate'."]:
+ """Retrieve details of a specific SMS template by ID.
+
+ Use this tool to get the details of an SMS template using its unique identifier. Ideal for when you need to view or manage specific SMS templates in the system.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/templates/sms/{templateId}".format( # noqa: UP032
+ templateId=template_id
+ ),
+ method="GET",
+ params=remove_none_values({}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.templates.manage"]))
+async def delete_sms_template(
+ context: ToolContext,
+ template_id: Annotated[str, "The unique identifier of the SMS template to delete."],
+) -> Annotated[dict[str, Any], "Response from the API endpoint 'deleteSmsTemplate'."]:
+ """Deletes an SMS template by template ID.
+
+ This tool is used to delete a specific SMS template given its template ID. It should be called when there's a need to permanently remove an SMS template from the system.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/templates/sms/{templateId}".format( # noqa: UP032
+ templateId=template_id
+ ),
+ method="DELETE",
+ params=remove_none_values({}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.threatInsights.read"]))
+async def get_threat_insight_configuration(
+ context: ToolContext,
+) -> Annotated[dict[str, Any], "Response from the API endpoint 'getCurrentConfiguration'."]:
+ """Retrieve the ThreatInsight configuration for your organization.
+
+ Use this tool to get the current ThreatInsight configuration settings for your organization. It provides details about how threats are managed and configured within your Okta setup.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/threats/configuration",
+ method="GET",
+ params=remove_none_values({}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.trustedOrigins.read"]))
+async def list_trusted_origins(
+ context: ToolContext,
+ search_prefix_string: Annotated[
+ str | None,
+ "A search string to filter origins, matching the beginning of `name` or `origin`.",
+ ] = None,
+ filter_trusted_origins: Annotated[
+ str | None,
+ "Filter trusted origins using expressions for properties like `name`, `origin`, `status`, and `type`.", # noqa: E501
+ ] = None,
+ cursor_after_prior_request: Annotated[
+ str | None, "Use this cursor to continue listing from where the previous request left off."
+ ] = None,
+ results_limit: Annotated[
+ int | None, "Specifies the maximum number of trusted origins to return in the response."
+ ] = None,
+) -> Annotated[dict[str, Any], "Response from the API endpoint 'listTrustedOrigins'."]:
+ """Retrieve all trusted origins from Okta.
+
+ This tool should be used to obtain a list of all trusted origins configured in Okta. It is useful for managing security settings by identifying domains that are trusted by your Okta instance.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/trustedOrigins",
+ method="GET",
+ params=remove_none_values({
+ "q": search_prefix_string,
+ "filter": filter_trusted_origins,
+ "after": cursor_after_prior_request,
+ "limit": results_limit,
+ }),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.trustedOrigins.read"]))
+async def retrieve_trusted_origin(
+ context: ToolContext,
+ trusted_origin_id: Annotated[str, "The ID of the trusted origin to retrieve details for."],
+) -> Annotated[dict[str, Any], "Response from the API endpoint 'getTrustedOrigin'."]:
+ """Retrieve details of a trusted origin by ID.
+
+ This tool retrieves information about a specific trusted origin using its ID. Use this to get details of trusted origins configured in the system.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/trustedOrigins/{trustedOriginId}".format( # noqa: UP032
+ trustedOriginId=trusted_origin_id
+ ),
+ method="GET",
+ params=remove_none_values({}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.trustedOrigins.manage"]))
+async def delete_trusted_origin(
+ context: ToolContext,
+ trusted_origin_id: Annotated[
+ str,
+ "The ID of the trusted origin to be deleted. This is required to identify which origin entry to remove.", # noqa: E501
+ ],
+) -> Annotated[dict[str, Any], "Response from the API endpoint 'deleteTrustedOrigin'."]:
+ """Deletes a specified trusted origin in Okta.
+
+ Use this tool to delete a trusted origin in Okta by providing its ID. This can be useful for managing and updating security settings related to trusted origins.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/trustedOrigins/{trustedOriginId}".format( # noqa: UP032
+ trustedOriginId=trusted_origin_id
+ ),
+ method="DELETE",
+ params=remove_none_values({}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.trustedOrigins.manage"]))
+async def activate_trusted_origin(
+ context: ToolContext,
+ trusted_origin_id: Annotated[
+ str,
+ "The unique `id` of the trusted origin to activate. It identifies the specific origin in Okta.", # noqa: E501
+ ],
+) -> Annotated[dict[str, Any], "Response from the API endpoint 'activateTrustedOrigin'."]:
+ """Activates a trusted origin by setting its status to ACTIVE.
+
+ Use this tool to activate a trusted origin within Okta by setting the status to ACTIVE. It is ideal when you need to enable a trusted origin that has been added but not yet activated.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/trustedOrigins/{trustedOriginId}/lifecycle/activate".format( # noqa: UP032
+ trustedOriginId=trusted_origin_id
+ ),
+ method="POST",
+ params=remove_none_values({}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.trustedOrigins.manage"]))
+async def deactivate_trusted_origin(
+ context: ToolContext,
+ trusted_origin_id: Annotated[
+ str,
+ "The unique identifier for the trusted origin to be deactivated. This is required to set its status to INACTIVE.", # noqa: E501
+ ],
+) -> Annotated[dict[str, Any], "Response from the API endpoint 'deactivateTrustedOrigin'."]:
+ """Deactivate a trusted origin to set its status to INACTIVE.
+
+ Use this tool to deactivate a trusted origin in Okta by setting its status to 'INACTIVE'. It should be called when you need to disable a trusted origin temporarily or permanently.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/trustedOrigins/{trustedOriginId}/lifecycle/deactivate".format( # noqa: UP032
+ trustedOriginId=trusted_origin_id
+ ),
+ method="POST",
+ params=remove_none_values({}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.users.read"]))
+async def list_organization_users(
+ context: ToolContext,
+ user_search_query: Annotated[
+ str | None,
+ "Search for users using a filtering expression. Supports various properties and must be URL encoded. Warning: Complex or overly long queries can cause errors.", # noqa: E501
+ ] = None,
+ filter_expression: Annotated[
+ str | None,
+ "A URL-encoded string to filter users by supported properties like `status`, `lastUpdated`, `id`, `profile.login`, `profile.email`, `profile.firstName`, and `profile.lastName`. Supports `eq` and some inequality operators for `lastUpdated`. Logical operators `and` and `or` are also supported.", # noqa: E501
+ ] = None,
+ query_user_search: Annotated[
+ str | None,
+ "Retrieve users by matching queries against firstName, lastName, or email. Omits `DEPROVISIONED` users.", # noqa: E501
+ ] = None,
+ pagination_cursor: Annotated[
+ str | None,
+ "An opaque string used as a cursor for pagination to specify the current location in the user list.", # noqa: E501
+ ] = None,
+ result_limit: Annotated[
+ int | None,
+ "Specifies the number of user records to return. Defaults to 10 if `q` is provided.",
+ ] = None,
+ sort_users_by_field: Annotated[
+ str | None,
+ "Specify the field to sort users by. Use for search queries only. Example: `profile.lastName`. Users with the same value will be ordered by `id`.", # noqa: E501
+ ] = None,
+ sort_order: Annotated[
+ str | None,
+ "Specifies the sort order for user listing, either 'asc' for ascending or 'desc' for descending. This is relevant only when 'sort_by' is used.", # noqa: E501
+ ] = None,
+ include_metadata_classification: Annotated[
+ str | None,
+ "Include metadata in the `_embedded` property to retrieve user classification details. Supported value: `classification`.", # noqa: E501
+ ] = None,
+ response_media_type: Annotated[
+ str | None,
+ "Specifies the media type of the resource with optional `okta-response` values for performance optimization. Enum values are `omitCredentials`, `omitCredentialsLinks`, and `omitTransitioningToStatus`.", # noqa: E501
+ ] = None,
+) -> Annotated[dict[str, Any], "Response from the API endpoint 'listUsers'."]:
+ """Retrieve a list of active users in the organization.
+
+ Use this tool to obtain a list of active users within your organization. You can filter or search for a specific subset of users, but users with a status of 'DEPROVISIONED' are excluded from the default response.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/users",
+ method="GET",
+ params=remove_none_values({
+ "search": user_search_query,
+ "filter": filter_expression,
+ "q": query_user_search,
+ "after": pagination_cursor,
+ "limit": result_limit,
+ "sortBy": sort_users_by_field,
+ "sortOrder": sort_order,
+ "expand": include_metadata_classification,
+ }),
+ headers=remove_none_values({
+ "Content-Type": response_media_type,
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ ),
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.users.read"]))
+async def get_user_info(
+ context: ToolContext,
+ user_identifier: Annotated[
+ str,
+ "An ID, login, or unambiguous login shortname of an Okta user. Use 'me' to get the current user linked to the API token.", # noqa: E501
+ ],
+ include_metadata_in_embedded: Annotated[
+ str | None,
+ "An optional parameter to include metadata in the `_embedded` attribute. Valid values: `blocks` or `classification`.", # noqa: E501
+ ] = None,
+ media_type: Annotated[
+ str | None,
+ "Specifies the media type of the resource. Use optional values like `omitCredentials`, `omitCredentialsLinks`, or `omitTransitioningToStatus` for performance optimization.", # noqa: E501
+ ] = None,
+) -> Annotated[dict[str, Any], "Response from the API endpoint 'getUser'."]:
+ """Retrieve detailed information about a user in Okta.
+
+ This tool retrieves a user's details from an Okta organization, using their user ID or the keyword 'me' to fetch the current user linked to the API token. It's useful for obtaining user information such as credentials and profiles. Note that to fetch by login, parameters must be URL encoded.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/users/{id}".format(id=user_identifier), # noqa: UP032
+ method="GET",
+ params=remove_none_values({"expand": include_metadata_in_embedded}),
+ headers=remove_none_values({
+ "Content-Type": media_type,
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ ),
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.users.manage"]))
+async def delete_deprovisioned_user(
+ context: ToolContext,
+ user_identifier: Annotated[
+ str, "The ID, login, or unambiguous login shortname of a deprovisioned Okta user to delete."
+ ],
+ enable_async: Annotated[
+ str | None, "Set to `respond-async` to perform the user deletion asynchronously."
+ ] = None,
+ send_deactivation_email: Annotated[
+ bool | None,
+ "If true, sends a deactivation email to the admin upon user deactivation or deletion.",
+ ] = None,
+) -> Annotated[dict[str, Any], "Response from the API endpoint 'deleteUser'."]:
+ """Permanently delete a deprovisioned user account.
+
+ Use this tool to permanently delete a user with the `DEPROVISIONED` status in Okta. Ensure the user is deprovisioned before performing this action, as deleting an active user requires deactivation first. This action is irreversible.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/users/{id}".format(id=user_identifier), # noqa: UP032
+ method="DELETE",
+ params=remove_none_values({"sendEmail": send_deactivation_email}),
+ headers=remove_none_values({
+ "Prefer": enable_async,
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ ),
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.users.read"]))
+async def list_user_app_links(
+ context: ToolContext,
+ user_identifier: Annotated[
+ str, "An ID, login, or login shortname of an existing Okta user to list app links for."
+ ],
+) -> Annotated[dict[str, Any], "Response from the API endpoint 'listAppLinks'."]:
+ """Retrieve app links for a user's assigned applications.
+
+ This tool lists all app links for applications directly or indirectly assigned to a user through group membership. Use this tool to fetch application access links for a specific user by their ID.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/users/{id}/appLinks".format(id=user_identifier), # noqa: UP032
+ method="GET",
+ params=remove_none_values({}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.users.read"]))
+async def get_user_block_info(
+ context: ToolContext,
+ user_identifier: Annotated[
+ str,
+ "An ID, login, or unambiguous shortname of an existing Okta user to retrieve block information for.", # noqa: E501
+ ],
+) -> Annotated[dict[str, Any], "Response from the API endpoint 'listUserBlocks'."]:
+ """Retrieve details about a user's account access blocks.
+
+ This tool provides information on how a user is blocked from accessing their account. It should be used when you need to know the reasons for and details about a user's access restrictions.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/users/{id}/blocks".format(id=user_identifier), # noqa: UP032
+ method="GET",
+ params=remove_none_values({}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.users.read"]))
+async def get_user_groups(
+ context: ToolContext,
+ user_identifier: Annotated[
+ str,
+ "A unique identifier for an existing Okta user. This can be an ID, login, or an unambiguous login shortname. Used to fetch user groups.", # noqa: E501
+ ],
+) -> Annotated[dict[str, Any], "Response from the API endpoint 'listUserGroups'."]:
+ """Retrieve all groups a user belongs to.
+
+ This tool fetches all the groups for a specified user, helping identify the memberships of the user within an organization.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/users/{id}/groups".format(id=user_identifier), # noqa: UP032
+ method="GET",
+ params=remove_none_values({}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.users.read"]))
+async def get_user_identity_providers(
+ context: ToolContext,
+ user_identifier: Annotated[
+ str,
+ "An ID, login, or unambiguous login shortname of an existing Okta user to list associated identity providers.", # noqa: E501
+ ],
+) -> Annotated[dict[str, Any], "Response from the API endpoint 'listUserIdentityProviders'."]:
+ """Retrieve identity providers associated with a user in Okta.
+
+ Use this tool to fetch and list identity providers connected to a specified user in Okta. It helps in managing and understanding user-associated IdPs.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/users/{id}/idps".format(id=user_identifier), # noqa: UP032
+ method="GET",
+ params=remove_none_values({}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.users.manage"]))
+async def activate_user_okta(
+ context: ToolContext,
+ user_identifier: Annotated[
+ str, "An ID, login, or unique shortname of an existing Okta user to be activated."
+ ],
+ send_activation_email: Annotated[
+ bool | None, "Set to true to send an activation email to the user upon activation."
+ ] = None,
+) -> Annotated[dict[str, Any], "Response from the API endpoint 'activateUser'."]:
+ """Activate a staged or deprovisioned Okta user.
+
+ Use this tool to activate a user with a `STAGED` or `DEPROVISIONED` status in Okta. This is an asynchronous operation where the user gains an `ACTIVE` status upon completion. Optionally, users can complete an activation link to finalize the process. Suitable for starting user activation workflows.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/users/{id}/lifecycle/activate".format( # noqa: UP032
+ id=user_identifier
+ ),
+ method="POST",
+ params=remove_none_values({"sendEmail": send_activation_email}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.users.manage"]))
+async def deactivate_user_account(
+ context: ToolContext,
+ user_identifier: Annotated[
+ str, "An ID, login, or unambiguous shortname of an existing Okta user to be deactivated."
+ ],
+ enable_asynchronous_processing: Annotated[
+ str | None,
+ "Set to `true` to request asynchronous user deactivation processing, otherwise defaults to synchronous processing.", # noqa: E501
+ ] = None,
+ send_deactivation_email: Annotated[
+ bool | None, "If true, sends a deactivation email to the admin."
+ ] = None,
+) -> Annotated[dict[str, Any], "Response from the API endpoint 'deactivateUser'."]:
+ """Permanently deactivate a user account.
+
+ Use this tool to deactivate a user account that is not already deprovisioned. This action deprovisions the user from all assigned applications and cannot be undone. Ensure deactivation is intended, as it may result in data loss like emails or files. Asynchronous deactivation is supported by including the 'Prefer: respond-async' HTTP header.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/users/{id}/lifecycle/deactivate".format( # noqa: UP032
+ id=user_identifier
+ ),
+ method="POST",
+ params=remove_none_values({"sendEmail": send_deactivation_email}),
+ headers=remove_none_values({
+ "Prefer": enable_asynchronous_processing,
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ ),
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.users.manage"]))
+async def expire_user_password(
+ context: ToolContext,
+ user_identifier: Annotated[
+ str, "An ID, login, or login shortname of an existing Okta user. Must be unambiguous."
+ ],
+) -> Annotated[dict[str, Any], "Response from the API endpoint 'expirePassword'."]:
+ """Expires a user password, requiring a change at next login.
+
+ Use this tool to set a user's password to expired status. This forces the user to change their password upon next login. If integrated with AD, the password in AD will also expire, prompting a change during the next sign-in attempt.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/users/{id}/lifecycle/expire_password".format( # noqa: UP032
+ id=user_identifier
+ ),
+ method="POST",
+ params=remove_none_values({}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.users.manage"]))
+async def reset_password_with_temp(
+ context: ToolContext,
+ user_identifier: Annotated[
+ str,
+ "An ID, login, or unambiguous shortname of an existing Okta user for whom the password will be reset.", # noqa: E501
+ ],
+ revoke_user_sessions: Annotated[
+ bool | None,
+ "Set to true to revoke the user's existing sessions, forcing re-authentication.",
+ ] = None,
+) -> Annotated[dict[str, Any], "Response from the API endpoint 'expirePasswordWithTempPassword'."]:
+ """Reset a user's password to a temporary one and expire it.
+
+ This tool expires a user's password and resets it to a temporary password, transitioning the user's status to `PASSWORD_EXPIRED`. It requires the user to change their password upon next sign-in. Optionally, it can revoke the user's current sessions. This is especially useful in scenarios needing immediate password changes for security reasons.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/users/{id}/lifecycle/expire_password_with_temp_password".format( # noqa: UP032
+ id=user_identifier
+ ),
+ method="POST",
+ params=remove_none_values({"revokeSessions": revoke_user_sessions}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.users.manage"]))
+async def reactivate_user(
+ context: ToolContext,
+ user_identifier: Annotated[
+ str, "An ID, login, or unambiguous shortname of an existing Okta user to be reactivated."
+ ],
+ send_activation_email: Annotated[
+ bool | None,
+ "Set to true to send an activation email to the user; false to generate an activation link.", # noqa: E501
+ ] = None,
+) -> Annotated[dict[str, Any], "Response from the API endpoint 'reactivateUser'."]:
+ """Reactivates a user in PROVISIONED or RECOVERY status.
+
+ Use this tool to reactivate a user who is in 'PROVISIONED' or 'RECOVERY' status. It restarts the activation workflow, providing either a direct reactivation via email or an activation link if email sending is disabled. The user may need to complete password reset and MFA enrollment to become 'ACTIVE'.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/users/{id}/lifecycle/reactivate".format( # noqa: UP032
+ id=user_identifier
+ ),
+ method="POST",
+ params=remove_none_values({"sendEmail": send_activation_email}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.users.manage"]))
+async def reset_mfa_factors(
+ context: ToolContext,
+ user_identifier: Annotated[
+ str,
+ "An ID, login, or unambiguous login shortname of an existing Okta user to reset MFA factors.", # noqa: E501
+ ],
+) -> Annotated[dict[str, Any], "Response from the API endpoint 'resetFactors'."]:
+ """Reset all MFA factors for a specified user.
+
+ This tool should be called to reset all MFA factors for a specific user, returning them to the unenrolled state. It is used when a user needs to re-enroll in MFA factors without affecting their active status.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/users/{id}/lifecycle/reset_factors".format( # noqa: UP032
+ id=user_identifier
+ ),
+ method="POST",
+ params=remove_none_values({}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.users.manage"]))
+async def reset_user_password(
+ context: ToolContext,
+ user_identifier: Annotated[
+ str,
+ "An ID, login, or unambiguous shortname of an existing Okta user for whom the password reset is initiated.", # noqa: E501
+ ],
+ send_ott_email: Annotated[
+ bool,
+ "Set to true to automatically email the one-time token link to the user for password reset.", # noqa: E501
+ ],
+ revoke_all_sessions_except_current: Annotated[
+ bool | None, "If true, revokes all user sessions except the current one."
+ ] = None,
+) -> Annotated[dict[str, Any], "Response from the API endpoint 'resetPassword'."]:
+ """Reset user's password and generate a one-time token link.
+
+ This tool resets a user's password, generating a one-time token (OTT) for a password reset. It transitions the user to 'RECOVERY' status, preventing sign-in until the reset is complete. An option to delete all user sessions is available, except in the current session's context. The tool can convert users to and from Okta credential providers. Can email the OTT or return it for custom distribution.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/users/{id}/lifecycle/reset_password".format( # noqa: UP032
+ id=user_identifier
+ ),
+ method="POST",
+ params=remove_none_values({
+ "sendEmail": send_ott_email,
+ "revokeSessions": revoke_all_sessions_except_current,
+ }),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.users.manage"]))
+async def suspend_user(
+ context: ToolContext,
+ user_identifier: Annotated[
+ str,
+ "An ID, login, or unambiguous login shortname of an existing active Okta user to suspend.",
+ ],
+) -> Annotated[dict[str, Any], "Response from the API endpoint 'suspendUser'."]:
+ """Suspend an active user in Okta.
+
+ This tool suspends a user with an active status in Okta, preventing sign-ins but retaining group and app assignments. It should be used only for users who are currently active.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/users/{id}/lifecycle/suspend".format( # noqa: UP032
+ id=user_identifier
+ ),
+ method="POST",
+ params=remove_none_values({}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.users.manage"]))
+async def unlock_user_account(
+ context: ToolContext,
+ user_identifier: Annotated[
+ str, "An ID, login name, or unique shortname of the existing Okta user to be unlocked."
+ ],
+) -> Annotated[dict[str, Any], "Response from the API endpoint 'unlockUser'."]:
+ """Unlock a user account with a LOCKED_OUT status.
+
+ This tool unlocks a user account that is either in a `LOCKED_OUT` status or an `ACTIVE` status blocked from unknown devices, making it `ACTIVE` so they can sign in. Works with Okta-sourced users.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/users/{id}/lifecycle/unlock".format( # noqa: UP032
+ id=user_identifier
+ ),
+ method="POST",
+ params=remove_none_values({}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.users.manage"]))
+async def unsuspend_user(
+ context: ToolContext,
+ user_identifier: Annotated[
+ str, "An ID, login, or login shortname (unambiguous) of an existing Okta user to unsuspend."
+ ],
+) -> Annotated[dict[str, Any], "Response from the API endpoint 'unsuspendUser'."]:
+ """Unsuspend a user and return them to ACTIVE state.
+
+ Use this tool to activate a user who is currently suspended, provided they have a SUSPENDED status. This is useful for reactivating users who were previously deactivated.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/users/{id}/lifecycle/unsuspend".format( # noqa: UP032
+ id=user_identifier
+ ),
+ method="POST",
+ params=remove_none_values({}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.users.manage"]))
+async def assign_user_linked_object(
+ context: ToolContext,
+ user_id_or_login: Annotated[
+ str, "ID or login of the associated user. Use 'me' for the current session user."
+ ],
+ primary_relationship_name: Annotated[
+ str, "Specify the name of the primary relationship to assign to the associated user."
+ ],
+ primary_user_id: Annotated[
+ str,
+ "User ID to assign as the `primary` relationship for the `associated` user. Provide the specific user ID.", # noqa: E501
+ ],
+) -> Annotated[
+ dict[str, Any], "Response from the API endpoint 'assignLinkedObjectValueForPrimary'."
+]:
+ """Assign a primary user to an associated user in Okta.
+
+ Use this tool to assign a primary user relationship to an associated user in Okta. If the associated user already has a different primary user for this relationship, the previous link will be removed, ensuring only one primary user per associated user.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/users/{userIdOrLogin}/linkedObjects/{primaryRelationshipName}/{primaryUserId}".format( # noqa: UP032
+ userIdOrLogin=user_id_or_login,
+ primaryRelationshipName=primary_relationship_name,
+ primaryUserId=primary_user_id,
+ ),
+ method="PUT",
+ params=remove_none_values({}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.users.read"]))
+async def list_linked_users(
+ context: ToolContext,
+ user_identifier_or_login: Annotated[
+ str,
+ "The ID or login of the user to get the primary user ID or associated users. Use 'me' for the current session user.", # noqa: E501
+ ],
+ relationship_name: Annotated[
+ str,
+ "Specify the name of the primary or associated relationship to be queried for linked users.", # noqa: E501
+ ],
+) -> Annotated[dict[str, Any], "Response from the API endpoint 'listLinkedObjectsForUser'."]:
+ """Retrieve linked or associated users for a given relationship.
+
+ Utilize this tool to list either the self link for a primary user or all associated users based on a specified relationship name. If no associations exist, it returns an empty array. Suitable for retrieving user associations in applications using Okta.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/users/{userIdOrLogin}/linkedObjects/{relationshipName}".format( # noqa: UP032
+ userIdOrLogin=user_identifier_or_login, relationshipName=relationship_name
+ ),
+ method="GET",
+ params=remove_none_values({}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.users.manage"]))
+async def delete_user_linked_object(
+ context: ToolContext,
+ user_identifier_or_login: Annotated[
+ str,
+ "The ID or login of the user to delete the relationship for. Use 'me' to represent the current session user.", # noqa: E501
+ ],
+ relationship_name: Annotated[
+ str, "Name of the `primary` or `associated` relationship to be deleted."
+ ],
+) -> Annotated[dict[str, Any], "Response from the API endpoint 'deleteLinkedObjectForUser'."]:
+ """Delete a user's linked object relationship.
+
+ Use this tool to delete an existing linked object relationship between a specified user and their associated primary relationship. It's successful whether or not such a relationship exists.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/users/{userIdOrLogin}/linkedObjects/{relationshipName}".format( # noqa: UP032
+ userIdOrLogin=user_identifier_or_login, relationshipName=relationship_name
+ ),
+ method="DELETE",
+ params=remove_none_values({}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.users.read"]))
+async def list_authenticator_enrollments(
+ context: ToolContext,
+ user_id: Annotated[
+ str, "The ID of an existing Okta user for whom to list authenticator enrollments."
+ ],
+) -> Annotated[dict[str, Any], "Response from the API endpoint 'listAuthenticatorEnrollments'."]:
+ """Retrieve all authenticator enrollments for a user.
+
+ Use this tool to get a list of all authenticator enrollments associated with a specified user. This is useful for understanding which authentication methods are enrolled for a user in Okta.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/users/{userId}/authenticator-enrollments".format( # noqa: UP032
+ userId=user_id
+ ),
+ method="GET",
+ params=remove_none_values({}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.users.manage"]))
+async def enroll_phone_authenticator(
+ context: ToolContext,
+ okta_user_id: Annotated[
+ str,
+ "The unique ID of an existing user in Okta for whom the phone authenticator enrollment will be created.", # noqa: E501
+ ],
+) -> Annotated[dict[str, Any], "Response from the API endpoint 'createAuthenticatorEnrollment'."]:
+ """Enroll a phone authenticator for a user automatically.
+
+ This tool should be called to enroll and automatically activate a phone authenticator for a specific user. It's useful when a user needs to secure their account with a phone-based authentication method.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/users/{userId}/authenticator-enrollments/phone".format( # noqa: UP032
+ userId=okta_user_id
+ ),
+ method="POST",
+ params=remove_none_values({}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.users.manage"]))
+async def create_tac_authenticator_enrollment(
+ context: ToolContext,
+ user_id: Annotated[
+ str,
+ "The unique ID of an existing Okta user for whom the TAC authenticator enrollment will be created.", # noqa: E501
+ ],
+) -> Annotated[
+ dict[str, Any], "Response from the API endpoint 'createTacAuthenticatorEnrollment'."
+]:
+ """Creates an auto-activated TAC authenticator enrollment for a user.
+
+ Use this tool to automatically activate a Temporary Access Code (TAC) authenticator enrollment for a specified user in Okta.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/users/{userId}/authenticator-enrollments/tac".format( # noqa: UP032
+ userId=user_id
+ ),
+ method="POST",
+ params=remove_none_values({}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.users.read"]))
+async def retrieve_user_authenticator_enrollment(
+ context: ToolContext,
+ okta_user_id: Annotated[
+ str,
+ "The ID of an existing Okta user whose authenticator enrollment details are to be retrieved.", # noqa: E501
+ ],
+ authenticator_enrollment_id: Annotated[
+ str, "Unique identifier for the user's authenticator enrollment."
+ ],
+) -> Annotated[dict[str, Any], "Response from the API endpoint 'getAuthenticatorEnrollment'."]:
+ """Retrieve a user's authenticator enrollment details.
+
+ This tool fetches a user's authenticator enrollment details using the enrollment ID. It should be called when you need information about a user's security device or mechanism enrollment status.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/users/{userId}/authenticator-enrollments/{enrollmentId}".format( # noqa: UP032
+ userId=okta_user_id, enrollmentId=authenticator_enrollment_id
+ ),
+ method="GET",
+ params=remove_none_values({}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.users.manage"]))
+async def delete_enrollment(
+ context: ToolContext,
+ user_id: Annotated[
+ str, "ID of an existing Okta user to identify whom the enrollment will be deleted for."
+ ],
+ enrollment_id: Annotated[
+ str, "Unique identifier for the user's authenticator enrollment to be deleted."
+ ],
+) -> Annotated[dict[str, Any], "Response from the API endpoint 'deleteAuthenticatorEnrollment'."]:
+ """Delete a user's authenticator enrollment.
+
+ This tool deletes an existing authenticator enrollment for a specified user. It should be used when there is a need to remove a user's current enrollment, allowing them to enroll the authenticator again.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/users/{userId}/authenticator-enrollments/{enrollmentId}".format( # noqa: UP032
+ userId=user_id, enrollmentId=enrollment_id
+ ),
+ method="DELETE",
+ params=remove_none_values({}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.users.read"]))
+async def retrieve_user_classification(
+ context: ToolContext,
+ user_id: Annotated[str, "The unique identifier for an existing Okta user."],
+) -> Annotated[dict[str, Any], "Response from the API endpoint 'getUserClassification'."]:
+ """Retrieve a user's classification from Okta.
+
+ Use this tool to get classification details for a specific user in Okta. It should be called when user classification information is needed for decision making or display.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/users/{userId}/classification".format(userId=user_id), # noqa: UP032
+ method="GET",
+ params=remove_none_values({}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.users.read"]))
+async def list_user_clients(
+ context: ToolContext,
+ okta_user_id: Annotated[
+ str, "ID of an existing Okta user to list associated client resources."
+ ],
+) -> Annotated[dict[str, Any], "Response from the API endpoint 'listUserClients'."]:
+ """List client resources for a user with grants or tokens.
+
+ Retrieves all client resources associated with the specified user that have grants or tokens. Useful for managing user client access and identifying resource associations.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/users/{userId}/clients".format(userId=okta_user_id), # noqa: UP032
+ method="GET",
+ params=remove_none_values({}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.users.read"]))
+async def list_user_client_grants(
+ context: ToolContext,
+ user_id: Annotated[
+ str, "The ID of an existing Okta user for whom the grants are to be listed."
+ ],
+ client_app_id: Annotated[
+ str,
+ "The unique identifier of the client application for which you want to list the grants.",
+ ],
+ include_scope_details: Annotated[
+ str | None,
+ "Set to 'scope' to include scope details in the response's `_embedded` attribute.",
+ ] = None,
+ pagination_cursor: Annotated[
+ str | None,
+ "The cursor string for pagination, indicating your current position in the list. Obtained from the `Link` response header.", # noqa: E501
+ ] = None,
+ number_of_tokens_to_return: Annotated[
+ int | None, "Specifies the maximum number of grants to return for the user and client."
+ ] = None,
+) -> Annotated[dict[str, Any], "Response from the API endpoint 'listGrantsForUserAndClient'."]:
+ """Lists all grants for a specified user and client.
+
+ Use this tool to retrieve all grants associated with a specific user and client. It's useful when you need to check the permissions or access rights granted to a user for a particular client application.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/users/{userId}/clients/{clientId}/grants".format( # noqa: UP032
+ userId=user_id, clientId=client_app_id
+ ),
+ method="GET",
+ params=remove_none_values({
+ "expand": include_scope_details,
+ "after": pagination_cursor,
+ "limit": number_of_tokens_to_return,
+ }),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.users.manage"]))
+async def revoke_user_client_grants(
+ context: ToolContext,
+ okta_user_id: Annotated[str, "The ID of an existing Okta user whose grants will be revoked."],
+ client_app_id: Annotated[
+ str,
+ "The ID of the client application for which to revoke grants. This identifies the specific client in the Okta system for the operation.", # noqa: E501
+ ],
+) -> Annotated[dict[str, Any], "Response from the API endpoint 'revokeGrantsForUserAndClient'."]:
+ """Revoke all grants for a specified user and client.
+
+ Use this tool to revoke all access grants for a specific user and client in the Okta system. It is called when needing to revoke permissions for user and client combinations.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/users/{userId}/clients/{clientId}/grants".format( # noqa: UP032
+ userId=okta_user_id, clientId=client_app_id
+ ),
+ method="DELETE",
+ params=remove_none_values({}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.users.read"]))
+async def list_user_client_refresh_tokens(
+ context: ToolContext,
+ user_id: Annotated[str, "ID of an existing Okta user to retrieve refresh tokens for."],
+ client_id: Annotated[str, "The ID of the client application for which to list refresh tokens."],
+ include_scope_details: Annotated[
+ str | None, "Set to 'true' to include scope details in the response. Valid value: `scope`."
+ ] = None,
+ pagination_cursor: Annotated[
+ str | None,
+ "An opaque string for continuing pagination, obtained from the `Link` response header.",
+ ] = None,
+ token_return_limit: Annotated[
+ int | None, "Specifies the maximum number of refresh tokens to return."
+ ] = None,
+) -> Annotated[
+ dict[str, Any], "Response from the API endpoint 'listRefreshTokensForUserAndClient'."
+]:
+ """Retrieve refresh tokens for a specific user and client.
+
+ This tool retrieves all refresh tokens issued for a specified user and client in the Okta system. It should be called when you need to manage or audit tokens related to user access.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/users/{userId}/clients/{clientId}/tokens".format( # noqa: UP032
+ userId=user_id, clientId=client_id
+ ),
+ method="GET",
+ params=remove_none_values({
+ "expand": include_scope_details,
+ "after": pagination_cursor,
+ "limit": token_return_limit,
+ }),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.users.manage"]))
+async def revoke_user_tokens(
+ context: ToolContext,
+ user_id: Annotated[
+ str, "Specify the ID of an existing Okta user whose tokens are to be revoked."
+ ],
+ client_application_id: Annotated[
+ str, "The unique identifier for the client application whose tokens you want to revoke."
+ ],
+) -> Annotated[dict[str, Any], "Response from the API endpoint 'revokeTokensForUserAndClient'."]:
+ """Revoke all refresh tokens for a user and client.
+
+ This tool revokes all refresh tokens issued for a specified user and client. It should be used when you need to invalidate a user's access through a particular client, such as in security cases or session management.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/users/{userId}/clients/{clientId}/tokens".format( # noqa: UP032
+ userId=user_id, clientId=client_application_id
+ ),
+ method="DELETE",
+ params=remove_none_values({}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.users.read"]))
+async def get_user_refresh_token(
+ context: ToolContext,
+ user_id: Annotated[str, "ID of an existing Okta user to retrieve the refresh token for."],
+ client_app_id: Annotated[
+ str, "The unique ID of the client application associated with the user token."
+ ],
+ token_id: Annotated[
+ str,
+ "The ID of the token for which details are being retrieved. This identifies the specific refresh token issued for a user and client combination.", # noqa: E501
+ ],
+ include_scope_details: Annotated[
+ str | None, "Include scope details in the response by setting this to `scope`."
+ ] = None,
+) -> Annotated[dict[str, Any], "Response from the API endpoint 'getRefreshTokenForUserAndClient'."]:
+ """Retrieve a user's refresh token for a specified client.
+
+ This tool retrieves a refresh token that was issued for a specified user and client combination. It should be called when there's a need to access or verify the refresh token details for a user.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/users/{userId}/clients/{clientId}/tokens/{tokenId}".format( # noqa: UP032
+ userId=user_id, clientId=client_app_id, tokenId=token_id
+ ),
+ method="GET",
+ params=remove_none_values({"expand": include_scope_details}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.users.manage"]))
+async def revoke_tokens_for_user_client(
+ context: ToolContext,
+ okta_user_id: Annotated[
+ str, "The unique ID of an existing Okta user whose tokens are to be revoked."
+ ],
+ client_app_id: Annotated[str, "Client app ID associated with the tokens to be revoked."],
+ token_id: Annotated[
+ str,
+ "The unique ID of the token to be revoked. Required for identifying which token to revoke.",
+ ],
+) -> Annotated[dict[str, Any], "Response from the API endpoint 'revokeTokenForUserAndClient'."]:
+ """Revoke refresh and access tokens for a user and client.
+
+ Use this tool to revoke specified refresh and access tokens associated with a particular user and client. This will terminate any sessions linked to these tokens.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/users/{userId}/clients/{clientId}/tokens/{tokenId}".format( # noqa: UP032
+ userId=okta_user_id, clientId=client_app_id, tokenId=token_id
+ ),
+ method="DELETE",
+ params=remove_none_values({}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.users.manage"]))
+async def initiate_password_reset_flow(
+ context: ToolContext,
+ okta_user_id: Annotated[
+ str, "The unique ID of an existing Okta user to initiate the password reset process."
+ ],
+ send_email: Annotated[
+ bool | None,
+ "If true, sends a forgot password email to the user. If false, returns a reset link.",
+ ] = None,
+) -> Annotated[dict[str, Any], "Response from the API endpoint 'forgotPassword'."]:
+ """Initiates the password reset process for a user in Okta.
+
+ This tool starts the forgot password flow, generating a one-time token for password reset. It's used for users with 'ACTIVE' status and a valid recovery question credential. If 'sendEmail' is false, it returns a password reset link.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/users/{userId}/credentials/forgot_password".format( # noqa: UP032
+ userId=okta_user_id
+ ),
+ method="POST",
+ params=remove_none_values({"sendEmail": send_email}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.users.read"]))
+async def list_user_devices(
+ context: ToolContext,
+ user_id: Annotated[
+ str, "The unique identifier of an existing Okta user whose devices you want to list."
+ ],
+) -> Annotated[dict[str, Any], "Response from the API endpoint 'listUserDevices'."]:
+ """Retrieve a user's enrolled devices from Okta.
+
+ Use this tool to list all devices enrolled by a specific user in Okta. Specify the user's ID to get their device list. Useful for managing user devices within an organization.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/users/{userId}/devices".format(userId=user_id), # noqa: UP032
+ method="GET",
+ params=remove_none_values({}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.users.read"]))
+async def list_user_factors(
+ context: ToolContext,
+ user_id: Annotated[
+ str, "ID of an existing Okta user for whom the enrolled factors are retrieved."
+ ],
+) -> Annotated[dict[str, Any], "Response from the API endpoint 'listFactors'."]:
+ """Retrieve enrolled factors for a user from Okta.
+
+ This tool retrieves all enrolled authentication factors for a specified user from Okta, according to the applicable authenticator enrollment policy. It only returns factors that are either \"REQUIRED\" or \"OPTIONAL\" in the highest priority policy applicable to the user. Admins can use this tool for other users, but the client's conditions affect policy evaluation.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/users/{userId}/factors".format(userId=user_id), # noqa: UP032
+ method="GET",
+ params=remove_none_values({}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.users.read"]))
+async def list_supported_auth_factors(
+ context: ToolContext,
+ okta_user_id: Annotated[
+ str,
+ "The unique identifier of an existing Okta user for whom the supported authentication factors are to be listed.", # noqa: E501
+ ],
+) -> Annotated[dict[str, Any], "Response from the API endpoint 'listSupportedFactors'."]:
+ """Retrieve supported authentication factors for a user.
+
+ Use this tool to list all the supported authentication factors that can be enrolled for a specified user, based on the highest priority authenticator enrollment policy applicable to them. Only factors within the categories of 'REQUIRED' or 'OPTIONAL' are included. This is useful for understanding which security measures a user can set up in Okta.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/users/{userId}/factors/catalog".format( # noqa: UP032
+ userId=okta_user_id
+ ),
+ method="GET",
+ params=remove_none_values({}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.users.read"]))
+async def retrieve_user_factor(
+ context: ToolContext,
+ user_id: Annotated[str, "ID of an existing Okta user to retrieve the security factor for."],
+ user_factor_id: Annotated[
+ str, "ID of an existing user factor to retrieve details for a specific user."
+ ],
+) -> Annotated[dict[str, Any], "Response from the API endpoint 'getFactor'."]:
+ """Retrieve security factor for a specific user.
+
+ Use this tool to retrieve information about an existing security factor associated with a specified user in the Okta system. It helps in managing and reviewing user security settings.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/users/{userId}/factors/{factorId}".format( # noqa: UP032
+ userId=user_id, factorId=user_factor_id
+ ),
+ method="GET",
+ params=remove_none_values({}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.users.manage"]))
+async def unenroll_user_factor(
+ context: ToolContext,
+ user_id: Annotated[str, "ID of an existing Okta user to unenroll the factor from."],
+ user_factor_id: Annotated[str, "ID of the existing user factor to be unenrolled."],
+ remove_phone_number_as_recovery_method: Annotated[
+ bool | None,
+ "If true, removes the phone number as both a recovery method and a factor. Applicable only for 'sms' and 'call' factors.", # noqa: E501
+ ] = None,
+) -> Annotated[dict[str, Any], "Response from the API endpoint 'unenrollFactor'."]:
+ """Unenroll a factor from a specified user.
+
+ This tool unenrolls an existing factor for a specified user in Okta. It cannot unenroll a factor from a deactivated user. Use this to allow a user to enroll a new factor instead. Unenrolling certain factors may automatically unenroll related factors.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/users/{userId}/factors/{factorId}".format( # noqa: UP032
+ userId=user_id, factorId=user_factor_id
+ ),
+ method="DELETE",
+ params=remove_none_values({
+ "removeRecoveryEnrollment": remove_phone_number_as_recovery_method
+ }),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.users.manage"]))
+async def activate_user_factor(
+ context: ToolContext,
+ okta_user_id: Annotated[str, "The ID of an existing Okta user to activate the factor for."],
+ user_factor_id: Annotated[
+ str,
+ "The ID of an existing user factor to be activated. Required to specify which factor to activate for the user.", # noqa: E501
+ ],
+ activation_request_body: Annotated[
+ dict[str, str] | None,
+ "A JSON object containing the details required for activating the factor. The structure depends on the specific factor being activated.", # noqa: E501
+ ] = None,
+) -> Annotated[dict[str, Any], "Response from the API endpoint 'activateFactor'."]:
+ """Activates user authentication factors for completing enrollment.
+
+ Use this tool to activate authentication factors like call, email, push, SMS, token, U2F, and WebAuthn to complete the enrollment process for a user. Activation is essential for certain factors, and a rate limit of five attempts per five minutes is enforced.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/users/{userId}/factors/{factorId}/lifecycle/activate".format( # noqa: UP032
+ userId=okta_user_id, factorId=user_factor_id
+ ),
+ method="POST",
+ params=remove_none_values({}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({"requestBody": activation_request_body}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.users.read"]))
+async def get_push_verification_status(
+ context: ToolContext,
+ okta_user_id: Annotated[
+ str,
+ "The unique ID of the existing Okta user whose push verification status is being retrieved.", # noqa: E501
+ ],
+ user_factor_id: Annotated[
+ str, "ID of an existing user factor in Okta to check its verification status."
+ ],
+ factor_verification_transaction_id: Annotated[
+ str, "Provide the ID of an existing factor verification transaction."
+ ],
+) -> Annotated[dict[str, Any], "Response from the API endpoint 'getFactorTransactionStatus'."]:
+ """Retrieve the status of a push factor verification transaction.
+
+ Use this tool to get the status of an Okta push factor verification transaction. It is useful for determining the outcome of a push verification attempt, including specific details for a number matching push challenge if applicable.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/users/{userId}/factors/{factorId}/transactions/{transactionId}".format( # noqa: UP032
+ userId=okta_user_id,
+ factorId=user_factor_id,
+ transactionId=factor_verification_transaction_id,
+ ),
+ method="GET",
+ params=remove_none_values({}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.users.read"]))
+async def list_user_grants(
+ context: ToolContext,
+ user_id: Annotated[str, "ID of an existing Okta user for whom to list grants."],
+ scope_id_filter: Annotated[str | None, "The scope ID used to filter user grants."] = None,
+ include_scope_details: Annotated[
+ str | None,
+ "Include scope details in the response using the `_embedded` attribute. Use `scope` as the value.", # noqa: E501
+ ] = None,
+ pagination_cursor: Annotated[
+ str | None,
+ "The cursor string for pagination, obtained from the `Link` header to track the current position in the list.", # noqa: E501
+ ] = None,
+ grant_limit: Annotated[
+ int | None,
+ "Specifies the maximum number of grants to return for a user. Use an integer value to determine how many results you want to retrieve.", # noqa: E501
+ ] = None,
+) -> Annotated[dict[str, Any], "Response from the API endpoint 'listUserGrants'."]:
+ """Retrieve all grants for a specific user in Okta.
+
+ Use this tool to list all the grants assigned to a specified user in the Okta system. It's useful for understanding user permissions and access levels.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/users/{userId}/grants".format(userId=user_id), # noqa: UP032
+ method="GET",
+ params=remove_none_values({
+ "scopeId": scope_id_filter,
+ "expand": include_scope_details,
+ "after": pagination_cursor,
+ "limit": grant_limit,
+ }),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.users.manage"]))
+async def revoke_user_grants(
+ context: ToolContext,
+ user_id: Annotated[str, "The unique ID of an existing Okta user whose grants will be revoked."],
+) -> Annotated[dict[str, Any], "Response from the API endpoint 'revokeUserGrants'."]:
+ """Revokes all user grants in Okta.
+
+ Call this tool to revoke all access grants for a specified user in the Okta system. Use it when you need to remove a user's permissions or access rights.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/users/{userId}/grants".format(userId=user_id), # noqa: UP032
+ method="DELETE",
+ params=remove_none_values({}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.users.read"]))
+async def retrieve_user_grant(
+ context: ToolContext,
+ okta_user_id: Annotated[
+ str, "The unique identifier for an existing Okta user to fetch the grant for."
+ ],
+ grant_id: Annotated[
+ str, "The unique identifier of the grant to retrieve details for a specific user."
+ ],
+ include_scope_details: Annotated[
+ str | None,
+ "Specify `True` to include scope details in the `_embedded` attribute. Accepts only the value 'scope'.", # noqa: E501
+ ] = None,
+) -> Annotated[dict[str, Any], "Response from the API endpoint 'getUserGrant'."]:
+ """Fetches a specific grant for a given user.
+
+ Use this tool to retrieve details about a specific grant assigned to a user, identified by user ID and grant ID.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/users/{userId}/grants/{grantId}".format( # noqa: UP032
+ userId=okta_user_id, grantId=grant_id
+ ),
+ method="GET",
+ params=remove_none_values({"expand": include_scope_details}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.users.manage"]))
+async def revoke_user_grant(
+ context: ToolContext,
+ okta_user_id: Annotated[
+ str, "The unique identifier of an existing user in Okta whose grant is to be revoked."
+ ],
+ grant_id: Annotated[
+ str, "The unique identifier of the grant to be revoked for the specified user."
+ ],
+) -> Annotated[dict[str, Any], "Response from the API endpoint 'revokeUserGrant'."]:
+ """Revoke a specific grant for a user in Okta.
+
+ This tool revokes a specific access grant for a specified user in the Okta system, identified by user ID and grant ID.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/users/{userId}/grants/{grantId}".format( # noqa: UP032
+ userId=okta_user_id, grantId=grant_id
+ ),
+ method="DELETE",
+ params=remove_none_values({}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.userRisk.read"]))
+async def retrieve_user_risk(
+ context: ToolContext,
+ user_id: Annotated[str, "ID of an existing Okta user to retrieve the risk profile for."],
+) -> Annotated[dict[str, Any], "Response from the API endpoint 'getUserRisk'."]:
+ """Get the risk profile of a specific user by ID.
+
+ Use this tool to obtain the risk profile associated with a specific user by their ID. It provides insights into potential security concerns or anomalies related to the user.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/users/{userId}/risk".format(userId=user_id), # noqa: UP032
+ method="GET",
+ params=remove_none_values({}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.roles.read"]))
+async def get_user_roles(
+ context: ToolContext,
+ user_id: Annotated[str, "The ID of an existing Okta user to retrieve assigned roles for."],
+ include_role_targets: Annotated[
+ str | None,
+ "Optional parameter to include targets configured for standard role assignments. Use `targets/groups` or `targets/catalog/apps`.", # noqa: E501
+ ] = None,
+) -> Annotated[dict[str, Any], "Response from the API endpoint 'listAssignedRolesForUser'."]:
+ """Retrieve roles assigned to a specific user by user ID.
+
+ Use this tool to list all roles that have been assigned to a user by their `userId`. It should be called when there's a need to determine a user's permissions or access within a system.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/users/{userId}/roles".format(userId=user_id), # noqa: UP032
+ method="GET",
+ params=remove_none_values({"expand": include_role_targets}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.roles.manage"]))
+async def assign_role_to_user(
+ context: ToolContext,
+ user_id: Annotated[
+ str, "The unique ID of an existing Okta user to whom the role will be assigned."
+ ],
+ role_assignment_details: Annotated[
+ dict[str, str],
+ "Details of the role assignment including type (standard or custom) and relevant configuration.", # noqa: E501
+ ],
+ disable_notifications: Annotated[
+ bool | None, "Set to `true` to grant the user third-party admin status."
+ ] = None,
+) -> Annotated[dict[str, Any], "Response from the API endpoint 'assignRoleToUser'."]:
+ """Assign a standard role to a specified user.
+
+ This tool assigns a standard role to a user in the Okta system. It should be used when you need to add a role to a user. Note that standard and custom role assignments require different request payloads.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/users/{userId}/roles".format(userId=user_id), # noqa: UP032
+ method="POST",
+ params=remove_none_values({"disableNotifications": disable_notifications}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({"requestBody": role_assignment_details}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.roles.read"]))
+async def get_user_assigned_role(
+ context: ToolContext,
+ user_id: Annotated[
+ str, "Provide the ID of an existing Okta user to retrieve their role assignment."
+ ],
+ role_assignment_id: Annotated[
+ str,
+ "The unique identifier of the role assignment for a user. This ID is required to specify which role is being retrieved.", # noqa: E501
+ ],
+) -> Annotated[dict[str, Any], "Response from the API endpoint 'getUserAssignedRole'."]:
+ """Retrieve a specific role assigned to a user.
+
+ Use this tool to get information about a role assigned to a specific user by providing the user's `userId` and the `roleAssignmentId`. This can be used to access details about standard or custom role assignments.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/users/{userId}/roles/{roleAssignmentId}".format( # noqa: UP032
+ userId=user_id, roleAssignmentId=role_assignment_id
+ ),
+ method="GET",
+ params=remove_none_values({}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.roles.manage"]))
+async def unassign_user_role(
+ context: ToolContext,
+ user_id: Annotated[str, "ID of an existing Okta user to unassign the role from."],
+ role_assignment_id: Annotated[
+ str, "The ID of the role assignment to be unassigned from the user."
+ ],
+) -> Annotated[dict[str, Any], "Response from the API endpoint 'unassignRoleFromUser'."]:
+ """Unassign a role from a specific user.
+
+ This tool removes a role assignment from a user based on provided `userId` and `roleAssignmentId`. It should be called when a user's role needs to be unassigned.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/users/{userId}/roles/{roleAssignmentId}".format( # noqa: UP032
+ userId=user_id, roleAssignmentId=role_assignment_id
+ ),
+ method="DELETE",
+ params=remove_none_values({}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.roles.read"]))
+async def get_user_role_governance_sources(
+ context: ToolContext,
+ okta_user_id: Annotated[
+ str, "ID of an existing Okta user to retrieve role governance sources."
+ ],
+ role_assignment_id: Annotated[
+ str,
+ "The ID of the role assignment associated with the user. This is required to retrieve governance sources for the role.", # noqa: E501
+ ],
+) -> Annotated[dict[str, Any], "Response from the API endpoint 'getUserAssignedRoleGovernance'."]:
+ """Retrieve governance sources for a user's assigned role.
+
+ This tool fetches the governance sources associated with a specific role assigned to a user, identified by their `roleAssignmentId` and `userId`. Use this when you need detailed governance information for a user's role.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/users/{userId}/roles/{roleAssignmentId}/governance".format( # noqa: UP032
+ userId=okta_user_id, roleAssignmentId=role_assignment_id
+ ),
+ method="GET",
+ params=remove_none_values({}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.roles.read"]))
+async def retrieve_role_assignment_governance_details(
+ context: ToolContext,
+ user_id: Annotated[
+ str,
+ "The unique identifier for an existing Okta user. This ID is required to retrieve governance details related to their role assignments.", # noqa: E501
+ ],
+ role_assignment_id: Annotated[
+ str,
+ "The ID of the role assignment linked to the user. Required for retrieving governance details.", # noqa: E501
+ ],
+ grant_id: Annotated[
+ str,
+ "The ID for the specific grant related to the user's role assignment. This is used to retrieve governance details.", # noqa: E501
+ ],
+) -> Annotated[
+ dict[str, Any], "Response from the API endpoint 'getRoleAssignmentGovernanceGrant'."
+]:
+ """Retrieve governance details for a user's role assignment.
+
+ This tool retrieves governance source information for a specific role assigned to a user. It should be called when you need detailed governance data about a user's role assignment identified by specific role and grant IDs.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/users/{userId}/roles/{roleAssignmentId}/governance/{grantId}".format( # noqa: UP032
+ userId=user_id, roleAssignmentId=role_assignment_id, grantId=grant_id
+ ),
+ method="GET",
+ params=remove_none_values({}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.roles.read"]))
+async def retrieve_user_role_governance_resources(
+ context: ToolContext,
+ okta_user_id: Annotated[
+ str, "ID of an existing Okta user for which the resources are being retrieved."
+ ],
+ role_assignment_id: Annotated[
+ str, "The ID of the role assignment. Required to fetch governance resources for the user."
+ ],
+ grant_id: Annotated[
+ str,
+ "Specify the Grant ID to retrieve role governance resources for a user. This ID identifies the governance source related to the role.", # noqa: E501
+ ],
+) -> Annotated[
+ dict[str, Any], "Response from the API endpoint 'getRoleAssignmentGovernanceGrantResources'."
+]:
+ """Retrieve resources for a user's role governance.
+
+ Fetches resources associated with a specific governance source for a role assigned to a user by using the user ID, role assignment ID, and grant ID.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/users/{userId}/roles/{roleAssignmentId}/governance/{grantId}/resources".format( # noqa: UP032
+ userId=okta_user_id, roleAssignmentId=role_assignment_id, grantId=grant_id
+ ),
+ method="GET",
+ params=remove_none_values({}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.roles.read"]))
+async def list_app_targets_for_user_admin_role(
+ context: ToolContext,
+ user_id: Annotated[
+ str, "The ID of an existing Okta user for which app targets are being retrieved."
+ ],
+ role_assignment_id: Annotated[str, "The ID of the role assignment for the user."],
+ pagination_cursor: Annotated[
+ str | None,
+ "The cursor for pagination to specify the current list location, obtained from the 'Link' response header.", # noqa: E501
+ ] = None,
+ max_objects_to_return: Annotated[
+ int | None, "Specifies the maximum number of app targets to return."
+ ] = None,
+) -> Annotated[
+ dict[str, Any],
+ "Response from the API endpoint 'listApplicationTargetsForApplicationAdministratorRoleForUser'.", # noqa: E501
+]:
+ """Retrieve app targets for a user's admin role in Okta.
+
+ Use this tool to get a list of application targets associated with an 'APP_ADMIN' role assigned to a specific user in Okta. The returned list includes OIN-cataloged applications or app instances, with the 'id' property for app instances.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/users/{userId}/roles/{roleAssignmentId}/targets/catalog/apps".format( # noqa: UP032
+ userId=user_id, roleAssignmentId=role_assignment_id
+ ),
+ method="GET",
+ params=remove_none_values({"after": pagination_cursor, "limit": max_objects_to_return}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.roles.manage"]))
+async def assign_apps_to_role_for_user(
+ context: ToolContext,
+ okta_user_id: Annotated[str, "ID of an existing Okta user to assign apps to their role."],
+ role_assignment_id: Annotated[
+ str,
+ "The ID of the specific role assignment to which all apps will be assigned for the user.",
+ ],
+) -> Annotated[
+ dict[str, Any], "Response from the API endpoint 'assignAllAppsAsTargetToRoleForUser'."
+]:
+ """Assigns all applications to a user's role in Okta.
+
+ Use this tool to assign all available applications to a specified user's `APP_ADMIN` role in Okta. It should be called when you need to automate the process of granting a user access to all applications under a specific role.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/users/{userId}/roles/{roleAssignmentId}/targets/catalog/apps".format( # noqa: UP032
+ userId=okta_user_id, roleAssignmentId=role_assignment_id
+ ),
+ method="PUT",
+ params=remove_none_values({}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.roles.manage"]))
+async def set_app_admin_role_target(
+ context: ToolContext,
+ user_id: Annotated[str, "ID of an existing Okta user to whom the app target will be assigned."],
+ role_assignment_id: Annotated[
+ str,
+ "The ID of the role assignment to identify which admin role to assign the app target to.",
+ ],
+ app_name: Annotated[
+ str,
+ "Specify the name of the app definition as listed in the OIN catalog. This targets the app for admin role assignment.", # noqa: E501
+ ],
+) -> Annotated[
+ dict[str, Any], "Response from the API endpoint 'assignAppTargetToAdminRoleForUser'."
+]:
+ """Assign an app target to an admin role for a user.
+
+ Assigns a specific OIN app target to an admin user's APP_ADMIN role, reducing the role's scope to the specified app. Overrides existing app instance targets for the OIN app, making the user admin for all instances of the specified app.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/users/{userId}/roles/{roleAssignmentId}/targets/catalog/apps/{appName}".format( # noqa: UP032
+ userId=user_id, roleAssignmentId=role_assignment_id, appName=app_name
+ ),
+ method="PUT",
+ params=remove_none_values({}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.roles.manage"]))
+async def remove_app_target_from_role(
+ context: ToolContext,
+ okta_user_id: Annotated[
+ str, "ID of an existing Okta user to unassign an app target from the role."
+ ],
+ role_assignment_id: Annotated[
+ str, "The unique identifier of the role assignment to be unassigned from the user."
+ ],
+ app_name: Annotated[str, "Name of the app definition from the OIN catalog (the app key name)."],
+) -> Annotated[
+ dict[str, Any], "Response from the API endpoint 'unassignAppTargetFromAppAdminRoleForUser'."
+]:
+ """Unassign an app target from an admin role for a user.
+
+ This tool is used to unassign an OIN app target from an `APP_ADMIN` role assigned to an admin user in Okta. Note that the last app target cannot be removed if it causes an exception. To cover all apps, delete the role assignment and recreate it with the desired settings.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/users/{userId}/roles/{roleAssignmentId}/targets/catalog/apps/{appName}".format( # noqa: UP032
+ userId=okta_user_id, roleAssignmentId=role_assignment_id, appName=app_name
+ ),
+ method="DELETE",
+ params=remove_none_values({}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.roles.manage"]))
+async def assign_app_target_to_user_role(
+ context: ToolContext,
+ user_id: Annotated[
+ str, "ID of an existing Okta user to which the app instance target is assigned."
+ ],
+ role_assignment_id: Annotated[
+ str, "The ID of the role assignment for the user to which the app target will be assigned."
+ ],
+ app_name: Annotated[str, "The name of the app definition in the OIN catalog key name format."],
+ application_id: Annotated[
+ str,
+ "The unique identifier for a specific application. Used to narrow the user's admin role to this app instance.", # noqa: E501
+ ],
+) -> Annotated[
+ dict[str, Any], "Response from the API endpoint 'assignAppInstanceTargetToAppAdminRoleForUser'."
+]:
+ """Assign an app target to a user's admin role.
+
+ This tool assigns a specific app instance target to a user's `APP_ADMIN` role, thereby reducing the role's scope to the specified target. It should be used when limiting a user's app management permissions to particular app instances.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/users/{userId}/roles/{roleAssignmentId}/targets/catalog/apps/{appName}/{appId}".format( # noqa: UP032
+ userId=user_id,
+ roleAssignmentId=role_assignment_id,
+ appName=app_name,
+ appId=application_id,
+ ),
+ method="PUT",
+ params=remove_none_values({}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.roles.manage"]))
+async def unassign_app_instance_from_admin_role(
+ context: ToolContext,
+ okta_user_id: Annotated[
+ str, "ID of an existing Okta user to unassign the app instance target from."
+ ],
+ role_assignment_id: Annotated[
+ str, "The unique identifier for the role assignment to unassign the app instance from."
+ ],
+ app_name: Annotated[
+ str, "The official name of the app definition, as found in the OIN catalog."
+ ],
+ application_id: Annotated[
+ str,
+ "The unique identifier for the application instance to be unassigned from the admin role.",
+ ],
+) -> Annotated[
+ dict[str, Any],
+ "Response from the API endpoint 'unassignAppInstanceTargetFromAdminRoleForUser'.",
+]:
+ """Unassign an app instance target from an admin role.
+
+ Use this tool to unassign a specific app instance target from an `APP_ADMIN` role assigned to an admin user. Note that you cannot remove the last app instance target from a role assignment to avoid exceptions. If a role needs to apply to all apps, consider deleting and recreating the `APP_ADMIN` role assignment.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/users/{userId}/roles/{roleAssignmentId}/targets/catalog/apps/{appName}/{appId}".format( # noqa: UP032
+ userId=okta_user_id,
+ roleAssignmentId=role_assignment_id,
+ appName=app_name,
+ appId=application_id,
+ ),
+ method="DELETE",
+ params=remove_none_values({}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.roles.read"]))
+async def get_group_targets_for_role(
+ context: ToolContext,
+ user_id: Annotated[str, "The ID of an existing Okta user to fetch group targets for."],
+ role_assignment_id: Annotated[
+ str, "The ID of the role assignment for which to list group targets."
+ ],
+ pagination_cursor: Annotated[
+ str | None,
+ "The cursor string for pagination, obtained from the `Link` response header to specify the current location in the list.", # noqa: E501
+ ] = None,
+ max_results_to_return: Annotated[
+ int | None,
+ "The maximum number of group targets to return. Specify an integer value to limit the results.", # noqa: E501
+ ] = None,
+) -> Annotated[dict[str, Any], "Response from the API endpoint 'listGroupTargetsForRole'."]:
+ """Retrieve group targets for specific admin roles in Okta.
+
+ Use this tool to list all group targets for a specified `USER_ADMIN`, `HELP_DESK_ADMIN`, or `GROUP_MEMBERSHIP_ADMIN` role assigned to an admin user. Returns an empty list if the role has no specific group targets.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/users/{userId}/roles/{roleAssignmentId}/targets/groups".format( # noqa: UP032
+ userId=user_id, roleAssignmentId=role_assignment_id
+ ),
+ method="GET",
+ params=remove_none_values({"after": pagination_cursor, "limit": max_results_to_return}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.roles.manage"]))
+async def assign_group_target_to_user_role(
+ context: ToolContext,
+ okta_user_id: Annotated[
+ str, "The ID of an existing Okta user to whom the group target is assigned."
+ ],
+ role_assignment_id: Annotated[
+ str,
+ "The unique identifier of the role assignment to which the group target will be assigned.",
+ ],
+ group_id: Annotated[
+ str, "The unique identifier of the group to assign to the user's admin role."
+ ],
+) -> Annotated[dict[str, Any], "Response from the API endpoint 'assignGroupTargetToUserRole'."]:
+ """Assign a group target to a specified user role.
+
+ Use this tool to assign a specified group target to a user's admin role, such as USER_ADMIN, HELP_DESK_ADMIN, or GROUP_MEMBERSHIP_ADMIN. This allows narrowing the scope of the role to specific groups, rather than applying universally.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/users/{userId}/roles/{roleAssignmentId}/targets/groups/{groupId}".format( # noqa: UP032
+ userId=okta_user_id, roleAssignmentId=role_assignment_id, groupId=group_id
+ ),
+ method="PUT",
+ params=remove_none_values({}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.roles.manage"]))
+async def unassign_group_from_user_admin_role(
+ context: ToolContext,
+ okta_user_id: Annotated[
+ str,
+ "The unique identifier for an existing Okta user to be used in unassigning a group from their admin role.", # noqa: E501
+ ],
+ role_assignment_id: Annotated[str, "The ID of the role assignment to unassign a group from."],
+ group_id: Annotated[
+ str, "The unique identifier for the group to be unassigned from the admin role."
+ ],
+) -> Annotated[
+ dict[str, Any], "Response from the API endpoint 'unassignGroupTargetFromUserAdminRole'."
+]:
+ """Unassign a group from a user's admin role.
+
+ Use this tool to unassign a group target from a `USER_ADMIN`, `HELP_DESK_ADMIN`, or `GROUP_MEMBERSHIP_ADMIN` role for an admin user. Note that you cannot remove the last group target if it causes an exception. Consider deleting and recreating the role assignment if needed.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/users/{userId}/roles/{roleAssignmentId}/targets/groups/{groupId}".format( # noqa: UP032
+ userId=okta_user_id, roleAssignmentId=role_assignment_id, groupId=group_id
+ ),
+ method="DELETE",
+ params=remove_none_values({}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.roles.read"]))
+async def get_role_targets_by_user_and_role(
+ context: ToolContext,
+ user_id: Annotated[
+ str,
+ "The unique ID of an existing Okta user to retrieve role targets for, required for identifying the user within Okta.", # noqa: E501
+ ],
+ role_id_or_encoded_role_name: Annotated[
+ str,
+ "The ID of the role or its Base32 encoded name to specify which role's targets to retrieve.", # noqa: E501
+ ],
+ user_assignment_type: Annotated[
+ str | None, "Specifies the assignment type of the user, either 'USER' or 'GROUP'."
+ ] = None,
+ pagination_cursor: Annotated[
+ str | None,
+ "The opaque string used for pagination, indicating your current position in the list, obtained from the `Link` response header.", # noqa: E501
+ ] = None,
+ object_limit: Annotated[
+ int | None, "Specify the maximum number of role targets to return."
+ ] = None,
+) -> Annotated[dict[str, Any], "Response from the API endpoint 'getRoleTargetsByUserIdAndRoleId'."]:
+ """Retrieve role targets for a user's specific role.
+
+ This tool retrieves all role targets assigned to a specific user with a given role in Okta. It is useful for identifying which applications or groups a user with a certain administrative role can manage. If there are no specific targets, an empty list is returned.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/users/{userId}/roles/{roleIdOrEncodedRoleId}/targets".format( # noqa: UP032
+ userId=user_id, roleIdOrEncodedRoleId=role_id_or_encoded_role_name
+ ),
+ method="GET",
+ params=remove_none_values({
+ "assignmentType": user_assignment_type,
+ "after": pagination_cursor,
+ "limit": object_limit,
+ }),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.users.manage"]))
+async def revoke_user_sessions(
+ context: ToolContext,
+ okta_user_id: Annotated[
+ str, "The unique identifier for an existing Okta user whose sessions will be revoked."
+ ],
+ revoke_oauth_tokens: Annotated[
+ bool | None,
+ "Set to true to revoke issued OpenID Connect and OAuth refresh and access tokens.",
+ ] = None,
+ clear_remembered_factors_for_all_devices: Annotated[
+ bool | None,
+ "Set to true to clear the user's remembered factors for all devices. Defaults to false in Classic Engine.", # noqa: E501
+ ] = None,
+) -> Annotated[dict[str, Any], "Response from the API endpoint 'revokeUserSessions'."]:
+ """Revoke all active sessions for a user in Okta.
+
+ Use this tool to revoke all active identity provider sessions for a specified user in Okta. This action requires the user to re-authenticate on the next action. Optionally, you can also revoke associated OpenID Connect and OAuth tokens and clear remembered factors across devices. This does not affect sessions for web or native apps.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/users/{userId}/sessions".format(userId=okta_user_id), # noqa: UP032
+ method="DELETE",
+ params=remove_none_values({
+ "oauthTokens": revoke_oauth_tokens,
+ "forgetDevices": clear_remembered_factors_for_all_devices,
+ }),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.users.read"]))
+async def list_user_subscriptions(
+ context: ToolContext,
+ user_id: Annotated[
+ str,
+ "The unique identifier for the user whose subscriptions you want to retrieve. Ensure you have access rights to this user's data to avoid an `AccessDeniedException`.", # noqa: E501
+ ],
+) -> Annotated[dict[str, Any], "Response from the API endpoint 'listSubscriptionsUser'."]:
+ """Retrieve all subscriptions for a specified user.
+
+ Use this tool to get a list of all subscriptions that are available to a specific user in Okta. Ensure that you request for a user you have access to, as requests for other users will result in an `AccessDeniedException`.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/users/{userId}/subscriptions".format(userId=user_id), # noqa: UP032
+ method="GET",
+ params=remove_none_values({}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.users.read"]))
+async def get_user_subscription_by_notification_type(
+ context: ToolContext,
+ user_id: Annotated[
+ str, "The unique identifier for the user whose subscription details are being retrieved."
+ ],
+ notification_type: Annotated[
+ str,
+ "Specify the type of notification to retrieve user subscription details. Valid values include: AD_AGENT, AGENT_AUTO_UPDATE_NOTIFICATION, AGENT_AUTO_UPDATE_NOTIFICATION_LDAP, APP_IMPORT, CONNECTOR_AGENT, IWA_AGENT, LDAP_AGENT, OKTA_ANNOUNCEMENT, OKTA_UPDATE, RATELIMIT_NOTIFICATION, REPORT_SUSPICIOUS_ACTIVITY, USER_DEPROVISION, USER_LOCKED_OUT.", # noqa: E501
+ ],
+) -> Annotated[
+ dict[str, Any], "Response from the API endpoint 'getSubscriptionsNotificationTypeUser'."
+]:
+ """Retrieve a user's subscription by notification type.
+
+ Use this tool to get subscription information for a specified user's notification type. It should be called when you need to access a user's subscription details for a particular notification type. Access is restricted to the specified user only.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/users/{userId}/subscriptions/{notificationType}".format( # noqa: UP032
+ userId=user_id, notificationType=notification_type
+ ),
+ method="GET",
+ params=remove_none_values({}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.users.manage"]))
+async def subscribe_user_to_notification(
+ context: ToolContext,
+ current_user_id: Annotated[
+ str,
+ "The unique identifier of the current user to subscribe to the notification. Only the current user's ID is allowed.", # noqa: E501
+ ],
+ notification_type: Annotated[
+ str,
+ "Specify the type of notification to subscribe the user to. Choose from: AD_AGENT, AGENT_AUTO_UPDATE_NOTIFICATION, AGENT_AUTO_UPDATE_NOTIFICATION_LDAP, APP_IMPORT, CONNECTOR_AGENT, IWA_AGENT, LDAP_AGENT, OKTA_ANNOUNCEMENT, OKTA_UPDATE, RATELIMIT_NOTIFICATION, REPORT_SUSPICIOUS_ACTIVITY, USER_DEPROVISION, USER_LOCKED_OUT.", # noqa: E501
+ ],
+) -> Annotated[dict[str, Any], "Response from the API endpoint 'subscribeByNotificationTypeUser'."]:
+ """Subscribe a user to a specific notification type.
+
+ Use this tool to subscribe the current user to a specified notification type in Okta. Access is denied if attempting to subscribe for another user.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/users/{userId}/subscriptions/{notificationType}/subscribe".format( # noqa: UP032
+ userId=current_user_id, notificationType=notification_type
+ ),
+ method="POST",
+ params=remove_none_values({}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.users.manage"]))
+async def unsubscribe_user_notification(
+ context: ToolContext,
+ current_user_id: Annotated[
+ str,
+ "The ID of the current user unsubscribing from the notification type. Must be the ID of the user making the request.", # noqa: E501
+ ],
+ notification_type: Annotated[
+ str,
+ "Specifies the type of notification to unsubscribe from. Valid types include 'AD_AGENT', 'APP_IMPORT', 'USER_LOCKED_OUT', etc.", # noqa: E501
+ ],
+) -> Annotated[
+ dict[str, Any], "Response from the API endpoint 'unsubscribeByNotificationTypeUser'."
+]:
+ """Unsubscribe a user from a specific notification type.
+
+ Use this tool to unsubscribe the current user from a specified notification type. This should be called when a user wants to stop receiving certain notifications. Only applicable to the current user; will return an error if attempted for another user.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/users/{userId}/subscriptions/{notificationType}/unsubscribe".format( # noqa: UP032
+ userId=current_user_id, notificationType=notification_type
+ ),
+ method="POST",
+ params=remove_none_values({}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.networkZones.read"]))
+async def list_network_zones(
+ context: ToolContext,
+ pagination_cursor_after: Annotated[
+ str | None,
+ "The cursor for retrieving the next page of results. Used for pagination to specify the starting point after the given item.", # noqa: E501
+ ] = None,
+ max_results: Annotated[
+ int | None,
+ "The maximum number of network zones to retrieve in one call. This helps control pagination.", # noqa: E501
+ ] = None,
+ filter_expression: Annotated[
+ str | None,
+ "A URL-encoded string to filter network zones by id, usage, or system properties.",
+ ] = None,
+) -> Annotated[dict[str, Any], "Response from the API endpoint 'listNetworkZones'."]:
+ """Retrieve all network zones with optional filtering.
+
+ This tool retrieves all network zones from Okta, allowing for optional filtering based on zone ID, usage, or system properties. It supports pagination and URL-encoded filter expressions.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/zones",
+ method="GET",
+ params=remove_none_values({
+ "after": pagination_cursor_after,
+ "limit": max_results,
+ "filter": filter_expression,
+ }),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.networkZones.read"]))
+async def get_network_zone(
+ context: ToolContext,
+ network_zone_id: Annotated[str, "The unique identifier of the Network Zone to retrieve."],
+) -> Annotated[dict[str, Any], "Response from the API endpoint 'getNetworkZone'."]:
+ """Retrieve details of a network zone by ID from Okta.
+
+ Use this tool to fetch detailed information about a specific network zone in Okta using the zone ID.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/zones/{zoneId}".format(zoneId=network_zone_id), # noqa: UP032
+ method="GET",
+ params=remove_none_values({}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.networkZones.manage"]))
+async def delete_network_zone(
+ context: ToolContext,
+ network_zone_id: Annotated[
+ str,
+ "The ID of the network zone to be deleted. Ensure it is not in use by a policy or rule.",
+ ],
+) -> Annotated[dict[str, Any], "Response from the API endpoint 'deleteNetworkZone'."]:
+ """Delete a specific network zone by its ID.
+
+ Deletes a network zone identified by `zoneId`. Ensure the network zone is not used by a policy or rule and has an appropriate status for deletion in Okta Identity Engine orgs.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/zones/{zoneId}".format(zoneId=network_zone_id), # noqa: UP032
+ method="DELETE",
+ params=remove_none_values({}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.networkZones.manage"]))
+async def activate_network_zone(
+ context: ToolContext,
+ network_zone_id: Annotated[
+ str,
+ "The unique identifier (`id`) of the Network Zone to be activated. This is required to specify which network zone you want to activate in Okta.", # noqa: E501
+ ],
+) -> Annotated[dict[str, Any], "Response from the API endpoint 'activateNetworkZone'."]:
+ """Activate a specified network zone by zoneId.
+
+ Use this tool to activate a network zone in Okta by providing the zone ID. Call this when you need to enable or re-enable a network zone that is currently inactive.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/zones/{zoneId}/lifecycle/activate".format( # noqa: UP032
+ zoneId=network_zone_id
+ ),
+ method="POST",
+ params=remove_none_values({}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.networkZones.manage"]))
+async def deactivate_network_zone(
+ context: ToolContext,
+ network_zone_id: Annotated[str, "The ID of the Network Zone to be deactivated."],
+) -> Annotated[dict[str, Any], "Response from the API endpoint 'deactivateNetworkZone'."]:
+ """Deactivate a network zone by its ID using Okta.
+
+ This tool deactivates a specified network zone in Okta based on the provided `zoneId`. It should be used when you need to disable access or function of a particular network zone.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/api/v1/zones/{zoneId}/lifecycle/deactivate".format( # noqa: UP032
+ zoneId=network_zone_id
+ ),
+ method="POST",
+ params=remove_none_values({}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.orgs.read"]))
+async def get_authenticator_settings(
+ context: ToolContext,
+) -> Annotated[dict[str, Any], "Response from the API endpoint 'getAuthenticatorSettings'."]:
+ """Retrieve Authenticator Settings for your organization.
+
+ Use this tool to get the current Authenticator Settings for your organization, useful for security configuration and management.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/attack-protection/api/v1/authenticator-settings",
+ method="GET",
+ params=remove_none_values({}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.orgs.read"]))
+async def get_user_lockout_settings(
+ context: ToolContext,
+) -> Annotated[dict[str, Any], "Response from the API endpoint 'getUserLockoutSettings'."]:
+ """Retrieve user lockout settings for an organization.
+
+ This tool fetches the user lockout settings for an organization. It should be called when you need to know how user lockouts are configured in a given organization.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/attack-protection/api/v1/user-lockout-settings",
+ method="GET",
+ params=remove_none_values({}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.orgs.read"]))
+async def check_mfa_number_matching_status(
+ context: ToolContext,
+) -> Annotated[
+ dict[str, Any],
+ "Response from the API endpoint 'getDesktopMFAEnforceNumberMatchingChallengeOrgSetting'.",
+]:
+ """Check if MFA Number Matching is enabled for your org.
+
+ Use this tool to determine whether the Desktop MFA Enforce Number Matching Challenge feature is enabled or disabled for your organization.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/device-access/api/v1/desktop-mfa/enforce-number-matching-challenge-settings",
+ method="GET",
+ params=remove_none_values({}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.orgs.read"]))
+async def check_mfa_recovery_pin_status(
+ context: ToolContext,
+) -> Annotated[
+ dict[str, Any], "Response from the API endpoint 'getDesktopMFARecoveryPinOrgSetting'."
+]:
+ """Check if the Desktop MFA Recovery PIN feature is enabled.
+
+ Use this tool to determine whether the Desktop MFA Recovery PIN feature is enabled for your organization.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/device-access/api/v1/desktop-mfa/recovery-pin-settings",
+ method="GET",
+ params=remove_none_values({}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.oauthIntegrations.read"]))
+async def list_api_service_integrations(
+ context: ToolContext,
+ pagination_cursor: Annotated[
+ str | None,
+ "Opaque string for pagination to specify the current location in the list, obtained from the `Link` header.", # noqa: E501
+ ] = None,
+) -> Annotated[
+ dict[str, Any], "Response from the API endpoint 'listApiServiceIntegrationInstances'."
+]:
+ """Retrieve all API Service Integration instances.
+
+ Use this tool to list all API Service Integration instances available in Okta, with optional pagination for navigating through results.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/integrations/api/v1/api-services",
+ method="GET",
+ params=remove_none_values({"after": pagination_cursor}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.oauthIntegrations.read"]))
+async def retrieve_api_service_integration(
+ context: ToolContext,
+ api_service_integration_id: Annotated[
+ str, "The ID of the API Service Integration instance to retrieve details for."
+ ],
+) -> Annotated[
+ dict[str, Any], "Response from the API endpoint 'getApiServiceIntegrationInstance'."
+]:
+ """Retrieve an API Service Integration instance by ID.
+
+ Use this tool to get detailed information about a specific API Service Integration instance by providing its ID.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/integrations/api/v1/api-services/{apiServiceId}".format( # noqa: UP032
+ apiServiceId=api_service_integration_id
+ ),
+ method="GET",
+ params=remove_none_values({}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.oauthIntegrations.manage"]))
+async def delete_api_service_integration_instance(
+ context: ToolContext,
+ api_service_integration_id: Annotated[
+ str, "`id` of the API Service Integration instance to be deleted."
+ ],
+) -> Annotated[
+ dict[str, Any], "Response from the API endpoint 'deleteApiServiceIntegrationInstance'."
+]:
+ """Delete an API Service Integration instance by ID.
+
+ This tool deletes an API Service Integration instance using its ID. It should be called when you need to remove an integration and revoke all associated access scopes.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/integrations/api/v1/api-services/{apiServiceId}".format( # noqa: UP032
+ apiServiceId=api_service_integration_id
+ ),
+ method="DELETE",
+ params=remove_none_values({}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.oauthIntegrations.read"]))
+async def list_api_service_secrets(
+ context: ToolContext,
+ api_service_id: Annotated[
+ str,
+ "The unique identifier of the API Service Integration instance to retrieve secrets for.",
+ ],
+) -> Annotated[
+ dict[str, Any], "Response from the API endpoint 'listApiServiceIntegrationInstanceSecrets'."
+]:
+ """Retrieve client secrets for an API service integration.
+
+ Use this tool to list all client secrets for a specific API Service Integration instance using the `apiServiceId`.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/integrations/api/v1/api-services/{apiServiceId}/credentials/secrets".format( # noqa: UP032
+ apiServiceId=api_service_id
+ ),
+ method="GET",
+ params=remove_none_values({}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.oauthIntegrations.manage"]))
+async def create_api_service_secret(
+ context: ToolContext,
+ integration_instance_id: Annotated[
+ str,
+ "The ID of the Okta API Service Integration instance for which the secret is being created.", # noqa: E501
+ ],
+) -> Annotated[
+ dict[str, Any], "Response from the API endpoint 'createApiServiceIntegrationInstanceSecret'."
+]:
+ """Create an API Service Integration Secret in Okta.
+
+ Generates a new active client secret for an Okta API Service Integration instance. This tool should be called when you need to create a secret object, with a limit of two secrets per instance. An error occurs if more than two are attempted.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/integrations/api/v1/api-services/{apiServiceId}/credentials/secrets".format( # noqa: UP032
+ apiServiceId=integration_instance_id
+ ),
+ method="POST",
+ params=remove_none_values({}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.oauthIntegrations.manage"]))
+async def delete_inactive_secret(
+ context: ToolContext,
+ api_service_integration_instance_id: Annotated[
+ str, "The ID of the API Service Integration instance to which the secret belongs."
+ ],
+ secret_id: Annotated[
+ str,
+ "The ID of the API Service Integration instance Secret to be deleted. It must refer to an inactive secret.", # noqa: E501
+ ],
+) -> Annotated[
+ dict[str, Any], "Response from the API endpoint 'deleteApiServiceIntegrationInstanceSecret'."
+]:
+ """Delete an inactive API service integration secret.
+
+ Use this tool to delete an inactive secret from an API service integration using the specified `secretId`. This operation is only possible for secrets that are no longer active.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/integrations/api/v1/api-services/{apiServiceId}/credentials/secrets/{secretId}".format( # noqa: UP032
+ apiServiceId=api_service_integration_instance_id, secretId=secret_id
+ ),
+ method="DELETE",
+ params=remove_none_values({}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.oauthIntegrations.manage"]))
+async def activate_service_integration_secret(
+ context: ToolContext,
+ service_integration_instance_id: Annotated[
+ str, "The `id` of the API Service Integration instance to activate the secret for."
+ ],
+ secret_id: Annotated[
+ str,
+ "The ID of the API Service Integration instance Secret to activate. Provide a valid secret identifier.", # noqa: E501
+ ],
+) -> Annotated[
+ dict[str, Any], "Response from the API endpoint 'activateApiServiceIntegrationInstanceSecret'."
+]:
+ """Activate an API Service Integration instance secret.
+
+ Use this tool to activate a specific secret for an API service integration instance by providing the `secretId`.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/integrations/api/v1/api-services/{apiServiceId}/credentials/secrets/{secretId}/lifecycle/activate".format( # noqa: UP032
+ apiServiceId=service_integration_instance_id, secretId=secret_id
+ ),
+ method="POST",
+ params=remove_none_values({}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.oauthIntegrations.manage"]))
+async def deactivate_service_secret(
+ context: ToolContext,
+ api_service_integration_instance_id: Annotated[
+ str, "The ID of the API Service Integration instance to deactivate the secret for."
+ ],
+ secret_id: Annotated[
+ str, "The ID of the API Service Integration instance secret to be deactivated."
+ ],
+) -> Annotated[
+ dict[str, Any],
+ "Response from the API endpoint 'deactivateApiServiceIntegrationInstanceSecret'.",
+]:
+ """Deactivate an API Service Integration instance secret.
+
+ Use this tool to deactivate a specific secret in an API Service Integration instance, identified by `secretId`. It should be called when you need to revoke access associated with that secret.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/integrations/api/v1/api-services/{apiServiceId}/credentials/secrets/{secretId}/lifecycle/deactivate".format( # noqa: UP032
+ apiServiceId=api_service_integration_instance_id, secretId=secret_id
+ ),
+ method="POST",
+ params=remove_none_values({}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.roles.read"]))
+async def list_roles_for_client(
+ context: ToolContext,
+ client_app_id: Annotated[
+ str, "The unique identifier of the client application for which roles are being listed."
+ ],
+) -> Annotated[dict[str, Any], "Response from the API endpoint 'listRolesForClient'."]:
+ """Lists all roles assigned to a specific client app.
+
+ Use this tool to retrieve all roles assigned to a client application by providing the client ID. This can help in understanding client access and permissions.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/oauth2/v1/clients/{clientId}/roles".format( # noqa: UP032
+ clientId=client_app_id
+ ),
+ method="GET",
+ params=remove_none_values({}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.roles.read"]))
+async def get_client_role_assignment(
+ context: ToolContext,
+ client_app_id: Annotated[
+ str,
+ "The unique identifier for the client application. Required for fetching its role assignment.", # noqa: E501
+ ],
+ role_assignment_id: Annotated[
+ str, "The ID of the role assignment to retrieve for the client app."
+ ],
+) -> Annotated[dict[str, Any], "Response from the API endpoint 'retrieveClientRole'."]:
+ """Retrieve a specific role assignment for a client app.
+
+ Fetches the role assignment details for a client application using the specified client ID and role assignment ID.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/oauth2/v1/clients/{clientId}/roles/{roleAssignmentId}".format( # noqa: UP032
+ clientId=client_app_id, roleAssignmentId=role_assignment_id
+ ),
+ method="GET",
+ params=remove_none_values({}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.roles.manage"]))
+async def unassign_role_from_client(
+ context: ToolContext,
+ client_app_id: Annotated[
+ str,
+ "The unique identifier for the client application from which the role will be unassigned.",
+ ],
+ role_assignment_id: Annotated[
+ str, "The unique identifier for the role assignment to be unassigned from the client app."
+ ],
+) -> Annotated[dict[str, Any], "Response from the API endpoint 'deleteRoleFromClient'."]:
+ """Unassigns a role from a client app in Okta.
+
+ Use this tool to remove a specific role assignment from a client app in Okta, specified by the role assignment ID and client ID.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/oauth2/v1/clients/{clientId}/roles/{roleAssignmentId}".format( # noqa: UP032
+ clientId=client_app_id, roleAssignmentId=role_assignment_id
+ ),
+ method="DELETE",
+ params=remove_none_values({}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.roles.read"]))
+async def list_app_targets_for_admin_role(
+ context: ToolContext,
+ client_application_id: Annotated[
+ str,
+ "The unique identifier for the client application. Use this ID to specify which client's APP_ADMIN role targets to list.", # noqa: E501
+ ],
+ role_assignment_id: Annotated[
+ str,
+ "The ID of the role assignment to identify the specific role assignment for the client.",
+ ],
+ pagination_cursor: Annotated[
+ str | None, "The cursor for pagination, an opaque string from the `Link` response header."
+ ] = None,
+ max_results_limit: Annotated[
+ int | None, "Maximum number of objects to return in the response."
+ ] = None,
+) -> Annotated[dict[str, Any], "Response from the API endpoint 'listAppTargetRoleToClient'."]:
+ """Retrieve OIN app targets for a specified APP_ADMIN role.
+
+ This tool is used to list all OIN app targets for an APP_ADMIN role assigned to a client, identified by clientId. It is useful for managing and reviewing application targets associated with specific administrative roles.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/oauth2/v1/clients/{clientId}/roles/{roleAssignmentId}/targets/catalog/apps".format( # noqa: UP032
+ clientId=client_application_id, roleAssignmentId=role_assignment_id
+ ),
+ method="GET",
+ params=remove_none_values({"after": pagination_cursor, "limit": max_results_limit}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.roles.manage"]))
+async def assign_app_target_role_to_client(
+ context: ToolContext,
+ client_app_id: Annotated[
+ str, "The unique identifier for the client application to which the role is being assigned."
+ ],
+ role_assignment_id: Annotated[
+ str, "The ID of the role assignment to specify which role to assign to the client."
+ ],
+ oin_app_key_name: Annotated[
+ str, "The key name of the app from the OIN catalog to assign for the role."
+ ],
+) -> Annotated[dict[str, Any], "Response from the API endpoint 'assignAppTargetRoleToClient'."]:
+ """Assign an OIN app target role to a client.
+
+ This tool assigns a specific app target from the OIN catalog for an `APP_ADMIN` role to a client. It should be called when you want to narrow the scope of an app role assignment, affecting only app instances specified by the app name. It updates any existing app instance targets with the assigned app target.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/oauth2/v1/clients/{clientId}/roles/{roleAssignmentId}/targets/catalog/apps/{appName}".format( # noqa: UP032
+ clientId=client_app_id, roleAssignmentId=role_assignment_id, appName=oin_app_key_name
+ ),
+ method="PUT",
+ params=remove_none_values({}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.roles.manage"]))
+async def unassign_app_role_from_client(
+ context: ToolContext,
+ client_app_id: Annotated[
+ str, "The unique identifier for the client application from which to unassign the role."
+ ],
+ role_assignment_id: Annotated[
+ str,
+ "The ID of the role assignment to unassign from the client app. Must be a valid string identifier.", # noqa: E501
+ ],
+ app_name: Annotated[
+ str,
+ "The name of the app definition from the OIN catalog, used to unassign the target role.",
+ ],
+) -> Annotated[dict[str, Any], "Response from the API endpoint 'removeAppTargetRoleFromClient'."]:
+ """Unassigns a role target from a client app in Okta.
+
+ Use this tool to unassign an OIN app target for a role assignment from a client app in Okta. Note that you cannot remove the last OIN app target from a role assignment. If a role assignment needs to apply to all apps, delete the existing assignment and create a new one.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/oauth2/v1/clients/{clientId}/roles/{roleAssignmentId}/targets/catalog/apps/{appName}".format( # noqa: UP032
+ clientId=client_app_id, roleAssignmentId=role_assignment_id, appName=app_name
+ ),
+ method="DELETE",
+ params=remove_none_values({}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.roles.manage"]))
+async def assign_app_instance_role_to_client(
+ context: ToolContext,
+ client_app_id: Annotated[
+ str,
+ "The unique identifier for the client application. This specifies which client the app instance target will be assigned to under the APP_ADMIN role.", # noqa: E501
+ ],
+ role_assignment_id: Annotated[
+ str,
+ "The `id` of the role assignment for the client. This is required to specify which role is being assigned to the app instance target.", # noqa: E501
+ ],
+ app_definition_name: Annotated[
+ str, "The name of the app definition as listed in the OIN catalog."
+ ],
+ application_id: Annotated[
+ str, "Unique identifier for the application instance to assign a role."
+ ],
+) -> Annotated[
+ dict[str, Any], "Response from the API endpoint 'assignAppTargetInstanceRoleForClient'."
+]:
+ """Assigns an app instance target to a client's APP_ADMIN role.
+
+ This tool assigns a specific app instance target to an APP_ADMIN role for a client, reducing the role's scope to only the specified target. It should be called when you need to manage permissions at the app instance level for a client.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/oauth2/v1/clients/{clientId}/roles/{roleAssignmentId}/targets/catalog/apps/{appName}/{appId}".format( # noqa: UP032
+ clientId=client_app_id,
+ roleAssignmentId=role_assignment_id,
+ appName=app_definition_name,
+ appId=application_id,
+ ),
+ method="PUT",
+ params=remove_none_values({}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.roles.manage"]))
+async def unassign_app_instance_target(
+ context: ToolContext,
+ client_app_id: Annotated[
+ str,
+ "The unique identifier for the client application from which an app instance target will be unassigned.", # noqa: E501
+ ],
+ role_assignment_id: Annotated[
+ str, "The ID of the role assignment to be unassigned from the app instance target."
+ ],
+ app_name: Annotated[
+ str,
+ "Specify the name of the app definition from the OIN catalog (app key name) to unassign the target from the client role.", # noqa: E501
+ ],
+ application_id: Annotated[
+ str,
+ "The unique identifier for the application to unassign from the role. This should match the app's ID in the OIN catalog.", # noqa: E501
+ ],
+) -> Annotated[
+ dict[str, Any], "Response from the API endpoint 'removeAppTargetInstanceRoleForClient'."
+]:
+ """Unassign an app instance target from a client app role.
+
+ This tool removes an app instance target from a role assignment within a client application. It should be called when you need to unassign a specific app instance from a client app's role, ensuring you have more than one target assigned. For removing all targets, delete the whole role assignment instead.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/oauth2/v1/clients/{clientId}/roles/{roleAssignmentId}/targets/catalog/apps/{appName}/{appId}".format( # noqa: UP032
+ clientId=client_app_id,
+ roleAssignmentId=role_assignment_id,
+ appName=app_name,
+ appId=application_id,
+ ),
+ method="DELETE",
+ params=remove_none_values({}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.roles.read"]))
+async def list_group_targets_for_client_role(
+ context: ToolContext,
+ client_app_id: Annotated[
+ str,
+ "The unique identifier of the client application for which the role group targets are being listed.", # noqa: E501
+ ],
+ role_assignment_id: Annotated[
+ str,
+ "The ID of the role assignment for which to list group targets. It specifies the role tied to the specific client.", # noqa: E501
+ ],
+ pagination_cursor: Annotated[
+ str | None,
+ "The opaque string cursor for pagination, indicating the current position in the list. Obtain this from the `Link` response header.", # noqa: E501
+ ] = None,
+ object_limit: Annotated[int | None, "Specify the maximum number of objects to return."] = None,
+) -> Annotated[dict[str, Any], "Response from the API endpoint 'listGroupTargetRoleForClient'."]:
+ """Retrieve group targets for a specified client role assignment.
+
+ Use this tool to list all group targets associated with a specified role assignment (`USER_ADMIN`, `HELP_DESK_ADMIN`, or `GROUP_MEMBERSHIP_ADMIN`) for a client. If no specific group targets are scoped, an empty array will be returned.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/oauth2/v1/clients/{clientId}/roles/{roleAssignmentId}/targets/groups".format( # noqa: UP032
+ clientId=client_app_id, roleAssignmentId=role_assignment_id
+ ),
+ method="GET",
+ params=remove_none_values({"after": pagination_cursor, "limit": object_limit}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.roles.manage"]))
+async def assign_group_target_role_for_client(
+ context: ToolContext,
+ client_app_id: Annotated[
+ str, "The ID of the client application to which the group target role is assigned."
+ ],
+ role_assignment_id: Annotated[
+ str, "The unique identifier of the role assignment to be targeted."
+ ],
+ group_id_for_role_assignment: Annotated[
+ str, "The identifier of the group to which the role will be assigned for the client app."
+ ],
+) -> Annotated[dict[str, Any], "Response from the API endpoint 'assignGroupTargetRoleForClient'."]:
+ """Assign a group target role to a client app.
+
+ Use this tool to assign a group target to a specific role (`USER_ADMIN`, `HELP_DESK_ADMIN`, or `GROUP_MEMBERSHIP_ADMIN`) for a client app. This reduces the scope of the role assignment by applying it only to the specified target group.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/oauth2/v1/clients/{clientId}/roles/{roleAssignmentId}/targets/groups/{groupId}".format( # noqa: UP032
+ clientId=client_app_id,
+ roleAssignmentId=role_assignment_id,
+ groupId=group_id_for_role_assignment,
+ ),
+ method="PUT",
+ params=remove_none_values({}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.roles.manage"]))
+async def remove_group_target_role(
+ context: ToolContext,
+ client_app_id: Annotated[
+ str,
+ "The unique identifier for the client application from which the group target will be removed.", # noqa: E501
+ ],
+ role_assignment_id: Annotated[
+ str,
+ "The unique identifier for the role assignment to modify. This ID specifies which role assignment the group target will be removed from. Ensure it does not refer to the last group target in a role.", # noqa: E501
+ ],
+ group_id: Annotated[
+ str, "The unique ID of the group to be unassigned from the role in the client app."
+ ],
+) -> Annotated[dict[str, Any], "Response from the API endpoint 'removeGroupTargetRoleFromClient'."]:
+ """Removes a group target from a role in a client app.
+
+ This tool unassigns a specified group target from roles such as `USER_ADMIN`, `HELP_DESK_ADMIN`, or `GROUP_MEMBERSHIP_ADMIN` in a client application. Note that it cannot remove the last group target in a role assignment.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/oauth2/v1/clients/{clientId}/roles/{roleAssignmentId}/targets/groups/{groupId}".format( # noqa: UP032
+ clientId=client_app_id, roleAssignmentId=role_assignment_id, groupId=group_id
+ ),
+ method="DELETE",
+ params=remove_none_values({}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.personal.adminSettings.read"]))
+async def list_blocked_email_domains(
+ context: ToolContext,
+) -> Annotated[dict[str, Any], "Response from the API endpoint 'listPersonalAppsExportBlockList'."]:
+ """Retrieve blocked email domains for app migration exclusion.
+
+ This tool retrieves a list of all blocked email domains that are excluded from app migration. Useful for checking which domains are currently blocked for this purpose.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/okta-personal-settings/api/v1/export-blocklists",
+ method="GET",
+ params=remove_none_values({}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.serviceAccounts.read"]))
+async def list_app_service_accounts(
+ context: ToolContext,
+ number_of_accounts_limit: Annotated[
+ int | None, "The maximum number of app service accounts to return in the response."
+ ] = None,
+ pagination_cursor: Annotated[
+ str | None,
+ "An opaque string for pagination, indicating current position in the list. Obtained from the `Link` response header.", # noqa: E501
+ ] = None,
+ search_account_value: Annotated[
+ str | None,
+ "Provides a search string to filter app service accounts by name, username, instance label, or key name.", # noqa: E501
+ ] = None,
+) -> Annotated[dict[str, Any], "Response from the API endpoint 'listAppServiceAccounts'."]:
+ """Retrieve all app service accounts from Okta.
+
+ Use this tool to list all application service accounts in Okta's privileged-access API. It helps to manage and monitor service account details efficiently.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/privileged-access/api/v1/service-accounts",
+ method="GET",
+ params=remove_none_values({
+ "limit": number_of_accounts_limit,
+ "after": pagination_cursor,
+ "match": search_account_value,
+ }),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.serviceAccounts.read"]))
+async def retrieve_service_account(
+ context: ToolContext,
+ service_account_id: Annotated[
+ str, "The unique identifier of an existing service account to retrieve details for."
+ ],
+) -> Annotated[dict[str, Any], "Response from the API endpoint 'getAppServiceAccount'."]:
+ """Retrieve details of an app service account by ID.
+
+ This tool retrieves information for a specific app service account using its ID. Use it to access service account details in Okta.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/privileged-access/api/v1/service-accounts/{id}".format( # noqa: UP032
+ id=service_account_id
+ ),
+ method="GET",
+ params=remove_none_values({}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.serviceAccounts.manage"]))
+async def delete_service_account(
+ context: ToolContext,
+ service_account_id: Annotated[str, "ID of the service account to be deleted."],
+) -> Annotated[dict[str, Any], "Response from the API endpoint 'deleteAppServiceAccount'."]:
+ """Delete a specified app service account by ID.
+
+ Use this tool to delete an app service account using its ID when managing account access or performing cleanup operations.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/privileged-access/api/v1/service-accounts/{id}".format( # noqa: UP032
+ id=service_account_id
+ ),
+ method="DELETE",
+ params=remove_none_values({}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta"))
+async def publish_security_event_tokens(
+ context: ToolContext,
+ signed_security_event_token: Annotated[
+ str, "A signed Security Event Token (SET), formatted as a JSON Web Token (JWT)."
+ ],
+) -> Annotated[dict[str, Any], "Response from the API endpoint 'publishSecurityEventTokens'."]:
+ """Publish a Security Event Token to Okta.
+
+ Use this tool to send a Security Event Token from a Security Events Provider to Okta. After verification, Okta ingests the event and triggers any appropriate actions.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/security/api/v1/security-events",
+ method="POST",
+ params=remove_none_values({}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({"requestBody": signed_security_event_token}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.users.read"]))
+async def list_webauthn_preregistration_factors(
+ context: ToolContext,
+ user_id: Annotated[
+ str, "ID of an existing Okta user to retrieve their WebAuthn preregistration factors."
+ ],
+) -> Annotated[
+ dict[str, Any], "Response from the API endpoint 'listWebAuthnPreregistrationFactors'."
+]:
+ """Get WebAuthn preregistration factors for a user.
+
+ Use this tool to retrieve all WebAuthn preregistration factors for a specified user. Useful for managing or verifying user authentication methods.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/webauthn-registration/api/v1/users/{userId}/enrollments".format( # noqa: UP032
+ userId=user_id
+ ),
+ method="GET",
+ params=remove_none_values({}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.users.manage"]))
+async def delete_webauthn_preregistration(
+ context: ToolContext,
+ okta_user_id: Annotated[
+ str,
+ "The unique identifier of an existing user in Okta for whom the WebAuthn preregistration factor should be deleted.", # noqa: E501
+ ],
+ webauthn_preregistration_id: Annotated[
+ str, "ID for a WebAuthn preregistration factor in Okta to be deleted."
+ ],
+) -> Annotated[
+ dict[str, Any], "Response from the API endpoint 'deleteWebAuthnPreregistrationFactor'."
+]:
+ """Deletes a specific WebAuthn preregistration factor for a user.
+
+ Use this tool to delete a WebAuthn preregistration factor associated with a user, identified by the user ID and authenticator enrollment ID.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/webauthn-registration/api/v1/users/{userId}/enrollments/{authenticatorEnrollmentId}".format( # noqa: UP032
+ userId=okta_user_id, authenticatorEnrollmentId=webauthn_preregistration_id
+ ),
+ method="DELETE",
+ params=remove_none_values({}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
+
+
+@tool(requires_auth=OAuth2(id="arcade-okta", scopes=["okta.users.manage"]))
+async def assign_webauthn_error_status(
+ context: ToolContext,
+ user_id: Annotated[
+ str, "ID of an existing Okta user to whom the error status will be assigned."
+ ],
+ webauthn_preregistration_factor_id: Annotated[
+ str, "ID for a WebAuthn preregistration factor in Okta."
+ ],
+) -> Annotated[
+ dict[str, Any],
+ "Response from the API endpoint 'assignFulfillmentErrorWebAuthnPreregistrationFactor'.",
+]:
+ """Assigns an error status to a user's WebAuthn preregistration.
+
+ Use this tool to assign a fulfillment error status to a WebAuthn preregistration factor for a user. This sets the specific 'FULFILLMENT_ERRORED' status on the enrollment.""" # noqa: E501
+ response = await make_request(
+ url="https://{yourOktaDomain}/webauthn-registration/api/v1/users/{userId}/enrollments/{authenticatorEnrollmentId}/mark-error".format( # noqa: UP032
+ userId=user_id, authenticatorEnrollmentId=webauthn_preregistration_factor_id
+ ),
+ method="POST",
+ params=remove_none_values({}),
+ headers=remove_none_values({
+ "Authorization": "Bearer {authorization}".format( # noqa: UP032
+ authorization=context.get_auth_token_or_empty()
+ )
+ }),
+ data=remove_none_values({}),
+ )
+ try:
+ return {"response_json": response.json()}
+ except Exception:
+ return {"response_text": response.text}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/ActivateAgentPoolUpdate.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/ActivateAgentPoolUpdate.json
new file mode 100644
index 000000000..e0d65fbe6
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/ActivateAgentPoolUpdate.json
@@ -0,0 +1,137 @@
+{
+ "name": "ActivateAgentPoolUpdate",
+ "fully_qualified_name": "OktaApi.ActivateAgentPoolUpdate@0.1.0",
+ "description": "Activates a scheduled agent pool update.\n\nUse this tool to activate an update for a specified agent pool that has been scheduled. Call when you need to confirm and commence the update process for agent pools in your system.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "agent_pool_id",
+ "required": true,
+ "description": "ID of the agent pool for which the settings apply to. This is required to specify which pool will have the update activated.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "ID of the agent pool for which the settings apply to"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "poolId"
+ },
+ {
+ "name": "update_id",
+ "required": true,
+ "description": "The ID of the update to activate. This is required to initiate the update process for the specified agent pool.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "ID of the update"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "updateId"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'activateAgentPoolsUpdate'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.agentPools.manage"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/agentPools/{poolId}/updates/{updateId}/activate",
+ "http_method": "POST",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "poolId",
+ "tool_parameter_name": "agent_pool_id",
+ "description": "ID of the agent pool for which the settings apply to",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "ID of the agent pool for which the settings apply to"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ },
+ {
+ "name": "updateId",
+ "tool_parameter_name": "update_id",
+ "description": "ID of the update",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "ID of the update"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/ActivateAuthServer.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/ActivateAuthServer.json
new file mode 100644
index 000000000..2c0e39772
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/ActivateAuthServer.json
@@ -0,0 +1,105 @@
+{
+ "name": "ActivateAuthServer",
+ "fully_qualified_name": "OktaApi.ActivateAuthServer@0.1.0",
+ "description": "Activates an authorization server.\n\nUse this tool to activate an authorization server in Okta. Call this when you need to enable an authorization server that is currently inactive.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "authorization_server_id",
+ "required": true,
+ "description": "The unique identifier (`id`) of the authorization server to activate.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "`id` of the Authorization Server"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "authServerId"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'activateAuthorizationServer'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.authorizationServers.manage"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/authorizationServers/{authServerId}/lifecycle/activate",
+ "http_method": "POST",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "authServerId",
+ "tool_parameter_name": "authorization_server_id",
+ "description": "`id` of the Authorization Server",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "`id` of the Authorization Server"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/ActivateAuthServerPolicy.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/ActivateAuthServerPolicy.json
new file mode 100644
index 000000000..bd11f217c
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/ActivateAuthServerPolicy.json
@@ -0,0 +1,137 @@
+{
+ "name": "ActivateAuthServerPolicy",
+ "fully_qualified_name": "OktaApi.ActivateAuthServerPolicy@0.1.0",
+ "description": "Activates an authorization server policy in Okta.\n\nThis tool is used to activate a specific authorization server policy on Okta. It should be called when there is a need to enable a policy that is currently inactive. The tool confirms the successful activation of the policy.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "authorization_server_id",
+ "required": true,
+ "description": "The unique identifier of the Authorization Server to activate a policy for.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "`id` of the Authorization Server"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "authServerId"
+ },
+ {
+ "name": "policy_id",
+ "required": true,
+ "description": "The `id` of the Policy to activate. This should be a string representing the unique identifier of the policy.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "`id` of the Policy"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "policyId"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'activateAuthorizationServerPolicy'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.authorizationServers.manage"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/authorizationServers/{authServerId}/policies/{policyId}/lifecycle/activate",
+ "http_method": "POST",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "authServerId",
+ "tool_parameter_name": "authorization_server_id",
+ "description": "`id` of the Authorization Server",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "`id` of the Authorization Server"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ },
+ {
+ "name": "policyId",
+ "tool_parameter_name": "policy_id",
+ "description": "`id` of the Policy",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "`id` of the Policy"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/ActivateAuthServerPolicyRule.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/ActivateAuthServerPolicyRule.json
new file mode 100644
index 000000000..d21fb4b7b
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/ActivateAuthServerPolicyRule.json
@@ -0,0 +1,169 @@
+{
+ "name": "ActivateAuthServerPolicyRule",
+ "fully_qualified_name": "OktaApi.ActivateAuthServerPolicyRule@0.1.0",
+ "description": "Activates an authorization server policy rule in Okta.\n\nThis tool is used to activate a specific policy rule within an authorization server on the Okta platform. Call this tool when you need to enable a specific policy rule that is currently inactive.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "authorization_server_id",
+ "required": true,
+ "description": "The ID of the Authorization Server to be activated.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "`id` of the Authorization Server"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "authServerId"
+ },
+ {
+ "name": "policy_id",
+ "required": true,
+ "description": "The `id` of the Policy to be activated within the authorization server.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "`id` of the Policy"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "policyId"
+ },
+ {
+ "name": "policy_rule_id",
+ "required": true,
+ "description": "The unique identifier for the policy rule to be activated in Okta.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "`id` of the policy rule"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "ruleId"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'activateAuthorizationServerPolicyRule'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.authorizationServers.manage"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/authorizationServers/{authServerId}/policies/{policyId}/rules/{ruleId}/lifecycle/activate",
+ "http_method": "POST",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "authServerId",
+ "tool_parameter_name": "authorization_server_id",
+ "description": "`id` of the Authorization Server",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "`id` of the Authorization Server"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ },
+ {
+ "name": "policyId",
+ "tool_parameter_name": "policy_id",
+ "description": "`id` of the Policy",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "`id` of the Policy"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ },
+ {
+ "name": "ruleId",
+ "tool_parameter_name": "policy_rule_id",
+ "description": "`id` of the policy rule",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "`id` of the policy rule"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/ActivateAuthenticator.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/ActivateAuthenticator.json
new file mode 100644
index 000000000..52d360ef1
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/ActivateAuthenticator.json
@@ -0,0 +1,105 @@
+{
+ "name": "ActivateAuthenticator",
+ "fully_qualified_name": "OktaApi.ActivateAuthenticator@0.1.0",
+ "description": "Activates an authenticator using its ID.\n\nUse this tool to activate a specific authenticator by providing its ID. It is useful when an authenticator needs to be enabled for user verification processes.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "authenticator_id",
+ "required": true,
+ "description": "The unique identifier for the authenticator to be activated. It must be a valid string matching the authenticator's ID.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "`id` of the authenticator"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "authenticatorId"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'activateAuthenticator'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.authenticators.manage"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/authenticators/{authenticatorId}/lifecycle/activate",
+ "http_method": "POST",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "authenticatorId",
+ "tool_parameter_name": "authenticator_id",
+ "description": "`id` of the authenticator",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "`id` of the authenticator"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/ActivateAuthenticatorMethod.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/ActivateAuthenticatorMethod.json
new file mode 100644
index 000000000..37bf3a5bd
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/ActivateAuthenticatorMethod.json
@@ -0,0 +1,167 @@
+{
+ "name": "ActivateAuthenticatorMethod",
+ "fully_qualified_name": "OktaApi.ActivateAuthenticatorMethod@0.1.0",
+ "description": "Activate a specific method for an authenticator.\n\nThis tool activates a specified method for an authenticator based on the provided `authenticatorId` and `methodType`. Call this tool when you need to enable a particular authentication method in the Okta system.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "authenticator_id",
+ "required": true,
+ "description": "The unique identifier of the authenticator to activate a method for.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "`id` of the authenticator"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "authenticatorId"
+ },
+ {
+ "name": "authenticator_method_type",
+ "required": true,
+ "description": "Specifies the type of authenticator method to activate. Must be one of: 'cert', 'duo', 'email', 'idp', 'otp', 'password', 'push', 'security_question', 'signed_nonce', 'sms', 'totp', 'voice', 'webauthn', or 'tac'.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": [
+ "cert",
+ "duo",
+ "email",
+ "idp",
+ "otp",
+ "password",
+ "push",
+ "security_question",
+ "signed_nonce",
+ "sms",
+ "totp",
+ "voice",
+ "webauthn",
+ "tac"
+ ],
+ "properties": null,
+ "inner_properties": null,
+ "description": "Type of authenticator method"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "methodType"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'activateAuthenticatorMethod'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.authenticators.manage"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/authenticators/{authenticatorId}/methods/{methodType}/lifecycle/activate",
+ "http_method": "POST",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "authenticatorId",
+ "tool_parameter_name": "authenticator_id",
+ "description": "`id` of the authenticator",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "`id` of the authenticator"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ },
+ {
+ "name": "methodType",
+ "tool_parameter_name": "authenticator_method_type",
+ "description": "Type of authenticator method",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": [
+ "cert",
+ "duo",
+ "email",
+ "idp",
+ "otp",
+ "password",
+ "push",
+ "security_question",
+ "signed_nonce",
+ "sms",
+ "totp",
+ "voice",
+ "webauthn",
+ "tac"
+ ],
+ "properties": null,
+ "inner_properties": null,
+ "description": "Type of authenticator method"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/ActivateBehaviorDetectionRule.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/ActivateBehaviorDetectionRule.json
new file mode 100644
index 000000000..5dc08a046
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/ActivateBehaviorDetectionRule.json
@@ -0,0 +1,105 @@
+{
+ "name": "ActivateBehaviorDetectionRule",
+ "fully_qualified_name": "OktaApi.ActivateBehaviorDetectionRule@0.1.0",
+ "description": "Activates a behavior detection rule.\n\nUse this tool to activate a behavior detection rule in Okta by providing the behavior ID.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "behavior_detection_rule_id",
+ "required": true,
+ "description": "The ID of the Behavior Detection Rule to activate in Okta.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "ID of the Behavior Detection Rule"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "behaviorId"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'activateBehaviorDetectionRule'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.behaviors.manage"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/behaviors/{behaviorId}/lifecycle/activate",
+ "http_method": "POST",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "behaviorId",
+ "tool_parameter_name": "behavior_detection_rule_id",
+ "description": "ID of the Behavior Detection Rule",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "ID of the Behavior Detection Rule"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/ActivateDefaultProvisioningConnection.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/ActivateDefaultProvisioningConnection.json
new file mode 100644
index 000000000..a9898cdbd
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/ActivateDefaultProvisioningConnection.json
@@ -0,0 +1,105 @@
+{
+ "name": "ActivateDefaultProvisioningConnection",
+ "fully_qualified_name": "OktaApi.ActivateDefaultProvisioningConnection@0.1.0",
+ "description": "Activate the default provisioning connection for an app.\n\nThis tool activates the default provisioning connection for a specified application. It should be called when you need to enable the provisioning connection of an app managed in Okta.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "application_id",
+ "required": true,
+ "description": "The unique identifier for the application to activate its default provisioning connection.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Application ID"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "appId"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'activateDefaultProvisioningConnectionForApplication'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.apps.manage"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/apps/{appId}/connections/default/lifecycle/activate",
+ "http_method": "POST",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "appId",
+ "tool_parameter_name": "application_id",
+ "description": "Application ID",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Application ID"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/ActivateDevice.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/ActivateDevice.json
new file mode 100644
index 000000000..00d834226
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/ActivateDevice.json
@@ -0,0 +1,105 @@
+{
+ "name": "ActivateDevice",
+ "fully_qualified_name": "OktaApi.ActivateDevice@0.1.0",
+ "description": "Activate a device by setting its status to ACTIVE.\n\nUse this tool to activate a device by its `deviceId`, changing its status to `ACTIVE`. This is typically needed for managing device-user links and ensuring the device is operational.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "device_id",
+ "required": true,
+ "description": "The unique identifier (`id`) of the device to be activated.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "`id` of the device"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "deviceId"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'activateDevice'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.devices.manage"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/devices/{deviceId}/lifecycle/activate",
+ "http_method": "POST",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "deviceId",
+ "tool_parameter_name": "device_id",
+ "description": "`id` of the device",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "`id` of the device"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/ActivateDeviceIntegration.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/ActivateDeviceIntegration.json
new file mode 100644
index 000000000..8d2af44b2
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/ActivateDeviceIntegration.json
@@ -0,0 +1,105 @@
+{
+ "name": "ActivateDeviceIntegration",
+ "fully_qualified_name": "OktaApi.ActivateDeviceIntegration@0.1.0",
+ "description": "Activate a device integration using the deviceIntegrationId.\n\nActivates a specified device integration and updates the configurations accordingly. This should be called when a device integration needs to be activated by providing its ID.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "device_integration_id",
+ "required": true,
+ "description": "The unique ID of the device integration to activate. This ID specifies which device integration to activate and update configurations for.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "The ID of the device integration"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "deviceIntegrationId"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'activateDeviceIntegration'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.deviceIntegrations.manage"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/device-integrations/{deviceIntegrationId}/lifecycle/activate",
+ "http_method": "POST",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "deviceIntegrationId",
+ "tool_parameter_name": "device_integration_id",
+ "description": "The ID of the device integration",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "The ID of the device integration"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/ActivateEventHook.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/ActivateEventHook.json
new file mode 100644
index 000000000..13155cc1f
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/ActivateEventHook.json
@@ -0,0 +1,105 @@
+{
+ "name": "ActivateEventHook",
+ "fully_qualified_name": "OktaApi.ActivateEventHook@0.1.0",
+ "description": "Activates an Okta event hook by ID.\n\nThis tool activates the Okta event hook that matches the provided ID. It should be used when you need to enable an event hook to start receiving events. The confirmation of activation status is returned.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "event_hook_id",
+ "required": true,
+ "description": "The ID of the Event Hook to be activated. This string identifies the event hook in Okta.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "`id` of the Event Hook"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "eventHookId"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'activateEventHook'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.eventHooks.manage"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/eventHooks/{eventHookId}/lifecycle/activate",
+ "http_method": "POST",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "eventHookId",
+ "tool_parameter_name": "event_hook_id",
+ "description": "`id` of the Event Hook",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "`id` of the Event Hook"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/ActivateGroupRule.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/ActivateGroupRule.json
new file mode 100644
index 000000000..b472329a4
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/ActivateGroupRule.json
@@ -0,0 +1,105 @@
+{
+ "name": "ActivateGroupRule",
+ "fully_qualified_name": "OktaApi.ActivateGroupRule@0.1.0",
+ "description": "Activate a specific group rule by ID in Okta.\n\nUse this tool to activate a group rule in your Okta organization by providing the specific rule ID. This is useful for managing and enforcing policies in your organization's group behaviors.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "group_rule_id",
+ "required": true,
+ "description": "The ID of the group rule to activate in Okta.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "The `id` of the group rule"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "groupRuleId"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'activateGroupRule'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.groups.manage"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/groups/rules/{groupRuleId}/lifecycle/activate",
+ "http_method": "POST",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "groupRuleId",
+ "tool_parameter_name": "group_rule_id",
+ "description": "The `id` of the group rule",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "The `id` of the group rule"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/ActivateIdentityProvider.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/ActivateIdentityProvider.json
new file mode 100644
index 000000000..049621c10
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/ActivateIdentityProvider.json
@@ -0,0 +1,105 @@
+{
+ "name": "ActivateIdentityProvider",
+ "fully_qualified_name": "OktaApi.ActivateIdentityProvider@0.1.0",
+ "description": "Activates an inactive identity provider.\n\nUse this tool to activate an inactive identity provider (IdP) for Okta services.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "identity_provider_id",
+ "required": true,
+ "description": "The unique identifier of the identity provider to be activated.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "`id` of IdP"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "idpId"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'activateIdentityProvider'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.idps.manage"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/idps/{idpId}/lifecycle/activate",
+ "http_method": "POST",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "idpId",
+ "tool_parameter_name": "identity_provider_id",
+ "description": "`id` of IdP",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "`id` of IdP"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/ActivateInactiveApplication.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/ActivateInactiveApplication.json
new file mode 100644
index 000000000..3564b2048
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/ActivateInactiveApplication.json
@@ -0,0 +1,105 @@
+{
+ "name": "ActivateInactiveApplication",
+ "fully_qualified_name": "OktaApi.ActivateInactiveApplication@0.1.0",
+ "description": "Activate an inactive application in Okta.\n\nThis tool activates an inactive application in the Okta system. It should be used when you need to enable an application that was previously inactive, using the application's ID.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "application_id",
+ "required": true,
+ "description": "The unique identifier of the application to be activated. This ID is required to specify which inactive application should be activated in the Okta system.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Application ID"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "appId"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'activateApplication'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.apps.manage"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/apps/{appId}/lifecycle/activate",
+ "http_method": "POST",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "appId",
+ "tool_parameter_name": "application_id",
+ "description": "Application ID",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Application ID"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/ActivateInlineHook.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/ActivateInlineHook.json
new file mode 100644
index 000000000..4ba96f15e
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/ActivateInlineHook.json
@@ -0,0 +1,105 @@
+{
+ "name": "ActivateInlineHook",
+ "fully_qualified_name": "OktaApi.ActivateInlineHook@0.1.0",
+ "description": "Activates a specified inline hook in Okta by its ID.\n\nUse this tool to activate an inline hook in Okta by providing the inlineHookId. This is typically used when you need to enable a specific hook for processing logic in the Okta service.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "inline_hook_id",
+ "required": true,
+ "description": "The ID of the inline hook to activate in Okta.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "`id` of the inline hook"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "inlineHookId"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'activateInlineHook'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.inlineHooks.manage"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/inlineHooks/{inlineHookId}/lifecycle/activate",
+ "http_method": "POST",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "inlineHookId",
+ "tool_parameter_name": "inline_hook_id",
+ "description": "`id` of the inline hook",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "`id` of the inline hook"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/ActivateLogStream.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/ActivateLogStream.json
new file mode 100644
index 000000000..0a91a8a7b
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/ActivateLogStream.json
@@ -0,0 +1,105 @@
+{
+ "name": "ActivateLogStream",
+ "fully_qualified_name": "OktaApi.ActivateLogStream@0.1.0",
+ "description": "Activate a log stream using its ID.\n\nThis tool activates a specified log stream by its logStreamId, enabling the log stream to begin operation.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "log_stream_id",
+ "required": true,
+ "description": "Unique identifier for the log stream to be activated.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Unique identifier for the log stream"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "logStreamId"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'activateLogStream'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.logStreams.manage"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/logStreams/{logStreamId}/lifecycle/activate",
+ "http_method": "POST",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "logStreamId",
+ "tool_parameter_name": "log_stream_id",
+ "description": "Unique identifier for the log stream",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Unique identifier for the log stream"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/ActivateNetworkZone.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/ActivateNetworkZone.json
new file mode 100644
index 000000000..6b5670744
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/ActivateNetworkZone.json
@@ -0,0 +1,105 @@
+{
+ "name": "ActivateNetworkZone",
+ "fully_qualified_name": "OktaApi.ActivateNetworkZone@0.1.0",
+ "description": "Activate a specified network zone by zoneId.\n\nUse this tool to activate a network zone in Okta by providing the zone ID. Call this when you need to enable or re-enable a network zone that is currently inactive.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "network_zone_id",
+ "required": true,
+ "description": "The unique identifier (`id`) of the Network Zone to be activated. This is required to specify which network zone you want to activate in Okta.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "`id` of the Network Zone"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "zoneId"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'activateNetworkZone'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.networkZones.manage"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/zones/{zoneId}/lifecycle/activate",
+ "http_method": "POST",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "zoneId",
+ "tool_parameter_name": "network_zone_id",
+ "description": "`id` of the Network Zone",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "`id` of the Network Zone"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/ActivateOauth2ClientSecret.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/ActivateOauth2ClientSecret.json
new file mode 100644
index 000000000..501e64314
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/ActivateOauth2ClientSecret.json
@@ -0,0 +1,137 @@
+{
+ "name": "ActivateOauth2ClientSecret",
+ "fully_qualified_name": "OktaApi.ActivateOauth2ClientSecret@0.1.0",
+ "description": "Activates an OAuth 2.0 Client Secret for an app.\n\nUse this tool to activate a specific OAuth 2.0 Client Secret using the `secretId` for a designated application.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "application_id",
+ "required": true,
+ "description": "The unique identifier for the application whose OAuth 2.0 Client Secret you want to activate.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Application ID"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "appId"
+ },
+ {
+ "name": "oauth2_client_secret_id",
+ "required": true,
+ "description": "The unique identifier for the OAuth 2.0 Client Secret to be activated.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Unique `id` of the OAuth 2.0 Client Secret"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "secretId"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'activateOAuth2ClientSecret'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.apps.manage"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/apps/{appId}/credentials/secrets/{secretId}/lifecycle/activate",
+ "http_method": "POST",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "appId",
+ "tool_parameter_name": "application_id",
+ "description": "Application ID",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Application ID"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ },
+ {
+ "name": "secretId",
+ "tool_parameter_name": "oauth2_client_secret_id",
+ "description": "Unique `id` of the OAuth 2.0 Client Secret",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Unique `id` of the OAuth 2.0 Client Secret"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/ActivateOauth2ServerKey.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/ActivateOauth2ServerKey.json
new file mode 100644
index 000000000..d194ad6cb
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/ActivateOauth2ServerKey.json
@@ -0,0 +1,137 @@
+{
+ "name": "ActivateOauth2ServerKey",
+ "fully_qualified_name": "OktaApi.ActivateOauth2ServerKey@0.1.0",
+ "description": "Activate an OAuth2 resource server JSON web key.\n\nThis tool activates a custom authorization server's public JSON web key by its `id`. Note that only one key can be active at a time, so activating a new key will deactivate the current one.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "authorization_server_id",
+ "required": true,
+ "description": "Unique `id` of the Authorization Server whose key is being activated.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "`id` of the Authorization Server"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "authServerId"
+ },
+ {
+ "name": "json_web_key_id",
+ "required": true,
+ "description": "Unique identifier for the Custom Authorization Server JSON Web Key to activate.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Unique `id` of the Custom Authorization Server JSON Web Key"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "keyId"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'activateOAuth2ResourceServerJsonWebKey'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.authorizationServers.manage"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/authorizationServers/{authServerId}/resourceservercredentials/keys/{keyId}/lifecycle/activate",
+ "http_method": "POST",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "authServerId",
+ "tool_parameter_name": "authorization_server_id",
+ "description": "`id` of the Authorization Server",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "`id` of the Authorization Server"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ },
+ {
+ "name": "keyId",
+ "tool_parameter_name": "json_web_key_id",
+ "description": "Unique `id` of the Custom Authorization Server JSON Web Key",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Unique `id` of the Custom Authorization Server JSON Web Key"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/ActivateOauthClientKey.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/ActivateOauthClientKey.json
new file mode 100644
index 000000000..be92d2088
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/ActivateOauthClientKey.json
@@ -0,0 +1,137 @@
+{
+ "name": "ActivateOauthClientKey",
+ "fully_qualified_name": "OktaApi.ActivateOauthClientKey@0.1.0",
+ "description": "Activate an OAuth 2.0 Client JSON Web Key using its key ID.\n\nUse this tool to activate an OAuth 2.0 Client JSON Web Key for a specific application. Note: Only one encryption key can be active at a time. Activating a new key will deactivate the current active key.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "application_id",
+ "required": true,
+ "description": "The unique identifier for the application. It specifies which application's JSON Web Key to activate.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Application ID"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "appId"
+ },
+ {
+ "name": "key_id",
+ "required": true,
+ "description": "Unique ID of the Custom Authorization Server JSON Web Key to activate.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Unique `id` of the Custom Authorization Server JSON Web Key"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "keyId"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'activateOAuth2ClientJsonWebKey'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.apps.manage"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/apps/{appId}/credentials/jwks/{keyId}/lifecycle/activate",
+ "http_method": "POST",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "appId",
+ "tool_parameter_name": "application_id",
+ "description": "Application ID",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Application ID"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ },
+ {
+ "name": "keyId",
+ "tool_parameter_name": "key_id",
+ "description": "Unique `id` of the Custom Authorization Server JSON Web Key",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Unique `id` of the Custom Authorization Server JSON Web Key"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/ActivatePolicy.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/ActivatePolicy.json
new file mode 100644
index 000000000..fa4b48fbf
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/ActivatePolicy.json
@@ -0,0 +1,105 @@
+{
+ "name": "ActivatePolicy",
+ "fully_qualified_name": "OktaApi.ActivatePolicy@0.1.0",
+ "description": "Activates a specified policy in Okta.\n\nUse this tool to activate a policy by its ID using Okta's API. It should be called when a policy needs to be enabled.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "policy_id",
+ "required": true,
+ "description": "The unique identifier for the policy to be activated.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "`id` of the Policy"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "policyId"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'activatePolicy'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.policies.manage"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/policies/{policyId}/lifecycle/activate",
+ "http_method": "POST",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "policyId",
+ "tool_parameter_name": "policy_id",
+ "description": "`id` of the Policy",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "`id` of the Policy"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/ActivatePolicyRule.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/ActivatePolicyRule.json
new file mode 100644
index 000000000..3c44e2c2f
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/ActivatePolicyRule.json
@@ -0,0 +1,137 @@
+{
+ "name": "ActivatePolicyRule",
+ "fully_qualified_name": "OktaApi.ActivatePolicyRule@0.1.0",
+ "description": "Activates a specific Okta policy rule.\n\nThis tool activates a policy rule in Okta identified by the given `policyId` and `ruleId`. Use it to enable specific rules within a policy.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "policy_id",
+ "required": true,
+ "description": "The unique identifier of the Policy to be activated.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "`id` of the Policy"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "policyId"
+ },
+ {
+ "name": "policy_rule_id",
+ "required": true,
+ "description": "The unique identifier of the policy rule to be activated in Okta.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "`id` of the policy rule"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "ruleId"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'activatePolicyRule'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.policies.manage"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/policies/{policyId}/rules/{ruleId}/lifecycle/activate",
+ "http_method": "POST",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "policyId",
+ "tool_parameter_name": "policy_id",
+ "description": "`id` of the Policy",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "`id` of the Policy"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ },
+ {
+ "name": "ruleId",
+ "tool_parameter_name": "policy_rule_id",
+ "description": "`id` of the policy rule",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "`id` of the policy rule"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/ActivateRealmAssignment.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/ActivateRealmAssignment.json
new file mode 100644
index 000000000..7447ee690
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/ActivateRealmAssignment.json
@@ -0,0 +1,105 @@
+{
+ "name": "ActivateRealmAssignment",
+ "fully_qualified_name": "OktaApi.ActivateRealmAssignment@0.1.0",
+ "description": "Activates a specified realm assignment in Okta.\n\nUse this tool to activate a specific realm assignment by providing the assignment ID. This is useful for enabling access or functionality related to a realm assignment in Okta.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "realm_assignment_id",
+ "required": true,
+ "description": "The unique ID of the realm assignment to activate in Okta.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "ID of the realm assignment"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "assignmentId"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'activateRealmAssignment'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.realmAssignments.manage"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/realm-assignments/{assignmentId}/lifecycle/activate",
+ "http_method": "POST",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "assignmentId",
+ "tool_parameter_name": "realm_assignment_id",
+ "description": "ID of the realm assignment",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "ID of the realm assignment"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/ActivateSecurityEventsProvider.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/ActivateSecurityEventsProvider.json
new file mode 100644
index 000000000..07b08f0c6
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/ActivateSecurityEventsProvider.json
@@ -0,0 +1,105 @@
+{
+ "name": "ActivateSecurityEventsProvider",
+ "fully_qualified_name": "OktaApi.ActivateSecurityEventsProvider@0.1.0",
+ "description": "Activate a Security Events Provider instance.\n\nUse this tool to set the status of a Security Events Provider instance to 'ACTIVE', resuming the flow of events from the provider to Okta.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "security_event_provider_id",
+ "required": true,
+ "description": "The `id` of the Security Events Provider instance to activate.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "`id` of the Security Events Provider instance"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "securityEventProviderId"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'activateSecurityEventsProviderInstance'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.securityEventsProviders.manage"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/security-events-providers/{securityEventProviderId}/lifecycle/activate",
+ "http_method": "POST",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "securityEventProviderId",
+ "tool_parameter_name": "security_event_provider_id",
+ "description": "`id` of the Security Events Provider instance",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "`id` of the Security Events Provider instance"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/ActivateServiceIntegrationSecret.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/ActivateServiceIntegrationSecret.json
new file mode 100644
index 000000000..4591aae33
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/ActivateServiceIntegrationSecret.json
@@ -0,0 +1,137 @@
+{
+ "name": "ActivateServiceIntegrationSecret",
+ "fully_qualified_name": "OktaApi.ActivateServiceIntegrationSecret@0.1.0",
+ "description": "Activate an API Service Integration instance secret.\n\nUse this tool to activate a specific secret for an API service integration instance by providing the `secretId`.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "service_integration_instance_id",
+ "required": true,
+ "description": "The `id` of the API Service Integration instance to activate the secret for.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "`id` of the API Service Integration instance"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "apiServiceId"
+ },
+ {
+ "name": "secret_id",
+ "required": true,
+ "description": "The ID of the API Service Integration instance Secret to activate. Provide a valid secret identifier.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "`id` of the API Service Integration instance Secret"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "secretId"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'activateApiServiceIntegrationInstanceSecret'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.oauthIntegrations.manage"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/integrations/api/v1/api-services/{apiServiceId}/credentials/secrets/{secretId}/lifecycle/activate",
+ "http_method": "POST",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "apiServiceId",
+ "tool_parameter_name": "service_integration_instance_id",
+ "description": "`id` of the API Service Integration instance",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "`id` of the API Service Integration instance"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ },
+ {
+ "name": "secretId",
+ "tool_parameter_name": "secret_id",
+ "description": "`id` of the API Service Integration instance Secret",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "`id` of the API Service Integration instance Secret"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/ActivateTrustedOrigin.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/ActivateTrustedOrigin.json
new file mode 100644
index 000000000..afbb74039
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/ActivateTrustedOrigin.json
@@ -0,0 +1,105 @@
+{
+ "name": "ActivateTrustedOrigin",
+ "fully_qualified_name": "OktaApi.ActivateTrustedOrigin@0.1.0",
+ "description": "Activates a trusted origin by setting its status to ACTIVE.\n\nUse this tool to activate a trusted origin within Okta by setting the status to ACTIVE. It is ideal when you need to enable a trusted origin that has been added but not yet activated.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "trusted_origin_id",
+ "required": true,
+ "description": "The unique `id` of the trusted origin to activate. It identifies the specific origin in Okta.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "`id` of the trusted origin"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "trustedOriginId"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'activateTrustedOrigin'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.trustedOrigins.manage"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/trustedOrigins/{trustedOriginId}/lifecycle/activate",
+ "http_method": "POST",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "trustedOriginId",
+ "tool_parameter_name": "trusted_origin_id",
+ "description": "`id` of the trusted origin",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "`id` of the trusted origin"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/ActivateUserFactor.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/ActivateUserFactor.json
new file mode 100644
index 000000000..83d12ef58
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/ActivateUserFactor.json
@@ -0,0 +1,169 @@
+{
+ "name": "ActivateUserFactor",
+ "fully_qualified_name": "OktaApi.ActivateUserFactor@0.1.0",
+ "description": "Activates user authentication factors for completing enrollment.\n\nUse this tool to activate authentication factors like call, email, push, SMS, token, U2F, and WebAuthn to complete the enrollment process for a user. Activation is essential for certain factors, and a rate limit of five attempts per five minutes is enforced.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "okta_user_id",
+ "required": true,
+ "description": "The ID of an existing Okta user to activate the factor for.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "ID of an existing Okta user"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "userId"
+ },
+ {
+ "name": "user_factor_id",
+ "required": true,
+ "description": "The ID of an existing user factor to be activated. Required to specify which factor to activate for the user.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "ID of an existing user factor"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "factorId"
+ },
+ {
+ "name": "activation_request_body",
+ "required": false,
+ "description": "A JSON object containing the details required for activating the factor. The structure depends on the specific factor being activated.",
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": ""
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "requestBody"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'activateFactor'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.users.manage"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/users/{userId}/factors/{factorId}/lifecycle/activate",
+ "http_method": "POST",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "userId",
+ "tool_parameter_name": "okta_user_id",
+ "description": "ID of an existing Okta user",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "ID of an existing Okta user"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ },
+ {
+ "name": "factorId",
+ "tool_parameter_name": "user_factor_id",
+ "description": "ID of an existing user factor",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "ID of an existing user factor"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ },
+ {
+ "name": "requestBody",
+ "tool_parameter_name": "activation_request_body",
+ "description": "",
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": ""
+ },
+ "accepted_as": "body",
+ "required": false,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/ActivateUserOkta.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/ActivateUserOkta.json
new file mode 100644
index 000000000..2e86f686c
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/ActivateUserOkta.json
@@ -0,0 +1,137 @@
+{
+ "name": "ActivateUserOkta",
+ "fully_qualified_name": "OktaApi.ActivateUserOkta@0.1.0",
+ "description": "Activate a staged or deprovisioned Okta user.\n\nUse this tool to activate a user with a `STAGED` or `DEPROVISIONED` status in Okta. This is an asynchronous operation where the user gains an `ACTIVE` status upon completion. Optionally, users can complete an activation link to finalize the process. Suitable for starting user activation workflows.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "user_identifier",
+ "required": true,
+ "description": "An ID, login, or unique shortname of an existing Okta user to be activated.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "An ID, login, or login shortname (as long as the shortname is unambiguous) of an existing Okta user"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "id"
+ },
+ {
+ "name": "send_activation_email",
+ "required": false,
+ "description": "Set to true to send an activation email to the user upon activation.",
+ "value_schema": {
+ "val_type": "boolean",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Sends an activation email to the user if `true`"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "sendEmail"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'activateUser'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.users.manage"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/users/{id}/lifecycle/activate",
+ "http_method": "POST",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "sendEmail",
+ "tool_parameter_name": "send_activation_email",
+ "description": "Sends an activation email to the user if `true`",
+ "value_schema": {
+ "val_type": "boolean",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Sends an activation email to the user if `true`"
+ },
+ "accepted_as": "query",
+ "required": false,
+ "deprecated": false,
+ "documentation_urls": []
+ },
+ {
+ "name": "id",
+ "tool_parameter_name": "user_identifier",
+ "description": "An ID, login, or login shortname (as long as the shortname is unambiguous) of an existing Okta user",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "An ID, login, or login shortname (as long as the shortname is unambiguous) of an existing Okta user"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/AssignAppInstanceRoleToClient.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/AssignAppInstanceRoleToClient.json
new file mode 100644
index 000000000..c8bade941
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/AssignAppInstanceRoleToClient.json
@@ -0,0 +1,201 @@
+{
+ "name": "AssignAppInstanceRoleToClient",
+ "fully_qualified_name": "OktaApi.AssignAppInstanceRoleToClient@0.1.0",
+ "description": "Assigns an app instance target to a client's APP_ADMIN role.\n\nThis tool assigns a specific app instance target to an APP_ADMIN role for a client, reducing the role's scope to only the specified target. It should be called when you need to manage permissions at the app instance level for a client.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "client_app_id",
+ "required": true,
+ "description": "The unique identifier for the client application. This specifies which client the app instance target will be assigned to under the APP_ADMIN role.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Client app ID"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "clientId"
+ },
+ {
+ "name": "role_assignment_id",
+ "required": true,
+ "description": "The `id` of the role assignment for the client. This is required to specify which role is being assigned to the app instance target.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "The `id` of the role assignment"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "roleAssignmentId"
+ },
+ {
+ "name": "app_definition_name",
+ "required": true,
+ "description": "The name of the app definition as listed in the OIN catalog.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Name of the app definition (the OIN catalog app key name)"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "appName"
+ },
+ {
+ "name": "application_id",
+ "required": true,
+ "description": "Unique identifier for the application instance to assign a role.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Application ID"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "appId"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'assignAppTargetInstanceRoleForClient'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.roles.manage"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/oauth2/v1/clients/{clientId}/roles/{roleAssignmentId}/targets/catalog/apps/{appName}/{appId}",
+ "http_method": "PUT",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "clientId",
+ "tool_parameter_name": "client_app_id",
+ "description": "Client app ID",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Client app ID"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ },
+ {
+ "name": "roleAssignmentId",
+ "tool_parameter_name": "role_assignment_id",
+ "description": "The `id` of the role assignment",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "The `id` of the role assignment"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ },
+ {
+ "name": "appName",
+ "tool_parameter_name": "app_definition_name",
+ "description": "Name of the app definition (the OIN catalog app key name)",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Name of the app definition (the OIN catalog app key name)"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ },
+ {
+ "name": "appId",
+ "tool_parameter_name": "application_id",
+ "description": "Application ID",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Application ID"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/AssignAppInstanceToAdminRole.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/AssignAppInstanceToAdminRole.json
new file mode 100644
index 000000000..32f7de0c2
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/AssignAppInstanceToAdminRole.json
@@ -0,0 +1,201 @@
+{
+ "name": "AssignAppInstanceToAdminRole",
+ "fully_qualified_name": "OktaApi.AssignAppInstanceToAdminRole@0.1.0",
+ "description": "Assign an app instance to a group admin role in Okta.\n\nUse this tool to assign a specific app instance to an `APP_ADMIN` role for a group in Okta. This action scopes the role assignment to the specified app instance, rather than applying it broadly to all apps. It is useful when you need to manage specific applications or configurations for a group.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "group_id",
+ "required": true,
+ "description": "The unique identifier of the group to which the app instance will be assigned.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "The `id` of the group"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "groupId"
+ },
+ {
+ "name": "role_assignment_id",
+ "required": true,
+ "description": "The `id` of the role assignment to which the app instance is being assigned. Required for scoping the admin role to the specific app instance.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "The `id` of the role assignment"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "roleAssignmentId"
+ },
+ {
+ "name": "app_name",
+ "required": true,
+ "description": "Name of the app definition from the OIN catalog. This key identifies the specific app.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Name of the app definition (the OIN catalog app key name)"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "appName"
+ },
+ {
+ "name": "application_id",
+ "required": true,
+ "description": "The unique identifier of the application to which the admin role will be assigned for the group.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Application ID"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "appId"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'assignAppInstanceTargetToAppAdminRoleForGroup'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.roles.manage"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/groups/{groupId}/roles/{roleAssignmentId}/targets/catalog/apps/{appName}/{appId}",
+ "http_method": "PUT",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "groupId",
+ "tool_parameter_name": "group_id",
+ "description": "The `id` of the group",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "The `id` of the group"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ },
+ {
+ "name": "roleAssignmentId",
+ "tool_parameter_name": "role_assignment_id",
+ "description": "The `id` of the role assignment",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "The `id` of the role assignment"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ },
+ {
+ "name": "appName",
+ "tool_parameter_name": "app_name",
+ "description": "Name of the app definition (the OIN catalog app key name)",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Name of the app definition (the OIN catalog app key name)"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ },
+ {
+ "name": "appId",
+ "tool_parameter_name": "application_id",
+ "description": "Application ID",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Application ID"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/AssignAppTargetRoleToClient.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/AssignAppTargetRoleToClient.json
new file mode 100644
index 000000000..fc7d93c0a
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/AssignAppTargetRoleToClient.json
@@ -0,0 +1,169 @@
+{
+ "name": "AssignAppTargetRoleToClient",
+ "fully_qualified_name": "OktaApi.AssignAppTargetRoleToClient@0.1.0",
+ "description": "Assign an OIN app target role to a client.\n\nThis tool assigns a specific app target from the OIN catalog for an `APP_ADMIN` role to a client. It should be called when you want to narrow the scope of an app role assignment, affecting only app instances specified by the app name. It updates any existing app instance targets with the assigned app target.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "client_app_id",
+ "required": true,
+ "description": "The unique identifier for the client application to which the role is being assigned.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Client app ID"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "clientId"
+ },
+ {
+ "name": "role_assignment_id",
+ "required": true,
+ "description": "The ID of the role assignment to specify which role to assign to the client.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "The `id` of the role assignment"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "roleAssignmentId"
+ },
+ {
+ "name": "oin_app_key_name",
+ "required": true,
+ "description": "The key name of the app from the OIN catalog to assign for the role.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Name of the app definition (the OIN catalog app key name)"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "appName"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'assignAppTargetRoleToClient'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.roles.manage"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/oauth2/v1/clients/{clientId}/roles/{roleAssignmentId}/targets/catalog/apps/{appName}",
+ "http_method": "PUT",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "clientId",
+ "tool_parameter_name": "client_app_id",
+ "description": "Client app ID",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Client app ID"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ },
+ {
+ "name": "roleAssignmentId",
+ "tool_parameter_name": "role_assignment_id",
+ "description": "The `id` of the role assignment",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "The `id` of the role assignment"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ },
+ {
+ "name": "appName",
+ "tool_parameter_name": "oin_app_key_name",
+ "description": "Name of the app definition (the OIN catalog app key name)",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Name of the app definition (the OIN catalog app key name)"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/AssignAppTargetToAdminRole.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/AssignAppTargetToAdminRole.json
new file mode 100644
index 000000000..435dea602
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/AssignAppTargetToAdminRole.json
@@ -0,0 +1,169 @@
+{
+ "name": "AssignAppTargetToAdminRole",
+ "fully_qualified_name": "OktaApi.AssignAppTargetToAdminRole@0.1.0",
+ "description": "Assign an app target to a group's admin role.\n\nUse this tool to assign an OIN app target to the \"APP_ADMIN\" role for a group, reducing the role's scope to the specified app target. This action overrides any existing specific role assignments for that app.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "group_id",
+ "required": true,
+ "description": "The unique identifier of the group to assign the app target to.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "The `id` of the group"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "groupId"
+ },
+ {
+ "name": "role_assignment_id",
+ "required": true,
+ "description": "The unique identifier for the role assignment to which the app target is to be added.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "The `id` of the role assignment"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "roleAssignmentId"
+ },
+ {
+ "name": "app_name",
+ "required": true,
+ "description": "Name of the app definition from the OIN catalog, used as the key name.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Name of the app definition (the OIN catalog app key name)"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "appName"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'assignAppTargetToAdminRoleForGroup'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.roles.manage"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/groups/{groupId}/roles/{roleAssignmentId}/targets/catalog/apps/{appName}",
+ "http_method": "PUT",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "groupId",
+ "tool_parameter_name": "group_id",
+ "description": "The `id` of the group",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "The `id` of the group"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ },
+ {
+ "name": "roleAssignmentId",
+ "tool_parameter_name": "role_assignment_id",
+ "description": "The `id` of the role assignment",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "The `id` of the role assignment"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ },
+ {
+ "name": "appName",
+ "tool_parameter_name": "app_name",
+ "description": "Name of the app definition (the OIN catalog app key name)",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Name of the app definition (the OIN catalog app key name)"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/AssignAppTargetToUserRole.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/AssignAppTargetToUserRole.json
new file mode 100644
index 000000000..6b5448d1e
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/AssignAppTargetToUserRole.json
@@ -0,0 +1,201 @@
+{
+ "name": "AssignAppTargetToUserRole",
+ "fully_qualified_name": "OktaApi.AssignAppTargetToUserRole@0.1.0",
+ "description": "Assign an app target to a user's admin role.\n\nThis tool assigns a specific app instance target to a user's `APP_ADMIN` role, thereby reducing the role's scope to the specified target. It should be used when limiting a user's app management permissions to particular app instances.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "user_id",
+ "required": true,
+ "description": "ID of an existing Okta user to which the app instance target is assigned.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "ID of an existing Okta user"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "userId"
+ },
+ {
+ "name": "role_assignment_id",
+ "required": true,
+ "description": "The ID of the role assignment for the user to which the app target will be assigned.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "The `id` of the role assignment"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "roleAssignmentId"
+ },
+ {
+ "name": "app_name",
+ "required": true,
+ "description": "The name of the app definition in the OIN catalog key name format.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Name of the app definition (the OIN catalog app key name)"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "appName"
+ },
+ {
+ "name": "application_id",
+ "required": true,
+ "description": "The unique identifier for a specific application. Used to narrow the user's admin role to this app instance.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Application ID"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "appId"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'assignAppInstanceTargetToAppAdminRoleForUser'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.roles.manage"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/users/{userId}/roles/{roleAssignmentId}/targets/catalog/apps/{appName}/{appId}",
+ "http_method": "PUT",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "userId",
+ "tool_parameter_name": "user_id",
+ "description": "ID of an existing Okta user",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "ID of an existing Okta user"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ },
+ {
+ "name": "roleAssignmentId",
+ "tool_parameter_name": "role_assignment_id",
+ "description": "The `id` of the role assignment",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "The `id` of the role assignment"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ },
+ {
+ "name": "appName",
+ "tool_parameter_name": "app_name",
+ "description": "Name of the app definition (the OIN catalog app key name)",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Name of the app definition (the OIN catalog app key name)"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ },
+ {
+ "name": "appId",
+ "tool_parameter_name": "application_id",
+ "description": "Application ID",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Application ID"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/AssignAppToPolicy.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/AssignAppToPolicy.json
new file mode 100644
index 000000000..3c7d1f4a7
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/AssignAppToPolicy.json
@@ -0,0 +1,137 @@
+{
+ "name": "AssignAppToPolicy",
+ "fully_qualified_name": "OktaApi.AssignAppToPolicy@0.1.0",
+ "description": "Assign an app to a specified authentication policy.\n\nUse this tool to assign an application to a specific authentication policy in Okta, replacing any previous assignments. Note that if authentication policies are being merged, this operation may be temporarily unavailable.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "application_id",
+ "required": true,
+ "description": "The unique identifier for the application to be assigned to the authentication policy.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Application ID"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "appId"
+ },
+ {
+ "name": "policy_id",
+ "required": true,
+ "description": "The ID of the authentication policy to assign the application to. This replaces any previous policy assignments.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "`id` of the Policy"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "policyId"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'assignApplicationPolicy'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.apps.manage"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/apps/{appId}/policies/{policyId}",
+ "http_method": "PUT",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "appId",
+ "tool_parameter_name": "application_id",
+ "description": "Application ID",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Application ID"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ },
+ {
+ "name": "policyId",
+ "tool_parameter_name": "policy_id",
+ "description": "`id` of the Policy",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "`id` of the Policy"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/AssignAppsToRoleForUser.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/AssignAppsToRoleForUser.json
new file mode 100644
index 000000000..be138b8c1
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/AssignAppsToRoleForUser.json
@@ -0,0 +1,137 @@
+{
+ "name": "AssignAppsToRoleForUser",
+ "fully_qualified_name": "OktaApi.AssignAppsToRoleForUser@0.1.0",
+ "description": "Assigns all applications to a user's role in Okta.\n\nUse this tool to assign all available applications to a specified user's `APP_ADMIN` role in Okta. It should be called when you need to automate the process of granting a user access to all applications under a specific role.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "okta_user_id",
+ "required": true,
+ "description": "ID of an existing Okta user to assign apps to their role.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "ID of an existing Okta user"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "userId"
+ },
+ {
+ "name": "role_assignment_id",
+ "required": true,
+ "description": "The ID of the specific role assignment to which all apps will be assigned for the user.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "The `id` of the role assignment"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "roleAssignmentId"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'assignAllAppsAsTargetToRoleForUser'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.roles.manage"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/users/{userId}/roles/{roleAssignmentId}/targets/catalog/apps",
+ "http_method": "PUT",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "userId",
+ "tool_parameter_name": "okta_user_id",
+ "description": "ID of an existing Okta user",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "ID of an existing Okta user"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ },
+ {
+ "name": "roleAssignmentId",
+ "tool_parameter_name": "role_assignment_id",
+ "description": "The `id` of the role assignment",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "The `id` of the role assignment"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/AssignGroupTargetRoleForClient.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/AssignGroupTargetRoleForClient.json
new file mode 100644
index 000000000..45326010d
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/AssignGroupTargetRoleForClient.json
@@ -0,0 +1,169 @@
+{
+ "name": "AssignGroupTargetRoleForClient",
+ "fully_qualified_name": "OktaApi.AssignGroupTargetRoleForClient@0.1.0",
+ "description": "Assign a group target role to a client app.\n\nUse this tool to assign a group target to a specific role (`USER_ADMIN`, `HELP_DESK_ADMIN`, or `GROUP_MEMBERSHIP_ADMIN`) for a client app. This reduces the scope of the role assignment by applying it only to the specified target group.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "client_app_id",
+ "required": true,
+ "description": "The ID of the client application to which the group target role is assigned.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Client app ID"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "clientId"
+ },
+ {
+ "name": "role_assignment_id",
+ "required": true,
+ "description": "The unique identifier of the role assignment to be targeted.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "The `id` of the role assignment"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "roleAssignmentId"
+ },
+ {
+ "name": "group_id_for_role_assignment",
+ "required": true,
+ "description": "The identifier of the group to which the role will be assigned for the client app.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "The `id` of the group"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "groupId"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'assignGroupTargetRoleForClient'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.roles.manage"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/oauth2/v1/clients/{clientId}/roles/{roleAssignmentId}/targets/groups/{groupId}",
+ "http_method": "PUT",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "clientId",
+ "tool_parameter_name": "client_app_id",
+ "description": "Client app ID",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Client app ID"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ },
+ {
+ "name": "roleAssignmentId",
+ "tool_parameter_name": "role_assignment_id",
+ "description": "The `id` of the role assignment",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "The `id` of the role assignment"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ },
+ {
+ "name": "groupId",
+ "tool_parameter_name": "group_id_for_role_assignment",
+ "description": "The `id` of the group",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "The `id` of the group"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/AssignGroupTargetToRole.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/AssignGroupTargetToRole.json
new file mode 100644
index 000000000..0f5cf3e74
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/AssignGroupTargetToRole.json
@@ -0,0 +1,169 @@
+{
+ "name": "AssignGroupTargetToRole",
+ "fully_qualified_name": "OktaApi.AssignGroupTargetToRole@0.1.0",
+ "description": "Assign a group target to specific admin roles.\n\nUse this tool to assign a group target to a USER_ADMIN, HELP_DESK_ADMIN, or GROUP_MEMBERSHIP_ADMIN role for a specific group. It limits the role's scope to the specified target, removing its previous global application.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "group_id",
+ "required": true,
+ "description": "The unique identifier for the group to which the role target is assigned.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "The `id` of the group"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "groupId"
+ },
+ {
+ "name": "role_assignment_id",
+ "required": true,
+ "description": "The unique identifier for the role assignment to which the group target is being assigned.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "The `id` of the role assignment"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "roleAssignmentId"
+ },
+ {
+ "name": "target_group_id",
+ "required": true,
+ "description": "The ID of the group to be set as the target, narrowing the role scope to this group only.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": ""
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "targetGroupId"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'assignGroupTargetToGroupAdminRole'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.roles.manage"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/groups/{groupId}/roles/{roleAssignmentId}/targets/groups/{targetGroupId}",
+ "http_method": "PUT",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "groupId",
+ "tool_parameter_name": "group_id",
+ "description": "The `id` of the group",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "The `id` of the group"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ },
+ {
+ "name": "roleAssignmentId",
+ "tool_parameter_name": "role_assignment_id",
+ "description": "The `id` of the role assignment",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "The `id` of the role assignment"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ },
+ {
+ "name": "targetGroupId",
+ "tool_parameter_name": "target_group_id",
+ "description": "",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": ""
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/AssignGroupTargetToUserRole.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/AssignGroupTargetToUserRole.json
new file mode 100644
index 000000000..519ca4a20
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/AssignGroupTargetToUserRole.json
@@ -0,0 +1,169 @@
+{
+ "name": "AssignGroupTargetToUserRole",
+ "fully_qualified_name": "OktaApi.AssignGroupTargetToUserRole@0.1.0",
+ "description": "Assign a group target to a specified user role.\n\nUse this tool to assign a specified group target to a user's admin role, such as USER_ADMIN, HELP_DESK_ADMIN, or GROUP_MEMBERSHIP_ADMIN. This allows narrowing the scope of the role to specific groups, rather than applying universally.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "okta_user_id",
+ "required": true,
+ "description": "The ID of an existing Okta user to whom the group target is assigned.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "ID of an existing Okta user"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "userId"
+ },
+ {
+ "name": "role_assignment_id",
+ "required": true,
+ "description": "The unique identifier of the role assignment to which the group target will be assigned.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "The `id` of the role assignment"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "roleAssignmentId"
+ },
+ {
+ "name": "group_id",
+ "required": true,
+ "description": "The unique identifier of the group to assign to the user's admin role.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "The `id` of the group"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "groupId"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'assignGroupTargetToUserRole'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.roles.manage"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/users/{userId}/roles/{roleAssignmentId}/targets/groups/{groupId}",
+ "http_method": "PUT",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "userId",
+ "tool_parameter_name": "okta_user_id",
+ "description": "ID of an existing Okta user",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "ID of an existing Okta user"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ },
+ {
+ "name": "roleAssignmentId",
+ "tool_parameter_name": "role_assignment_id",
+ "description": "The `id` of the role assignment",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "The `id` of the role assignment"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ },
+ {
+ "name": "groupId",
+ "tool_parameter_name": "group_id",
+ "description": "The `id` of the group",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "The `id` of the group"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/AssignRoleToUser.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/AssignRoleToUser.json
new file mode 100644
index 000000000..9754c481d
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/AssignRoleToUser.json
@@ -0,0 +1,169 @@
+{
+ "name": "AssignRoleToUser",
+ "fully_qualified_name": "OktaApi.AssignRoleToUser@0.1.0",
+ "description": "Assign a standard role to a specified user.\n\nThis tool assigns a standard role to a user in the Okta system. It should be used when you need to add a role to a user. Note that standard and custom role assignments require different request payloads.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "user_id",
+ "required": true,
+ "description": "The unique ID of an existing Okta user to whom the role will be assigned.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "ID of an existing Okta user"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "userId"
+ },
+ {
+ "name": "role_assignment_details",
+ "required": true,
+ "description": "Details of the role assignment including type (standard or custom) and relevant configuration.",
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": ""
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "requestBody"
+ },
+ {
+ "name": "disable_notifications",
+ "required": false,
+ "description": "Set to `true` to grant the user third-party admin status.",
+ "value_schema": {
+ "val_type": "boolean",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Setting this to `true` grants the user third-party admin status"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "disableNotifications"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'assignRoleToUser'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.roles.manage"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/users/{userId}/roles",
+ "http_method": "POST",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "disableNotifications",
+ "tool_parameter_name": "disable_notifications",
+ "description": "Setting this to `true` grants the user third-party admin status",
+ "value_schema": {
+ "val_type": "boolean",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Setting this to `true` grants the user third-party admin status"
+ },
+ "accepted_as": "query",
+ "required": false,
+ "deprecated": false,
+ "documentation_urls": []
+ },
+ {
+ "name": "userId",
+ "tool_parameter_name": "user_id",
+ "description": "ID of an existing Okta user",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "ID of an existing Okta user"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ },
+ {
+ "name": "requestBody",
+ "tool_parameter_name": "role_assignment_details",
+ "description": "",
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": ""
+ },
+ "accepted_as": "body",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/AssignUserLinkedObject.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/AssignUserLinkedObject.json
new file mode 100644
index 000000000..9754d5481
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/AssignUserLinkedObject.json
@@ -0,0 +1,169 @@
+{
+ "name": "AssignUserLinkedObject",
+ "fully_qualified_name": "OktaApi.AssignUserLinkedObject@0.1.0",
+ "description": "Assign a primary user to an associated user in Okta.\n\nUse this tool to assign a primary user relationship to an associated user in Okta. If the associated user already has a different primary user for this relationship, the previous link will be removed, ensuring only one primary user per associated user.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "user_id_or_login",
+ "required": true,
+ "description": "ID or login of the associated user. Use 'me' for the current session user.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "If for the `self` link, this is the ID of the user for whom you want to get the primary user ID. If for the `associated` relation, this is the user ID or login value of the user assigned the associated relationship.\n\nThis can be `me` to represent the current session user."
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "userIdOrLogin"
+ },
+ {
+ "name": "primary_relationship_name",
+ "required": true,
+ "description": "Specify the name of the primary relationship to assign to the associated user.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Name of the `primary` relationship being assigned"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "primaryRelationshipName"
+ },
+ {
+ "name": "primary_user_id",
+ "required": true,
+ "description": "User ID to assign as the `primary` relationship for the `associated` user. Provide the specific user ID.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "User ID to be assigned to the `primary` relationship for the `associated` user"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "primaryUserId"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'assignLinkedObjectValueForPrimary'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.users.manage"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/users/{userIdOrLogin}/linkedObjects/{primaryRelationshipName}/{primaryUserId}",
+ "http_method": "PUT",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "userIdOrLogin",
+ "tool_parameter_name": "user_id_or_login",
+ "description": "If for the `self` link, this is the ID of the user for whom you want to get the primary user ID. If for the `associated` relation, this is the user ID or login value of the user assigned the associated relationship.\n\nThis can be `me` to represent the current session user.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "If for the `self` link, this is the ID of the user for whom you want to get the primary user ID. If for the `associated` relation, this is the user ID or login value of the user assigned the associated relationship.\n\nThis can be `me` to represent the current session user."
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ },
+ {
+ "name": "primaryRelationshipName",
+ "tool_parameter_name": "primary_relationship_name",
+ "description": "Name of the `primary` relationship being assigned",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Name of the `primary` relationship being assigned"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ },
+ {
+ "name": "primaryUserId",
+ "tool_parameter_name": "primary_user_id",
+ "description": "User ID to be assigned to the `primary` relationship for the `associated` user",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "User ID to be assigned to the `primary` relationship for the `associated` user"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/AssignUserToGroup.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/AssignUserToGroup.json
new file mode 100644
index 000000000..e833f83d1
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/AssignUserToGroup.json
@@ -0,0 +1,137 @@
+{
+ "name": "AssignUserToGroup",
+ "fully_qualified_name": "OktaApi.AssignUserToGroup@0.1.0",
+ "description": "Assign a user to a specified OKTA_GROUP.\n\nUse this tool to assign a user to a specific group of type `OKTA_GROUP` within Okta. This operation is only applicable for `OKTA_GROUP` type groups and is important for managing user memberships. Note that app imports handle memberships for `APP_GROUP` type groups, such as Active Directory.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "group_id",
+ "required": true,
+ "description": "The unique identifier for the OKTA_GROUP to which the user will be assigned.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "The `id` of the group"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "groupId"
+ },
+ {
+ "name": "okta_user_id",
+ "required": true,
+ "description": "ID of an existing Okta user to be assigned to the group.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "ID of an existing Okta user"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "userId"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'assignUserToGroup'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.groups.manage"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/groups/{groupId}/users/{userId}",
+ "http_method": "PUT",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "groupId",
+ "tool_parameter_name": "group_id",
+ "description": "The `id` of the group",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "The `id` of the group"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ },
+ {
+ "name": "userId",
+ "tool_parameter_name": "okta_user_id",
+ "description": "ID of an existing Okta user",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "ID of an existing Okta user"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/AssignWebauthnErrorStatus.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/AssignWebauthnErrorStatus.json
new file mode 100644
index 000000000..1897ae7f6
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/AssignWebauthnErrorStatus.json
@@ -0,0 +1,137 @@
+{
+ "name": "AssignWebauthnErrorStatus",
+ "fully_qualified_name": "OktaApi.AssignWebauthnErrorStatus@0.1.0",
+ "description": "Assigns an error status to a user's WebAuthn preregistration.\n\nUse this tool to assign a fulfillment error status to a WebAuthn preregistration factor for a user. This sets the specific 'FULFILLMENT_ERRORED' status on the enrollment.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "user_id",
+ "required": true,
+ "description": "ID of an existing Okta user to whom the error status will be assigned.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "ID of an existing Okta user"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "userId"
+ },
+ {
+ "name": "webauthn_preregistration_factor_id",
+ "required": true,
+ "description": "ID for a WebAuthn preregistration factor in Okta.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "ID for a WebAuthn preregistration factor in Okta"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "authenticatorEnrollmentId"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'assignFulfillmentErrorWebAuthnPreregistrationFactor'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.users.manage"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/webauthn-registration/api/v1/users/{userId}/enrollments/{authenticatorEnrollmentId}/mark-error",
+ "http_method": "POST",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "userId",
+ "tool_parameter_name": "user_id",
+ "description": "ID of an existing Okta user",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "ID of an existing Okta user"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ },
+ {
+ "name": "authenticatorEnrollmentId",
+ "tool_parameter_name": "webauthn_preregistration_factor_id",
+ "description": "ID for a WebAuthn preregistration factor in Okta",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "ID for a WebAuthn preregistration factor in Okta"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/CheckMfaNumberMatchingStatus.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/CheckMfaNumberMatchingStatus.json
new file mode 100644
index 000000000..d61d6a1cb
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/CheckMfaNumberMatchingStatus.json
@@ -0,0 +1,71 @@
+{
+ "name": "CheckMfaNumberMatchingStatus",
+ "fully_qualified_name": "OktaApi.CheckMfaNumberMatchingStatus@0.1.0",
+ "description": "Check if MFA Number Matching is enabled for your org.\n\nUse this tool to determine whether the Desktop MFA Enforce Number Matching Challenge feature is enabled or disabled for your organization.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": []
+ },
+ "output": {
+ "description": "Response from the API endpoint 'getDesktopMFAEnforceNumberMatchingChallengeOrgSetting'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.orgs.read"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/device-access/api/v1/desktop-mfa/enforce-number-matching-challenge-settings",
+ "http_method": "GET",
+ "headers": {},
+ "parameters": [],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/CheckMfaRecoveryPinStatus.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/CheckMfaRecoveryPinStatus.json
new file mode 100644
index 000000000..c4fc931b5
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/CheckMfaRecoveryPinStatus.json
@@ -0,0 +1,71 @@
+{
+ "name": "CheckMfaRecoveryPinStatus",
+ "fully_qualified_name": "OktaApi.CheckMfaRecoveryPinStatus@0.1.0",
+ "description": "Check if the Desktop MFA Recovery PIN feature is enabled.\n\nUse this tool to determine whether the Desktop MFA Recovery PIN feature is enabled for your organization.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": []
+ },
+ "output": {
+ "description": "Response from the API endpoint 'getDesktopMFARecoveryPinOrgSetting'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.orgs.read"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/device-access/api/v1/desktop-mfa/recovery-pin-settings",
+ "http_method": "GET",
+ "headers": {},
+ "parameters": [],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/CloneIdpCertificate.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/CloneIdpCertificate.json
new file mode 100644
index 000000000..ac2f2cde2
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/CloneIdpCertificate.json
@@ -0,0 +1,169 @@
+{
+ "name": "CloneIdpCertificate",
+ "fully_qualified_name": "OktaApi.CloneIdpCertificate@0.1.0",
+ "description": "Clone an X.509 certificate between identity providers.\n\nThis tool clones an X.509 certificate for an identity provider (IdP) signing key credential from a source IdP to a target IdP. Note that sharing certificates isn't recommended for security reasons, and if the key already exists for the target IdP, a 400 error will be returned.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "target_identity_provider_id",
+ "required": true,
+ "description": "The `id` of the target identity provider (IdP) where the certificate will be cloned.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "`id` of the target IdP"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "targetIdpId"
+ },
+ {
+ "name": "source_idp_id",
+ "required": true,
+ "description": "The `id` of the source identity provider (IdP) from which the certificate is being cloned.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "`id` of IdP"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "idpId"
+ },
+ {
+ "name": "key_credential_id",
+ "required": true,
+ "description": "Unique ID of the identity provider key credential to clone.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Unique `id` of the IdP key credential"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "kid"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'cloneIdentityProviderKey'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.idps.manage"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/idps/{idpId}/credentials/keys/{kid}/clone",
+ "http_method": "POST",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "targetIdpId",
+ "tool_parameter_name": "target_identity_provider_id",
+ "description": "`id` of the target IdP",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "`id` of the target IdP"
+ },
+ "accepted_as": "query",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ },
+ {
+ "name": "idpId",
+ "tool_parameter_name": "source_idp_id",
+ "description": "`id` of IdP",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "`id` of IdP"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ },
+ {
+ "name": "kid",
+ "tool_parameter_name": "key_credential_id",
+ "description": "Unique `id` of the IdP key credential",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Unique `id` of the IdP key credential"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/CloneOktaApplicationKey.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/CloneOktaApplicationKey.json
new file mode 100644
index 000000000..4b13cd625
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/CloneOktaApplicationKey.json
@@ -0,0 +1,169 @@
+{
+ "name": "CloneOktaApplicationKey",
+ "fully_qualified_name": "OktaApi.CloneOktaApplicationKey@0.1.0",
+ "description": "Clone X.509 certificate between Okta applications.\n\nThis tool clones an X.509 certificate from a source application to a target application within Okta. It should be called when you need to share application key credentials across different applications. Note that sharing certificates is not a recommended security practice.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "target_application_key",
+ "required": true,
+ "description": "Unique key of the target application for cloning the X.509 certificate.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Unique key of the target Application"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "targetAid"
+ },
+ {
+ "name": "source_application_id",
+ "required": true,
+ "description": "The ID of the source application from which the X.509 certificate will be cloned.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Application ID"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "appId"
+ },
+ {
+ "name": "key_credential_id",
+ "required": true,
+ "description": "ID of the Key Credential for the application to clone.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "ID of the Key Credential for the application"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "keyId"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'cloneApplicationKey'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.apps.manage"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/apps/{appId}/credentials/keys/{keyId}/clone",
+ "http_method": "POST",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "targetAid",
+ "tool_parameter_name": "target_application_key",
+ "description": "Unique key of the target Application",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Unique key of the target Application"
+ },
+ "accepted_as": "query",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ },
+ {
+ "name": "appId",
+ "tool_parameter_name": "source_application_id",
+ "description": "Application ID",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Application ID"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ },
+ {
+ "name": "keyId",
+ "tool_parameter_name": "key_credential_id",
+ "description": "ID of the Key Credential for the application",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "ID of the Key Credential for the application"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/ClonePolicy.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/ClonePolicy.json
new file mode 100644
index 000000000..7155c04c1
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/ClonePolicy.json
@@ -0,0 +1,105 @@
+{
+ "name": "ClonePolicy",
+ "fully_qualified_name": "OktaApi.ClonePolicy@0.1.0",
+ "description": "Clone an existing policy in the system.\n\nUse this tool to create a copy of an existing policy by cloning it. This can be useful for quickly setting up similar policies without manually configuring each one.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "policy_id",
+ "required": true,
+ "description": "The unique identifier of the policy to be cloned. It must be a valid string ID.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "`id` of the Policy"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "policyId"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'clonePolicy'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.policies.manage"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/policies/{policyId}/clone",
+ "http_method": "POST",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "policyId",
+ "tool_parameter_name": "policy_id",
+ "description": "`id` of the Policy",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "`id` of the Policy"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/CreateApiServiceSecret.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/CreateApiServiceSecret.json
new file mode 100644
index 000000000..763cc0b35
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/CreateApiServiceSecret.json
@@ -0,0 +1,105 @@
+{
+ "name": "CreateApiServiceSecret",
+ "fully_qualified_name": "OktaApi.CreateApiServiceSecret@0.1.0",
+ "description": "Create an API Service Integration Secret in Okta.\n\nGenerates a new active client secret for an Okta API Service Integration instance. This tool should be called when you need to create a secret object, with a limit of two secrets per instance. An error occurs if more than two are attempted.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "integration_instance_id",
+ "required": true,
+ "description": "The ID of the Okta API Service Integration instance for which the secret is being created.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "`id` of the API Service Integration instance"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "apiServiceId"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'createApiServiceIntegrationInstanceSecret'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.oauthIntegrations.manage"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/integrations/api/v1/api-services/{apiServiceId}/credentials/secrets",
+ "http_method": "POST",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "apiServiceId",
+ "tool_parameter_name": "integration_instance_id",
+ "description": "`id` of the API Service Integration instance",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "`id` of the API Service Integration instance"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/CreateAuthenticator.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/CreateAuthenticator.json
new file mode 100644
index 000000000..da82345b7
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/CreateAuthenticator.json
@@ -0,0 +1,105 @@
+{
+ "name": "CreateAuthenticator",
+ "fully_qualified_name": "OktaApi.CreateAuthenticator@0.1.0",
+ "description": "Creates a new authenticator in Okta.\n\nCall this tool to add a new authenticator to your Okta account. It is useful for setting up new authentication methods or devices.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "activate_authenticator_on_creation",
+ "required": false,
+ "description": "Set to true to execute the activation lifecycle operation when creating the authenticator.",
+ "value_schema": {
+ "val_type": "boolean",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Whether to execute the activation lifecycle operation when Okta creates the authenticator"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "activate"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'createAuthenticator'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.authenticators.manage"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/authenticators",
+ "http_method": "POST",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "activate",
+ "tool_parameter_name": "activate_authenticator_on_creation",
+ "description": "Whether to execute the activation lifecycle operation when Okta creates the authenticator",
+ "value_schema": {
+ "val_type": "boolean",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Whether to execute the activation lifecycle operation when Okta creates the authenticator"
+ },
+ "accepted_as": "query",
+ "required": false,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/CreateIdentitySourceSession.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/CreateIdentitySourceSession.json
new file mode 100644
index 000000000..dae8173e1
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/CreateIdentitySourceSession.json
@@ -0,0 +1,105 @@
+{
+ "name": "CreateIdentitySourceSession",
+ "fully_qualified_name": "OktaApi.CreateIdentitySourceSession@0.1.0",
+ "description": "Create a session for an identity source instance.\n\nThis tool creates an identity source session for a specified identity source instance, allowing further authenticated interactions with that source.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "identity_source_id",
+ "required": true,
+ "description": "The unique ID of the identity source to create a session for.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "The ID of the identity source for which the session is created"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "identitySourceId"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'createIdentitySourceSession'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.identitySources.manage"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/identity-sources/{identitySourceId}/sessions",
+ "http_method": "POST",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "identitySourceId",
+ "tool_parameter_name": "identity_source_id",
+ "description": "The ID of the identity source for which the session is created",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "The ID of the identity source for which the session is created"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/CreateOktaGroup.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/CreateOktaGroup.json
new file mode 100644
index 000000000..7d2ca9081
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/CreateOktaGroup.json
@@ -0,0 +1,157 @@
+{
+ "name": "CreateOktaGroup",
+ "fully_qualified_name": "OktaApi.CreateOktaGroup@0.1.0",
+ "description": "Create a new OKTA group in your organization.\n\nUse this tool to add a new group with the `OKTA_GROUP` type in your Okta organization. It should be called when there's a need to organize users into a new group for collaboration or permissions management.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "group_profile_details",
+ "required": true,
+ "description": "A JSON object containing the group's name and description for the new OKTA group. Must include a `name` key for the group name and a `description` key for the group description.",
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": {
+ "profile": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": {
+ "description": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Description of the group"
+ },
+ "name": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Name of the group"
+ }
+ },
+ "inner_properties": null,
+ "description": "Profile for any group that is not imported from Active Directory. Specifies the standard\nand custom profile properties for a group.\n\nThe `objectClass` for these groups is `okta:user_group`."
+ }
+ },
+ "inner_properties": null,
+ "description": ""
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "requestBody"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'addGroup'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.groups.manage"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/groups",
+ "http_method": "POST",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "requestBody",
+ "tool_parameter_name": "group_profile_details",
+ "description": "",
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": {
+ "profile": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": {
+ "description": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Description of the group"
+ },
+ "name": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Name of the group"
+ }
+ },
+ "inner_properties": null,
+ "description": "Profile for any group that is not imported from Active Directory. Specifies the standard\nand custom profile properties for a group.\n\nThe `objectClass` for these groups is `okta:user_group`."
+ }
+ },
+ "inner_properties": null,
+ "description": ""
+ },
+ "accepted_as": "body",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/CreateTacAuthenticatorEnrollment.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/CreateTacAuthenticatorEnrollment.json
new file mode 100644
index 000000000..3d07238c1
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/CreateTacAuthenticatorEnrollment.json
@@ -0,0 +1,105 @@
+{
+ "name": "CreateTacAuthenticatorEnrollment",
+ "fully_qualified_name": "OktaApi.CreateTacAuthenticatorEnrollment@0.1.0",
+ "description": "Creates an auto-activated TAC authenticator enrollment for a user.\n\nUse this tool to automatically activate a Temporary Access Code (TAC) authenticator enrollment for a specified user in Okta.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "user_id",
+ "required": true,
+ "description": "The unique ID of an existing Okta user for whom the TAC authenticator enrollment will be created.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "ID of an existing Okta user"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "userId"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'createTacAuthenticatorEnrollment'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.users.manage"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/users/{userId}/authenticator-enrollments/tac",
+ "http_method": "POST",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "userId",
+ "tool_parameter_name": "user_id",
+ "description": "ID of an existing Okta user",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "ID of an existing Okta user"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/DeactivateAgentPoolUpdate.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/DeactivateAgentPoolUpdate.json
new file mode 100644
index 000000000..cf7de96ef
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/DeactivateAgentPoolUpdate.json
@@ -0,0 +1,137 @@
+{
+ "name": "DeactivateAgentPoolUpdate",
+ "fully_qualified_name": "OktaApi.DeactivateAgentPoolUpdate@0.1.0",
+ "description": "Deactivate a scheduled agent pool update.\n\nUse this tool to deactivate a scheduled update for a specific agent pool in Okta. It should be called when you need to stop an update that is already scheduled but not yet executed.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "agent_pool_id",
+ "required": true,
+ "description": "ID of the agent pool for which the deactivation settings apply.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "ID of the agent pool for which the settings apply to"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "poolId"
+ },
+ {
+ "name": "update_id",
+ "required": true,
+ "description": "The unique ID of the scheduled update to deactivate.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "ID of the update"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "updateId"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'deactivateAgentPoolsUpdate'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.agentPools.manage"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/agentPools/{poolId}/updates/{updateId}/deactivate",
+ "http_method": "POST",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "poolId",
+ "tool_parameter_name": "agent_pool_id",
+ "description": "ID of the agent pool for which the settings apply to",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "ID of the agent pool for which the settings apply to"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ },
+ {
+ "name": "updateId",
+ "tool_parameter_name": "update_id",
+ "description": "ID of the update",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "ID of the update"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/DeactivateAppProvisioningConnection.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/DeactivateAppProvisioningConnection.json
new file mode 100644
index 000000000..13cf0a858
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/DeactivateAppProvisioningConnection.json
@@ -0,0 +1,105 @@
+{
+ "name": "DeactivateAppProvisioningConnection",
+ "fully_qualified_name": "OktaApi.DeactivateAppProvisioningConnection@0.1.0",
+ "description": "Deactivate an application's default provisioning connection.\n\nUse this tool to deactivate the default provisioning connection for a specific application. It is useful when you need to disable automatic provisioning for app management.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "application_id",
+ "required": true,
+ "description": "The unique identifier for the application whose provisioning connection you want to deactivate.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Application ID"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "appId"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'deactivateDefaultProvisioningConnectionForApplication'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.apps.manage"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/apps/{appId}/connections/default/lifecycle/deactivate",
+ "http_method": "POST",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "appId",
+ "tool_parameter_name": "application_id",
+ "description": "Application ID",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Application ID"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/DeactivateApplication.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/DeactivateApplication.json
new file mode 100644
index 000000000..f0e8b432c
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/DeactivateApplication.json
@@ -0,0 +1,105 @@
+{
+ "name": "DeactivateApplication",
+ "fully_qualified_name": "OktaApi.DeactivateApplication@0.1.0",
+ "description": "Deactivate an active application in Okta.\n\nThis tool deactivates an active application in Okta, triggering a reconciliation process that removes all user assignments to the app. Useful for managing application lifecycle and user access control.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "application_id",
+ "required": true,
+ "description": "The unique identifier for the application to be deactivated.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Application ID"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "appId"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'deactivateApplication'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.apps.manage"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/apps/{appId}/lifecycle/deactivate",
+ "http_method": "POST",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "appId",
+ "tool_parameter_name": "application_id",
+ "description": "Application ID",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Application ID"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/DeactivateAuthServer.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/DeactivateAuthServer.json
new file mode 100644
index 000000000..17b5c04bf
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/DeactivateAuthServer.json
@@ -0,0 +1,105 @@
+{
+ "name": "DeactivateAuthServer",
+ "fully_qualified_name": "OktaApi.DeactivateAuthServer@0.1.0",
+ "description": "Deactivates an authorization server.\n\nUse this tool to deactivate an authorization server by providing its ID. This is useful for temporarily disabling access control without deleting configuration.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "authorization_server_id",
+ "required": true,
+ "description": "The ID of the authorization server to deactivate.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "`id` of the Authorization Server"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "authServerId"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'deactivateAuthorizationServer'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.authorizationServers.manage"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/authorizationServers/{authServerId}/lifecycle/deactivate",
+ "http_method": "POST",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "authServerId",
+ "tool_parameter_name": "authorization_server_id",
+ "description": "`id` of the Authorization Server",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "`id` of the Authorization Server"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/DeactivateAuthServerPolicy.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/DeactivateAuthServerPolicy.json
new file mode 100644
index 000000000..451d989a8
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/DeactivateAuthServerPolicy.json
@@ -0,0 +1,137 @@
+{
+ "name": "DeactivateAuthServerPolicy",
+ "fully_qualified_name": "OktaApi.DeactivateAuthServerPolicy@0.1.0",
+ "description": "Deactivates a specific authorization server policy.\n\nUse this tool to deactivate an authorization server policy by specifying the server and policy IDs. Ideal for managing access control settings.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "authorization_server_id",
+ "required": true,
+ "description": "Identifier for the Authorization Server to be deactivated.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "`id` of the Authorization Server"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "authServerId"
+ },
+ {
+ "name": "policy_id",
+ "required": true,
+ "description": "The ID of the policy to deactivate in the authorization server.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "`id` of the Policy"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "policyId"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'deactivateAuthorizationServerPolicy'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.authorizationServers.manage"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/authorizationServers/{authServerId}/policies/{policyId}/lifecycle/deactivate",
+ "http_method": "POST",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "authServerId",
+ "tool_parameter_name": "authorization_server_id",
+ "description": "`id` of the Authorization Server",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "`id` of the Authorization Server"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ },
+ {
+ "name": "policyId",
+ "tool_parameter_name": "policy_id",
+ "description": "`id` of the Policy",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "`id` of the Policy"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/DeactivateAuthenticator.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/DeactivateAuthenticator.json
new file mode 100644
index 000000000..aca2d36fe
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/DeactivateAuthenticator.json
@@ -0,0 +1,105 @@
+{
+ "name": "DeactivateAuthenticator",
+ "fully_qualified_name": "OktaApi.DeactivateAuthenticator@0.1.0",
+ "description": "Deactivate an authenticator by its ID.\n\nUse this tool to deactivate an authenticator in Okta using the specific authenticator ID. This is useful when an authenticator needs to be temporarily or permanently disabled.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "authenticator_id",
+ "required": true,
+ "description": "The ID of the authenticator to deactivate. Provide the specific `id` to disable the authenticator in Okta.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "`id` of the authenticator"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "authenticatorId"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'deactivateAuthenticator'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.authenticators.manage"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/authenticators/{authenticatorId}/lifecycle/deactivate",
+ "http_method": "POST",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "authenticatorId",
+ "tool_parameter_name": "authenticator_id",
+ "description": "`id` of the authenticator",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "`id` of the authenticator"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/DeactivateAuthenticatorMethod.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/DeactivateAuthenticatorMethod.json
new file mode 100644
index 000000000..b7672c0ce
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/DeactivateAuthenticatorMethod.json
@@ -0,0 +1,167 @@
+{
+ "name": "DeactivateAuthenticatorMethod",
+ "fully_qualified_name": "OktaApi.DeactivateAuthenticatorMethod@0.1.0",
+ "description": "Deactivate a specific authenticator method.\n\nUse this tool to deactivate a particular method for an authenticator by providing the `authenticatorId` and `methodType`.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "authenticator_id",
+ "required": true,
+ "description": "The unique ID of the authenticator to be deactivated.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "`id` of the authenticator"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "authenticatorId"
+ },
+ {
+ "name": "authenticator_method_type",
+ "required": true,
+ "description": "Type of authenticator method to deactivate, such as 'cert', 'duo', 'email', etc.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": [
+ "cert",
+ "duo",
+ "email",
+ "idp",
+ "otp",
+ "password",
+ "push",
+ "security_question",
+ "signed_nonce",
+ "sms",
+ "totp",
+ "voice",
+ "webauthn",
+ "tac"
+ ],
+ "properties": null,
+ "inner_properties": null,
+ "description": "Type of authenticator method"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "methodType"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'deactivateAuthenticatorMethod'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.authenticators.manage"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/authenticators/{authenticatorId}/methods/{methodType}/lifecycle/deactivate",
+ "http_method": "POST",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "authenticatorId",
+ "tool_parameter_name": "authenticator_id",
+ "description": "`id` of the authenticator",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "`id` of the authenticator"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ },
+ {
+ "name": "methodType",
+ "tool_parameter_name": "authenticator_method_type",
+ "description": "Type of authenticator method",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": [
+ "cert",
+ "duo",
+ "email",
+ "idp",
+ "otp",
+ "password",
+ "push",
+ "security_question",
+ "signed_nonce",
+ "sms",
+ "totp",
+ "voice",
+ "webauthn",
+ "tac"
+ ],
+ "properties": null,
+ "inner_properties": null,
+ "description": "Type of authenticator method"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/DeactivateBehaviorDetectionRule.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/DeactivateBehaviorDetectionRule.json
new file mode 100644
index 000000000..c6ee60bb4
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/DeactivateBehaviorDetectionRule.json
@@ -0,0 +1,105 @@
+{
+ "name": "DeactivateBehaviorDetectionRule",
+ "fully_qualified_name": "OktaApi.DeactivateBehaviorDetectionRule@0.1.0",
+ "description": "Deactivates a specified behavior detection rule in Okta.\n\nUse this tool to deactivate a behavior detection rule in Okta by providing the behavior ID. This is useful for managing security settings and updating detection configurations.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "behavior_id",
+ "required": true,
+ "description": "The unique identifier for the Behavior Detection Rule to deactivate in Okta.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "ID of the Behavior Detection Rule"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "behaviorId"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'deactivateBehaviorDetectionRule'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.behaviors.manage"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/behaviors/{behaviorId}/lifecycle/deactivate",
+ "http_method": "POST",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "behaviorId",
+ "tool_parameter_name": "behavior_id",
+ "description": "ID of the Behavior Detection Rule",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "ID of the Behavior Detection Rule"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/DeactivateCustomAuthorizationServerKey.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/DeactivateCustomAuthorizationServerKey.json
new file mode 100644
index 000000000..8f505c5ae
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/DeactivateCustomAuthorizationServerKey.json
@@ -0,0 +1,137 @@
+{
+ "name": "DeactivateCustomAuthorizationServerKey",
+ "fully_qualified_name": "OktaApi.DeactivateCustomAuthorizationServerKey@0.1.0",
+ "description": "Deactivate a custom authorization server JSON web key.\n\nUse this tool to deactivate a public JSON web key for a custom authorization server by its `id`. Note that you cannot deactivate an active key if access token encryption is enabled.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "authorization_server_id",
+ "required": true,
+ "description": "The ID of the Authorization Server whose JSON web key you want to deactivate.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "`id` of the Authorization Server"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "authServerId"
+ },
+ {
+ "name": "json_web_key_id",
+ "required": true,
+ "description": "Unique `id` of the Custom Authorization Server JSON Web Key to deactivate.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Unique `id` of the Custom Authorization Server JSON Web Key"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "keyId"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'deactivateOAuth2ResourceServerJsonWebKey'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.authorizationServers.manage"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/authorizationServers/{authServerId}/resourceservercredentials/keys/{keyId}/lifecycle/deactivate",
+ "http_method": "POST",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "authServerId",
+ "tool_parameter_name": "authorization_server_id",
+ "description": "`id` of the Authorization Server",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "`id` of the Authorization Server"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ },
+ {
+ "name": "keyId",
+ "tool_parameter_name": "json_web_key_id",
+ "description": "Unique `id` of the Custom Authorization Server JSON Web Key",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Unique `id` of the Custom Authorization Server JSON Web Key"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/DeactivateDevice.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/DeactivateDevice.json
new file mode 100644
index 000000000..487065bf5
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/DeactivateDevice.json
@@ -0,0 +1,105 @@
+{
+ "name": "DeactivateDevice",
+ "fully_qualified_name": "OktaApi.DeactivateDevice@0.1.0",
+ "description": "Deactivate a device by setting its status to DEACTIVATED.\n\nUse this tool to deactivate a device in Okta. Deactivation sets the device status to `DEACTIVATED`, causing it to lose all user links. Ensure the device is deactivated before deletion as this process is destructive for device factors and client certificates. Reenrollment allows users to set up new factors.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "device_id",
+ "required": true,
+ "description": "The ID of the device to deactivate. This identifier is required to set the device status to `DEACTIVATED`.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "`id` of the device"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "deviceId"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'deactivateDevice'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.devices.manage"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/devices/{deviceId}/lifecycle/deactivate",
+ "http_method": "POST",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "deviceId",
+ "tool_parameter_name": "device_id",
+ "description": "`id` of the device",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "`id` of the device"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/DeactivateDeviceIntegration.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/DeactivateDeviceIntegration.json
new file mode 100644
index 000000000..a6b3c7a15
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/DeactivateDeviceIntegration.json
@@ -0,0 +1,105 @@
+{
+ "name": "DeactivateDeviceIntegration",
+ "fully_qualified_name": "OktaApi.DeactivateDeviceIntegration@0.1.0",
+ "description": "Deactivate a device integration using its ID.\n\nDeactivate a specific device integration by providing the deviceIntegrationId. This tool should be called when you need to disable a previously active device integration.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "device_integration_id",
+ "required": true,
+ "description": "The unique identifier for the device integration to deactivate.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "The ID of the device integration"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "deviceIntegrationId"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'deactivateDeviceIntegration'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.deviceIntegrations.manage"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/device-integrations/{deviceIntegrationId}/lifecycle/deactivate",
+ "http_method": "POST",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "deviceIntegrationId",
+ "tool_parameter_name": "device_integration_id",
+ "description": "The ID of the device integration",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "The ID of the device integration"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/DeactivateEventHook.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/DeactivateEventHook.json
new file mode 100644
index 000000000..b1242621a
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/DeactivateEventHook.json
@@ -0,0 +1,105 @@
+{
+ "name": "DeactivateEventHook",
+ "fully_qualified_name": "OktaApi.DeactivateEventHook@0.1.0",
+ "description": "Deactivates a specified event hook by its ID.\n\nUse this tool to deactivate an event hook by providing its unique ID. It is useful for managing event hooks that are no longer needed or need to be temporarily disabled.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "event_hook_id",
+ "required": true,
+ "description": "The unique identifier of the event hook to deactivate.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "`id` of the Event Hook"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "eventHookId"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'deactivateEventHook'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.eventHooks.manage"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/eventHooks/{eventHookId}/lifecycle/deactivate",
+ "http_method": "POST",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "eventHookId",
+ "tool_parameter_name": "event_hook_id",
+ "description": "`id` of the Event Hook",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "`id` of the Event Hook"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/DeactivateGroupRule.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/DeactivateGroupRule.json
new file mode 100644
index 000000000..51e38dd95
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/DeactivateGroupRule.json
@@ -0,0 +1,105 @@
+{
+ "name": "DeactivateGroupRule",
+ "fully_qualified_name": "OktaApi.DeactivateGroupRule@0.1.0",
+ "description": "Deactivate a specific group rule by ID.\n\nUse this tool to deactivate a specific group rule in your organization by providing the group rule ID.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "group_rule_id",
+ "required": true,
+ "description": "The ID of the group rule to be deactivated. This is a unique string identifier for the group rule in your organization.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "The `id` of the group rule"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "groupRuleId"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'deactivateGroupRule'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.groups.manage"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/groups/rules/{groupRuleId}/lifecycle/deactivate",
+ "http_method": "POST",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "groupRuleId",
+ "tool_parameter_name": "group_rule_id",
+ "description": "The `id` of the group rule",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "The `id` of the group rule"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/DeactivateIdentityProvider.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/DeactivateIdentityProvider.json
new file mode 100644
index 000000000..8da9f884b
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/DeactivateIdentityProvider.json
@@ -0,0 +1,105 @@
+{
+ "name": "DeactivateIdentityProvider",
+ "fully_qualified_name": "OktaApi.DeactivateIdentityProvider@0.1.0",
+ "description": "Deactivate an active identity provider (IdP).\n\nUse this tool to deactivate an active identity provider when it's no longer needed or needs to be temporarily disabled.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "identity_provider_id",
+ "required": true,
+ "description": "The unique identifier for the identity provider you wish to deactivate.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "`id` of IdP"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "idpId"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'deactivateIdentityProvider'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.idps.manage"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/idps/{idpId}/lifecycle/deactivate",
+ "http_method": "POST",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "idpId",
+ "tool_parameter_name": "identity_provider_id",
+ "description": "`id` of IdP",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "`id` of IdP"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/DeactivateInlineHook.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/DeactivateInlineHook.json
new file mode 100644
index 000000000..df5753768
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/DeactivateInlineHook.json
@@ -0,0 +1,105 @@
+{
+ "name": "DeactivateInlineHook",
+ "fully_qualified_name": "OktaApi.DeactivateInlineHook@0.1.0",
+ "description": "Deactivates a specified inline hook.\n\nUse this tool to deactivate an inline hook by providing its unique identifier. Useful for managing hooks in web applications.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "inline_hook_id",
+ "required": true,
+ "description": "Unique identifier of the inline hook to be deactivated.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "`id` of the inline hook"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "inlineHookId"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'deactivateInlineHook'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.inlineHooks.manage"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/inlineHooks/{inlineHookId}/lifecycle/deactivate",
+ "http_method": "POST",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "inlineHookId",
+ "tool_parameter_name": "inline_hook_id",
+ "description": "`id` of the inline hook",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "`id` of the inline hook"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/DeactivateLogStream.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/DeactivateLogStream.json
new file mode 100644
index 000000000..302c6743f
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/DeactivateLogStream.json
@@ -0,0 +1,105 @@
+{
+ "name": "DeactivateLogStream",
+ "fully_qualified_name": "OktaApi.DeactivateLogStream@0.1.0",
+ "description": "Deactivate a specified log stream using its ID.\n\nUse this tool to deactivate a log stream by providing the `logStreamId`. It is useful for managing log stream activity within the system.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "log_stream_id",
+ "required": true,
+ "description": "The unique identifier for the log stream to be deactivated.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Unique identifier for the log stream"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "logStreamId"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'deactivateLogStream'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.logStreams.manage"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/logStreams/{logStreamId}/lifecycle/deactivate",
+ "http_method": "POST",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "logStreamId",
+ "tool_parameter_name": "log_stream_id",
+ "description": "Unique identifier for the log stream",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Unique identifier for the log stream"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/DeactivateNetworkZone.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/DeactivateNetworkZone.json
new file mode 100644
index 000000000..d786df66a
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/DeactivateNetworkZone.json
@@ -0,0 +1,105 @@
+{
+ "name": "DeactivateNetworkZone",
+ "fully_qualified_name": "OktaApi.DeactivateNetworkZone@0.1.0",
+ "description": "Deactivate a network zone by its ID using Okta.\n\nThis tool deactivates a specified network zone in Okta based on the provided `zoneId`. It should be used when you need to disable access or function of a particular network zone.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "network_zone_id",
+ "required": true,
+ "description": "The ID of the Network Zone to be deactivated.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "`id` of the Network Zone"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "zoneId"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'deactivateNetworkZone'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.networkZones.manage"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/zones/{zoneId}/lifecycle/deactivate",
+ "http_method": "POST",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "zoneId",
+ "tool_parameter_name": "network_zone_id",
+ "description": "`id` of the Network Zone",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "`id` of the Network Zone"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/DeactivateOauth2ClientKey.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/DeactivateOauth2ClientKey.json
new file mode 100644
index 000000000..e7cec164e
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/DeactivateOauth2ClientKey.json
@@ -0,0 +1,137 @@
+{
+ "name": "DeactivateOauth2ClientKey",
+ "fully_qualified_name": "OktaApi.DeactivateOauth2ClientKey@0.1.0",
+ "description": "Deactivate an OAuth 2.0 Client JSON Web Key by key ID.\n\nUse this tool to deactivate a specific OAuth 2.0 Client JSON Web Key using its key ID. Note: Only signing keys can be deactivated, and active encryption keys cannot be deactivated if ID token encryption is enabled.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "application_id",
+ "required": true,
+ "description": "The ID of the application for which the OAuth 2.0 Client JSON Web Key should be deactivated.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Application ID"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "appId"
+ },
+ {
+ "name": "key_id",
+ "required": true,
+ "description": "Unique ID of the Custom Authorization Server JSON Web Key for deactivation.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Unique `id` of the Custom Authorization Server JSON Web Key"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "keyId"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'deactivateOAuth2ClientJsonWebKey'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.apps.manage"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/apps/{appId}/credentials/jwks/{keyId}/lifecycle/deactivate",
+ "http_method": "POST",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "appId",
+ "tool_parameter_name": "application_id",
+ "description": "Application ID",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Application ID"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ },
+ {
+ "name": "keyId",
+ "tool_parameter_name": "key_id",
+ "description": "Unique `id` of the Custom Authorization Server JSON Web Key",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Unique `id` of the Custom Authorization Server JSON Web Key"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/DeactivateOauth2ClientSecret.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/DeactivateOauth2ClientSecret.json
new file mode 100644
index 000000000..af6ad6ccf
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/DeactivateOauth2ClientSecret.json
@@ -0,0 +1,137 @@
+{
+ "name": "DeactivateOauth2ClientSecret",
+ "fully_qualified_name": "OktaApi.DeactivateOauth2ClientSecret@0.1.0",
+ "description": "Deactivate an OAuth 2.0 client secret for a specific app.\n\nThis tool deactivates an OAuth 2.0 client secret specified by `secretId` for a given app (`appId`). It cannot deactivate a secret if it is the only secret of the client.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "application_id",
+ "required": true,
+ "description": "The ID of the application for which the OAuth 2.0 client secret should be deactivated.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Application ID"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "appId"
+ },
+ {
+ "name": "oauth2_client_secret_id",
+ "required": true,
+ "description": "Unique identifier for the OAuth 2.0 client secret to deactivate.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Unique `id` of the OAuth 2.0 Client Secret"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "secretId"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'deactivateOAuth2ClientSecret'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.apps.manage"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/apps/{appId}/credentials/secrets/{secretId}/lifecycle/deactivate",
+ "http_method": "POST",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "appId",
+ "tool_parameter_name": "application_id",
+ "description": "Application ID",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Application ID"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ },
+ {
+ "name": "secretId",
+ "tool_parameter_name": "oauth2_client_secret_id",
+ "description": "Unique `id` of the OAuth 2.0 Client Secret",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Unique `id` of the OAuth 2.0 Client Secret"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/DeactivatePolicy.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/DeactivatePolicy.json
new file mode 100644
index 000000000..64e5d246a
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/DeactivatePolicy.json
@@ -0,0 +1,105 @@
+{
+ "name": "DeactivatePolicy",
+ "fully_qualified_name": "OktaApi.DeactivatePolicy@0.1.0",
+ "description": "Deactivate a specified policy in Okta.\n\nThis tool deactivates a policy in Okta using its policy ID. It should be called when a policy needs to be disabled, preventing it from being applied.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "policy_id",
+ "required": true,
+ "description": "The unique identifier (`id`) of the policy to deactivate in Okta.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "`id` of the Policy"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "policyId"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'deactivatePolicy'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.policies.manage"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/policies/{policyId}/lifecycle/deactivate",
+ "http_method": "POST",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "policyId",
+ "tool_parameter_name": "policy_id",
+ "description": "`id` of the Policy",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "`id` of the Policy"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/DeactivatePolicyRule.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/DeactivatePolicyRule.json
new file mode 100644
index 000000000..38cd8dcf9
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/DeactivatePolicyRule.json
@@ -0,0 +1,169 @@
+{
+ "name": "DeactivatePolicyRule",
+ "fully_qualified_name": "OktaApi.DeactivatePolicyRule@0.1.0",
+ "description": "Deactivates an authorization server policy rule.\n\nUse this tool to deactivate a specific policy rule in an Okta authorization server. This is useful when managing access control policies and you need to disable a particular rule.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "authorization_server_id",
+ "required": true,
+ "description": "ID of the Authorization Server to target for deactivation.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "`id` of the Authorization Server"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "authServerId"
+ },
+ {
+ "name": "policy_id",
+ "required": true,
+ "description": "The unique `id` of the policy to be deactivated.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "`id` of the Policy"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "policyId"
+ },
+ {
+ "name": "policy_rule_id",
+ "required": true,
+ "description": "The unique identifier of the policy rule to deactivate.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "`id` of the policy rule"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "ruleId"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'deactivateAuthorizationServerPolicyRule'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.authorizationServers.manage"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/authorizationServers/{authServerId}/policies/{policyId}/rules/{ruleId}/lifecycle/deactivate",
+ "http_method": "POST",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "authServerId",
+ "tool_parameter_name": "authorization_server_id",
+ "description": "`id` of the Authorization Server",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "`id` of the Authorization Server"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ },
+ {
+ "name": "policyId",
+ "tool_parameter_name": "policy_id",
+ "description": "`id` of the Policy",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "`id` of the Policy"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ },
+ {
+ "name": "ruleId",
+ "tool_parameter_name": "policy_rule_id",
+ "description": "`id` of the policy rule",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "`id` of the policy rule"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/DeactivateRealmAssignment.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/DeactivateRealmAssignment.json
new file mode 100644
index 000000000..6f2e9b525
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/DeactivateRealmAssignment.json
@@ -0,0 +1,105 @@
+{
+ "name": "DeactivateRealmAssignment",
+ "fully_qualified_name": "OktaApi.DeactivateRealmAssignment@0.1.0",
+ "description": "Deactivate a specified realm assignment in Okta.\n\nThis tool deactivates a realm assignment using the specified assignment ID. Useful for disabling specific realm assignments in Okta.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "realm_assignment_id",
+ "required": true,
+ "description": "The unique identifier for the realm assignment to deactivate.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "ID of the realm assignment"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "assignmentId"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'deactivateRealmAssignment'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.realmAssignments.manage"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/realm-assignments/{assignmentId}/lifecycle/deactivate",
+ "http_method": "POST",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "assignmentId",
+ "tool_parameter_name": "realm_assignment_id",
+ "description": "ID of the realm assignment",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "ID of the realm assignment"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/DeactivateSecurityEventsProvider.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/DeactivateSecurityEventsProvider.json
new file mode 100644
index 000000000..d4acaf3d9
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/DeactivateSecurityEventsProvider.json
@@ -0,0 +1,105 @@
+{
+ "name": "DeactivateSecurityEventsProvider",
+ "fully_qualified_name": "OktaApi.DeactivateSecurityEventsProvider@0.1.0",
+ "description": "Deactivate a Security Events Provider instance in Okta.\n\nUse this tool to deactivate a Security Events Provider instance, stopping the flow of events from the provider to Okta.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "security_event_provider_id",
+ "required": true,
+ "description": "The unique `id` of the Security Events Provider instance to be deactivated.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "`id` of the Security Events Provider instance"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "securityEventProviderId"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'deactivateSecurityEventsProviderInstance'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.securityEventsProviders.manage"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/security-events-providers/{securityEventProviderId}/lifecycle/deactivate",
+ "http_method": "POST",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "securityEventProviderId",
+ "tool_parameter_name": "security_event_provider_id",
+ "description": "`id` of the Security Events Provider instance",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "`id` of the Security Events Provider instance"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/DeactivateServiceSecret.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/DeactivateServiceSecret.json
new file mode 100644
index 000000000..13f4aa752
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/DeactivateServiceSecret.json
@@ -0,0 +1,137 @@
+{
+ "name": "DeactivateServiceSecret",
+ "fully_qualified_name": "OktaApi.DeactivateServiceSecret@0.1.0",
+ "description": "Deactivate an API Service Integration instance secret.\n\nUse this tool to deactivate a specific secret in an API Service Integration instance, identified by `secretId`. It should be called when you need to revoke access associated with that secret.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "api_service_integration_instance_id",
+ "required": true,
+ "description": "The ID of the API Service Integration instance to deactivate the secret for.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "`id` of the API Service Integration instance"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "apiServiceId"
+ },
+ {
+ "name": "secret_id",
+ "required": true,
+ "description": "The ID of the API Service Integration instance secret to be deactivated.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "`id` of the API Service Integration instance Secret"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "secretId"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'deactivateApiServiceIntegrationInstanceSecret'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.oauthIntegrations.manage"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/integrations/api/v1/api-services/{apiServiceId}/credentials/secrets/{secretId}/lifecycle/deactivate",
+ "http_method": "POST",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "apiServiceId",
+ "tool_parameter_name": "api_service_integration_instance_id",
+ "description": "`id` of the API Service Integration instance",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "`id` of the API Service Integration instance"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ },
+ {
+ "name": "secretId",
+ "tool_parameter_name": "secret_id",
+ "description": "`id` of the API Service Integration instance Secret",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "`id` of the API Service Integration instance Secret"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/DeactivateTrustedOrigin.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/DeactivateTrustedOrigin.json
new file mode 100644
index 000000000..c997595bf
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/DeactivateTrustedOrigin.json
@@ -0,0 +1,105 @@
+{
+ "name": "DeactivateTrustedOrigin",
+ "fully_qualified_name": "OktaApi.DeactivateTrustedOrigin@0.1.0",
+ "description": "Deactivate a trusted origin to set its status to INACTIVE.\n\nUse this tool to deactivate a trusted origin in Okta by setting its status to 'INACTIVE'. It should be called when you need to disable a trusted origin temporarily or permanently.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "trusted_origin_id",
+ "required": true,
+ "description": "The unique identifier for the trusted origin to be deactivated. This is required to set its status to INACTIVE.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "`id` of the trusted origin"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "trustedOriginId"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'deactivateTrustedOrigin'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.trustedOrigins.manage"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/trustedOrigins/{trustedOriginId}/lifecycle/deactivate",
+ "http_method": "POST",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "trustedOriginId",
+ "tool_parameter_name": "trusted_origin_id",
+ "description": "`id` of the trusted origin",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "`id` of the trusted origin"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/DeactivateUserAccount.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/DeactivateUserAccount.json
new file mode 100644
index 000000000..57188820e
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/DeactivateUserAccount.json
@@ -0,0 +1,173 @@
+{
+ "name": "DeactivateUserAccount",
+ "fully_qualified_name": "OktaApi.DeactivateUserAccount@0.1.0",
+ "description": "Permanently deactivate a user account.\n\nUse this tool to deactivate a user account that is not already deprovisioned. This action deprovisions the user from all assigned applications and cannot be undone. Ensure deactivation is intended, as it may result in data loss like emails or files. Asynchronous deactivation is supported by including the 'Prefer: respond-async' HTTP header.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "user_identifier",
+ "required": true,
+ "description": "An ID, login, or unambiguous shortname of an existing Okta user to be deactivated.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "An ID, login, or login shortname (as long as the shortname is unambiguous) of an existing Okta user"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "id"
+ },
+ {
+ "name": "enable_asynchronous_processing",
+ "required": false,
+ "description": "Set to `true` to request asynchronous user deactivation processing, otherwise defaults to synchronous processing.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": [
+ "respond-async"
+ ],
+ "properties": null,
+ "inner_properties": null,
+ "description": "Request asynchronous processing"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "Prefer"
+ },
+ {
+ "name": "send_deactivation_email",
+ "required": false,
+ "description": "If true, sends a deactivation email to the admin.",
+ "value_schema": {
+ "val_type": "boolean",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Sends a deactivation email to the admin if `true`"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "sendEmail"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'deactivateUser'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.users.manage"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/users/{id}/lifecycle/deactivate",
+ "http_method": "POST",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "sendEmail",
+ "tool_parameter_name": "send_deactivation_email",
+ "description": "Sends a deactivation email to the admin if `true`",
+ "value_schema": {
+ "val_type": "boolean",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Sends a deactivation email to the admin if `true`"
+ },
+ "accepted_as": "query",
+ "required": false,
+ "deprecated": false,
+ "documentation_urls": []
+ },
+ {
+ "name": "id",
+ "tool_parameter_name": "user_identifier",
+ "description": "An ID, login, or login shortname (as long as the shortname is unambiguous) of an existing Okta user",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "An ID, login, or login shortname (as long as the shortname is unambiguous) of an existing Okta user"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ },
+ {
+ "name": "Prefer",
+ "tool_parameter_name": "enable_asynchronous_processing",
+ "description": "Request asynchronous processing",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": [
+ "respond-async"
+ ],
+ "properties": null,
+ "inner_properties": null,
+ "description": "Request asynchronous processing"
+ },
+ "accepted_as": "header",
+ "required": false,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/DeleteAgentPoolUpdate.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/DeleteAgentPoolUpdate.json
new file mode 100644
index 000000000..c91c7fe90
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/DeleteAgentPoolUpdate.json
@@ -0,0 +1,137 @@
+{
+ "name": "DeleteAgentPoolUpdate",
+ "fully_qualified_name": "OktaApi.DeleteAgentPoolUpdate@0.1.0",
+ "description": "Delete a specific update from an agent pool.\n\nUse this tool to remove a specific update from an agent pool by providing the necessary identifiers. It performs deletion of agent pool updates.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "agent_pool_id",
+ "required": true,
+ "description": "ID of the agent pool for which the settings apply.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "ID of the agent pool for which the settings apply to"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "poolId"
+ },
+ {
+ "name": "update_id",
+ "required": true,
+ "description": "ID of the update to delete from the agent pool. This must be a valid string identifier.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "ID of the update"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "updateId"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'deleteAgentPoolsUpdate'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.agentPools.manage"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/agentPools/{poolId}/updates/{updateId}",
+ "http_method": "DELETE",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "poolId",
+ "tool_parameter_name": "agent_pool_id",
+ "description": "ID of the agent pool for which the settings apply to",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "ID of the agent pool for which the settings apply to"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ },
+ {
+ "name": "updateId",
+ "tool_parameter_name": "update_id",
+ "description": "ID of the update",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "ID of the update"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/DeleteApiServiceIntegrationInstance.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/DeleteApiServiceIntegrationInstance.json
new file mode 100644
index 000000000..2f869efd5
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/DeleteApiServiceIntegrationInstance.json
@@ -0,0 +1,105 @@
+{
+ "name": "DeleteApiServiceIntegrationInstance",
+ "fully_qualified_name": "OktaApi.DeleteApiServiceIntegrationInstance@0.1.0",
+ "description": "Delete an API Service Integration instance by ID.\n\nThis tool deletes an API Service Integration instance using its ID. It should be called when you need to remove an integration and revoke all associated access scopes.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "api_service_integration_id",
+ "required": true,
+ "description": "`id` of the API Service Integration instance to be deleted.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "`id` of the API Service Integration instance"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "apiServiceId"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'deleteApiServiceIntegrationInstance'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.oauthIntegrations.manage"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/integrations/api/v1/api-services/{apiServiceId}",
+ "http_method": "DELETE",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "apiServiceId",
+ "tool_parameter_name": "api_service_integration_id",
+ "description": "`id` of the API Service Integration instance",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "`id` of the API Service Integration instance"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/DeleteAuthServerPolicy.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/DeleteAuthServerPolicy.json
new file mode 100644
index 000000000..76d602987
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/DeleteAuthServerPolicy.json
@@ -0,0 +1,137 @@
+{
+ "name": "DeleteAuthServerPolicy",
+ "fully_qualified_name": "OktaApi.DeleteAuthServerPolicy@0.1.0",
+ "description": "Delete a policy from the authorization server.\n\nUse this tool to delete a specific policy from an authorization server by providing the authorization server ID and policy ID. It should be called when a policy is no longer needed or requires removal.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "authorization_server_id",
+ "required": true,
+ "description": "The unique `id` of the Authorization Server from which the policy needs to be deleted.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "`id` of the Authorization Server"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "authServerId"
+ },
+ {
+ "name": "policy_id",
+ "required": true,
+ "description": "The unique identifier for the policy to be deleted.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "`id` of the Policy"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "policyId"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'deleteAuthorizationServerPolicy'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.authorizationServers.manage"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/authorizationServers/{authServerId}/policies/{policyId}",
+ "http_method": "DELETE",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "authServerId",
+ "tool_parameter_name": "authorization_server_id",
+ "description": "`id` of the Authorization Server",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "`id` of the Authorization Server"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ },
+ {
+ "name": "policyId",
+ "tool_parameter_name": "policy_id",
+ "description": "`id` of the Policy",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "`id` of the Policy"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/DeleteAuthServerPolicyRule.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/DeleteAuthServerPolicyRule.json
new file mode 100644
index 000000000..d9f000ed9
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/DeleteAuthServerPolicyRule.json
@@ -0,0 +1,169 @@
+{
+ "name": "DeleteAuthServerPolicyRule",
+ "fully_qualified_name": "OktaApi.DeleteAuthServerPolicyRule@0.1.0",
+ "description": "Delete a policy rule in an authorization server.\n\nUse this tool to delete a specific policy rule from a custom authorization server in Okta. This is useful when you need to manage or clean up authorization rules.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "authorization_server_id",
+ "required": true,
+ "description": "ID of the Authorization Server to target for policy rule deletion.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "`id` of the Authorization Server"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "authServerId"
+ },
+ {
+ "name": "policy_id",
+ "required": true,
+ "description": "The ID of the policy to be deleted from the authorization server. This is required to specify which policy rule is being targeted.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "`id` of the Policy"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "policyId"
+ },
+ {
+ "name": "policy_rule_id",
+ "required": true,
+ "description": "The unique identifier for the policy rule to be deleted.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "`id` of the policy rule"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "ruleId"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'deleteAuthorizationServerPolicyRule'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.authorizationServers.manage"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/authorizationServers/{authServerId}/policies/{policyId}/rules/{ruleId}",
+ "http_method": "DELETE",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "authServerId",
+ "tool_parameter_name": "authorization_server_id",
+ "description": "`id` of the Authorization Server",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "`id` of the Authorization Server"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ },
+ {
+ "name": "policyId",
+ "tool_parameter_name": "policy_id",
+ "description": "`id` of the Policy",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "`id` of the Policy"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ },
+ {
+ "name": "ruleId",
+ "tool_parameter_name": "policy_rule_id",
+ "description": "`id` of the policy rule",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "`id` of the policy rule"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/DeleteAuthorizationServer.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/DeleteAuthorizationServer.json
new file mode 100644
index 000000000..5be5c20f5
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/DeleteAuthorizationServer.json
@@ -0,0 +1,105 @@
+{
+ "name": "DeleteAuthorizationServer",
+ "fully_qualified_name": "OktaApi.DeleteAuthorizationServer@0.1.0",
+ "description": "Deletes an authorization server by ID.\n\nUse this tool to delete a specific authorization server by providing its unique ID. This action is irreversible and should be used when an authorization server is no longer needed.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "authorization_server_id",
+ "required": true,
+ "description": "The unique ID of the authorization server to be deleted. This action is irreversible.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "`id` of the Authorization Server"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "authServerId"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'deleteAuthorizationServer'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.authorizationServers.manage"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/authorizationServers/{authServerId}",
+ "http_method": "DELETE",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "authServerId",
+ "tool_parameter_name": "authorization_server_id",
+ "description": "`id` of the Authorization Server",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "`id` of the Authorization Server"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/DeleteAuthorizationServerAssociation.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/DeleteAuthorizationServerAssociation.json
new file mode 100644
index 000000000..de2a7d73f
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/DeleteAuthorizationServerAssociation.json
@@ -0,0 +1,137 @@
+{
+ "name": "DeleteAuthorizationServerAssociation",
+ "fully_qualified_name": "OktaApi.DeleteAuthorizationServerAssociation@0.1.0",
+ "description": "Deletes an associated Authorization Server for an ID pair.\n\nThis tool deletes an association between a specified Authorization Server and an associated server, using their IDs. Call this tool when you need to remove such an association.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "authorization_server_id",
+ "required": true,
+ "description": "The ID of the primary Authorization Server to remove the association from.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "`id` of the Authorization Server"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "authServerId"
+ },
+ {
+ "name": "associated_server_id",
+ "required": true,
+ "description": "The `id` of the associated Authorization Server to be deleted.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "`id` of the associated Authorization Server"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "associatedServerId"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'deleteAssociatedServer'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.authorizationServers.manage"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/authorizationServers/{authServerId}/associatedServers/{associatedServerId}",
+ "http_method": "DELETE",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "authServerId",
+ "tool_parameter_name": "authorization_server_id",
+ "description": "`id` of the Authorization Server",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "`id` of the Authorization Server"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ },
+ {
+ "name": "associatedServerId",
+ "tool_parameter_name": "associated_server_id",
+ "description": "`id` of the associated Authorization Server",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "`id` of the associated Authorization Server"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/DeleteBehaviorDetectionRule.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/DeleteBehaviorDetectionRule.json
new file mode 100644
index 000000000..db273c3e4
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/DeleteBehaviorDetectionRule.json
@@ -0,0 +1,105 @@
+{
+ "name": "DeleteBehaviorDetectionRule",
+ "fully_qualified_name": "OktaApi.DeleteBehaviorDetectionRule@0.1.0",
+ "description": "Delete a Behavior Detection Rule by behaviorId.\n\nUse this tool to delete a specific Behavior Detection Rule in Okta by providing the behaviorId. This can be useful for managing and updating security rules in an Okta environment.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "behavior_detection_rule_id",
+ "required": true,
+ "description": "ID of the Behavior Detection Rule to delete in Okta.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "ID of the Behavior Detection Rule"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "behaviorId"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'deleteBehaviorDetectionRule'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.behaviors.manage"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/behaviors/{behaviorId}",
+ "http_method": "DELETE",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "behaviorId",
+ "tool_parameter_name": "behavior_detection_rule_id",
+ "description": "ID of the Behavior Detection Rule",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "ID of the Behavior Detection Rule"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/DeleteBrand.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/DeleteBrand.json
new file mode 100644
index 000000000..93fa360ca
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/DeleteBrand.json
@@ -0,0 +1,105 @@
+{
+ "name": "DeleteBrand",
+ "fully_qualified_name": "OktaApi.DeleteBrand@0.1.0",
+ "description": "Delete a specific brand by its ID.\n\nUse this tool to delete a brand by providing its unique identifier. This is useful for removing brands that are no longer needed.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "brand_id",
+ "required": true,
+ "description": "The unique ID of the brand to be deleted. Required for deletion.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "The ID of the brand"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "brandId"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'deleteBrand'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.brands.manage"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/brands/{brandId}",
+ "http_method": "DELETE",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "brandId",
+ "tool_parameter_name": "brand_id",
+ "description": "The ID of the brand",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "The ID of the brand"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/DeleteCaptchaInstance.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/DeleteCaptchaInstance.json
new file mode 100644
index 000000000..501ae18cd
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/DeleteCaptchaInstance.json
@@ -0,0 +1,105 @@
+{
+ "name": "DeleteCaptchaInstance",
+ "fully_qualified_name": "OktaApi.DeleteCaptchaInstance@0.1.0",
+ "description": "Delete a specified CAPTCHA instance from Okta.\n\nUse this tool to delete a specific CAPTCHA instance in Okta. Ensure the CAPTCHA is not associated with your organization settings before deletion to avoid request failure.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "captcha_instance_id",
+ "required": true,
+ "description": "The unique key used to identify your CAPTCHA instance. Ensure it is not associated with the organization settings before deletion.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "The unique key used to identify your CAPTCHA instance"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "captchaId"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'deleteCaptchaInstance'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.captchas.manage"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/captchas/{captchaId}",
+ "http_method": "DELETE",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "captchaId",
+ "tool_parameter_name": "captcha_instance_id",
+ "description": "The unique key used to identify your CAPTCHA instance",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "The unique key used to identify your CAPTCHA instance"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/DeleteCrossAppAccessConnection.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/DeleteCrossAppAccessConnection.json
new file mode 100644
index 000000000..9183a0bcd
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/DeleteCrossAppAccessConnection.json
@@ -0,0 +1,137 @@
+{
+ "name": "DeleteCrossAppAccessConnection",
+ "fully_qualified_name": "OktaApi.DeleteCrossAppAccessConnection@0.1.0",
+ "description": "Deletes a specified Cross App Access connection.\n\nUse this tool to delete a Cross App Access connection for a specified app and connection ID within Okta.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "application_id",
+ "required": true,
+ "description": "The ID of the application for which the Cross App Access connection needs to be deleted.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Application ID"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "appId"
+ },
+ {
+ "name": "connection_id",
+ "required": true,
+ "description": "The ID of the Cross App Access connection to delete. This ID is required for identifying which connection to remove.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Connection ID"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "connectionId"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'deleteCrossAppAccessConnection'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.apps.manage"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/apps/{appId}/cwo/connections/{connectionId}",
+ "http_method": "DELETE",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "appId",
+ "tool_parameter_name": "application_id",
+ "description": "Application ID",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Application ID"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ },
+ {
+ "name": "connectionId",
+ "tool_parameter_name": "connection_id",
+ "description": "Connection ID",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Connection ID"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/DeleteCustomAaguid.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/DeleteCustomAaguid.json
new file mode 100644
index 000000000..8fea4bb8a
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/DeleteCustomAaguid.json
@@ -0,0 +1,137 @@
+{
+ "name": "DeleteCustomAaguid",
+ "fully_qualified_name": "OktaApi.DeleteCustomAaguid@0.1.0",
+ "description": "Deletes a custom AAGUID created by an admin.\n\nThis tool deletes a custom AAGUID created by an admin. It should be used when there's a need to remove specific custom AAGUIDs from the Okta system.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "authenticator_id",
+ "required": true,
+ "description": "The unique identifier of the authenticator from which the custom AAGUID will be deleted.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "`id` of the authenticator"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "authenticatorId"
+ },
+ {
+ "name": "custom_aaguid_id",
+ "required": true,
+ "description": "The unique ID of the custom AAGUID to be deleted, created by an admin.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Unique ID of a custom AAGUID"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "aaguid"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'deleteCustomAAGUID'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.authenticators.manage"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/authenticators/{authenticatorId}/aaguids/{aaguid}",
+ "http_method": "DELETE",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "authenticatorId",
+ "tool_parameter_name": "authenticator_id",
+ "description": "`id` of the authenticator",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "`id` of the authenticator"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ },
+ {
+ "name": "aaguid",
+ "tool_parameter_name": "custom_aaguid_id",
+ "description": "Unique ID of a custom AAGUID",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Unique ID of a custom AAGUID"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/DeleteCustomDomain.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/DeleteCustomDomain.json
new file mode 100644
index 000000000..4ce5cbbe9
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/DeleteCustomDomain.json
@@ -0,0 +1,105 @@
+{
+ "name": "DeleteCustomDomain",
+ "fully_qualified_name": "OktaApi.DeleteCustomDomain@0.1.0",
+ "description": "Deletes a custom domain using the specified domain ID.\n\nThis tool is used to delete a custom domain in Okta by providing the domain ID. It should be called when a specific custom domain needs to be removed from the system.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "domain_id",
+ "required": true,
+ "description": "The ID of the custom domain to be deleted. This should match the existing domain's identifier in Okta.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "`id` of the Domain"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "domainId"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'deleteCustomDomain'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.domains.manage"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/domains/{domainId}",
+ "http_method": "DELETE",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "domainId",
+ "tool_parameter_name": "domain_id",
+ "description": "`id` of the Domain",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "`id` of the Domain"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/DeleteCustomErrorPage.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/DeleteCustomErrorPage.json
new file mode 100644
index 000000000..364fb57ff
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/DeleteCustomErrorPage.json
@@ -0,0 +1,105 @@
+{
+ "name": "DeleteCustomErrorPage",
+ "fully_qualified_name": "OktaApi.DeleteCustomErrorPage@0.1.0",
+ "description": "Delete a customized error page to revert to the default.\n\nUse this tool to delete a customized error page, reverting the display to the default error page in your live environment. Useful when restoration to default settings is needed.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "brand_id",
+ "required": true,
+ "description": "The unique ID of the brand from which to delete the customized error page.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "The ID of the brand"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "brandId"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'deleteCustomizedErrorPage'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.brands.manage"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/brands/{brandId}/pages/error/customized",
+ "http_method": "DELETE",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "brandId",
+ "tool_parameter_name": "brand_id",
+ "description": "The ID of the brand",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "The ID of the brand"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/DeleteCustomRole.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/DeleteCustomRole.json
new file mode 100644
index 000000000..a220f4f80
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/DeleteCustomRole.json
@@ -0,0 +1,105 @@
+{
+ "name": "DeleteCustomRole",
+ "fully_qualified_name": "OktaApi.DeleteCustomRole@0.1.0",
+ "description": "Delete a custom role using its role ID or label.\n\nUse this tool to delete a custom role in the Okta system by specifying the role ID or label. This tool is helpful for managing role configurations and ensuring only required roles exist.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "role_id_or_label",
+ "required": true,
+ "description": "The ID or label of the custom role to delete in the Okta system.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "`id` or `label` of the role"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "roleIdOrLabel"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'deleteRole'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.roles.manage"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/iam/roles/{roleIdOrLabel}",
+ "http_method": "DELETE",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "roleIdOrLabel",
+ "tool_parameter_name": "role_id_or_label",
+ "description": "`id` or `label` of the role",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "`id` or `label` of the role"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/DeleteCustomSigninPage.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/DeleteCustomSigninPage.json
new file mode 100644
index 000000000..b3c9d6ca1
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/DeleteCustomSigninPage.json
@@ -0,0 +1,105 @@
+{
+ "name": "DeleteCustomSigninPage",
+ "fully_qualified_name": "OktaApi.DeleteCustomSigninPage@0.1.0",
+ "description": "Delete the customized sign-in page to revert to default.\n\nUse this tool to delete a customized sign-in page, which will revert to the default sign-in page in the live environment.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "brand_id",
+ "required": true,
+ "description": "The ID of the brand whose customized sign-in page you want to delete.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "The ID of the brand"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "brandId"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'deleteCustomizedSignInPage'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.brands.manage"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/brands/{brandId}/pages/sign-in/customized",
+ "http_method": "DELETE",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "brandId",
+ "tool_parameter_name": "brand_id",
+ "description": "The ID of the brand",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "The ID of the brand"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/DeleteDeactivatedDevice.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/DeleteDeactivatedDevice.json
new file mode 100644
index 000000000..5bc3af95f
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/DeleteDeactivatedDevice.json
@@ -0,0 +1,105 @@
+{
+ "name": "DeleteDeactivatedDevice",
+ "fully_qualified_name": "OktaApi.DeleteDeactivatedDevice@0.1.0",
+ "description": "Permanently delete a device with deactivated status.\n\nUse this tool to permanently delete a device if it is deactivated. This action cannot be undone and removes all associated profile data. Ensure the device is deactivated before proceeding to avoid errors.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "device_id",
+ "required": true,
+ "description": "The unique identifier of the device to be permanently deleted. Must be in 'DEACTIVATED' status.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "`id` of the device"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "deviceId"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'deleteDevice'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.devices.manage"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/devices/{deviceId}",
+ "http_method": "DELETE",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "deviceId",
+ "tool_parameter_name": "device_id",
+ "description": "`id` of the device",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "`id` of the device"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/DeleteDeprovisionedUser.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/DeleteDeprovisionedUser.json
new file mode 100644
index 000000000..770124e18
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/DeleteDeprovisionedUser.json
@@ -0,0 +1,173 @@
+{
+ "name": "DeleteDeprovisionedUser",
+ "fully_qualified_name": "OktaApi.DeleteDeprovisionedUser@0.1.0",
+ "description": "Permanently delete a deprovisioned user account.\n\nUse this tool to permanently delete a user with the `DEPROVISIONED` status in Okta. Ensure the user is deprovisioned before performing this action, as deleting an active user requires deactivation first. This action is irreversible.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "user_identifier",
+ "required": true,
+ "description": "The ID, login, or unambiguous login shortname of a deprovisioned Okta user to delete.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "An ID, login, or login shortname (as long as the shortname is unambiguous) of an existing Okta user"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "id"
+ },
+ {
+ "name": "enable_async",
+ "required": false,
+ "description": "Set to `respond-async` to perform the user deletion asynchronously.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": [
+ "respond-async"
+ ],
+ "properties": null,
+ "inner_properties": null,
+ "description": ""
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "Prefer"
+ },
+ {
+ "name": "send_deactivation_email",
+ "required": false,
+ "description": "If true, sends a deactivation email to the admin upon user deactivation or deletion.",
+ "value_schema": {
+ "val_type": "boolean",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Sends a deactivation email to the admin if `true`"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "sendEmail"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'deleteUser'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.users.manage"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/users/{id}",
+ "http_method": "DELETE",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "sendEmail",
+ "tool_parameter_name": "send_deactivation_email",
+ "description": "Sends a deactivation email to the admin if `true`",
+ "value_schema": {
+ "val_type": "boolean",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Sends a deactivation email to the admin if `true`"
+ },
+ "accepted_as": "query",
+ "required": false,
+ "deprecated": false,
+ "documentation_urls": []
+ },
+ {
+ "name": "id",
+ "tool_parameter_name": "user_identifier",
+ "description": "An ID, login, or login shortname (as long as the shortname is unambiguous) of an existing Okta user",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "An ID, login, or login shortname (as long as the shortname is unambiguous) of an existing Okta user"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ },
+ {
+ "name": "Prefer",
+ "tool_parameter_name": "enable_async",
+ "description": "",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": [
+ "respond-async"
+ ],
+ "properties": null,
+ "inner_properties": null,
+ "description": ""
+ },
+ "accepted_as": "header",
+ "required": false,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/DeleteDeviceAssurancePolicy.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/DeleteDeviceAssurancePolicy.json
new file mode 100644
index 000000000..f79e1851c
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/DeleteDeviceAssurancePolicy.json
@@ -0,0 +1,105 @@
+{
+ "name": "DeleteDeviceAssurancePolicy",
+ "fully_qualified_name": "OktaApi.DeleteDeviceAssurancePolicy@0.1.0",
+ "description": "Deletes a device assurance policy if not in use.\n\nUse this tool to delete a device assurance policy by specifying the deviceAssuranceId. Deletion will be prevented if the policy is active in the organization's Authentication Policies.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "device_assurance_policy_id",
+ "required": true,
+ "description": "The unique identifier of the device assurance policy to delete. Ensure the policy is not used in authentication policies before deletion.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Id of the device assurance policy"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "deviceAssuranceId"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'deleteDeviceAssurancePolicy'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.deviceAssurance.manage"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/device-assurances/{deviceAssuranceId}",
+ "http_method": "DELETE",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "deviceAssuranceId",
+ "tool_parameter_name": "device_assurance_policy_id",
+ "description": "Id of the device assurance policy",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Id of the device assurance policy"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/DeleteDevicePostureCheck.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/DeleteDevicePostureCheck.json
new file mode 100644
index 000000000..7c1eed16b
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/DeleteDevicePostureCheck.json
@@ -0,0 +1,105 @@
+{
+ "name": "DeleteDevicePostureCheck",
+ "fully_qualified_name": "OktaApi.DeleteDevicePostureCheck@0.1.0",
+ "description": "Deletes a specified device posture check.\n\nUse this tool to delete a device posture check using its postureCheckId, unless it is used in a device assurance policy.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "device_posture_check_id",
+ "required": true,
+ "description": "ID of the specific device posture check to delete.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "ID of the device posture check"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "postureCheckId"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'deleteDevicePostureCheck'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.devicePostureChecks.manage"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/device-posture-checks/{postureCheckId}",
+ "http_method": "DELETE",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "postureCheckId",
+ "tool_parameter_name": "device_posture_check_id",
+ "description": "ID of the device posture check",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "ID of the device posture check"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/DeleteEmailCustomization.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/DeleteEmailCustomization.json
new file mode 100644
index 000000000..75b9f6292
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/DeleteEmailCustomization.json
@@ -0,0 +1,169 @@
+{
+ "name": "DeleteEmailCustomization",
+ "fully_qualified_name": "OktaApi.DeleteEmailCustomization@0.1.0",
+ "description": "Deletes an Email Customization by its unique identifier.\n\nUse this tool to delete an email customization in Okta using its unique ID. Note that if custom languages for Okta Email Templates are disabled, the deletion of additional language customizations by ID won't be registered.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "brand_id",
+ "required": true,
+ "description": "The unique identifier for the brand whose email customization is to be deleted.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "The ID of the brand"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "brandId"
+ },
+ {
+ "name": "email_template_name",
+ "required": true,
+ "description": "The name of the email template to be deleted.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "The name of the email template"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "templateName"
+ },
+ {
+ "name": "email_customization_id",
+ "required": true,
+ "description": "The unique identifier for the email customization to delete.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "The ID of the email customization"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "customizationId"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'deleteEmailCustomization'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.templates.manage"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/brands/{brandId}/templates/email/{templateName}/customizations/{customizationId}",
+ "http_method": "DELETE",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "brandId",
+ "tool_parameter_name": "brand_id",
+ "description": "The ID of the brand",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "The ID of the brand"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ },
+ {
+ "name": "templateName",
+ "tool_parameter_name": "email_template_name",
+ "description": "The name of the email template",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "The name of the email template"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ },
+ {
+ "name": "customizationId",
+ "tool_parameter_name": "email_customization_id",
+ "description": "The ID of the email customization",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "The ID of the email customization"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/DeleteEmailDomain.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/DeleteEmailDomain.json
new file mode 100644
index 000000000..453bb6a76
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/DeleteEmailDomain.json
@@ -0,0 +1,137 @@
+{
+ "name": "DeleteEmailDomain",
+ "fully_qualified_name": "OktaApi.DeleteEmailDomain@0.1.0",
+ "description": "Deletes a specified email domain from Okta.\n\nUse this tool to delete an email domain by providing the `emailDomainId`. It is called when an email domain needs to be removed from the system.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "email_domain_id",
+ "required": true,
+ "description": "The unique identifier for the email domain to be deleted.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": ""
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "emailDomainId"
+ },
+ {
+ "name": "include_additional_metadata",
+ "required": false,
+ "description": "Specifies which additional metadata should be included in the response. Provide as an array of strings.",
+ "value_schema": {
+ "val_type": "array",
+ "inner_val_type": "string",
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Specifies additional metadata to be included in the response"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "expand"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'deleteEmailDomain'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.emailDomains.manage"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/email-domains/{emailDomainId}",
+ "http_method": "DELETE",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "expand",
+ "tool_parameter_name": "include_additional_metadata",
+ "description": "Specifies additional metadata to be included in the response",
+ "value_schema": {
+ "val_type": "array",
+ "inner_val_type": "string",
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Specifies additional metadata to be included in the response"
+ },
+ "accepted_as": "query",
+ "required": false,
+ "deprecated": false,
+ "documentation_urls": []
+ },
+ {
+ "name": "emailDomainId",
+ "tool_parameter_name": "email_domain_id",
+ "description": "",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": ""
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/DeleteEmailServer.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/DeleteEmailServer.json
new file mode 100644
index 000000000..49b3e2224
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/DeleteEmailServer.json
@@ -0,0 +1,105 @@
+{
+ "name": "DeleteEmailServer",
+ "fully_qualified_name": "OktaApi.DeleteEmailServer@0.1.0",
+ "description": "Delete a specified custom SMTP server configuration.\n\nUse this tool to delete a specific custom SMTP server configuration by providing the server's ID.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "email_server_id",
+ "required": true,
+ "description": "The unique identifier of the custom SMTP server to be deleted.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": ""
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "emailServerId"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'deleteEmailServer'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.emailServers.manage"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/email-servers/{emailServerId}",
+ "http_method": "DELETE",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "emailServerId",
+ "tool_parameter_name": "email_server_id",
+ "description": "",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": ""
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/DeleteEmailTemplateCustomizations.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/DeleteEmailTemplateCustomizations.json
new file mode 100644
index 000000000..dea7df73d
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/DeleteEmailTemplateCustomizations.json
@@ -0,0 +1,137 @@
+{
+ "name": "DeleteEmailTemplateCustomizations",
+ "fully_qualified_name": "OktaApi.DeleteEmailTemplateCustomizations@0.1.0",
+ "description": "Deletes all customizations for an email template.\n\nUse this tool to delete all customizations for a specific email template in Okta. If Custom languages for Okta Email Templates is enabled, all customizations, including those in additional languages, are removed. Otherwise, only customizations in Okta-supported languages are deleted.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "brand_id",
+ "required": true,
+ "description": "The ID of the brand whose email template customizations are to be deleted.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "The ID of the brand"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "brandId"
+ },
+ {
+ "name": "email_template_name",
+ "required": true,
+ "description": "The name of the email template to delete customizations.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "The name of the email template"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "templateName"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'deleteAllCustomizations'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.templates.manage"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/brands/{brandId}/templates/email/{templateName}/customizations",
+ "http_method": "DELETE",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "brandId",
+ "tool_parameter_name": "brand_id",
+ "description": "The ID of the brand",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "The ID of the brand"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ },
+ {
+ "name": "templateName",
+ "tool_parameter_name": "email_template_name",
+ "description": "The name of the email template",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "The name of the email template"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/DeleteEnrollment.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/DeleteEnrollment.json
new file mode 100644
index 000000000..79f343448
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/DeleteEnrollment.json
@@ -0,0 +1,137 @@
+{
+ "name": "DeleteEnrollment",
+ "fully_qualified_name": "OktaApi.DeleteEnrollment@0.1.0",
+ "description": "Delete a user's authenticator enrollment.\n\nThis tool deletes an existing authenticator enrollment for a specified user. It should be used when there is a need to remove a user's current enrollment, allowing them to enroll the authenticator again.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "user_id",
+ "required": true,
+ "description": "ID of an existing Okta user to identify whom the enrollment will be deleted for.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "ID of an existing Okta user"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "userId"
+ },
+ {
+ "name": "enrollment_id",
+ "required": true,
+ "description": "Unique identifier for the user's authenticator enrollment to be deleted.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Unique identifier of an enrollment"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "enrollmentId"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'deleteAuthenticatorEnrollment'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.users.manage"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/users/{userId}/authenticator-enrollments/{enrollmentId}",
+ "http_method": "DELETE",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "userId",
+ "tool_parameter_name": "user_id",
+ "description": "ID of an existing Okta user",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "ID of an existing Okta user"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ },
+ {
+ "name": "enrollmentId",
+ "tool_parameter_name": "enrollment_id",
+ "description": "Unique identifier of an enrollment",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Unique identifier of an enrollment"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/DeleteFederatedClaim.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/DeleteFederatedClaim.json
new file mode 100644
index 000000000..5dab080ef
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/DeleteFederatedClaim.json
@@ -0,0 +1,137 @@
+{
+ "name": "DeleteFederatedClaim",
+ "fully_qualified_name": "OktaApi.DeleteFederatedClaim@0.1.0",
+ "description": "Deletes a specific federated claim by its ID.\n\nThis tool removes a federated claim given the specific claim ID. It should be used when there's a need to delete a federated claim associated with an application in Okta.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "application_id",
+ "required": true,
+ "description": "The ID of the application associated with the federated claim to be deleted.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Application ID"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "appId"
+ },
+ {
+ "name": "federated_claim_id",
+ "required": true,
+ "description": "The unique ID of the federated claim to be deleted.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "The unique `id` of the federated claim"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "claimId"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'deleteFederatedClaim'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.apps.manage"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/apps/{appId}/federated-claims/{claimId}",
+ "http_method": "DELETE",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "appId",
+ "tool_parameter_name": "application_id",
+ "description": "Application ID",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Application ID"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ },
+ {
+ "name": "claimId",
+ "tool_parameter_name": "federated_claim_id",
+ "description": "The unique `id` of the federated claim",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "The unique `id` of the federated claim"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/DeleteGovernanceBundle.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/DeleteGovernanceBundle.json
new file mode 100644
index 000000000..05eaffdde
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/DeleteGovernanceBundle.json
@@ -0,0 +1,105 @@
+{
+ "name": "DeleteGovernanceBundle",
+ "fully_qualified_name": "OktaApi.DeleteGovernanceBundle@0.1.0",
+ "description": "Deletes a Governance Bundle from RAMP in Okta.\n\nUse this tool to delete a specific governance bundle by its ID from Okta's RAMP. This is useful when a bundle is no longer needed or needs to be removed for compliance reasons.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "bundle_id",
+ "required": true,
+ "description": "The unique identifier of a governance bundle to delete from RAMP in Okta.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "The `id` of a bundle"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "bundleId"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'deleteGovernanceBundle'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.roles.manage"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/iam/governance/bundles/{bundleId}",
+ "http_method": "DELETE",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "bundleId",
+ "tool_parameter_name": "bundle_id",
+ "description": "The `id` of a bundle",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "The `id` of a bundle"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/DeleteGroup.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/DeleteGroup.json
new file mode 100644
index 000000000..92f9188e0
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/DeleteGroup.json
@@ -0,0 +1,105 @@
+{
+ "name": "DeleteGroup",
+ "fully_qualified_name": "OktaApi.DeleteGroup@0.1.0",
+ "description": "Remove a specified group from your organization.\n\nUse this tool to delete a group of `OKTA_GROUP` or `APP_GROUP` type from your organization. Note: Groups of type `APP_GROUP` cannot be removed if they are used in a group push mapping.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "group_id",
+ "required": true,
+ "description": "The unique identifier of the group to be deleted.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "The `id` of the group"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "groupId"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'deleteGroup'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.groups.manage"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/groups/{groupId}",
+ "http_method": "DELETE",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "groupId",
+ "tool_parameter_name": "group_id",
+ "description": "The `id` of the group",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "The `id` of the group"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/DeleteGroupRule.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/DeleteGroupRule.json
new file mode 100644
index 000000000..34e7e3793
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/DeleteGroupRule.json
@@ -0,0 +1,137 @@
+{
+ "name": "DeleteGroupRule",
+ "fully_qualified_name": "OktaApi.DeleteGroupRule@0.1.0",
+ "description": "Deletes a specific group rule by its ID.\n\nUse this tool to delete a group rule from the Okta system by providing the specific group rule ID when the rule is no longer needed.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "group_rule_id",
+ "required": true,
+ "description": "The unique ID of the group rule to be deleted. Required for identifying which group rule to remove.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "The `id` of the group rule"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "groupRuleId"
+ },
+ {
+ "name": "remove_users",
+ "required": false,
+ "description": "Set to true to remove users from groups assigned by this rule.",
+ "value_schema": {
+ "val_type": "boolean",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "If set to `true`, removes users from groups assigned by this rule"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "removeUsers"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'deleteGroupRule'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.groups.manage"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/groups/rules/{groupRuleId}",
+ "http_method": "DELETE",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "removeUsers",
+ "tool_parameter_name": "remove_users",
+ "description": "If set to `true`, removes users from groups assigned by this rule",
+ "value_schema": {
+ "val_type": "boolean",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "If set to `true`, removes users from groups assigned by this rule"
+ },
+ "accepted_as": "query",
+ "required": false,
+ "deprecated": false,
+ "documentation_urls": []
+ },
+ {
+ "name": "groupRuleId",
+ "tool_parameter_name": "group_rule_id",
+ "description": "The `id` of the group rule",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "The `id` of the group rule"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/DeleteHookKey.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/DeleteHookKey.json
new file mode 100644
index 000000000..4611abb4a
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/DeleteHookKey.json
@@ -0,0 +1,105 @@
+{
+ "name": "DeleteHookKey",
+ "fully_qualified_name": "OktaApi.DeleteHookKey@0.1.0",
+ "description": "Delete an unused hook key by ID.\n\nUse this tool to permanently delete a hook key by its ID. Only keys that are not in use can be deleted. Once deleted, a key cannot be recovered.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "hook_key_id",
+ "required": true,
+ "description": "The unique identifier for the hook key to be deleted. Ensure the key is unused.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "ID of the Hook Key"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "id"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'deleteHookKey'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.inlineHooks.manage"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/hook-keys/{id}",
+ "http_method": "DELETE",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "id",
+ "tool_parameter_name": "hook_key_id",
+ "description": "ID of the Hook Key",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "ID of the Hook Key"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/DeleteIdentityProvider.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/DeleteIdentityProvider.json
new file mode 100644
index 000000000..13cc3e338
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/DeleteIdentityProvider.json
@@ -0,0 +1,105 @@
+{
+ "name": "DeleteIdentityProvider",
+ "fully_qualified_name": "OktaApi.DeleteIdentityProvider@0.1.0",
+ "description": "Delete an identity provider integration by ID.\n\nThis tool deletes an identity provider (IdP) integration using the specified `idpId`. Upon deletion, all existing IdP users are unlinked, with the highest order profile source taking precedence for each user. Unlinked users retain their current authentication provider, such as `FEDERATION` or `SOCIAL`.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "identity_provider_id",
+ "required": true,
+ "description": "The unique identifier for the identity provider to be deleted.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "`id` of IdP"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "idpId"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'deleteIdentityProvider'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.idps.manage"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/idps/{idpId}",
+ "http_method": "DELETE",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "idpId",
+ "tool_parameter_name": "identity_provider_id",
+ "description": "`id` of IdP",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "`id` of IdP"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/DeleteIdentitySourceSession.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/DeleteIdentitySourceSession.json
new file mode 100644
index 000000000..dd15b45a4
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/DeleteIdentitySourceSession.json
@@ -0,0 +1,137 @@
+{
+ "name": "DeleteIdentitySourceSession",
+ "fully_qualified_name": "OktaApi.DeleteIdentitySourceSession@0.1.0",
+ "description": "Deletes an identity source session by ID.\n\nCall this tool to delete a specific identity source session using the session's and the identity source's IDs.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "identity_source_id",
+ "required": true,
+ "description": "The ID of the identity source for which the session is created.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "The ID of the identity source for which the session is created"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "identitySourceId"
+ },
+ {
+ "name": "identity_source_session_id",
+ "required": true,
+ "description": "The ID of the identity source session to be deleted.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "The ID of the identity source session"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "sessionId"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'deleteIdentitySourceSession'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.identitySources.manage"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/identity-sources/{identitySourceId}/sessions/{sessionId}",
+ "http_method": "DELETE",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "identitySourceId",
+ "tool_parameter_name": "identity_source_id",
+ "description": "The ID of the identity source for which the session is created",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "The ID of the identity source for which the session is created"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ },
+ {
+ "name": "sessionId",
+ "tool_parameter_name": "identity_source_session_id",
+ "description": "The ID of the identity source session",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "The ID of the identity source session"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/DeleteIdpKey.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/DeleteIdpKey.json
new file mode 100644
index 000000000..f639f8789
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/DeleteIdpKey.json
@@ -0,0 +1,105 @@
+{
+ "name": "DeleteIdpKey",
+ "fully_qualified_name": "OktaApi.DeleteIdpKey@0.1.0",
+ "description": "Delete an unused identity provider key by ID.\n\nUse this tool to delete a specific identity provider key credential by its key ID if it's not being used by any active or inactive IdPs.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "idp_key_id",
+ "required": true,
+ "description": "Unique ID of the IdP key credential to be deleted. Ensure it's not in use by any IdP.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Unique `id` of the IdP key credential"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "kid"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'deleteIdentityProviderKey'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.idps.manage"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/idps/credentials/keys/{kid}",
+ "http_method": "DELETE",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "kid",
+ "tool_parameter_name": "idp_key_id",
+ "description": "Unique `id` of the IdP key credential",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Unique `id` of the IdP key credential"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/DeleteInactiveApplication.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/DeleteInactiveApplication.json
new file mode 100644
index 000000000..d9c60a0d3
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/DeleteInactiveApplication.json
@@ -0,0 +1,105 @@
+{
+ "name": "DeleteInactiveApplication",
+ "fully_qualified_name": "OktaApi.DeleteInactiveApplication@0.1.0",
+ "description": "Delete an inactive application from the system.\n\nThis tool deletes an inactive application by providing its application ID. Call this tool when you need to permanently remove an inactive application from the Okta system.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "application_id",
+ "required": true,
+ "description": "The unique identifier for the application to be deleted. This ID is required to specify which inactive application should be removed from Okta.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Application ID"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "appId"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'deleteApplication'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.apps.manage"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/apps/{appId}",
+ "http_method": "DELETE",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "appId",
+ "tool_parameter_name": "application_id",
+ "description": "Application ID",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Application ID"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/DeleteInactiveEventHook.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/DeleteInactiveEventHook.json
new file mode 100644
index 000000000..cfbccb9d7
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/DeleteInactiveEventHook.json
@@ -0,0 +1,105 @@
+{
+ "name": "DeleteInactiveEventHook",
+ "fully_qualified_name": "OktaApi.DeleteInactiveEventHook@0.1.0",
+ "description": "Delete an inactive event hook by ID.\n\nUse this tool to delete an event hook with a status of `INACTIVE` by providing its ID. Deletion is irreversible, so ensure that the event hook is no longer needed.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "event_hook_id",
+ "required": true,
+ "description": "The ID of the event hook to delete. It must have a status of `INACTIVE`.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "`id` of the Event Hook"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "eventHookId"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'deleteEventHook'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.eventHooks.manage"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/eventHooks/{eventHookId}",
+ "http_method": "DELETE",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "eventHookId",
+ "tool_parameter_name": "event_hook_id",
+ "description": "`id` of the Event Hook",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "`id` of the Event Hook"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/DeleteInactiveGroupPushMapping.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/DeleteInactiveGroupPushMapping.json
new file mode 100644
index 000000000..72c2553c1
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/DeleteInactiveGroupPushMapping.json
@@ -0,0 +1,170 @@
+{
+ "name": "DeleteInactiveGroupPushMapping",
+ "fully_qualified_name": "OktaApi.DeleteInactiveGroupPushMapping@0.1.0",
+ "description": "Delete an inactive group push mapping.\n\nUse this tool to delete a specific group push mapping that is in an 'INACTIVE' state. This is useful for managing and maintaining group configurations within an application.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "application_id",
+ "required": true,
+ "description": "The unique identifier for the application associated with the group push mapping.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Application ID"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "appId"
+ },
+ {
+ "name": "group_push_mapping_id",
+ "required": true,
+ "description": "ID of the group push mapping to be deleted. Must be in an 'INACTIVE' state.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Group push mapping ID"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "mappingId"
+ },
+ {
+ "name": "delete_target_group",
+ "required": true,
+ "description": "Set to `true` to delete the target group; `false` to retain it. Controls whether the target group is also deleted.",
+ "value_schema": {
+ "val_type": "boolean",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "If set to `true`, the target group is also deleted. If set to `false`, the target group isn't deleted."
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "deleteTargetGroup"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'deleteGroupPushMapping'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.groups.manage",
+ "okta.apps.manage"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/apps/{appId}/group-push/mappings/{mappingId}",
+ "http_method": "DELETE",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "deleteTargetGroup",
+ "tool_parameter_name": "delete_target_group",
+ "description": "If set to `true`, the target group is also deleted. If set to `false`, the target group isn't deleted.",
+ "value_schema": {
+ "val_type": "boolean",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "If set to `true`, the target group is also deleted. If set to `false`, the target group isn't deleted."
+ },
+ "accepted_as": "query",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ },
+ {
+ "name": "appId",
+ "tool_parameter_name": "application_id",
+ "description": "Application ID",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Application ID"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ },
+ {
+ "name": "mappingId",
+ "tool_parameter_name": "group_push_mapping_id",
+ "description": "Group push mapping ID",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Group push mapping ID"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/DeleteInactiveInlineHook.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/DeleteInactiveInlineHook.json
new file mode 100644
index 000000000..9ec0cf684
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/DeleteInactiveInlineHook.json
@@ -0,0 +1,105 @@
+{
+ "name": "DeleteInactiveInlineHook",
+ "fully_qualified_name": "OktaApi.DeleteInactiveInlineHook@0.1.0",
+ "description": "Delete an inactive inline hook in Okta.\n\nUse this tool to permanently delete an inline hook from Okta, provided it is in an inactive state. Once deleted, the hook cannot be recovered, so ensure the status is 'INACTIVE' before proceeding.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "inline_hook_id",
+ "required": true,
+ "description": "The unique identifier of the inline hook to be deleted. Ensure the hook is inactive before deletion.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "`id` of the inline hook"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "inlineHookId"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'deleteInlineHook'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.inlineHooks.manage"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/inlineHooks/{inlineHookId}",
+ "http_method": "DELETE",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "inlineHookId",
+ "tool_parameter_name": "inline_hook_id",
+ "description": "`id` of the inline hook",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "`id` of the inline hook"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/DeleteInactiveOauth2ClientJwk.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/DeleteInactiveOauth2ClientJwk.json
new file mode 100644
index 000000000..4014565a1
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/DeleteInactiveOauth2ClientJwk.json
@@ -0,0 +1,137 @@
+{
+ "name": "DeleteInactiveOauth2ClientJwk",
+ "fully_qualified_name": "OktaApi.DeleteInactiveOauth2ClientJwk@0.1.0",
+ "description": "Delete an inactive OAuth 2.0 Client JSON Web Key.\n\nUse this tool to delete an inactive JSON Web Key (JWK) for an OAuth 2.0 client by specifying the key ID. It ensures that only inactive keys can be removed.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "application_id",
+ "required": true,
+ "description": "The ID of the application for which the OAuth 2.0 client JWK should be deleted.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Application ID"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "appId"
+ },
+ {
+ "name": "oauth2_client_jwk_id",
+ "required": true,
+ "description": "Unique `id` of the Custom Authorization Server JSON Web Key to be deleted.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Unique `id` of the Custom Authorization Server JSON Web Key"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "keyId"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'deletejwk'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.apps.manage"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/apps/{appId}/credentials/jwks/{keyId}",
+ "http_method": "DELETE",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "appId",
+ "tool_parameter_name": "application_id",
+ "description": "Application ID",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Application ID"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ },
+ {
+ "name": "keyId",
+ "tool_parameter_name": "oauth2_client_jwk_id",
+ "description": "Unique `id` of the Custom Authorization Server JSON Web Key",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Unique `id` of the Custom Authorization Server JSON Web Key"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/DeleteInactiveOauth2Jwk.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/DeleteInactiveOauth2Jwk.json
new file mode 100644
index 000000000..1826b23ed
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/DeleteInactiveOauth2Jwk.json
@@ -0,0 +1,137 @@
+{
+ "name": "DeleteInactiveOauth2Jwk",
+ "fully_qualified_name": "OktaApi.DeleteInactiveOauth2Jwk@0.1.0",
+ "description": "Deletes an inactive public JSON web key from an auth server.\n\nUse this tool to delete a custom authorization server's public JSON web key by providing the key's ID. Ensure the key is inactive before deletion.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "authorization_server_id",
+ "required": true,
+ "description": "`ID` of the Authorization Server required for deleting an inactive JSON web key.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "`id` of the Authorization Server"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "authServerId"
+ },
+ {
+ "name": "json_web_key_id",
+ "required": true,
+ "description": "The unique identifier for the custom authorization server JSON web key to delete. Must be inactive before deletion.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Unique `id` of the Custom Authorization Server JSON Web Key"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "keyId"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'deleteOAuth2ResourceServerJsonWebKey'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.authorizationServers.manage"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/authorizationServers/{authServerId}/resourceservercredentials/keys/{keyId}",
+ "http_method": "DELETE",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "authServerId",
+ "tool_parameter_name": "authorization_server_id",
+ "description": "`id` of the Authorization Server",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "`id` of the Authorization Server"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ },
+ {
+ "name": "keyId",
+ "tool_parameter_name": "json_web_key_id",
+ "description": "Unique `id` of the Custom Authorization Server JSON Web Key",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Unique `id` of the Custom Authorization Server JSON Web Key"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/DeleteInactiveSecret.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/DeleteInactiveSecret.json
new file mode 100644
index 000000000..29c4dcabb
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/DeleteInactiveSecret.json
@@ -0,0 +1,137 @@
+{
+ "name": "DeleteInactiveSecret",
+ "fully_qualified_name": "OktaApi.DeleteInactiveSecret@0.1.0",
+ "description": "Delete an inactive API service integration secret.\n\nUse this tool to delete an inactive secret from an API service integration using the specified `secretId`. This operation is only possible for secrets that are no longer active.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "api_service_integration_instance_id",
+ "required": true,
+ "description": "The ID of the API Service Integration instance to which the secret belongs.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "`id` of the API Service Integration instance"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "apiServiceId"
+ },
+ {
+ "name": "secret_id",
+ "required": true,
+ "description": "The ID of the API Service Integration instance Secret to be deleted. It must refer to an inactive secret.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "`id` of the API Service Integration instance Secret"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "secretId"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'deleteApiServiceIntegrationInstanceSecret'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.oauthIntegrations.manage"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/integrations/api/v1/api-services/{apiServiceId}/credentials/secrets/{secretId}",
+ "http_method": "DELETE",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "apiServiceId",
+ "tool_parameter_name": "api_service_integration_instance_id",
+ "description": "`id` of the API Service Integration instance",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "`id` of the API Service Integration instance"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ },
+ {
+ "name": "secretId",
+ "tool_parameter_name": "secret_id",
+ "description": "`id` of the API Service Integration instance Secret",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "`id` of the API Service Integration instance Secret"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/DeleteLinkedObjectDefinition.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/DeleteLinkedObjectDefinition.json
new file mode 100644
index 000000000..061f6d73c
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/DeleteLinkedObjectDefinition.json
@@ -0,0 +1,105 @@
+{
+ "name": "DeleteLinkedObjectDefinition",
+ "fully_qualified_name": "OktaApi.DeleteLinkedObjectDefinition@0.1.0",
+ "description": "Delete a specified linked object definition in Okta.\n\nUse this tool to delete a linked object definition in Okta by specifying its primary or associated name. This action removes the entire definition.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "linked_object_name",
+ "required": true,
+ "description": "The primary or associated name of the linked object definition to delete in Okta.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Primary or Associated name"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "linkedObjectName"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'deleteLinkedObjectDefinition'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.linkedObjects.manage"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/meta/schemas/user/linkedObjects/{linkedObjectName}",
+ "http_method": "DELETE",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "linkedObjectName",
+ "tool_parameter_name": "linked_object_name",
+ "description": "Primary or Associated name",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Primary or Associated name"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/DeleteLogStream.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/DeleteLogStream.json
new file mode 100644
index 000000000..0c3fa3dc1
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/DeleteLogStream.json
@@ -0,0 +1,105 @@
+{
+ "name": "DeleteLogStream",
+ "fully_qualified_name": "OktaApi.DeleteLogStream@0.1.0",
+ "description": "Delete a log stream from your organization by ID.\n\nUse this tool when you need to delete a specific log stream from your Okta organization. Provide the log stream ID to complete the operation.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "log_stream_id",
+ "required": true,
+ "description": "Unique identifier for the log stream you want to delete.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Unique identifier for the log stream"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "logStreamId"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'deleteLogStream'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.logStreams.manage"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/logStreams/{logStreamId}",
+ "http_method": "DELETE",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "logStreamId",
+ "tool_parameter_name": "log_stream_id",
+ "description": "Unique identifier for the log stream",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Unique identifier for the log stream"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/DeleteNetworkZone.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/DeleteNetworkZone.json
new file mode 100644
index 000000000..a00e8a807
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/DeleteNetworkZone.json
@@ -0,0 +1,105 @@
+{
+ "name": "DeleteNetworkZone",
+ "fully_qualified_name": "OktaApi.DeleteNetworkZone@0.1.0",
+ "description": "Delete a specific network zone by its ID.\n\nDeletes a network zone identified by `zoneId`. Ensure the network zone is not used by a policy or rule and has an appropriate status for deletion in Okta Identity Engine orgs.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "network_zone_id",
+ "required": true,
+ "description": "The ID of the network zone to be deleted. Ensure it is not in use by a policy or rule.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "`id` of the Network Zone"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "zoneId"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'deleteNetworkZone'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.networkZones.manage"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/zones/{zoneId}",
+ "http_method": "DELETE",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "zoneId",
+ "tool_parameter_name": "network_zone_id",
+ "description": "`id` of the Network Zone",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "`id` of the Network Zone"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/DeleteOauth2Claim.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/DeleteOauth2Claim.json
new file mode 100644
index 000000000..6f5fce752
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/DeleteOauth2Claim.json
@@ -0,0 +1,137 @@
+{
+ "name": "DeleteOauth2Claim",
+ "fully_qualified_name": "OktaApi.DeleteOauth2Claim@0.1.0",
+ "description": "Delete a custom OAuth2 token claim by ID.\n\nUse this tool to delete a specific custom OAuth2 token claim by providing the claim ID. Ideal for managing and removing unnecessary or outdated claims in Okta authorization servers.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "authorization_server_id",
+ "required": true,
+ "description": "The ID of the Authorization Server from which the OAuth2 claim will be deleted.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "`id` of the Authorization Server"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "authServerId"
+ },
+ {
+ "name": "claim_id",
+ "required": true,
+ "description": "The ID of the OAuth2 token claim to delete. This ID specifies which claim to remove from the authorization server.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "`id` of Claim"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "claimId"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'deleteOAuth2Claim'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.authorizationServers.manage"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/authorizationServers/{authServerId}/claims/{claimId}",
+ "http_method": "DELETE",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "authServerId",
+ "tool_parameter_name": "authorization_server_id",
+ "description": "`id` of the Authorization Server",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "`id` of the Authorization Server"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ },
+ {
+ "name": "claimId",
+ "tool_parameter_name": "claim_id",
+ "description": "`id` of Claim",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "`id` of Claim"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/DeleteOauth2Scope.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/DeleteOauth2Scope.json
new file mode 100644
index 000000000..28a84645b
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/DeleteOauth2Scope.json
@@ -0,0 +1,137 @@
+{
+ "name": "DeleteOauth2Scope",
+ "fully_qualified_name": "OktaApi.DeleteOauth2Scope@0.1.0",
+ "description": "Deletes a custom OAuth2 token scope by its ID.\n\nCall this tool to remove a specific custom token scope from an authorization server using its ID. Useful for managing and updating authentication configurations.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "authorization_server_id",
+ "required": true,
+ "description": "The unique ID of the authorization server from which the custom token scope is to be deleted.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "`id` of the Authorization Server"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "authServerId"
+ },
+ {
+ "name": "scope_id",
+ "required": true,
+ "description": "The ID of the custom token scope to be deleted.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "`id` of Scope"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "scopeId"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'deleteOAuth2Scope'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.authorizationServers.manage"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/authorizationServers/{authServerId}/scopes/{scopeId}",
+ "http_method": "DELETE",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "authServerId",
+ "tool_parameter_name": "authorization_server_id",
+ "description": "`id` of the Authorization Server",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "`id` of the Authorization Server"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ },
+ {
+ "name": "scopeId",
+ "tool_parameter_name": "scope_id",
+ "description": "`id` of Scope",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "`id` of Scope"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/DeleteOauthClientSecret.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/DeleteOauthClientSecret.json
new file mode 100644
index 000000000..a63e4bd44
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/DeleteOauthClientSecret.json
@@ -0,0 +1,137 @@
+{
+ "name": "DeleteOauthClientSecret",
+ "fully_qualified_name": "OktaApi.DeleteOauthClientSecret@0.1.0",
+ "description": "Delete an inactive OAuth 2.0 client secret.\n\nUse this tool to delete an inactive OAuth 2.0 client secret by specifying the secret ID. Call this when you need to remove credentials that are no longer in use.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "application_id",
+ "required": true,
+ "description": "The ID of the application for which the OAuth 2.0 client secret will be deleted. Must be a valid string.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Application ID"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "appId"
+ },
+ {
+ "name": "oauth_client_secret_id",
+ "required": true,
+ "description": "The unique ID of the OAuth 2.0 client secret to be deleted. Ensure the secret is inactive before deletion.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Unique `id` of the OAuth 2.0 Client Secret"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "secretId"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'deleteOAuth2ClientSecret'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.apps.manage"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/apps/{appId}/credentials/secrets/{secretId}",
+ "http_method": "DELETE",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "appId",
+ "tool_parameter_name": "application_id",
+ "description": "Application ID",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Application ID"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ },
+ {
+ "name": "secretId",
+ "tool_parameter_name": "oauth_client_secret_id",
+ "description": "Unique `id` of the OAuth 2.0 Client Secret",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Unique `id` of the OAuth 2.0 Client Secret"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/DeleteOrgCaptchaSettings.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/DeleteOrgCaptchaSettings.json
new file mode 100644
index 000000000..f87a62164
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/DeleteOrgCaptchaSettings.json
@@ -0,0 +1,71 @@
+{
+ "name": "DeleteOrgCaptchaSettings",
+ "fully_qualified_name": "OktaApi.DeleteOrgCaptchaSettings@0.1.0",
+ "description": "Deletes the CAPTCHA settings for your organization.\n\nUse this tool to delete the CAPTCHA settings object for your organization in Okta. This is useful when CAPTCHA protections are no longer needed or being replaced. The tool confirms the deletion of the settings.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": []
+ },
+ "output": {
+ "description": "Response from the API endpoint 'deleteOrgCaptchaSettings'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.captchas.manage"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/org/captcha",
+ "http_method": "DELETE",
+ "headers": {},
+ "parameters": [],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/DeletePolicy.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/DeletePolicy.json
new file mode 100644
index 000000000..0ff23c85a
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/DeletePolicy.json
@@ -0,0 +1,105 @@
+{
+ "name": "DeletePolicy",
+ "fully_qualified_name": "OktaApi.DeletePolicy@0.1.0",
+ "description": "Deletes a specified policy in Okta.\n\nUse this tool to delete a specific policy in Okta by its ID. Appropriate when you need to remove an existing policy from the system.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "policy_id",
+ "required": true,
+ "description": "The ID of the policy to be deleted in Okta.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "`id` of the Policy"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "policyId"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'deletePolicy'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.policies.manage"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/policies/{policyId}",
+ "http_method": "DELETE",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "policyId",
+ "tool_parameter_name": "policy_id",
+ "description": "`id` of the Policy",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "`id` of the Policy"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/DeletePolicyResourceMapping.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/DeletePolicyResourceMapping.json
new file mode 100644
index 000000000..b82c0e5c6
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/DeletePolicyResourceMapping.json
@@ -0,0 +1,137 @@
+{
+ "name": "DeletePolicyResourceMapping",
+ "fully_qualified_name": "OktaApi.DeletePolicyResourceMapping@0.1.0",
+ "description": "Deletes a specific resource mapping for a policy identified by policyId and mappingId.\n\nUse this tool to remove the resource mapping associated with a specified policy in Okta by providing the policy ID and mapping ID.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "policy_id",
+ "required": true,
+ "description": "ID of the policy to identify which policy's resource mapping to delete.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "`id` of the Policy"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "policyId"
+ },
+ {
+ "name": "policy_resource_mapping_id",
+ "required": true,
+ "description": "The unique ID of the policy resource mapping to be deleted.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "`id` of the policy resource Mapping"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "mappingId"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'deletePolicyResourceMapping'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.policies.manage"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/policies/{policyId}/mappings/{mappingId}",
+ "http_method": "DELETE",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "policyId",
+ "tool_parameter_name": "policy_id",
+ "description": "`id` of the Policy",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "`id` of the Policy"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ },
+ {
+ "name": "mappingId",
+ "tool_parameter_name": "policy_resource_mapping_id",
+ "description": "`id` of the policy resource Mapping",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "`id` of the policy resource Mapping"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/DeletePolicyRule.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/DeletePolicyRule.json
new file mode 100644
index 000000000..3a7066a17
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/DeletePolicyRule.json
@@ -0,0 +1,137 @@
+{
+ "name": "DeletePolicyRule",
+ "fully_qualified_name": "OktaApi.DeletePolicyRule@0.1.0",
+ "description": "Deletes a specified policy rule in Okta.\n\nUse this tool to delete a policy rule by providing the appropriate `policyId` and `ruleId`.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "policy_id",
+ "required": true,
+ "description": "The unique ID of the policy to be deleted.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "`id` of the Policy"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "policyId"
+ },
+ {
+ "name": "policy_rule_id",
+ "required": true,
+ "description": "The unique identifier of the policy rule to be deleted.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "`id` of the policy rule"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "ruleId"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'deletePolicyRule'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.policies.manage"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/policies/{policyId}/rules/{ruleId}",
+ "http_method": "DELETE",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "policyId",
+ "tool_parameter_name": "policy_id",
+ "description": "`id` of the Policy",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "`id` of the Policy"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ },
+ {
+ "name": "ruleId",
+ "tool_parameter_name": "policy_rule_id",
+ "description": "`id` of the policy rule",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "`id` of the policy rule"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/DeletePreviewErrorPage.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/DeletePreviewErrorPage.json
new file mode 100644
index 000000000..9655384df
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/DeletePreviewErrorPage.json
@@ -0,0 +1,105 @@
+{
+ "name": "DeletePreviewErrorPage",
+ "fully_qualified_name": "OktaApi.DeletePreviewErrorPage@0.1.0",
+ "description": "Delete the preview error page with unpublished changes.\n\nUse this tool to delete the preview error page that contains unpublished changes. It affects only the preview version and not the live environment.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "brand_id",
+ "required": true,
+ "description": "The ID of the brand for which the preview error page is to be deleted.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "The ID of the brand"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "brandId"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'deletePreviewErrorPage'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.brands.manage"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/brands/{brandId}/pages/error/preview",
+ "http_method": "DELETE",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "brandId",
+ "tool_parameter_name": "brand_id",
+ "description": "The ID of the brand",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "The ID of the brand"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/DeletePreviewSignInPage.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/DeletePreviewSignInPage.json
new file mode 100644
index 000000000..531d1501b
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/DeletePreviewSignInPage.json
@@ -0,0 +1,105 @@
+{
+ "name": "DeletePreviewSignInPage",
+ "fully_qualified_name": "OktaApi.DeletePreviewSignInPage@0.1.0",
+ "description": "Delete the preview sign-in page with unpublished changes.\n\nUse this tool to delete the preview version of a sign-in page, which includes changes not yet published to the live environment. Call this when you want to discard these changes.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "brand_id",
+ "required": true,
+ "description": "The unique identifier for the brand whose preview sign-in page you wish to delete.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "The ID of the brand"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "brandId"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'deletePreviewSignInPage'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.brands.manage"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/brands/{brandId}/pages/sign-in/preview",
+ "http_method": "DELETE",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "brandId",
+ "tool_parameter_name": "brand_id",
+ "description": "The ID of the brand",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "The ID of the brand"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/DeletePushProvider.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/DeletePushProvider.json
new file mode 100644
index 000000000..073e42917
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/DeletePushProvider.json
@@ -0,0 +1,105 @@
+{
+ "name": "DeletePushProvider",
+ "fully_qualified_name": "OktaApi.DeletePushProvider@0.1.0",
+ "description": "Delete a push provider by ID with usage checks.\n\nCall this tool to delete a specified push provider by ID. If the push provider is in use by a custom authenticator within the organization, the deletion will not proceed.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "push_provider_id",
+ "required": true,
+ "description": "The unique identifier for the push provider to be deleted. Must be a valid ID string.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Id of the push provider"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "pushProviderId"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'deletePushProvider'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.pushProviders.manage"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/push-providers/{pushProviderId}",
+ "http_method": "DELETE",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "pushProviderId",
+ "tool_parameter_name": "push_provider_id",
+ "description": "Id of the push provider",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Id of the push provider"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/DeleteRealm.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/DeleteRealm.json
new file mode 100644
index 000000000..d90b1c04b
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/DeleteRealm.json
@@ -0,0 +1,105 @@
+{
+ "name": "DeleteRealm",
+ "fully_qualified_name": "OktaApi.DeleteRealm@0.1.0",
+ "description": "Permanently delete a realm in Okta after disassociation.\n\nUse this tool to permanently delete a realm from Okta, ensuring all associated entities like users and identity providers are disassociated beforehand.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "realm_id",
+ "required": true,
+ "description": "The unique ID of the realm to be permanently deleted.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "ID of the realm"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "realmId"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'deleteRealm'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.realms.manage"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/realms/{realmId}",
+ "http_method": "DELETE",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "realmId",
+ "tool_parameter_name": "realm_id",
+ "description": "ID of the realm",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "ID of the realm"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/DeleteRealmAssignment.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/DeleteRealmAssignment.json
new file mode 100644
index 000000000..8d1d87ad0
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/DeleteRealmAssignment.json
@@ -0,0 +1,105 @@
+{
+ "name": "DeleteRealmAssignment",
+ "fully_qualified_name": "OktaApi.DeleteRealmAssignment@0.1.0",
+ "description": "Deletes a realm assignment by ID.\n\nThis tool removes a specified realm assignment in Okta. It should be called when an assignment needs to be deleted based on its assignment ID.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "realm_assignment_id",
+ "required": true,
+ "description": "The unique identifier for the realm assignment to be deleted.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "ID of the realm assignment"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "assignmentId"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'deleteRealmAssignment'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.realmAssignments.manage"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/realm-assignments/{assignmentId}",
+ "http_method": "DELETE",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "assignmentId",
+ "tool_parameter_name": "realm_assignment_id",
+ "description": "ID of the realm assignment",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "ID of the realm assignment"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/DeleteResourceFromSet.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/DeleteResourceFromSet.json
new file mode 100644
index 000000000..e1d9e037f
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/DeleteResourceFromSet.json
@@ -0,0 +1,137 @@
+{
+ "name": "DeleteResourceFromSet",
+ "fully_qualified_name": "OktaApi.DeleteResourceFromSet@0.1.0",
+ "description": "Delete a resource from a specified resource set.\n\nUse this tool to delete a specific resource from a resource set identified by its ID or label in Okta. Ideal for managing and updating resource allocations efficiently.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "resource_set_id_or_label",
+ "required": true,
+ "description": "Provide the id or label of the resource set from which to delete the resource.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "`id` or `label` of the resource set"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "resourceSetIdOrLabel"
+ },
+ {
+ "name": "resource_id",
+ "required": true,
+ "description": "The unique ID of the resource to be deleted from the specified resource set.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "`id` of the resource"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "resourceId"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'deleteResourceSetResource'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.roles.manage"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/iam/resource-sets/{resourceSetIdOrLabel}/resources/{resourceId}",
+ "http_method": "DELETE",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "resourceSetIdOrLabel",
+ "tool_parameter_name": "resource_set_id_or_label",
+ "description": "`id` or `label` of the resource set",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "`id` or `label` of the resource set"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ },
+ {
+ "name": "resourceId",
+ "tool_parameter_name": "resource_id",
+ "description": "`id` of the resource",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "`id` of the resource"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/DeleteResourceSet.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/DeleteResourceSet.json
new file mode 100644
index 000000000..21465f78f
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/DeleteResourceSet.json
@@ -0,0 +1,105 @@
+{
+ "name": "DeleteResourceSet",
+ "fully_qualified_name": "OktaApi.DeleteResourceSet@0.1.0",
+ "description": "Deletes a resource set by ID or label.\n\nUse this tool to delete a specific resource set from the system by providing the resource set's ID or label. It is useful for managing and organizing resource allocations within the platform.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "resource_set_identifier",
+ "required": true,
+ "description": "The ID or label of the resource set to be deleted.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "`id` or `label` of the resource set"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "resourceSetIdOrLabel"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'deleteResourceSet'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.roles.manage"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/iam/resource-sets/{resourceSetIdOrLabel}",
+ "http_method": "DELETE",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "resourceSetIdOrLabel",
+ "tool_parameter_name": "resource_set_identifier",
+ "description": "`id` or `label` of the resource set",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "`id` or `label` of the resource set"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/DeleteRoleBinding.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/DeleteRoleBinding.json
new file mode 100644
index 000000000..a69a56ab0
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/DeleteRoleBinding.json
@@ -0,0 +1,137 @@
+{
+ "name": "DeleteRoleBinding",
+ "fully_qualified_name": "OktaApi.DeleteRoleBinding@0.1.0",
+ "description": "Deletes a binding between a role and a resource set.\n\nUse this tool to remove the association between a specific role and a resource set in Okta by providing the role and resource set identifiers.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "resource_set_id_or_label",
+ "required": true,
+ "description": "The `id` or `label` of the resource set to be unbound from the role.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "`id` or `label` of the resource set"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "resourceSetIdOrLabel"
+ },
+ {
+ "name": "role_id_or_label",
+ "required": true,
+ "description": "The identifier or label of the role to unbind from the resource set.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "`id` or `label` of the role"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "roleIdOrLabel"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'deleteBinding'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.roles.manage"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/iam/resource-sets/{resourceSetIdOrLabel}/bindings/{roleIdOrLabel}",
+ "http_method": "DELETE",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "resourceSetIdOrLabel",
+ "tool_parameter_name": "resource_set_id_or_label",
+ "description": "`id` or `label` of the resource set",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "`id` or `label` of the resource set"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ },
+ {
+ "name": "roleIdOrLabel",
+ "tool_parameter_name": "role_id_or_label",
+ "description": "`id` or `label` of the role",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "`id` or `label` of the role"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/DeleteSecurityEventsProviderInstance.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/DeleteSecurityEventsProviderInstance.json
new file mode 100644
index 000000000..8f6563c1f
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/DeleteSecurityEventsProviderInstance.json
@@ -0,0 +1,105 @@
+{
+ "name": "DeleteSecurityEventsProviderInstance",
+ "fully_qualified_name": "OktaApi.DeleteSecurityEventsProviderInstance@0.1.0",
+ "description": "Deletes a specified security events provider instance.\n\nUse this tool to delete a specific security events provider instance by its ID. This action is irreversible and should be called when you need to remove an existing security events provider.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "security_events_provider_id",
+ "required": true,
+ "description": "The ID of the security events provider instance to be deleted. This is a required field and must be a valid string representing the instance ID.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "`id` of the Security Events Provider instance"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "securityEventProviderId"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'deleteSecurityEventsProviderInstance'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.securityEventsProviders.manage"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/security-events-providers/{securityEventProviderId}",
+ "http_method": "DELETE",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "securityEventProviderId",
+ "tool_parameter_name": "security_events_provider_id",
+ "description": "`id` of the Security Events Provider instance",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "`id` of the Security Events Provider instance"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/DeleteServiceAccount.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/DeleteServiceAccount.json
new file mode 100644
index 000000000..23414220f
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/DeleteServiceAccount.json
@@ -0,0 +1,105 @@
+{
+ "name": "DeleteServiceAccount",
+ "fully_qualified_name": "OktaApi.DeleteServiceAccount@0.1.0",
+ "description": "Delete a specified app service account by ID.\n\nUse this tool to delete an app service account using its ID when managing account access or performing cleanup operations.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "service_account_id",
+ "required": true,
+ "description": "ID of the service account to be deleted.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "ID of an existing service account"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "id"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'deleteAppServiceAccount'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.serviceAccounts.manage"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/privileged-access/api/v1/service-accounts/{id}",
+ "http_method": "DELETE",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "id",
+ "tool_parameter_name": "service_account_id",
+ "description": "ID of an existing service account",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "ID of an existing service account"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/DeleteSmsTemplate.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/DeleteSmsTemplate.json
new file mode 100644
index 000000000..3e3bb9e9a
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/DeleteSmsTemplate.json
@@ -0,0 +1,105 @@
+{
+ "name": "DeleteSmsTemplate",
+ "fully_qualified_name": "OktaApi.DeleteSmsTemplate@0.1.0",
+ "description": "Deletes an SMS template by template ID.\n\nThis tool is used to delete a specific SMS template given its template ID. It should be called when there's a need to permanently remove an SMS template from the system.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "template_id",
+ "required": true,
+ "description": "The unique identifier of the SMS template to delete.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "`id` of the Template"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "templateId"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'deleteSmsTemplate'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.templates.manage"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/templates/sms/{templateId}",
+ "http_method": "DELETE",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "templateId",
+ "tool_parameter_name": "template_id",
+ "description": "`id` of the Template",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "`id` of the Template"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/DeleteSsfStream.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/DeleteSsfStream.json
new file mode 100644
index 000000000..6489d518c
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/DeleteSsfStream.json
@@ -0,0 +1,105 @@
+{
+ "name": "DeleteSsfStream",
+ "fully_qualified_name": "OktaApi.DeleteSsfStream@0.1.0",
+ "description": "Delete a specified SSF Stream.\n\nUse this tool to delete an SSF Stream by providing a stream ID. If no stream ID is provided, it deletes the stream associated with the Client ID from the OAuth token.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "stream_id_for_deletion",
+ "required": false,
+ "description": "The ID of the SSF Stream to delete. If not provided, deletes the stream associated with the Client ID from the OAuth token.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "The ID of the specified SSF Stream configuration"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "stream_id"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'deleteSsfStream'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "ssf.manage"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/ssf/stream",
+ "http_method": "DELETE",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "stream_id",
+ "tool_parameter_name": "stream_id_for_deletion",
+ "description": "The ID of the specified SSF Stream configuration",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "The ID of the specified SSF Stream configuration"
+ },
+ "accepted_as": "query",
+ "required": false,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/DeleteThemeBackgroundImage.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/DeleteThemeBackgroundImage.json
new file mode 100644
index 000000000..e7bd98000
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/DeleteThemeBackgroundImage.json
@@ -0,0 +1,137 @@
+{
+ "name": "DeleteThemeBackgroundImage",
+ "fully_qualified_name": "OktaApi.DeleteThemeBackgroundImage@0.1.0",
+ "description": "Deletes the background image for a specified theme.\n\nUse this tool when you need to delete the background image of a specific theme within a brand. This is useful for managing theme visuals in applications that utilize Okta services.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "brand_id",
+ "required": true,
+ "description": "The unique ID of the brand whose theme background image is to be deleted.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "The ID of the brand"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "brandId"
+ },
+ {
+ "name": "theme_id",
+ "required": true,
+ "description": "The unique identifier for the theme whose background image is to be deleted. This is required to specify which theme's image will be removed within the brand.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "The ID of the theme"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "themeId"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'deleteBrandThemeBackgroundImage'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.brands.manage"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/brands/{brandId}/themes/{themeId}/background-image",
+ "http_method": "DELETE",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "brandId",
+ "tool_parameter_name": "brand_id",
+ "description": "The ID of the brand",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "The ID of the brand"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ },
+ {
+ "name": "themeId",
+ "tool_parameter_name": "theme_id",
+ "description": "The ID of the theme",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "The ID of the theme"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/DeleteThemeFavicon.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/DeleteThemeFavicon.json
new file mode 100644
index 000000000..a4c2a4908
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/DeleteThemeFavicon.json
@@ -0,0 +1,137 @@
+{
+ "name": "DeleteThemeFavicon",
+ "fully_qualified_name": "OktaApi.DeleteThemeFavicon@0.1.0",
+ "description": "Delete a theme's favicon, reverting to the default.\n\nThis tool removes the custom favicon for a specific theme in Okta, causing the theme to use the default Okta favicon. Use this tool when you want to revert to using the default favicon for a theme.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "brand_id",
+ "required": true,
+ "description": "The unique identifier for the brand whose theme favicon is to be deleted.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "The ID of the brand"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "brandId"
+ },
+ {
+ "name": "theme_id",
+ "required": true,
+ "description": "The ID of the theme you wish to delete the favicon from.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "The ID of the theme"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "themeId"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'deleteBrandThemeFavicon'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.brands.manage"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/brands/{brandId}/themes/{themeId}/favicon",
+ "http_method": "DELETE",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "brandId",
+ "tool_parameter_name": "brand_id",
+ "description": "The ID of the brand",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "The ID of the brand"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ },
+ {
+ "name": "themeId",
+ "tool_parameter_name": "theme_id",
+ "description": "The ID of the theme",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "The ID of the theme"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/DeleteThemeLogo.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/DeleteThemeLogo.json
new file mode 100644
index 000000000..91f80901d
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/DeleteThemeLogo.json
@@ -0,0 +1,137 @@
+{
+ "name": "DeleteThemeLogo",
+ "fully_qualified_name": "OktaApi.DeleteThemeLogo@0.1.0",
+ "description": "Deletes a theme logo and reverts to the default Okta logo.\n\nUse this tool to delete a specific theme logo for a brand in Okta, reverting the theme to the default Okta logo. This is useful when a custom logo needs to be removed from a theme.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "brand_id",
+ "required": true,
+ "description": "The unique identifier for the brand whose theme logo is to be deleted.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "The ID of the brand"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "brandId"
+ },
+ {
+ "name": "theme_id",
+ "required": true,
+ "description": "The unique identifier of the theme to delete the logo from. This will revert the theme to the default Okta logo.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "The ID of the theme"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "themeId"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'deleteBrandThemeLogo'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.brands.manage"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/brands/{brandId}/themes/{themeId}/logo",
+ "http_method": "DELETE",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "brandId",
+ "tool_parameter_name": "brand_id",
+ "description": "The ID of the brand",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "The ID of the brand"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ },
+ {
+ "name": "themeId",
+ "tool_parameter_name": "theme_id",
+ "description": "The ID of the theme",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "The ID of the theme"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/DeleteTrustedOrigin.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/DeleteTrustedOrigin.json
new file mode 100644
index 000000000..8d2940657
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/DeleteTrustedOrigin.json
@@ -0,0 +1,105 @@
+{
+ "name": "DeleteTrustedOrigin",
+ "fully_qualified_name": "OktaApi.DeleteTrustedOrigin@0.1.0",
+ "description": "Deletes a specified trusted origin in Okta.\n\nUse this tool to delete a trusted origin in Okta by providing its ID. This can be useful for managing and updating security settings related to trusted origins.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "trusted_origin_id",
+ "required": true,
+ "description": "The ID of the trusted origin to be deleted. This is required to identify which origin entry to remove.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "`id` of the trusted origin"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "trustedOriginId"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'deleteTrustedOrigin'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.trustedOrigins.manage"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/trustedOrigins/{trustedOriginId}",
+ "http_method": "DELETE",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "trustedOriginId",
+ "tool_parameter_name": "trusted_origin_id",
+ "description": "`id` of the trusted origin",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "`id` of the trusted origin"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/DeleteUiSchema.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/DeleteUiSchema.json
new file mode 100644
index 000000000..85f26455a
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/DeleteUiSchema.json
@@ -0,0 +1,105 @@
+{
+ "name": "DeleteUiSchema",
+ "fully_qualified_name": "OktaApi.DeleteUiSchema@0.1.0",
+ "description": "Delete a UI Schema by its ID.\n\nUse this tool to delete a specific UI Schema in the Okta platform by providing the schema ID.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "ui_schema_id",
+ "required": true,
+ "description": "The unique identifier of the UI Schema to delete.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "The unique ID of the UI Schema"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "id"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'deleteUISchemas'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.uischemas.manage"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/meta/uischemas/{id}",
+ "http_method": "DELETE",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "id",
+ "tool_parameter_name": "ui_schema_id",
+ "description": "The unique ID of the UI Schema",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "The unique ID of the UI Schema"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/DeleteUserLinkedObject.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/DeleteUserLinkedObject.json
new file mode 100644
index 000000000..b5ea3a042
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/DeleteUserLinkedObject.json
@@ -0,0 +1,137 @@
+{
+ "name": "DeleteUserLinkedObject",
+ "fully_qualified_name": "OktaApi.DeleteUserLinkedObject@0.1.0",
+ "description": "Delete a user's linked object relationship.\n\nUse this tool to delete an existing linked object relationship between a specified user and their associated primary relationship. It's successful whether or not such a relationship exists.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "user_identifier_or_login",
+ "required": true,
+ "description": "The ID or login of the user to delete the relationship for. Use 'me' to represent the current session user.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "If for the `self` link, this is the ID of the user for whom you want to get the primary user ID. If for the `associated` relation, this is the user ID or login value of the user assigned the associated relationship.\n\nThis can be `me` to represent the current session user."
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "userIdOrLogin"
+ },
+ {
+ "name": "relationship_name",
+ "required": true,
+ "description": "Name of the `primary` or `associated` relationship to be deleted.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Name of the `primary` or `associated` relationship being queried"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "relationshipName"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'deleteLinkedObjectForUser'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.users.manage"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/users/{userIdOrLogin}/linkedObjects/{relationshipName}",
+ "http_method": "DELETE",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "userIdOrLogin",
+ "tool_parameter_name": "user_identifier_or_login",
+ "description": "If for the `self` link, this is the ID of the user for whom you want to get the primary user ID. If for the `associated` relation, this is the user ID or login value of the user assigned the associated relationship.\n\nThis can be `me` to represent the current session user.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "If for the `self` link, this is the ID of the user for whom you want to get the primary user ID. If for the `associated` relation, this is the user ID or login value of the user assigned the associated relationship.\n\nThis can be `me` to represent the current session user."
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ },
+ {
+ "name": "relationshipName",
+ "tool_parameter_name": "relationship_name",
+ "description": "Name of the `primary` or `associated` relationship being queried",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Name of the `primary` or `associated` relationship being queried"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/DeleteUserType.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/DeleteUserType.json
new file mode 100644
index 000000000..42d645540
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/DeleteUserType.json
@@ -0,0 +1,105 @@
+{
+ "name": "DeleteUserType",
+ "fully_qualified_name": "OktaApi.DeleteUserType@0.1.0",
+ "description": "Permantly remove a user type in Okta.\n\nDeletes a user type permanently unless it's the default or currently assigned to users.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "user_type_id",
+ "required": true,
+ "description": "The ID of the user type to delete. Must not be the default type or assigned to any users.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": ""
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "typeId"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'deleteUserType'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.userTypes.manage"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/meta/types/user/{typeId}",
+ "http_method": "DELETE",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "typeId",
+ "tool_parameter_name": "user_type_id",
+ "description": "",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": ""
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/DeleteWebauthnPreregistration.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/DeleteWebauthnPreregistration.json
new file mode 100644
index 000000000..9b2109dab
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/DeleteWebauthnPreregistration.json
@@ -0,0 +1,137 @@
+{
+ "name": "DeleteWebauthnPreregistration",
+ "fully_qualified_name": "OktaApi.DeleteWebauthnPreregistration@0.1.0",
+ "description": "Deletes a specific WebAuthn preregistration factor for a user.\n\nUse this tool to delete a WebAuthn preregistration factor associated with a user, identified by the user ID and authenticator enrollment ID.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "okta_user_id",
+ "required": true,
+ "description": "The unique identifier of an existing user in Okta for whom the WebAuthn preregistration factor should be deleted.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "ID of an existing Okta user"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "userId"
+ },
+ {
+ "name": "webauthn_preregistration_id",
+ "required": true,
+ "description": "ID for a WebAuthn preregistration factor in Okta to be deleted.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "ID for a WebAuthn preregistration factor in Okta"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "authenticatorEnrollmentId"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'deleteWebAuthnPreregistrationFactor'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.users.manage"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/webauthn-registration/api/v1/users/{userId}/enrollments/{authenticatorEnrollmentId}",
+ "http_method": "DELETE",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "userId",
+ "tool_parameter_name": "okta_user_id",
+ "description": "ID of an existing Okta user",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "ID of an existing Okta user"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ },
+ {
+ "name": "authenticatorEnrollmentId",
+ "tool_parameter_name": "webauthn_preregistration_id",
+ "description": "ID for a WebAuthn preregistration factor in Okta",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "ID for a WebAuthn preregistration factor in Okta"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/DisablePolicyRule.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/DisablePolicyRule.json
new file mode 100644
index 000000000..62ebc6555
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/DisablePolicyRule.json
@@ -0,0 +1,137 @@
+{
+ "name": "DisablePolicyRule",
+ "fully_qualified_name": "OktaApi.DisablePolicyRule@0.1.0",
+ "description": "Deactivates a specified policy rule in Okta.\n\nUse this tool to deactivate a policy rule by providing the `policyId` and `ruleId`. It should be called when a policy rule needs to be deactivated within an Okta system.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "policy_id",
+ "required": true,
+ "description": "The ID of the policy to be deactivated.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "`id` of the Policy"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "policyId"
+ },
+ {
+ "name": "policy_rule_id",
+ "required": true,
+ "description": "The `id` of the policy rule to be deactivated in Okta.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "`id` of the policy rule"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "ruleId"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'deactivatePolicyRule'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.policies.manage"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/policies/{policyId}/rules/{ruleId}/lifecycle/deactivate",
+ "http_method": "POST",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "policyId",
+ "tool_parameter_name": "policy_id",
+ "description": "`id` of the Policy",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "`id` of the Policy"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ },
+ {
+ "name": "ruleId",
+ "tool_parameter_name": "policy_rule_id",
+ "description": "`id` of the policy rule",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "`id` of the policy rule"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/EmailCustomizationPreview.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/EmailCustomizationPreview.json
new file mode 100644
index 000000000..fc9024eac
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/EmailCustomizationPreview.json
@@ -0,0 +1,169 @@
+{
+ "name": "EmailCustomizationPreview",
+ "fully_qualified_name": "OktaApi.EmailCustomizationPreview@0.1.0",
+ "description": "Retrieve a preview of an email customization with user-context.\n\nFetches a preview of an email customization, filling in variable references from the current user's context. Works unless custom language settings are disabled, in which case it may return a 404 error for additional languages.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "brand_id",
+ "required": true,
+ "description": "The ID of the brand for which the email customization preview is requested.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "The ID of the brand"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "brandId"
+ },
+ {
+ "name": "email_template_name",
+ "required": true,
+ "description": "The name of the email template to retrieve a customization preview.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "The name of the email template"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "templateName"
+ },
+ {
+ "name": "email_customization_id",
+ "required": true,
+ "description": "The unique identifier for the email customization preview to retrieve.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "The ID of the email customization"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "customizationId"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'getCustomizationPreview'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.templates.read"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/brands/{brandId}/templates/email/{templateName}/customizations/{customizationId}/preview",
+ "http_method": "GET",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "brandId",
+ "tool_parameter_name": "brand_id",
+ "description": "The ID of the brand",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "The ID of the brand"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ },
+ {
+ "name": "templateName",
+ "tool_parameter_name": "email_template_name",
+ "description": "The name of the email template",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "The name of the email template"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ },
+ {
+ "name": "customizationId",
+ "tool_parameter_name": "email_customization_id",
+ "description": "The ID of the email customization",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "The ID of the email customization"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/EnrollPhoneAuthenticator.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/EnrollPhoneAuthenticator.json
new file mode 100644
index 000000000..51da77360
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/EnrollPhoneAuthenticator.json
@@ -0,0 +1,105 @@
+{
+ "name": "EnrollPhoneAuthenticator",
+ "fully_qualified_name": "OktaApi.EnrollPhoneAuthenticator@0.1.0",
+ "description": "Enroll a phone authenticator for a user automatically.\n\nThis tool should be called to enroll and automatically activate a phone authenticator for a specific user. It's useful when a user needs to secure their account with a phone-based authentication method.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "okta_user_id",
+ "required": true,
+ "description": "The unique ID of an existing user in Okta for whom the phone authenticator enrollment will be created.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "ID of an existing Okta user"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "userId"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'createAuthenticatorEnrollment'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.users.manage"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/users/{userId}/authenticator-enrollments/phone",
+ "http_method": "POST",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "userId",
+ "tool_parameter_name": "okta_user_id",
+ "description": "ID of an existing Okta user",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "ID of an existing Okta user"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/ExpireUserPassword.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/ExpireUserPassword.json
new file mode 100644
index 000000000..84cab9231
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/ExpireUserPassword.json
@@ -0,0 +1,105 @@
+{
+ "name": "ExpireUserPassword",
+ "fully_qualified_name": "OktaApi.ExpireUserPassword@0.1.0",
+ "description": "Expires a user password, requiring a change at next login.\n\nUse this tool to set a user's password to expired status. This forces the user to change their password upon next login. If integrated with AD, the password in AD will also expire, prompting a change during the next sign-in attempt.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "user_identifier",
+ "required": true,
+ "description": "An ID, login, or login shortname of an existing Okta user. Must be unambiguous.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "An ID, login, or login shortname (as long as the shortname is unambiguous) of an existing Okta user"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "id"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'expirePassword'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.users.manage"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/users/{id}/lifecycle/expire_password",
+ "http_method": "POST",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "id",
+ "tool_parameter_name": "user_identifier",
+ "description": "An ID, login, or login shortname (as long as the shortname is unambiguous) of an existing Okta user",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "An ID, login, or login shortname (as long as the shortname is unambiguous) of an existing Okta user"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/FetchAppAuthenticatorConfig.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/FetchAppAuthenticatorConfig.json
new file mode 100644
index 000000000..0c6a70d57
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/FetchAppAuthenticatorConfig.json
@@ -0,0 +1,101 @@
+{
+ "name": "FetchAppAuthenticatorConfig",
+ "fully_qualified_name": "OktaApi.FetchAppAuthenticatorConfig@0.1.0",
+ "description": "Retrieves the app authenticator configuration details.\n\nUse this tool to get information about an app authenticator's settings, supported methods, and other relevant details.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "filter_by_oauth_client_id",
+ "required": true,
+ "description": "Filter the app authenticator configurations using this OAuth Client ID.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Filters app authenticator configurations by `oauthClientId`"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "oauthClientId"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'getWellKnownAppAuthenticatorConfiguration'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": null
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/.well-known/app-authenticator-configuration",
+ "http_method": "GET",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "oauthClientId",
+ "tool_parameter_name": "filter_by_oauth_client_id",
+ "description": "Filters app authenticator configurations by `oauthClientId`",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Filters app authenticator configurations by `oauthClientId`"
+ },
+ "accepted_as": "query",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/FetchLogStreamById.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/FetchLogStreamById.json
new file mode 100644
index 000000000..cafb25885
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/FetchLogStreamById.json
@@ -0,0 +1,105 @@
+{
+ "name": "FetchLogStreamById",
+ "fully_qualified_name": "OktaApi.FetchLogStreamById@0.1.0",
+ "description": "Retrieve log stream details by ID from Okta.\n\nUse this tool to access detailed information about a specific log stream in Okta by providing the log stream ID.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "log_stream_id",
+ "required": true,
+ "description": "Unique identifier for the log stream to be retrieved.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Unique identifier for the log stream"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "logStreamId"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'getLogStream'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.logStreams.read"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/logStreams/{logStreamId}",
+ "http_method": "GET",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "logStreamId",
+ "tool_parameter_name": "log_stream_id",
+ "description": "Unique identifier for the log stream",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Unique identifier for the log stream"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/GenerateAppKeyCertificate.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/GenerateAppKeyCertificate.json
new file mode 100644
index 000000000..8ba337b93
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/GenerateAppKeyCertificate.json
@@ -0,0 +1,137 @@
+{
+ "name": "GenerateAppKeyCertificate",
+ "fully_qualified_name": "OktaApi.GenerateAppKeyCertificate@0.1.0",
+ "description": "Generate a new X.509 certificate for an app key.\n\nThis tool generates a new X.509 certificate for an application's key credential. Use it to update an application's signing credentials with the newly generated key.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "certificate_validity_years",
+ "required": true,
+ "description": "The number of years until the X.509 certificate for the application key expires.",
+ "value_schema": {
+ "val_type": "integer",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Expiry years of the Application Key Credential"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "validityYears"
+ },
+ {
+ "name": "application_id",
+ "required": true,
+ "description": "The unique identifier of the application for which the certificate is being generated.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Application ID"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "appId"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'generateApplicationKey'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.apps.manage"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/apps/{appId}/credentials/keys/generate",
+ "http_method": "POST",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "validityYears",
+ "tool_parameter_name": "certificate_validity_years",
+ "description": "Expiry years of the Application Key Credential",
+ "value_schema": {
+ "val_type": "integer",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Expiry years of the Application Key Credential"
+ },
+ "accepted_as": "query",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ },
+ {
+ "name": "appId",
+ "tool_parameter_name": "application_id",
+ "description": "Application ID",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Application ID"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/GenerateIdpSigningKey.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/GenerateIdpSigningKey.json
new file mode 100644
index 000000000..c3c42fb58
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/GenerateIdpSigningKey.json
@@ -0,0 +1,137 @@
+{
+ "name": "GenerateIdpSigningKey",
+ "fully_qualified_name": "OktaApi.GenerateIdpSigningKey@0.1.0",
+ "description": "Generate a new X.509 certificate for IdP signing.\n\nThis tool generates a new X.509 certificate for an identity provider (IdP) signing key, used for signing assertions sent to the IdP. To utilize the new key, update your IdP using the returned key's `kid` in the signing credential.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "idp_key_credential_expiry_years",
+ "required": true,
+ "description": "Enter the number of years the IdP certificate should remain valid.",
+ "value_schema": {
+ "val_type": "integer",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "expiry of the IdP key credential"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "validityYears"
+ },
+ {
+ "name": "identity_provider_id",
+ "required": true,
+ "description": "The unique identifier for the identity provider (IdP).",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "`id` of IdP"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "idpId"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'generateIdentityProviderSigningKey'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.idps.manage"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/idps/{idpId}/credentials/keys/generate",
+ "http_method": "POST",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "validityYears",
+ "tool_parameter_name": "idp_key_credential_expiry_years",
+ "description": "expiry of the IdP key credential",
+ "value_schema": {
+ "val_type": "integer",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "expiry of the IdP key credential"
+ },
+ "accepted_as": "query",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ },
+ {
+ "name": "idpId",
+ "tool_parameter_name": "identity_provider_id",
+ "description": "`id` of IdP",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "`id` of IdP"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/GetAerialConsentDetails.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/GetAerialConsentDetails.json
new file mode 100644
index 000000000..d38df1021
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/GetAerialConsentDetails.json
@@ -0,0 +1,71 @@
+{
+ "name": "GetAerialConsentDetails",
+ "fully_qualified_name": "OktaApi.GetAerialConsentDetails@0.1.0",
+ "description": "Retrieve Okta Aerial consent grant details for your Org.\n\nUse this tool to check if your organization has granted consent for Okta Aerial. It returns detailed consent information or a 404 error if no consent has been granted.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": []
+ },
+ "output": {
+ "description": "Response from the API endpoint 'getAerialConsent'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.orgs.manage"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/org/privacy/aerial",
+ "http_method": "GET",
+ "headers": {},
+ "parameters": [],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/GetAgentPoolUpdateSettings.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/GetAgentPoolUpdateSettings.json
new file mode 100644
index 000000000..f92e0ef23
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/GetAgentPoolUpdateSettings.json
@@ -0,0 +1,105 @@
+{
+ "name": "GetAgentPoolUpdateSettings",
+ "fully_qualified_name": "OktaApi.GetAgentPoolUpdateSettings@0.1.0",
+ "description": "Retrieve agent pool update settings information.\n\nThis tool retrieves the current state of the update instance settings for a specific agent pool. It should be called when there's a need to understand or verify the configuration of the update settings for a given pool.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "agent_pool_id",
+ "required": true,
+ "description": "The unique identifier of the agent pool to retrieve update settings for.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "ID of the agent pool for which the settings apply to"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "poolId"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'getAgentPoolsUpdateSettings'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.agentPools.read"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/agentPools/{poolId}/updates/settings",
+ "http_method": "GET",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "poolId",
+ "tool_parameter_name": "agent_pool_id",
+ "description": "ID of the agent pool for which the settings apply to",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "ID of the agent pool for which the settings apply to"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/GetAllOktaGroups.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/GetAllOktaGroups.json
new file mode 100644
index 000000000..123319b4a
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/GetAllOktaGroups.json
@@ -0,0 +1,329 @@
+{
+ "name": "GetAllOktaGroups",
+ "fully_qualified_name": "OktaApi.GetAllOktaGroups@0.1.0",
+ "description": "Retrieve a list of all Okta groups with pagination.\n\nThis tool retrieves all groups in Okta with optional pagination. It can filter, search, or query to return specific subsets of groups based on given criteria. Recommended usage includes setting a limit under 200 for optimal performance. Note that the results are driven by an eventually consistent datasource with minimal synchronization lag.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "group_search_expression",
+ "required": false,
+ "description": "A URL-encoded filtering expression to search for groups based on various properties like profile attributes or top-level properties. Supported operators are `sw`, `eq`, and `co` for select attributes. Can involve pagination.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Searches for groups with a supported [filtering](https://developer.okta.com/docs/api/#filter) expression for all properties except for `_embedded`, `_links`, and `objectClass`. This operation supports [pagination](https://developer.okta.com/docs/api/#pagination).\n\nUsing search requires [URL encoding](https://developer.mozilla.org/en-US/docs/Glossary/Percent-encoding), for example, `search=type eq \"OKTA_GROUP\"` is encoded as `search=type+eq+%22OKTA_GROUP%22`.\n\nThis operation searches many properties:\n\n* Any group profile attribute, including imported app group profile attributes.\n* The top-level properties: `id`, `created`, `lastMembershipUpdated`, `lastUpdated`, and `type`.\n* The [source](/openapi/okta-management/management/tag/Group/#tag/Group/operation/listGroups!c=200&path=_links/source&t=response) of groups with type of `APP_GROUP`, accessed as `source.id`.\n\nYou can also use the `sortBy` and `sortOrder` parameters.\n\nSearches for groups can be filtered by the following operators: `sw`, `eq`, and `co`. You can only use `co` with these select profile attributes: `profile.name` and `profile.description`. See [Operators](https://developer.okta.com/docs/api/#operators). "
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "search"
+ },
+ {
+ "name": "group_filter_expression",
+ "required": false,
+ "description": "URL-encoded filter expression to narrow down groups. Follow Okta's filter guidelines for proper syntax.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Filter expression for groups. See [Filter](https://developer.okta.com/docs/api/#filter).\n\n> **Note:** All filters must be [URL encoded](https://developer.mozilla.org/en-US/docs/Glossary/Percent-encoding). For example, `filter=lastUpdated gt \"2013-06-01T00:00:00.000Z\"` is encoded as `filter=lastUpdated%20gt%20%222013-06-01T00:00:00.000Z%22`."
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "filter"
+ },
+ {
+ "name": "group_name_query",
+ "required": false,
+ "description": "Search for a group by its name. Note: This query returns up to 300 results and cannot be used with pagination.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Finds a group that matches the `name` property.\n> **Note:** Paging and searching are currently mutually exclusive. You can't page a query. The default limit for a query is 300 results. Query is intended for an auto-complete picker use case where users refine their search string to constrain the results."
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "q"
+ },
+ {
+ "name": "pagination_cursor_after",
+ "required": false,
+ "description": "Specifies the cursor for retrieving the next page of groups. Obtain from the 'next' link relation for pagination.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Specifies the pagination cursor for the next page of groups. The `after` cursor should be treated as an opaque value and obtained through the next link relation. See [Pagination](https://developer.okta.com/docs/api/#pagination)."
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "after"
+ },
+ {
+ "name": "group_result_limit",
+ "required": false,
+ "description": "Specifies the number of group results in a page. It is recommended to set a limit under 200 for optimal performance. If a request times out, try a smaller limit.",
+ "value_schema": {
+ "val_type": "integer",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Specifies the number of group results in a page.\n\nOkta recommends using a specific value other than the default or maximum. If your request times out, retry your request with a smaller `limit` and [page the results](https://developer.okta.com/docs/api/#pagination).\n\nThe Okta default `Everyone` group isn't returned for users with a group admin role."
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "limit"
+ },
+ {
+ "name": "include_additional_metadata",
+ "required": false,
+ "description": "Specify additional metadata to include in the response. Options: 'stats' or 'app'.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "If specified, additional metadata is included in the response. Possible values are `stats` and `app`. This additional metadata is listed in the [`_embedded`](https://developer.okta.com/docs/api/openapi/okta-management/management/tag/Group/#tag/Group/operation/addGroup!c=200&path=_embedded&t=response) property of the response.\n\n> **Note:** You can use the `stats` value to return the number of users within a group. This is listed as the `_embedded.stats.usersCount` value in the response. See this [Knowledge Base article](https://support.okta.com/help/s/article/Is-there-an-API-that-returns-the-number-of-users-in-a-group?language=en_US) for more information and an example."
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "expand"
+ },
+ {
+ "name": "sort_by_field",
+ "required": false,
+ "description": "Specifies the field to sort by for search queries. Can be any single property, like `profile.name`.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Specifies field to sort by **(for search queries only)**. `sortBy` can be any single property, for example `sortBy=profile.name`."
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "sortBy"
+ },
+ {
+ "name": "sort_order_for_search",
+ "required": false,
+ "description": "Defines the sort order (asc or desc) for search queries. Ignored if sortBy isn't specified.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Specifies sort order: `asc` or `desc` (for search queries only). This parameter is ignored if `sortBy` isn't present. Groups with the same value for the `sortBy` property are ordered by `id`'."
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "sortOrder"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'listGroups'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.groups.read"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/groups",
+ "http_method": "GET",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "search",
+ "tool_parameter_name": "group_search_expression",
+ "description": "Searches for groups with a supported [filtering](https://developer.okta.com/docs/api/#filter) expression for all properties except for `_embedded`, `_links`, and `objectClass`. This operation supports [pagination](https://developer.okta.com/docs/api/#pagination).\n\nUsing search requires [URL encoding](https://developer.mozilla.org/en-US/docs/Glossary/Percent-encoding), for example, `search=type eq \"OKTA_GROUP\"` is encoded as `search=type+eq+%22OKTA_GROUP%22`.\n\nThis operation searches many properties:\n\n* Any group profile attribute, including imported app group profile attributes.\n* The top-level properties: `id`, `created`, `lastMembershipUpdated`, `lastUpdated`, and `type`.\n* The [source](/openapi/okta-management/management/tag/Group/#tag/Group/operation/listGroups!c=200&path=_links/source&t=response) of groups with type of `APP_GROUP`, accessed as `source.id`.\n\nYou can also use the `sortBy` and `sortOrder` parameters.\n\nSearches for groups can be filtered by the following operators: `sw`, `eq`, and `co`. You can only use `co` with these select profile attributes: `profile.name` and `profile.description`. See [Operators](https://developer.okta.com/docs/api/#operators). ",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Searches for groups with a supported [filtering](https://developer.okta.com/docs/api/#filter) expression for all properties except for `_embedded`, `_links`, and `objectClass`. This operation supports [pagination](https://developer.okta.com/docs/api/#pagination).\n\nUsing search requires [URL encoding](https://developer.mozilla.org/en-US/docs/Glossary/Percent-encoding), for example, `search=type eq \"OKTA_GROUP\"` is encoded as `search=type+eq+%22OKTA_GROUP%22`.\n\nThis operation searches many properties:\n\n* Any group profile attribute, including imported app group profile attributes.\n* The top-level properties: `id`, `created`, `lastMembershipUpdated`, `lastUpdated`, and `type`.\n* The [source](/openapi/okta-management/management/tag/Group/#tag/Group/operation/listGroups!c=200&path=_links/source&t=response) of groups with type of `APP_GROUP`, accessed as `source.id`.\n\nYou can also use the `sortBy` and `sortOrder` parameters.\n\nSearches for groups can be filtered by the following operators: `sw`, `eq`, and `co`. You can only use `co` with these select profile attributes: `profile.name` and `profile.description`. See [Operators](https://developer.okta.com/docs/api/#operators). "
+ },
+ "accepted_as": "query",
+ "required": false,
+ "deprecated": false,
+ "documentation_urls": []
+ },
+ {
+ "name": "filter",
+ "tool_parameter_name": "group_filter_expression",
+ "description": "Filter expression for groups. See [Filter](https://developer.okta.com/docs/api/#filter).\n\n> **Note:** All filters must be [URL encoded](https://developer.mozilla.org/en-US/docs/Glossary/Percent-encoding). For example, `filter=lastUpdated gt \"2013-06-01T00:00:00.000Z\"` is encoded as `filter=lastUpdated%20gt%20%222013-06-01T00:00:00.000Z%22`.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Filter expression for groups. See [Filter](https://developer.okta.com/docs/api/#filter).\n\n> **Note:** All filters must be [URL encoded](https://developer.mozilla.org/en-US/docs/Glossary/Percent-encoding). For example, `filter=lastUpdated gt \"2013-06-01T00:00:00.000Z\"` is encoded as `filter=lastUpdated%20gt%20%222013-06-01T00:00:00.000Z%22`."
+ },
+ "accepted_as": "query",
+ "required": false,
+ "deprecated": false,
+ "documentation_urls": []
+ },
+ {
+ "name": "q",
+ "tool_parameter_name": "group_name_query",
+ "description": "Finds a group that matches the `name` property.\n> **Note:** Paging and searching are currently mutually exclusive. You can't page a query. The default limit for a query is 300 results. Query is intended for an auto-complete picker use case where users refine their search string to constrain the results.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Finds a group that matches the `name` property.\n> **Note:** Paging and searching are currently mutually exclusive. You can't page a query. The default limit for a query is 300 results. Query is intended for an auto-complete picker use case where users refine their search string to constrain the results."
+ },
+ "accepted_as": "query",
+ "required": false,
+ "deprecated": false,
+ "documentation_urls": []
+ },
+ {
+ "name": "after",
+ "tool_parameter_name": "pagination_cursor_after",
+ "description": "Specifies the pagination cursor for the next page of groups. The `after` cursor should be treated as an opaque value and obtained through the next link relation. See [Pagination](https://developer.okta.com/docs/api/#pagination).",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Specifies the pagination cursor for the next page of groups. The `after` cursor should be treated as an opaque value and obtained through the next link relation. See [Pagination](https://developer.okta.com/docs/api/#pagination)."
+ },
+ "accepted_as": "query",
+ "required": false,
+ "deprecated": false,
+ "documentation_urls": []
+ },
+ {
+ "name": "limit",
+ "tool_parameter_name": "group_result_limit",
+ "description": "Specifies the number of group results in a page.\n\nOkta recommends using a specific value other than the default or maximum. If your request times out, retry your request with a smaller `limit` and [page the results](https://developer.okta.com/docs/api/#pagination).\n\nThe Okta default `Everyone` group isn't returned for users with a group admin role.",
+ "value_schema": {
+ "val_type": "integer",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Specifies the number of group results in a page.\n\nOkta recommends using a specific value other than the default or maximum. If your request times out, retry your request with a smaller `limit` and [page the results](https://developer.okta.com/docs/api/#pagination).\n\nThe Okta default `Everyone` group isn't returned for users with a group admin role."
+ },
+ "accepted_as": "query",
+ "required": false,
+ "deprecated": false,
+ "documentation_urls": []
+ },
+ {
+ "name": "expand",
+ "tool_parameter_name": "include_additional_metadata",
+ "description": "If specified, additional metadata is included in the response. Possible values are `stats` and `app`. This additional metadata is listed in the [`_embedded`](https://developer.okta.com/docs/api/openapi/okta-management/management/tag/Group/#tag/Group/operation/addGroup!c=200&path=_embedded&t=response) property of the response.\n\n> **Note:** You can use the `stats` value to return the number of users within a group. This is listed as the `_embedded.stats.usersCount` value in the response. See this [Knowledge Base article](https://support.okta.com/help/s/article/Is-there-an-API-that-returns-the-number-of-users-in-a-group?language=en_US) for more information and an example.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "If specified, additional metadata is included in the response. Possible values are `stats` and `app`. This additional metadata is listed in the [`_embedded`](https://developer.okta.com/docs/api/openapi/okta-management/management/tag/Group/#tag/Group/operation/addGroup!c=200&path=_embedded&t=response) property of the response.\n\n> **Note:** You can use the `stats` value to return the number of users within a group. This is listed as the `_embedded.stats.usersCount` value in the response. See this [Knowledge Base article](https://support.okta.com/help/s/article/Is-there-an-API-that-returns-the-number-of-users-in-a-group?language=en_US) for more information and an example."
+ },
+ "accepted_as": "query",
+ "required": false,
+ "deprecated": false,
+ "documentation_urls": []
+ },
+ {
+ "name": "sortBy",
+ "tool_parameter_name": "sort_by_field",
+ "description": "Specifies field to sort by **(for search queries only)**. `sortBy` can be any single property, for example `sortBy=profile.name`.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Specifies field to sort by **(for search queries only)**. `sortBy` can be any single property, for example `sortBy=profile.name`."
+ },
+ "accepted_as": "query",
+ "required": false,
+ "deprecated": false,
+ "documentation_urls": []
+ },
+ {
+ "name": "sortOrder",
+ "tool_parameter_name": "sort_order_for_search",
+ "description": "Specifies sort order: `asc` or `desc` (for search queries only). This parameter is ignored if `sortBy` isn't present. Groups with the same value for the `sortBy` property are ordered by `id`'.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Specifies sort order: `asc` or `desc` (for search queries only). This parameter is ignored if `sortBy` isn't present. Groups with the same value for the `sortBy` property are ordered by `id`'."
+ },
+ "accepted_as": "query",
+ "required": false,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/GetAppUserSchema.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/GetAppUserSchema.json
new file mode 100644
index 000000000..9b07bfc9a
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/GetAppUserSchema.json
@@ -0,0 +1,105 @@
+{
+ "name": "GetAppUserSchema",
+ "fully_qualified_name": "OktaApi.GetAppUserSchema@0.1.0",
+ "description": "Retrieve the default schema for an app user.\n\nUse this tool to get the default schema for a user assigned to a specific app. This is useful when you need to understand the attributes and structure that apply uniformly to all users associated with the app.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "application_id",
+ "required": true,
+ "description": "The unique identifier of the application for which the user schema is retrieved.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Application ID"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "appId"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'getApplicationUserSchema'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.schemas.read"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/meta/schemas/apps/{appId}/default",
+ "http_method": "GET",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "appId",
+ "tool_parameter_name": "application_id",
+ "description": "Application ID",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Application ID"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/GetAppleAppSiteAssociation.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/GetAppleAppSiteAssociation.json
new file mode 100644
index 000000000..efd5a7e95
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/GetAppleAppSiteAssociation.json
@@ -0,0 +1,67 @@
+{
+ "name": "GetAppleAppSiteAssociation",
+ "fully_qualified_name": "OktaApi.GetAppleAppSiteAssociation@0.1.0",
+ "description": "Retrieve the apple-app-site-association well-known URI.\n\nThis tool retrieves the content of the `apple-app-site-association` well-known URI, including Okta's `authsrv` content for seamless Okta Verify integration.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": []
+ },
+ "output": {
+ "description": "Response from the API endpoint 'getAppleAppSiteAssociationWellKnownURI'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": null
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/.well-known/apple-app-site-association",
+ "http_method": "GET",
+ "headers": {},
+ "parameters": [],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/GetAuthenticatorSettings.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/GetAuthenticatorSettings.json
new file mode 100644
index 000000000..4a4547787
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/GetAuthenticatorSettings.json
@@ -0,0 +1,71 @@
+{
+ "name": "GetAuthenticatorSettings",
+ "fully_qualified_name": "OktaApi.GetAuthenticatorSettings@0.1.0",
+ "description": "Retrieve Authenticator Settings for your organization.\n\nUse this tool to get the current Authenticator Settings for your organization, useful for security configuration and management.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": []
+ },
+ "output": {
+ "description": "Response from the API endpoint 'getAuthenticatorSettings'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.orgs.read"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/attack-protection/api/v1/authenticator-settings",
+ "http_method": "GET",
+ "headers": {},
+ "parameters": [],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/GetAutoAssignAdminAppSetting.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/GetAutoAssignAdminAppSetting.json
new file mode 100644
index 000000000..6dccee605
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/GetAutoAssignAdminAppSetting.json
@@ -0,0 +1,71 @@
+{
+ "name": "GetAutoAssignAdminAppSetting",
+ "fully_qualified_name": "OktaApi.GetAutoAssignAdminAppSetting@0.1.0",
+ "description": "Fetches the setting for auto-assigning the Okta Admin Console.\n\nUse this tool to retrieve the organization setting that determines if the Okta Admin Console is automatically assigned when an admin role is given.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": []
+ },
+ "output": {
+ "description": "Response from the API endpoint 'getAutoAssignAdminAppSetting'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.orgs.read"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/org/settings/autoAssignAdminAppSetting",
+ "http_method": "GET",
+ "headers": {},
+ "parameters": [],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/GetClientRoleAssignment.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/GetClientRoleAssignment.json
new file mode 100644
index 000000000..ff2097843
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/GetClientRoleAssignment.json
@@ -0,0 +1,137 @@
+{
+ "name": "GetClientRoleAssignment",
+ "fully_qualified_name": "OktaApi.GetClientRoleAssignment@0.1.0",
+ "description": "Retrieve a specific role assignment for a client app.\n\nFetches the role assignment details for a client application using the specified client ID and role assignment ID.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "client_app_id",
+ "required": true,
+ "description": "The unique identifier for the client application. Required for fetching its role assignment.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Client app ID"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "clientId"
+ },
+ {
+ "name": "role_assignment_id",
+ "required": true,
+ "description": "The ID of the role assignment to retrieve for the client app.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "The `id` of the role assignment"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "roleAssignmentId"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'retrieveClientRole'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.roles.read"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/oauth2/v1/clients/{clientId}/roles/{roleAssignmentId}",
+ "http_method": "GET",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "clientId",
+ "tool_parameter_name": "client_app_id",
+ "description": "Client app ID",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Client app ID"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ },
+ {
+ "name": "roleAssignmentId",
+ "tool_parameter_name": "role_assignment_id",
+ "description": "The `id` of the role assignment",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "The `id` of the role assignment"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/GetCrossAppAccessConnections.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/GetCrossAppAccessConnections.json
new file mode 100644
index 000000000..cd2b8d69c
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/GetCrossAppAccessConnections.json
@@ -0,0 +1,169 @@
+{
+ "name": "GetCrossAppAccessConnections",
+ "fully_qualified_name": "OktaApi.GetCrossAppAccessConnections@0.1.0",
+ "description": "Retrieve Cross App Access connections for a specified app.\n\nUse this tool to obtain information about inbound and outbound Cross App Access connections linked to a specific application. It provides the necessary details about the connections associated with the app.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "application_id",
+ "required": true,
+ "description": "The unique identifier of the application for which Cross App Access connections are retrieved.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Application ID"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "appId"
+ },
+ {
+ "name": "pagination_cursor",
+ "required": false,
+ "description": "Specifies the pagination cursor for retrieving the next page of connection results.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Specifies the pagination cursor for the next page of connection results"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "after"
+ },
+ {
+ "name": "results_per_page",
+ "required": false,
+ "description": "Number of results per page: -1 for all results, 0 for empty, or a positive integer for specific count.",
+ "value_schema": {
+ "val_type": "integer",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Specifies the number of results to return per page. The values:\n * -1: Return all results (up to system maximum)\n * 0: Return an empty result set\n * Positive integer: Return up to that many results (capped at system maximum)\n"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "limit"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'getAllCrossAppAccessConnections'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.apps.read"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/apps/{appId}/cwo/connections",
+ "http_method": "GET",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "after",
+ "tool_parameter_name": "pagination_cursor",
+ "description": "Specifies the pagination cursor for the next page of connection results",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Specifies the pagination cursor for the next page of connection results"
+ },
+ "accepted_as": "query",
+ "required": false,
+ "deprecated": false,
+ "documentation_urls": []
+ },
+ {
+ "name": "limit",
+ "tool_parameter_name": "results_per_page",
+ "description": "Specifies the number of results to return per page. The values:\n * -1: Return all results (up to system maximum)\n * 0: Return an empty result set\n * Positive integer: Return up to that many results (capped at system maximum)\n",
+ "value_schema": {
+ "val_type": "integer",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Specifies the number of results to return per page. The values:\n * -1: Return all results (up to system maximum)\n * 0: Return an empty result set\n * Positive integer: Return up to that many results (capped at system maximum)\n"
+ },
+ "accepted_as": "query",
+ "required": false,
+ "deprecated": false,
+ "documentation_urls": []
+ },
+ {
+ "name": "appId",
+ "tool_parameter_name": "application_id",
+ "description": "Application ID",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Application ID"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/GetCustomizedErrorPage.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/GetCustomizedErrorPage.json
new file mode 100644
index 000000000..187044907
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/GetCustomizedErrorPage.json
@@ -0,0 +1,105 @@
+{
+ "name": "GetCustomizedErrorPage",
+ "fully_qualified_name": "OktaApi.GetCustomizedErrorPage@0.1.0",
+ "description": "Retrieves the live customized error page for a brand.\n\nUse this tool to get the customized error page that appears in the live environment for a specified brand.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "brand_id",
+ "required": true,
+ "description": "The unique identifier for the brand whose error page is being retrieved.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "The ID of the brand"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "brandId"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'getCustomizedErrorPage'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.brands.read"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/brands/{brandId}/pages/error/customized",
+ "http_method": "GET",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "brandId",
+ "tool_parameter_name": "brand_id",
+ "description": "The ID of the brand",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "The ID of the brand"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/GetCustomizedSignInPage.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/GetCustomizedSignInPage.json
new file mode 100644
index 000000000..559c7268e
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/GetCustomizedSignInPage.json
@@ -0,0 +1,105 @@
+{
+ "name": "GetCustomizedSignInPage",
+ "fully_qualified_name": "OktaApi.GetCustomizedSignInPage@0.1.0",
+ "description": "Retrieve the customized sign-in page for a brand.\n\nCall this tool to get details of the customized sign-in page for a specific brand in your live environment.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "brand_id",
+ "required": true,
+ "description": "The unique ID of the brand for which you want to retrieve the customized sign-in page.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "The ID of the brand"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "brandId"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'getCustomizedSignInPage'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.brands.read"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/brands/{brandId}/pages/sign-in/customized",
+ "http_method": "GET",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "brandId",
+ "tool_parameter_name": "brand_id",
+ "description": "The ID of the brand",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "The ID of the brand"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/GetDefaultProvisioningConnection.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/GetDefaultProvisioningConnection.json
new file mode 100644
index 000000000..aabf04dac
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/GetDefaultProvisioningConnection.json
@@ -0,0 +1,105 @@
+{
+ "name": "GetDefaultProvisioningConnection",
+ "fully_qualified_name": "OktaApi.GetDefaultProvisioningConnection@0.1.0",
+ "description": "Retrieve the default provisioning connection for an app.\n\nCall this tool to get details about the default provisioning connection associated with a specific application using its app ID. This is useful for understanding how an application is configured to provision resources or users.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "application_id",
+ "required": true,
+ "description": "Provide the unique Application ID to retrieve its default provisioning connection details.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Application ID"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "appId"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'getDefaultProvisioningConnectionForApplication'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.apps.read"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/apps/{appId}/connections/default",
+ "http_method": "GET",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "appId",
+ "tool_parameter_name": "application_id",
+ "description": "Application ID",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Application ID"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/GetDefaultSignInPage.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/GetDefaultSignInPage.json
new file mode 100644
index 000000000..b4647a63e
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/GetDefaultSignInPage.json
@@ -0,0 +1,105 @@
+{
+ "name": "GetDefaultSignInPage",
+ "fully_qualified_name": "OktaApi.GetDefaultSignInPage@0.1.0",
+ "description": "Retrieve the default sign-in page when no custom page exists.\n\nThis tool retrieves the default sign-in page for a specified brand when no customized sign-in page is set. It should be called to access the standard Okta sign-in page template.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "brand_id",
+ "required": true,
+ "description": "The unique ID of the brand to specify which default sign-in page to retrieve.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "The ID of the brand"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "brandId"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'getDefaultSignInPage'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.brands.read"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/brands/{brandId}/pages/sign-in/default",
+ "http_method": "GET",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "brandId",
+ "tool_parameter_name": "brand_id",
+ "description": "The ID of the brand",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "The ID of the brand"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/GetDeviceAssurancePolicy.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/GetDeviceAssurancePolicy.json
new file mode 100644
index 000000000..9d6795eb8
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/GetDeviceAssurancePolicy.json
@@ -0,0 +1,105 @@
+{
+ "name": "GetDeviceAssurancePolicy",
+ "fully_qualified_name": "OktaApi.GetDeviceAssurancePolicy@0.1.0",
+ "description": "Retrieve a specific device assurance policy by ID.\n\nUse this tool to get details about a device assurance policy using its unique ID. This can be helpful for verifying or reviewing policy specifications.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "device_assurance_policy_id",
+ "required": true,
+ "description": "The unique identifier for the device assurance policy to retrieve.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Id of the device assurance policy"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "deviceAssuranceId"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'getDeviceAssurancePolicy'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.deviceAssurance.read"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/device-assurances/{deviceAssuranceId}",
+ "http_method": "GET",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "deviceAssuranceId",
+ "tool_parameter_name": "device_assurance_policy_id",
+ "description": "Id of the device assurance policy",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Id of the device assurance policy"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/GetEmailTemplateSettings.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/GetEmailTemplateSettings.json
new file mode 100644
index 000000000..45bf7b2eb
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/GetEmailTemplateSettings.json
@@ -0,0 +1,137 @@
+{
+ "name": "GetEmailTemplateSettings",
+ "fully_qualified_name": "OktaApi.GetEmailTemplateSettings@0.1.0",
+ "description": "Retrieve email template settings for a specified brand.\n\nThis tool retrieves the settings of an email template based on the provided brand ID and template name. It should be called when there's a need to access or review the configuration details of a particular email template within Okta's system.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "brand_id",
+ "required": true,
+ "description": "The unique ID of the brand whose email template settings are to be retrieved.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "The ID of the brand"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "brandId"
+ },
+ {
+ "name": "email_template_name",
+ "required": true,
+ "description": "The name of the email template to retrieve settings for.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "The name of the email template"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "templateName"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'getEmailSettings'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.templates.read"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/brands/{brandId}/templates/email/{templateName}/settings",
+ "http_method": "GET",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "brandId",
+ "tool_parameter_name": "brand_id",
+ "description": "The ID of the brand",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "The ID of the brand"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ },
+ {
+ "name": "templateName",
+ "tool_parameter_name": "email_template_name",
+ "description": "The name of the email template",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "The name of the email template"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/GetGroupSchema.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/GetGroupSchema.json
new file mode 100644
index 000000000..4efc85580
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/GetGroupSchema.json
@@ -0,0 +1,71 @@
+{
+ "name": "GetGroupSchema",
+ "fully_qualified_name": "OktaApi.GetGroupSchema@0.1.0",
+ "description": "Retrieve the group schema from Okta.\n\nUse this tool to fetch the default group schema from Okta. This schema is used for all groups as Okta does not extend user types to groups. Useful for understanding the group structure and attributes.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": []
+ },
+ "output": {
+ "description": "Response from the API endpoint 'getGroupSchema'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.schemas.read"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/meta/schemas/group/default",
+ "http_method": "GET",
+ "headers": {},
+ "parameters": [],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/GetGroupTargetsForRole.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/GetGroupTargetsForRole.json
new file mode 100644
index 000000000..0201992ba
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/GetGroupTargetsForRole.json
@@ -0,0 +1,201 @@
+{
+ "name": "GetGroupTargetsForRole",
+ "fully_qualified_name": "OktaApi.GetGroupTargetsForRole@0.1.0",
+ "description": "Retrieve group targets for specific admin roles in Okta.\n\nUse this tool to list all group targets for a specified `USER_ADMIN`, `HELP_DESK_ADMIN`, or `GROUP_MEMBERSHIP_ADMIN` role assigned to an admin user. Returns an empty list if the role has no specific group targets.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "user_id",
+ "required": true,
+ "description": "The ID of an existing Okta user to fetch group targets for.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "ID of an existing Okta user"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "userId"
+ },
+ {
+ "name": "role_assignment_id",
+ "required": true,
+ "description": "The ID of the role assignment for which to list group targets.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "The `id` of the role assignment"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "roleAssignmentId"
+ },
+ {
+ "name": "pagination_cursor",
+ "required": false,
+ "description": "The cursor string for pagination, obtained from the `Link` response header to specify the current location in the list.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "The cursor to use for pagination. It is an opaque string that specifies your current location in the list and is obtained from the `Link` response header. See [Pagination](https://developer.okta.com/docs/api/#pagination)."
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "after"
+ },
+ {
+ "name": "max_results_to_return",
+ "required": false,
+ "description": "The maximum number of group targets to return. Specify an integer value to limit the results.",
+ "value_schema": {
+ "val_type": "integer",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "A limit on the number of objects to return"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "limit"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'listGroupTargetsForRole'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.roles.read"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/users/{userId}/roles/{roleAssignmentId}/targets/groups",
+ "http_method": "GET",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "after",
+ "tool_parameter_name": "pagination_cursor",
+ "description": "The cursor to use for pagination. It is an opaque string that specifies your current location in the list and is obtained from the `Link` response header. See [Pagination](https://developer.okta.com/docs/api/#pagination).",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "The cursor to use for pagination. It is an opaque string that specifies your current location in the list and is obtained from the `Link` response header. See [Pagination](https://developer.okta.com/docs/api/#pagination)."
+ },
+ "accepted_as": "query",
+ "required": false,
+ "deprecated": false,
+ "documentation_urls": []
+ },
+ {
+ "name": "limit",
+ "tool_parameter_name": "max_results_to_return",
+ "description": "A limit on the number of objects to return",
+ "value_schema": {
+ "val_type": "integer",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "A limit on the number of objects to return"
+ },
+ "accepted_as": "query",
+ "required": false,
+ "deprecated": false,
+ "documentation_urls": []
+ },
+ {
+ "name": "userId",
+ "tool_parameter_name": "user_id",
+ "description": "ID of an existing Okta user",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "ID of an existing Okta user"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ },
+ {
+ "name": "roleAssignmentId",
+ "tool_parameter_name": "role_assignment_id",
+ "description": "The `id` of the role assignment",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "The `id` of the role assignment"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/GetIdentityProviderCsr.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/GetIdentityProviderCsr.json
new file mode 100644
index 000000000..91c49e3c0
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/GetIdentityProviderCsr.json
@@ -0,0 +1,137 @@
+{
+ "name": "GetIdentityProviderCsr",
+ "fully_qualified_name": "OktaApi.GetIdentityProviderCsr@0.1.0",
+ "description": "Retrieve CSR for a specific Identity Provider.\n\nUse this tool to fetch a specific certificate signing request (CSR) using the ID and CSR ID of an Identity Provider.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "identity_provider_id",
+ "required": true,
+ "description": "The unique identifier of the Identity Provider (IdP).",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "`id` of IdP"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "idpId"
+ },
+ {
+ "name": "identity_provider_csr_id",
+ "required": true,
+ "description": "The ID of the Identity Provider's CSR used to retrieve the specific certificate signing request.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "`id` of the IdP CSR"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "idpCsrId"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'getCsrForIdentityProvider'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.idps.read"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/idps/{idpId}/credentials/csrs/{idpCsrId}",
+ "http_method": "GET",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "idpId",
+ "tool_parameter_name": "identity_provider_id",
+ "description": "`id` of IdP",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "`id` of IdP"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ },
+ {
+ "name": "idpCsrId",
+ "tool_parameter_name": "identity_provider_csr_id",
+ "description": "`id` of the IdP CSR",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "`id` of the IdP CSR"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/GetIdpSigningKey.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/GetIdpSigningKey.json
new file mode 100644
index 000000000..371dc0b56
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/GetIdpSigningKey.json
@@ -0,0 +1,137 @@
+{
+ "name": "GetIdpSigningKey",
+ "fully_qualified_name": "OktaApi.GetIdpSigningKey@0.1.0",
+ "description": "Retrieve a specific IdP key credential by key ID.\n\nThis tool calls the API to obtain details of a particular identity provider signing key using the provided key ID. It should be called when you need to access specific credential information for identity providers.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "identity_provider_id",
+ "required": true,
+ "description": "The unique identifier for the identity provider (IdP).",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "`id` of IdP"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "idpId"
+ },
+ {
+ "name": "key_id",
+ "required": true,
+ "description": "Unique identifier of the IdP key credential to retrieve.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Unique `id` of the IdP key credential"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "kid"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'getIdentityProviderSigningKey'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.idps.read"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/idps/{idpId}/credentials/keys/{kid}",
+ "http_method": "GET",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "idpId",
+ "tool_parameter_name": "identity_provider_id",
+ "description": "`id` of IdP",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "`id` of IdP"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ },
+ {
+ "name": "kid",
+ "tool_parameter_name": "key_id",
+ "description": "Unique `id` of the IdP key credential",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Unique `id` of the IdP key credential"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/GetNetworkZone.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/GetNetworkZone.json
new file mode 100644
index 000000000..61ee63fce
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/GetNetworkZone.json
@@ -0,0 +1,105 @@
+{
+ "name": "GetNetworkZone",
+ "fully_qualified_name": "OktaApi.GetNetworkZone@0.1.0",
+ "description": "Retrieve details of a network zone by ID from Okta.\n\nUse this tool to fetch detailed information about a specific network zone in Okta using the zone ID.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "network_zone_id",
+ "required": true,
+ "description": "The unique identifier of the Network Zone to retrieve.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "`id` of the Network Zone"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "zoneId"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'getNetworkZone'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.networkZones.read"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/zones/{zoneId}",
+ "http_method": "GET",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "zoneId",
+ "tool_parameter_name": "network_zone_id",
+ "description": "`id` of the Network Zone",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "`id` of the Network Zone"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/GetOktaAppSettings.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/GetOktaAppSettings.json
new file mode 100644
index 000000000..1f1c971fe
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/GetOktaAppSettings.json
@@ -0,0 +1,105 @@
+{
+ "name": "GetOktaAppSettings",
+ "fully_qualified_name": "OktaApi.GetOktaAppSettings@0.1.0",
+ "description": "Retrieve settings for a specific Okta app.\n\nUse this tool to get the configuration settings of an Okta first-party app specified by its name.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "okta_app_key_name",
+ "required": true,
+ "description": "The key name for the Okta app. Supported apps include 'admin-console'.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "The key name for the Okta app.
\nSupported apps:\n * Okta Admin Console (`admin-console`)\n"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "appName"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'getFirstPartyAppSettings'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.apps.read"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/first-party-app-settings/{appName}",
+ "http_method": "GET",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "appName",
+ "tool_parameter_name": "okta_app_key_name",
+ "description": "The key name for the Okta app.
\nSupported apps:\n * Okta Admin Console (`admin-console`)\n",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "The key name for the Okta app.
\nSupported apps:\n * Okta Admin Console (`admin-console`)\n"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/GetOktaCommunicationSettings.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/GetOktaCommunicationSettings.json
new file mode 100644
index 000000000..6c4dd42d3
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/GetOktaCommunicationSettings.json
@@ -0,0 +1,71 @@
+{
+ "name": "GetOktaCommunicationSettings",
+ "fully_qualified_name": "OktaApi.GetOktaCommunicationSettings@0.1.0",
+ "description": "Retrieve the Okta communication settings for your organization.\n\nUse this tool to access the communication settings configured in Okta for your organization. It retrieves preferences related to communication with Okta.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": []
+ },
+ "output": {
+ "description": "Response from the API endpoint 'getOktaCommunicationSettings'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.orgs.read"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/org/privacy/oktaCommunication",
+ "http_method": "GET",
+ "headers": {},
+ "parameters": [],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/GetOktaOrgPreferences.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/GetOktaOrgPreferences.json
new file mode 100644
index 000000000..34f08a675
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/GetOktaOrgPreferences.json
@@ -0,0 +1,71 @@
+{
+ "name": "GetOktaOrgPreferences",
+ "fully_qualified_name": "OktaApi.GetOktaOrgPreferences@0.1.0",
+ "description": "Retrieve preferences of your Okta organization.\n\nUse this tool to fetch the preferences set up for your Okta organization, helping you stay informed about organizational settings.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": []
+ },
+ "output": {
+ "description": "Response from the API endpoint 'getOrgPreferences'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.orgs.read"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/org/preferences",
+ "http_method": "GET",
+ "headers": {},
+ "parameters": [],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/GetOktaRateLimitSettings.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/GetOktaRateLimitSettings.json
new file mode 100644
index 000000000..1e1bee551
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/GetOktaRateLimitSettings.json
@@ -0,0 +1,71 @@
+{
+ "name": "GetOktaRateLimitSettings",
+ "fully_qualified_name": "OktaApi.GetOktaRateLimitSettings@0.1.0",
+ "description": "Retrieve Okta's per-client rate limit settings.\n\nThis tool retrieves the current configuration of Per-Client Rate Limit Settings from Okta. It's used when you need to understand or review the rate limit settings applied per client in Okta.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": []
+ },
+ "output": {
+ "description": "Response from the API endpoint 'getRateLimitSettingsPerClient'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.rateLimits.read"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/rate-limit-settings/per-client",
+ "http_method": "GET",
+ "headers": {},
+ "parameters": [],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/GetOktaSsfMetadata.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/GetOktaSsfMetadata.json
new file mode 100644
index 000000000..5ea928d6d
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/GetOktaSsfMetadata.json
@@ -0,0 +1,67 @@
+{
+ "name": "GetOktaSsfMetadata",
+ "fully_qualified_name": "OktaApi.GetOktaSsfMetadata@0.1.0",
+ "description": "Retrieve SSF transmitter configuration metadata from Okta.\n\nUse this tool to get detailed SSF transmitter configuration metadata. It provides all supported endpoints and key information regarding Okta org properties such as delivery methods, issuer, and JWKS URI.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": []
+ },
+ "output": {
+ "description": "Response from the API endpoint 'getWellknownSsfMetadata'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": null
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/.well-known/ssf-configuration",
+ "http_method": "GET",
+ "headers": {},
+ "parameters": [],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/GetOktaSupportSettings.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/GetOktaSupportSettings.json
new file mode 100644
index 000000000..c3e0d7f97
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/GetOktaSupportSettings.json
@@ -0,0 +1,71 @@
+{
+ "name": "GetOktaSupportSettings",
+ "fully_qualified_name": "OktaApi.GetOktaSupportSettings@0.1.0",
+ "description": "Retrieves Okta Support Settings for your organization.\n\nCall this tool to get the current Okta Support Settings for your organization. Useful for understanding support configuration and privacy details in your Okta setup.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": []
+ },
+ "output": {
+ "description": "Response from the API endpoint 'getOrgOktaSupportSettings'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.orgs.read"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/org/privacy/oktaSupport",
+ "http_method": "GET",
+ "headers": {},
+ "parameters": [],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/GetOrgCaptchaSettings.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/GetOrgCaptchaSettings.json
new file mode 100644
index 000000000..bb4b1f213
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/GetOrgCaptchaSettings.json
@@ -0,0 +1,71 @@
+{
+ "name": "GetOrgCaptchaSettings",
+ "fully_qualified_name": "OktaApi.GetOrgCaptchaSettings@0.1.0",
+ "description": "Retrieve CAPTCHA settings for your organization.\n\nCall this tool to get the current CAPTCHA settings configured for your organization. If no settings are configured, the tool returns an empty object.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": []
+ },
+ "output": {
+ "description": "Response from the API endpoint 'getOrgCaptchaSettings'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.captchas.read"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/org/captcha",
+ "http_method": "GET",
+ "headers": {},
+ "parameters": [],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/GetOrganizationMetadata.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/GetOrganizationMetadata.json
new file mode 100644
index 000000000..95504499a
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/GetOrganizationMetadata.json
@@ -0,0 +1,67 @@
+{
+ "name": "GetOrganizationMetadata",
+ "fully_qualified_name": "OktaApi.GetOrganizationMetadata@0.1.0",
+ "description": "Retrieve organization metadata from Okta.\n\nCall this tool to get the organization metadata from Okta, including the organization ID, configured custom domains, and authentication pipeline details.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": []
+ },
+ "output": {
+ "description": "Response from the API endpoint 'getWellknownOrgMetadata'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": null
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/.well-known/okta-organization",
+ "http_method": "GET",
+ "headers": {},
+ "parameters": [],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/GetPolicyRule.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/GetPolicyRule.json
new file mode 100644
index 000000000..8df6ae526
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/GetPolicyRule.json
@@ -0,0 +1,169 @@
+{
+ "name": "GetPolicyRule",
+ "fully_qualified_name": "OktaApi.GetPolicyRule@0.1.0",
+ "description": "Retrieve details of a specific policy rule using its rule ID.\n\nUse this tool to fetch the details of a policy rule from an authorization server by providing the rule ID. It\u2019s useful for accessing specific configurations or settings of a particular rule within a policy.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "authorization_server_id",
+ "required": true,
+ "description": "The ID of the Authorization Server needed to retrieve the specified policy rule.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "`id` of the Authorization Server"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "authServerId"
+ },
+ {
+ "name": "policy_id",
+ "required": true,
+ "description": "The unique identifier of the policy associated with the rule.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "`id` of the Policy"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "policyId"
+ },
+ {
+ "name": "policy_rule_id",
+ "required": true,
+ "description": "The unique identifier of the policy rule to retrieve.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "`id` of the policy rule"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "ruleId"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'getAuthorizationServerPolicyRule'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.authorizationServers.read"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/authorizationServers/{authServerId}/policies/{policyId}/rules/{ruleId}",
+ "http_method": "GET",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "authServerId",
+ "tool_parameter_name": "authorization_server_id",
+ "description": "`id` of the Authorization Server",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "`id` of the Authorization Server"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ },
+ {
+ "name": "policyId",
+ "tool_parameter_name": "policy_id",
+ "description": "`id` of the Policy",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "`id` of the Policy"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ },
+ {
+ "name": "ruleId",
+ "tool_parameter_name": "policy_rule_id",
+ "description": "`id` of the policy rule",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "`id` of the policy rule"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/GetPreviewErrorPage.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/GetPreviewErrorPage.json
new file mode 100644
index 000000000..b0ae1bb23
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/GetPreviewErrorPage.json
@@ -0,0 +1,105 @@
+{
+ "name": "GetPreviewErrorPage",
+ "fully_qualified_name": "OktaApi.GetPreviewErrorPage@0.1.0",
+ "description": "Retrieve the unpublished error page preview for a specific brand.\n\nUse this tool to access the preview error page associated with a brand, which includes changes that have not been published yet. This preview is not visible in the live environment.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "brand_id",
+ "required": true,
+ "description": "The unique ID of the brand to retrieve its unpublished error page preview.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "The ID of the brand"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "brandId"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'getPreviewErrorPage'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.brands.read"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/brands/{brandId}/pages/error/preview",
+ "http_method": "GET",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "brandId",
+ "tool_parameter_name": "brand_id",
+ "description": "The ID of the brand",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "The ID of the brand"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/GetProvisioningConnectionJwks.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/GetProvisioningConnectionJwks.json
new file mode 100644
index 000000000..7f78fe937
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/GetProvisioningConnectionJwks.json
@@ -0,0 +1,105 @@
+{
+ "name": "GetProvisioningConnectionJwks",
+ "fully_qualified_name": "OktaApi.GetProvisioningConnectionJwks@0.1.0",
+ "description": "Retrieve JWKS for an app's default provisioning connection.\n\nFetches the JSON Web Key Set (JWKS) for the default provisioning connection of a specified app. This is useful for OAuth 2.0 applications needing the `jwk_uri` property for integration in the target organization.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "application_id",
+ "required": true,
+ "description": "The unique identifier of the application to retrieve its JWKS.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Application ID"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "appId"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'getUserProvisioningConnectionJWKS'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.apps.read"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/apps/{appId}/connections/default/jwks",
+ "http_method": "GET",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "appId",
+ "tool_parameter_name": "application_id",
+ "description": "Application ID",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Application ID"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/GetPushVerificationStatus.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/GetPushVerificationStatus.json
new file mode 100644
index 000000000..b7a8102f5
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/GetPushVerificationStatus.json
@@ -0,0 +1,169 @@
+{
+ "name": "GetPushVerificationStatus",
+ "fully_qualified_name": "OktaApi.GetPushVerificationStatus@0.1.0",
+ "description": "Retrieve the status of a push factor verification transaction.\n\nUse this tool to get the status of an Okta push factor verification transaction. It is useful for determining the outcome of a push verification attempt, including specific details for a number matching push challenge if applicable.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "okta_user_id",
+ "required": true,
+ "description": "The unique ID of the existing Okta user whose push verification status is being retrieved.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "ID of an existing Okta user"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "userId"
+ },
+ {
+ "name": "user_factor_id",
+ "required": true,
+ "description": "ID of an existing user factor in Okta to check its verification status.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "ID of an existing user factor"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "factorId"
+ },
+ {
+ "name": "factor_verification_transaction_id",
+ "required": true,
+ "description": "Provide the ID of an existing factor verification transaction.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "ID of an existing factor verification transaction"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "transactionId"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'getFactorTransactionStatus'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.users.read"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/users/{userId}/factors/{factorId}/transactions/{transactionId}",
+ "http_method": "GET",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "userId",
+ "tool_parameter_name": "okta_user_id",
+ "description": "ID of an existing Okta user",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "ID of an existing Okta user"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ },
+ {
+ "name": "factorId",
+ "tool_parameter_name": "user_factor_id",
+ "description": "ID of an existing user factor",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "ID of an existing user factor"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ },
+ {
+ "name": "transactionId",
+ "tool_parameter_name": "factor_verification_transaction_id",
+ "description": "ID of an existing factor verification transaction",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "ID of an existing factor verification transaction"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/GetRateLimitNotificationSettings.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/GetRateLimitNotificationSettings.json
new file mode 100644
index 000000000..637504d69
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/GetRateLimitNotificationSettings.json
@@ -0,0 +1,71 @@
+{
+ "name": "GetRateLimitNotificationSettings",
+ "fully_qualified_name": "OktaApi.GetRateLimitNotificationSettings@0.1.0",
+ "description": "Retrieve rate limit admin notification settings.\n\nThis tool retrieves the currently configured settings for admin notifications related to rate limits. It should be called to check or review the notification settings for rate limit alerts.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": []
+ },
+ "output": {
+ "description": "Response from the API endpoint 'getRateLimitSettingsAdminNotifications'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.rateLimits.read"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/rate-limit-settings/admin-notifications",
+ "http_method": "GET",
+ "headers": {},
+ "parameters": [],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/GetRateLimitWarningThreshold.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/GetRateLimitWarningThreshold.json
new file mode 100644
index 000000000..2032e7271
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/GetRateLimitWarningThreshold.json
@@ -0,0 +1,71 @@
+{
+ "name": "GetRateLimitWarningThreshold",
+ "fully_qualified_name": "OktaApi.GetRateLimitWarningThreshold@0.1.0",
+ "description": "Fetches the warning threshold for API rate limit notifications.\n\nUse this tool to retrieve the configured threshold for sending warning notifications when the API's rate limit is exceeded.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": []
+ },
+ "output": {
+ "description": "Response from the API endpoint 'getRateLimitSettingsWarningThreshold'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.rateLimits.read"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/rate-limit-settings/warning-threshold",
+ "http_method": "GET",
+ "headers": {},
+ "parameters": [],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/GetRealmAssignment.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/GetRealmAssignment.json
new file mode 100644
index 000000000..7b64b4bf8
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/GetRealmAssignment.json
@@ -0,0 +1,105 @@
+{
+ "name": "GetRealmAssignment",
+ "fully_qualified_name": "OktaApi.GetRealmAssignment@0.1.0",
+ "description": "Retrieve a specific realm assignment using its ID.\n\nUse this tool to get details of a realm assignment by providing the assignment ID. This can be useful for managing user access and permissions within a specific realm.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "realm_assignment_id",
+ "required": true,
+ "description": "ID of the realm assignment to retrieve details for.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "ID of the realm assignment"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "assignmentId"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'getRealmAssignment'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.realmAssignments.read"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/realm-assignments/{assignmentId}",
+ "http_method": "GET",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "assignmentId",
+ "tool_parameter_name": "realm_assignment_id",
+ "description": "ID of the realm assignment",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "ID of the realm assignment"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/GetRoleBindingForResource.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/GetRoleBindingForResource.json
new file mode 100644
index 000000000..828c44d61
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/GetRoleBindingForResource.json
@@ -0,0 +1,137 @@
+{
+ "name": "GetRoleBindingForResource",
+ "fully_qualified_name": "OktaApi.GetRoleBindingForResource@0.1.0",
+ "description": "Retrieve a role binding for a specified resource set.\n\nUse this tool to get the binding details of a specific role for a given resource set by their identifiers or labels. This is useful for managing and reviewing access permissions in an IAM system.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "resource_set_identifier_or_label",
+ "required": true,
+ "description": "The ID or label of the resource set to retrieve the role binding for. This identifies the specific resource set in the IAM system.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "`id` or `label` of the resource set"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "resourceSetIdOrLabel"
+ },
+ {
+ "name": "role_id_or_label",
+ "required": true,
+ "description": "The ID or label of the role to retrieve the binding for. This identifies the specific role in the system.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "`id` or `label` of the role"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "roleIdOrLabel"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'getBinding'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.roles.read"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/iam/resource-sets/{resourceSetIdOrLabel}/bindings/{roleIdOrLabel}",
+ "http_method": "GET",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "resourceSetIdOrLabel",
+ "tool_parameter_name": "resource_set_identifier_or_label",
+ "description": "`id` or `label` of the resource set",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "`id` or `label` of the resource set"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ },
+ {
+ "name": "roleIdOrLabel",
+ "tool_parameter_name": "role_id_or_label",
+ "description": "`id` or `label` of the role",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "`id` or `label` of the role"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/GetRoleSubscriptionNotification.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/GetRoleSubscriptionNotification.json
new file mode 100644
index 000000000..49ab424ff
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/GetRoleSubscriptionNotification.json
@@ -0,0 +1,165 @@
+{
+ "name": "GetRoleSubscriptionNotification",
+ "fully_qualified_name": "OktaApi.GetRoleSubscriptionNotification@0.1.0",
+ "description": "Get subscription details by role and notification type.\n\nThis tool retrieves subscription information for a given notification type associated with a specified role. It is useful for understanding which notifications are enabled for certain roles.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "role_reference",
+ "required": true,
+ "description": "The reference to an existing role. Provide `roleType` for standard roles and `roleId` for custom roles. Refer to Okta documentation for [Standard Roles](https://example.com/okta-management/guides/roles/#standard-roles).",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "A reference to an existing role. Standard roles require a `roleType`, while Custom Roles require a `roleId`. See [Standard Roles](/openapi/okta-management/guides/roles/#standard-roles)."
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "roleRef"
+ },
+ {
+ "name": "notification_type",
+ "required": true,
+ "description": "The type of notification to retrieve for the role. Options include AD_AGENT, AGENT_AUTO_UPDATE_NOTIFICATION, and others.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": [
+ "AD_AGENT",
+ "AGENT_AUTO_UPDATE_NOTIFICATION",
+ "AGENT_AUTO_UPDATE_NOTIFICATION_LDAP",
+ "APP_IMPORT",
+ "CONNECTOR_AGENT",
+ "IWA_AGENT",
+ "LDAP_AGENT",
+ "OKTA_ANNOUNCEMENT",
+ "OKTA_UPDATE",
+ "RATELIMIT_NOTIFICATION",
+ "REPORT_SUSPICIOUS_ACTIVITY",
+ "USER_DEPROVISION",
+ "USER_LOCKED_OUT"
+ ],
+ "properties": null,
+ "inner_properties": null,
+ "description": ""
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "notificationType"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'getSubscriptionsNotificationTypeRole'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.roles.read"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/roles/{roleRef}/subscriptions/{notificationType}",
+ "http_method": "GET",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "roleRef",
+ "tool_parameter_name": "role_reference",
+ "description": "A reference to an existing role. Standard roles require a `roleType`, while Custom Roles require a `roleId`. See [Standard Roles](/openapi/okta-management/guides/roles/#standard-roles).",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "A reference to an existing role. Standard roles require a `roleType`, while Custom Roles require a `roleId`. See [Standard Roles](/openapi/okta-management/guides/roles/#standard-roles)."
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ },
+ {
+ "name": "notificationType",
+ "tool_parameter_name": "notification_type",
+ "description": "",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": [
+ "AD_AGENT",
+ "AGENT_AUTO_UPDATE_NOTIFICATION",
+ "AGENT_AUTO_UPDATE_NOTIFICATION_LDAP",
+ "APP_IMPORT",
+ "CONNECTOR_AGENT",
+ "IWA_AGENT",
+ "LDAP_AGENT",
+ "OKTA_ANNOUNCEMENT",
+ "OKTA_UPDATE",
+ "RATELIMIT_NOTIFICATION",
+ "REPORT_SUSPICIOUS_ACTIVITY",
+ "USER_DEPROVISION",
+ "USER_LOCKED_OUT"
+ ],
+ "properties": null,
+ "inner_properties": null,
+ "description": ""
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/GetRoleTargetsByUserAndRole.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/GetRoleTargetsByUserAndRole.json
new file mode 100644
index 000000000..4e7f3381f
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/GetRoleTargetsByUserAndRole.json
@@ -0,0 +1,239 @@
+{
+ "name": "GetRoleTargetsByUserAndRole",
+ "fully_qualified_name": "OktaApi.GetRoleTargetsByUserAndRole@0.1.0",
+ "description": "Retrieve role targets for a user's specific role.\n\nThis tool retrieves all role targets assigned to a specific user with a given role in Okta. It is useful for identifying which applications or groups a user with a certain administrative role can manage. If there are no specific targets, an empty list is returned.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "user_id",
+ "required": true,
+ "description": "The unique ID of an existing Okta user to retrieve role targets for, required for identifying the user within Okta.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "ID of an existing Okta user"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "userId"
+ },
+ {
+ "name": "role_id_or_encoded_role_name",
+ "required": true,
+ "description": "The ID of the role or its Base32 encoded name to specify which role's targets to retrieve.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "The `id` of the role or Base32 encoded `id` of the role name"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "roleIdOrEncodedRoleId"
+ },
+ {
+ "name": "user_assignment_type",
+ "required": false,
+ "description": "Specifies the assignment type of the user, either 'USER' or 'GROUP'.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": [
+ "USER",
+ "GROUP"
+ ],
+ "properties": null,
+ "inner_properties": null,
+ "description": "Specifies the assignment type of the user"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "assignmentType"
+ },
+ {
+ "name": "pagination_cursor",
+ "required": false,
+ "description": "The opaque string used for pagination, indicating your current position in the list, obtained from the `Link` response header.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "The cursor to use for pagination. It is an opaque string that specifies your current location in the list and is obtained from the `Link` response header. See [Pagination](https://developer.okta.com/docs/api/#pagination)."
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "after"
+ },
+ {
+ "name": "object_limit",
+ "required": false,
+ "description": "Specify the maximum number of role targets to return.",
+ "value_schema": {
+ "val_type": "integer",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "A limit on the number of objects to return"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "limit"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'getRoleTargetsByUserIdAndRoleId'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.roles.read"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/users/{userId}/roles/{roleIdOrEncodedRoleId}/targets",
+ "http_method": "GET",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "assignmentType",
+ "tool_parameter_name": "user_assignment_type",
+ "description": "Specifies the assignment type of the user",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": [
+ "USER",
+ "GROUP"
+ ],
+ "properties": null,
+ "inner_properties": null,
+ "description": "Specifies the assignment type of the user"
+ },
+ "accepted_as": "query",
+ "required": false,
+ "deprecated": false,
+ "documentation_urls": []
+ },
+ {
+ "name": "after",
+ "tool_parameter_name": "pagination_cursor",
+ "description": "The cursor to use for pagination. It is an opaque string that specifies your current location in the list and is obtained from the `Link` response header. See [Pagination](https://developer.okta.com/docs/api/#pagination).",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "The cursor to use for pagination. It is an opaque string that specifies your current location in the list and is obtained from the `Link` response header. See [Pagination](https://developer.okta.com/docs/api/#pagination)."
+ },
+ "accepted_as": "query",
+ "required": false,
+ "deprecated": false,
+ "documentation_urls": []
+ },
+ {
+ "name": "limit",
+ "tool_parameter_name": "object_limit",
+ "description": "A limit on the number of objects to return",
+ "value_schema": {
+ "val_type": "integer",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "A limit on the number of objects to return"
+ },
+ "accepted_as": "query",
+ "required": false,
+ "deprecated": false,
+ "documentation_urls": []
+ },
+ {
+ "name": "userId",
+ "tool_parameter_name": "user_id",
+ "description": "ID of an existing Okta user",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "ID of an existing Okta user"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ },
+ {
+ "name": "roleIdOrEncodedRoleId",
+ "tool_parameter_name": "role_id_or_encoded_role_name",
+ "description": "The `id` of the role or Base32 encoded `id` of the role name",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "The `id` of the role or Base32 encoded `id` of the role name"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/GetSignOutPageSettings.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/GetSignOutPageSettings.json
new file mode 100644
index 000000000..8af6eb3de
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/GetSignOutPageSettings.json
@@ -0,0 +1,105 @@
+{
+ "name": "GetSignOutPageSettings",
+ "fully_qualified_name": "OktaApi.GetSignOutPageSettings@0.1.0",
+ "description": "Retrieves the sign-out page settings for a given brand.\n\nUse this tool to get the customized sign-out page settings for a specified brand. Ideal for applications needing to display or manage sign-out page configurations.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "brand_id",
+ "required": true,
+ "description": "The unique ID of the brand whose sign-out page settings are to be retrieved.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "The ID of the brand"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "brandId"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'getSignOutPageSettings'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.brands.read"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/brands/{brandId}/pages/sign-out/customized",
+ "http_method": "GET",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "brandId",
+ "tool_parameter_name": "brand_id",
+ "description": "The ID of the brand",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "The ID of the brand"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/GetSocialAuthTokens.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/GetSocialAuthTokens.json
new file mode 100644
index 000000000..760ca760e
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/GetSocialAuthTokens.json
@@ -0,0 +1,137 @@
+{
+ "name": "GetSocialAuthTokens",
+ "fully_qualified_name": "OktaApi.GetSocialAuthTokens@0.1.0",
+ "description": "Retrieve tokens from social auth providers via Okta.\n\nUse this tool to list tokens minted by social authentication providers when a user authenticates using Okta via Social Auth. These tokens can be used by applications to obtain additional user information from the social provider.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "identity_provider_id",
+ "required": true,
+ "description": "The ID of the Identity Provider (IdP) for the social authentication.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "`id` of IdP"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "idpId"
+ },
+ {
+ "name": "okta_user_id",
+ "required": true,
+ "description": "The Okta user ID for whom to retrieve the social auth tokens. It must be a valid string identifying an existing Okta user.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "ID of an existing Okta user"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "userId"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'listSocialAuthTokens'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.idps.read"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/idps/{idpId}/users/{userId}/credentials/tokens",
+ "http_method": "GET",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "idpId",
+ "tool_parameter_name": "identity_provider_id",
+ "description": "`id` of IdP",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "`id` of IdP"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ },
+ {
+ "name": "userId",
+ "tool_parameter_name": "okta_user_id",
+ "description": "ID of an existing Okta user",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "ID of an existing Okta user"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/GetSuperAdminPrivilegeSetting.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/GetSuperAdminPrivilegeSetting.json
new file mode 100644
index 000000000..35d352839
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/GetSuperAdminPrivilegeSetting.json
@@ -0,0 +1,71 @@
+{
+ "name": "GetSuperAdminPrivilegeSetting",
+ "fully_qualified_name": "OktaApi.GetSuperAdminPrivilegeSetting@0.1.0",
+ "description": "Retrieve Super Admin privilege setting for client apps.\n\nUse this tool to get the organization setting that determines if the Super Admin role is assigned to new public client applications.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": []
+ },
+ "output": {
+ "description": "Response from the API endpoint 'getClientPrivilegesSetting'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.orgs.read"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/org/settings/clientPrivilegesSetting",
+ "http_method": "GET",
+ "headers": {},
+ "parameters": [],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/GetThreatInsightConfiguration.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/GetThreatInsightConfiguration.json
new file mode 100644
index 000000000..4ddeb326b
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/GetThreatInsightConfiguration.json
@@ -0,0 +1,71 @@
+{
+ "name": "GetThreatInsightConfiguration",
+ "fully_qualified_name": "OktaApi.GetThreatInsightConfiguration@0.1.0",
+ "description": "Retrieve the ThreatInsight configuration for your organization.\n\nUse this tool to get the current ThreatInsight configuration settings for your organization. It provides details about how threats are managed and configured within your Okta setup.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": []
+ },
+ "output": {
+ "description": "Response from the API endpoint 'getCurrentConfiguration'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.threatInsights.read"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/threats/configuration",
+ "http_method": "GET",
+ "headers": {},
+ "parameters": [],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/GetUserAssignedRole.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/GetUserAssignedRole.json
new file mode 100644
index 000000000..493f5fcf8
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/GetUserAssignedRole.json
@@ -0,0 +1,137 @@
+{
+ "name": "GetUserAssignedRole",
+ "fully_qualified_name": "OktaApi.GetUserAssignedRole@0.1.0",
+ "description": "Retrieve a specific role assigned to a user.\n\nUse this tool to get information about a role assigned to a specific user by providing the user's `userId` and the `roleAssignmentId`. This can be used to access details about standard or custom role assignments.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "user_id",
+ "required": true,
+ "description": "Provide the ID of an existing Okta user to retrieve their role assignment.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "ID of an existing Okta user"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "userId"
+ },
+ {
+ "name": "role_assignment_id",
+ "required": true,
+ "description": "The unique identifier of the role assignment for a user. This ID is required to specify which role is being retrieved.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "The `id` of the role assignment"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "roleAssignmentId"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'getUserAssignedRole'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.roles.read"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/users/{userId}/roles/{roleAssignmentId}",
+ "http_method": "GET",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "userId",
+ "tool_parameter_name": "user_id",
+ "description": "ID of an existing Okta user",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "ID of an existing Okta user"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ },
+ {
+ "name": "roleAssignmentId",
+ "tool_parameter_name": "role_assignment_id",
+ "description": "The `id` of the role assignment",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "The `id` of the role assignment"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/GetUserBlockInfo.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/GetUserBlockInfo.json
new file mode 100644
index 000000000..57bef5478
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/GetUserBlockInfo.json
@@ -0,0 +1,105 @@
+{
+ "name": "GetUserBlockInfo",
+ "fully_qualified_name": "OktaApi.GetUserBlockInfo@0.1.0",
+ "description": "Retrieve details about a user's account access blocks.\n\nThis tool provides information on how a user is blocked from accessing their account. It should be used when you need to know the reasons for and details about a user's access restrictions.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "user_identifier",
+ "required": true,
+ "description": "An ID, login, or unambiguous shortname of an existing Okta user to retrieve block information for.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "An ID, login, or login shortname (as long as the shortname is unambiguous) of an existing Okta user"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "id"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'listUserBlocks'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.users.read"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/users/{id}/blocks",
+ "http_method": "GET",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "id",
+ "tool_parameter_name": "user_identifier",
+ "description": "An ID, login, or login shortname (as long as the shortname is unambiguous) of an existing Okta user",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "An ID, login, or login shortname (as long as the shortname is unambiguous) of an existing Okta user"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/GetUserGroups.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/GetUserGroups.json
new file mode 100644
index 000000000..fbb574511
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/GetUserGroups.json
@@ -0,0 +1,105 @@
+{
+ "name": "GetUserGroups",
+ "fully_qualified_name": "OktaApi.GetUserGroups@0.1.0",
+ "description": "Retrieve all groups a user belongs to.\n\nThis tool fetches all the groups for a specified user, helping identify the memberships of the user within an organization.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "user_identifier",
+ "required": true,
+ "description": "A unique identifier for an existing Okta user. This can be an ID, login, or an unambiguous login shortname. Used to fetch user groups.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "An ID, login, or login shortname (as long as the shortname is unambiguous) of an existing Okta user"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "id"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'listUserGroups'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.users.read"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/users/{id}/groups",
+ "http_method": "GET",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "id",
+ "tool_parameter_name": "user_identifier",
+ "description": "An ID, login, or login shortname (as long as the shortname is unambiguous) of an existing Okta user",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "An ID, login, or login shortname (as long as the shortname is unambiguous) of an existing Okta user"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/GetUserIdentityProviders.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/GetUserIdentityProviders.json
new file mode 100644
index 000000000..4fd51860d
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/GetUserIdentityProviders.json
@@ -0,0 +1,105 @@
+{
+ "name": "GetUserIdentityProviders",
+ "fully_qualified_name": "OktaApi.GetUserIdentityProviders@0.1.0",
+ "description": "Retrieve identity providers associated with a user in Okta.\n\nUse this tool to fetch and list identity providers connected to a specified user in Okta. It helps in managing and understanding user-associated IdPs.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "user_identifier",
+ "required": true,
+ "description": "An ID, login, or unambiguous login shortname of an existing Okta user to list associated identity providers.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "An ID, login, or login shortname (as long as the shortname is unambiguous) of an existing Okta user"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "id"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'listUserIdentityProviders'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.users.read"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/users/{id}/idps",
+ "http_method": "GET",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "id",
+ "tool_parameter_name": "user_identifier",
+ "description": "An ID, login, or login shortname (as long as the shortname is unambiguous) of an existing Okta user",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "An ID, login, or login shortname (as long as the shortname is unambiguous) of an existing Okta user"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/GetUserInfo.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/GetUserInfo.json
new file mode 100644
index 000000000..cbf879593
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/GetUserInfo.json
@@ -0,0 +1,169 @@
+{
+ "name": "GetUserInfo",
+ "fully_qualified_name": "OktaApi.GetUserInfo@0.1.0",
+ "description": "Retrieve detailed information about a user in Okta.\n\nThis tool retrieves a user's details from an Okta organization, using their user ID or the keyword 'me' to fetch the current user linked to the API token. It's useful for obtaining user information such as credentials and profiles. Note that to fetch by login, parameters must be URL encoded.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "user_identifier",
+ "required": true,
+ "description": "An ID, login, or unambiguous login shortname of an Okta user. Use 'me' to get the current user linked to the API token.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "An ID, login, or login shortname (as long as the shortname is unambiguous) of an existing Okta user"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "id"
+ },
+ {
+ "name": "include_metadata_in_embedded",
+ "required": false,
+ "description": "An optional parameter to include metadata in the `_embedded` attribute. Valid values: `blocks` or `classification`.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "An optional parameter to include metadata in the `_embedded` attribute. Valid values: `blocks` or `classification`."
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "expand"
+ },
+ {
+ "name": "media_type",
+ "required": false,
+ "description": "Specifies the media type of the resource. Use optional values like `omitCredentials`, `omitCredentialsLinks`, or `omitTransitioningToStatus` for performance optimization.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Specifies the media type of the resource. Optional `okta-response` value can be included for performance optimization.\n\nComplex DelAuth configurations may degrade performance when fetching specific parts of the response, and passing this parameter can omit these parts, bypassing the bottleneck.\n\nEnum values for `okta-response`:\n * `omitCredentials`: Omits the credentials subobject from the response.\n * `omitCredentialsLinks`: Omits the following HAL links from the response: Update password, Change recovery question, Start forgot password flow, Reset password, Reset factors, Unlock.\n * `omitTransitioningToStatus`: Omits the `transitioningToStatus` field from the response."
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "Content-Type"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'getUser'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.users.read"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/users/{id}",
+ "http_method": "GET",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "expand",
+ "tool_parameter_name": "include_metadata_in_embedded",
+ "description": "An optional parameter to include metadata in the `_embedded` attribute. Valid values: `blocks` or `classification`.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "An optional parameter to include metadata in the `_embedded` attribute. Valid values: `blocks` or `classification`."
+ },
+ "accepted_as": "query",
+ "required": false,
+ "deprecated": false,
+ "documentation_urls": []
+ },
+ {
+ "name": "id",
+ "tool_parameter_name": "user_identifier",
+ "description": "An ID, login, or login shortname (as long as the shortname is unambiguous) of an existing Okta user",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "An ID, login, or login shortname (as long as the shortname is unambiguous) of an existing Okta user"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ },
+ {
+ "name": "Content-Type",
+ "tool_parameter_name": "media_type",
+ "description": "Specifies the media type of the resource. Optional `okta-response` value can be included for performance optimization.\n\nComplex DelAuth configurations may degrade performance when fetching specific parts of the response, and passing this parameter can omit these parts, bypassing the bottleneck.\n\nEnum values for `okta-response`:\n * `omitCredentials`: Omits the credentials subobject from the response.\n * `omitCredentialsLinks`: Omits the following HAL links from the response: Update password, Change recovery question, Start forgot password flow, Reset password, Reset factors, Unlock.\n * `omitTransitioningToStatus`: Omits the `transitioningToStatus` field from the response.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Specifies the media type of the resource. Optional `okta-response` value can be included for performance optimization.\n\nComplex DelAuth configurations may degrade performance when fetching specific parts of the response, and passing this parameter can omit these parts, bypassing the bottleneck.\n\nEnum values for `okta-response`:\n * `omitCredentials`: Omits the credentials subobject from the response.\n * `omitCredentialsLinks`: Omits the following HAL links from the response: Update password, Change recovery question, Start forgot password flow, Reset password, Reset factors, Unlock.\n * `omitTransitioningToStatus`: Omits the `transitioningToStatus` field from the response."
+ },
+ "accepted_as": "header",
+ "required": false,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/GetUserLockoutSettings.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/GetUserLockoutSettings.json
new file mode 100644
index 000000000..964817c63
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/GetUserLockoutSettings.json
@@ -0,0 +1,71 @@
+{
+ "name": "GetUserLockoutSettings",
+ "fully_qualified_name": "OktaApi.GetUserLockoutSettings@0.1.0",
+ "description": "Retrieve user lockout settings for an organization.\n\nThis tool fetches the user lockout settings for an organization. It should be called when you need to know how user lockouts are configured in a given organization.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": []
+ },
+ "output": {
+ "description": "Response from the API endpoint 'getUserLockoutSettings'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.orgs.read"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/attack-protection/api/v1/user-lockout-settings",
+ "http_method": "GET",
+ "headers": {},
+ "parameters": [],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/GetUserRefreshToken.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/GetUserRefreshToken.json
new file mode 100644
index 000000000..d6ca87526
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/GetUserRefreshToken.json
@@ -0,0 +1,201 @@
+{
+ "name": "GetUserRefreshToken",
+ "fully_qualified_name": "OktaApi.GetUserRefreshToken@0.1.0",
+ "description": "Retrieve a user's refresh token for a specified client.\n\nThis tool retrieves a refresh token that was issued for a specified user and client combination. It should be called when there's a need to access or verify the refresh token details for a user.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "user_id",
+ "required": true,
+ "description": "ID of an existing Okta user to retrieve the refresh token for.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "ID of an existing Okta user"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "userId"
+ },
+ {
+ "name": "client_app_id",
+ "required": true,
+ "description": "The unique ID of the client application associated with the user token.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Client app ID"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "clientId"
+ },
+ {
+ "name": "token_id",
+ "required": true,
+ "description": "The ID of the token for which details are being retrieved. This identifies the specific refresh token issued for a user and client combination.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "`id` of Token"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "tokenId"
+ },
+ {
+ "name": "include_scope_details",
+ "required": false,
+ "description": "Include scope details in the response by setting this to `scope`.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Valid value: `scope`. If specified, scope details are included in the `_embedded` attribute."
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "expand"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'getRefreshTokenForUserAndClient'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.users.read"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/users/{userId}/clients/{clientId}/tokens/{tokenId}",
+ "http_method": "GET",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "expand",
+ "tool_parameter_name": "include_scope_details",
+ "description": "Valid value: `scope`. If specified, scope details are included in the `_embedded` attribute.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Valid value: `scope`. If specified, scope details are included in the `_embedded` attribute."
+ },
+ "accepted_as": "query",
+ "required": false,
+ "deprecated": false,
+ "documentation_urls": []
+ },
+ {
+ "name": "userId",
+ "tool_parameter_name": "user_id",
+ "description": "ID of an existing Okta user",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "ID of an existing Okta user"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ },
+ {
+ "name": "clientId",
+ "tool_parameter_name": "client_app_id",
+ "description": "Client app ID",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Client app ID"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ },
+ {
+ "name": "tokenId",
+ "tool_parameter_name": "token_id",
+ "description": "`id` of Token",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "`id` of Token"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/GetUserRoleGovernanceSources.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/GetUserRoleGovernanceSources.json
new file mode 100644
index 000000000..b49fca165
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/GetUserRoleGovernanceSources.json
@@ -0,0 +1,137 @@
+{
+ "name": "GetUserRoleGovernanceSources",
+ "fully_qualified_name": "OktaApi.GetUserRoleGovernanceSources@0.1.0",
+ "description": "Retrieve governance sources for a user's assigned role.\n\nThis tool fetches the governance sources associated with a specific role assigned to a user, identified by their `roleAssignmentId` and `userId`. Use this when you need detailed governance information for a user's role.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "okta_user_id",
+ "required": true,
+ "description": "ID of an existing Okta user to retrieve role governance sources.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "ID of an existing Okta user"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "userId"
+ },
+ {
+ "name": "role_assignment_id",
+ "required": true,
+ "description": "The ID of the role assignment associated with the user. This is required to retrieve governance sources for the role.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "The `id` of the role assignment"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "roleAssignmentId"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'getUserAssignedRoleGovernance'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.roles.read"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/users/{userId}/roles/{roleAssignmentId}/governance",
+ "http_method": "GET",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "userId",
+ "tool_parameter_name": "okta_user_id",
+ "description": "ID of an existing Okta user",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "ID of an existing Okta user"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ },
+ {
+ "name": "roleAssignmentId",
+ "tool_parameter_name": "role_assignment_id",
+ "description": "The `id` of the role assignment",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "The `id` of the role assignment"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/GetUserRoles.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/GetUserRoles.json
new file mode 100644
index 000000000..cdc6cb9ef
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/GetUserRoles.json
@@ -0,0 +1,137 @@
+{
+ "name": "GetUserRoles",
+ "fully_qualified_name": "OktaApi.GetUserRoles@0.1.0",
+ "description": "Retrieve roles assigned to a specific user by user ID.\n\nUse this tool to list all roles that have been assigned to a user by their `userId`. It should be called when there's a need to determine a user's permissions or access within a system.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "user_id",
+ "required": true,
+ "description": "The ID of an existing Okta user to retrieve assigned roles for.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "ID of an existing Okta user"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "userId"
+ },
+ {
+ "name": "include_role_targets",
+ "required": false,
+ "description": "Optional parameter to include targets configured for standard role assignments. Use `targets/groups` or `targets/catalog/apps`.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "An optional parameter used to return targets configured for the standard role assignment in the `embedded` property. Supported values: `targets/groups` or `targets/catalog/apps`"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "expand"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'listAssignedRolesForUser'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.roles.read"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/users/{userId}/roles",
+ "http_method": "GET",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "expand",
+ "tool_parameter_name": "include_role_targets",
+ "description": "An optional parameter used to return targets configured for the standard role assignment in the `embedded` property. Supported values: `targets/groups` or `targets/catalog/apps`",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "An optional parameter used to return targets configured for the standard role assignment in the `embedded` property. Supported values: `targets/groups` or `targets/catalog/apps`"
+ },
+ "accepted_as": "query",
+ "required": false,
+ "deprecated": false,
+ "documentation_urls": []
+ },
+ {
+ "name": "userId",
+ "tool_parameter_name": "user_id",
+ "description": "ID of an existing Okta user",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "ID of an existing Okta user"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/GetUserSessionStatus.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/GetUserSessionStatus.json
new file mode 100644
index 000000000..edb2d8ad1
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/GetUserSessionStatus.json
@@ -0,0 +1,101 @@
+{
+ "name": "GetUserSessionStatus",
+ "fully_qualified_name": "OktaApi.GetUserSessionStatus@0.1.0",
+ "description": "Retrieve session info for the current signed-in user.\n\nUse this tool in browser-based applications to check if a user is signed in. Requires a session cookie for the user.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "session_cookie",
+ "required": false,
+ "description": "The session cookie for the current user, required to retrieve session information.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": ""
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "Cookie"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'getCurrentSession'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": null
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/sessions/me",
+ "http_method": "GET",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "Cookie",
+ "tool_parameter_name": "session_cookie",
+ "description": "",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": ""
+ },
+ "accepted_as": "header",
+ "required": false,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/GetUserSubscriptionByNotificationType.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/GetUserSubscriptionByNotificationType.json
new file mode 100644
index 000000000..3855443e6
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/GetUserSubscriptionByNotificationType.json
@@ -0,0 +1,165 @@
+{
+ "name": "GetUserSubscriptionByNotificationType",
+ "fully_qualified_name": "OktaApi.GetUserSubscriptionByNotificationType@0.1.0",
+ "description": "Retrieve a user's subscription by notification type.\n\nUse this tool to get subscription information for a specified user's notification type. It should be called when you need to access a user's subscription details for a particular notification type. Access is restricted to the specified user only.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "user_id",
+ "required": true,
+ "description": "The unique identifier for the user whose subscription details are being retrieved.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": ""
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "userId"
+ },
+ {
+ "name": "notification_type",
+ "required": true,
+ "description": "Specify the type of notification to retrieve user subscription details. Valid values include: AD_AGENT, AGENT_AUTO_UPDATE_NOTIFICATION, AGENT_AUTO_UPDATE_NOTIFICATION_LDAP, APP_IMPORT, CONNECTOR_AGENT, IWA_AGENT, LDAP_AGENT, OKTA_ANNOUNCEMENT, OKTA_UPDATE, RATELIMIT_NOTIFICATION, REPORT_SUSPICIOUS_ACTIVITY, USER_DEPROVISION, USER_LOCKED_OUT.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": [
+ "AD_AGENT",
+ "AGENT_AUTO_UPDATE_NOTIFICATION",
+ "AGENT_AUTO_UPDATE_NOTIFICATION_LDAP",
+ "APP_IMPORT",
+ "CONNECTOR_AGENT",
+ "IWA_AGENT",
+ "LDAP_AGENT",
+ "OKTA_ANNOUNCEMENT",
+ "OKTA_UPDATE",
+ "RATELIMIT_NOTIFICATION",
+ "REPORT_SUSPICIOUS_ACTIVITY",
+ "USER_DEPROVISION",
+ "USER_LOCKED_OUT"
+ ],
+ "properties": null,
+ "inner_properties": null,
+ "description": ""
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "notificationType"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'getSubscriptionsNotificationTypeUser'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.users.read"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/users/{userId}/subscriptions/{notificationType}",
+ "http_method": "GET",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "userId",
+ "tool_parameter_name": "user_id",
+ "description": "",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": ""
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ },
+ {
+ "name": "notificationType",
+ "tool_parameter_name": "notification_type",
+ "description": "",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": [
+ "AD_AGENT",
+ "AGENT_AUTO_UPDATE_NOTIFICATION",
+ "AGENT_AUTO_UPDATE_NOTIFICATION_LDAP",
+ "APP_IMPORT",
+ "CONNECTOR_AGENT",
+ "IWA_AGENT",
+ "LDAP_AGENT",
+ "OKTA_ANNOUNCEMENT",
+ "OKTA_UPDATE",
+ "RATELIMIT_NOTIFICATION",
+ "REPORT_SUSPICIOUS_ACTIVITY",
+ "USER_DEPROVISION",
+ "USER_LOCKED_OUT"
+ ],
+ "properties": null,
+ "inner_properties": null,
+ "description": ""
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/GetWebauthnWellKnownUri.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/GetWebauthnWellKnownUri.json
new file mode 100644
index 000000000..e24d0347a
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/GetWebauthnWellKnownUri.json
@@ -0,0 +1,67 @@
+{
+ "name": "GetWebauthnWellKnownUri",
+ "fully_qualified_name": "OktaApi.GetWebauthnWellKnownUri@0.1.0",
+ "description": "Retrieve the content of the 'webauthn' well-known URI.\n\nThis tool retrieves the content from the '.well-known/webauthn' URI. It is used when needing to access the WebAuthn well-known information for configurations or validations.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": []
+ },
+ "output": {
+ "description": "Response from the API endpoint 'getWebAuthnWellKnownURI'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": null
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/.well-known/webauthn",
+ "http_method": "GET",
+ "headers": {},
+ "parameters": [],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/GetWellKnownUri.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/GetWellKnownUri.json
new file mode 100644
index 000000000..b21fc481a
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/GetWellKnownUri.json
@@ -0,0 +1,177 @@
+{
+ "name": "GetWellKnownUri",
+ "fully_qualified_name": "OktaApi.GetWellKnownUri@0.1.0",
+ "description": "Retrieve the well-known URI for a specified brand and path.\n\nUse this tool to obtain the well-known URI associated with a specific brand and URI path. Ideal for configurations or integrations requiring brand-specific information.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "brand_id",
+ "required": true,
+ "description": "The unique identifier for the brand to retrieve its well-known URI.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "The ID of the brand"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "brandId"
+ },
+ {
+ "name": "well_known_uri_path",
+ "required": true,
+ "description": "Specifies the path for the well-known URI. Choose from options like 'apple-app-site-association', 'assetlinks.json', or 'webauthn'.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": [
+ "apple-app-site-association",
+ "assetlinks.json",
+ "webauthn"
+ ],
+ "properties": null,
+ "inner_properties": null,
+ "description": "The path of the well-known URI"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "path"
+ },
+ {
+ "name": "include_metadata",
+ "required": false,
+ "description": "A list of metadata fields to include in the response. Provides extra details about the brand and URI.",
+ "value_schema": {
+ "val_type": "array",
+ "inner_val_type": "string",
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Specifies additional metadata to include in the response"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "expand"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'getRootBrandWellKnownURI'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.brands.read"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/brands/{brandId}/well-known-uris/{path}",
+ "http_method": "GET",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "expand",
+ "tool_parameter_name": "include_metadata",
+ "description": "Specifies additional metadata to include in the response",
+ "value_schema": {
+ "val_type": "array",
+ "inner_val_type": "string",
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Specifies additional metadata to include in the response"
+ },
+ "accepted_as": "query",
+ "required": false,
+ "deprecated": false,
+ "documentation_urls": []
+ },
+ {
+ "name": "brandId",
+ "tool_parameter_name": "brand_id",
+ "description": "The ID of the brand",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "The ID of the brand"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ },
+ {
+ "name": "path",
+ "tool_parameter_name": "well_known_uri_path",
+ "description": "The path of the well-known URI",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": [
+ "apple-app-site-association",
+ "assetlinks.json",
+ "webauthn"
+ ],
+ "properties": null,
+ "inner_properties": null,
+ "description": "The path of the well-known URI"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/HideOktaUserDashboardFooter.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/HideOktaUserDashboardFooter.json
new file mode 100644
index 000000000..2d447da84
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/HideOktaUserDashboardFooter.json
@@ -0,0 +1,71 @@
+{
+ "name": "HideOktaUserDashboardFooter",
+ "fully_qualified_name": "OktaApi.HideOktaUserDashboardFooter@0.1.0",
+ "description": "Hide the Okta End-User Dashboard footer for all users.\n\nThis tool configures the Okta organization settings to hide the footer on the End-User Dashboard for all users. It should be called when there is a need to remove the dashboard footer for a cleaner UI experience.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": []
+ },
+ "output": {
+ "description": "Response from the API endpoint 'setOrgHideOktaUIFooter'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.orgs.manage"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/org/preferences/hideEndUserFooter",
+ "http_method": "POST",
+ "headers": {},
+ "parameters": [],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/InitiateIdentityImport.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/InitiateIdentityImport.json
new file mode 100644
index 000000000..d605826c2
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/InitiateIdentityImport.json
@@ -0,0 +1,137 @@
+{
+ "name": "InitiateIdentityImport",
+ "fully_qualified_name": "OktaApi.InitiateIdentityImport@0.1.0",
+ "description": "Initiate import from a specified identity source.\n\nUse this tool to start the import process from an identity source specified by the uploaded bulk operations. Useful for syncing identity data into the system.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "identity_source_id",
+ "required": true,
+ "description": "The ID of the identity source to start the import session for.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "The ID of the identity source for which the session is created"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "identitySourceId"
+ },
+ {
+ "name": "identity_source_session_id",
+ "required": true,
+ "description": "The ID of the identity source session to initiate the import process.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "The ID of the identity source session"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "sessionId"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'startImportFromIdentitySource'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.identitySources.manage"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/identity-sources/{identitySourceId}/sessions/{sessionId}/start-import",
+ "http_method": "POST",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "identitySourceId",
+ "tool_parameter_name": "identity_source_id",
+ "description": "The ID of the identity source for which the session is created",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "The ID of the identity source for which the session is created"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ },
+ {
+ "name": "sessionId",
+ "tool_parameter_name": "identity_source_session_id",
+ "description": "The ID of the identity source session",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "The ID of the identity source session"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/InitiatePasswordResetFlow.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/InitiatePasswordResetFlow.json
new file mode 100644
index 000000000..f5cd60ab0
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/InitiatePasswordResetFlow.json
@@ -0,0 +1,137 @@
+{
+ "name": "InitiatePasswordResetFlow",
+ "fully_qualified_name": "OktaApi.InitiatePasswordResetFlow@0.1.0",
+ "description": "Initiates the password reset process for a user in Okta.\n\nThis tool starts the forgot password flow, generating a one-time token for password reset. It's used for users with 'ACTIVE' status and a valid recovery question credential. If 'sendEmail' is false, it returns a password reset link.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "okta_user_id",
+ "required": true,
+ "description": "The unique ID of an existing Okta user to initiate the password reset process.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "ID of an existing Okta user"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "userId"
+ },
+ {
+ "name": "send_email",
+ "required": false,
+ "description": "If true, sends a forgot password email to the user. If false, returns a reset link.",
+ "value_schema": {
+ "val_type": "boolean",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Sends a forgot password email to the user if `true`"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "sendEmail"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'forgotPassword'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.users.manage"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/users/{userId}/credentials/forgot_password",
+ "http_method": "POST",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "sendEmail",
+ "tool_parameter_name": "send_email",
+ "description": "Sends a forgot password email to the user if `true`",
+ "value_schema": {
+ "val_type": "boolean",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Sends a forgot password email to the user if `true`"
+ },
+ "accepted_as": "query",
+ "required": false,
+ "deprecated": false,
+ "documentation_urls": []
+ },
+ {
+ "name": "userId",
+ "tool_parameter_name": "okta_user_id",
+ "description": "ID of an existing Okta user",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "ID of an existing Okta user"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/ListActiveApiTokens.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/ListActiveApiTokens.json
new file mode 100644
index 000000000..062485db9
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/ListActiveApiTokens.json
@@ -0,0 +1,71 @@
+{
+ "name": "ListActiveApiTokens",
+ "fully_qualified_name": "OktaApi.ListActiveApiTokens@0.1.0",
+ "description": "Lists metadata of all active API tokens.\n\nUse this tool to retrieve metadata of all active API tokens in the system.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": []
+ },
+ "output": {
+ "description": "Response from the API endpoint 'listApiTokens'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.apiTokens.read"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/api-tokens",
+ "http_method": "GET",
+ "headers": {},
+ "parameters": [],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/ListActiveSigningKeyCredential.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/ListActiveSigningKeyCredential.json
new file mode 100644
index 000000000..1a1e210f1
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/ListActiveSigningKeyCredential.json
@@ -0,0 +1,105 @@
+{
+ "name": "ListActiveSigningKeyCredential",
+ "fully_qualified_name": "OktaApi.ListActiveSigningKeyCredential@0.1.0",
+ "description": "Retrieve the active signing key for an identity provider.\n\nThis tool retrieves the active signing key credential for a specified identity provider (IdP) in Okta.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "identity_provider_id",
+ "required": true,
+ "description": "The unique identifier of the identity provider (IdP) to retrieve the signing key for.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "`id` of IdP"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "idpId"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'listActiveIdentityProviderSigningKey'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.idps.read"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/idps/{idpId}/credentials/keys/active",
+ "http_method": "GET",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "idpId",
+ "tool_parameter_name": "identity_provider_id",
+ "description": "`id` of IdP",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "`id` of IdP"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/ListAgentPoolUpdates.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/ListAgentPoolUpdates.json
new file mode 100644
index 000000000..9ee8d9b33
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/ListAgentPoolUpdates.json
@@ -0,0 +1,137 @@
+{
+ "name": "ListAgentPoolUpdates",
+ "fully_qualified_name": "OktaApi.ListAgentPoolUpdates@0.1.0",
+ "description": "Retrieve all updates for a specific agent pool.\n\nUse this tool to get a list of all updates related to a specific agent pool in Okta. It provides details on changes or modifications to the agent pool identified by the provided pool ID.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "agent_pool_id",
+ "required": true,
+ "description": "ID of the agent pool to retrieve updates for.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "ID of the agent pool for which the settings apply to"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "poolId"
+ },
+ {
+ "name": "return_scheduled_or_adhoc",
+ "required": false,
+ "description": "Return only scheduled or ad-hoc updates if true. If false or not provided, returns the full list of updates.",
+ "value_schema": {
+ "val_type": "boolean",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Return only scheduled or ad-hoc updates. If this parameter isn't provided, Okta returns the entire list of updates."
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "scheduled"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'listAgentPoolsUpdates'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.agentPools.read"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/agentPools/{poolId}/updates",
+ "http_method": "GET",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "scheduled",
+ "tool_parameter_name": "return_scheduled_or_adhoc",
+ "description": "Return only scheduled or ad-hoc updates. If this parameter isn't provided, Okta returns the entire list of updates.",
+ "value_schema": {
+ "val_type": "boolean",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Return only scheduled or ad-hoc updates. If this parameter isn't provided, Okta returns the entire list of updates."
+ },
+ "accepted_as": "query",
+ "required": false,
+ "deprecated": false,
+ "documentation_urls": []
+ },
+ {
+ "name": "poolId",
+ "tool_parameter_name": "agent_pool_id",
+ "description": "ID of the agent pool for which the settings apply to",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "ID of the agent pool for which the settings apply to"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/ListAgentPools.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/ListAgentPools.json
new file mode 100644
index 000000000..c88c6855e
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/ListAgentPools.json
@@ -0,0 +1,185 @@
+{
+ "name": "ListAgentPools",
+ "fully_qualified_name": "OktaApi.ListAgentPools@0.1.0",
+ "description": "Lists all agent pools with pagination support.\n\nUse this tool to retrieve a comprehensive list of agent pools, including support for pagination to manage large datasets.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "maximum_agent_pools",
+ "required": false,
+ "description": "Maximum number of agent pools to be returned per pool type.",
+ "value_schema": {
+ "val_type": "integer",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Maximum number of agent pools returned"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "limitPerPoolType"
+ },
+ {
+ "name": "agent_pool_type",
+ "required": false,
+ "description": "Specify the agent type to filter the search. Options are AD, IWA, LDAP, MFA, OPP, RUM, or Radius.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": [
+ "AD",
+ "IWA",
+ "LDAP",
+ "MFA",
+ "OPP",
+ "RUM",
+ "Radius"
+ ],
+ "properties": null,
+ "inner_properties": null,
+ "description": "Agent type to search for"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "poolType"
+ },
+ {
+ "name": "pagination_cursor",
+ "required": false,
+ "description": "An opaque string cursor for pagination, specifying current list position, obtained from the `Link` header.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "The cursor to use for pagination. It is an opaque string that specifies your current location in the list and is obtained from the `Link` response header. See [Pagination](https://developer.okta.com/docs/api/#pagination)."
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "after"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'listAgentPools'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.agentPools.read"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/agentPools",
+ "http_method": "GET",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "limitPerPoolType",
+ "tool_parameter_name": "maximum_agent_pools",
+ "description": "Maximum number of agent pools returned",
+ "value_schema": {
+ "val_type": "integer",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Maximum number of agent pools returned"
+ },
+ "accepted_as": "query",
+ "required": false,
+ "deprecated": false,
+ "documentation_urls": []
+ },
+ {
+ "name": "poolType",
+ "tool_parameter_name": "agent_pool_type",
+ "description": "Agent type to search for",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": [
+ "AD",
+ "IWA",
+ "LDAP",
+ "MFA",
+ "OPP",
+ "RUM",
+ "Radius"
+ ],
+ "properties": null,
+ "inner_properties": null,
+ "description": "Agent type to search for"
+ },
+ "accepted_as": "query",
+ "required": false,
+ "deprecated": false,
+ "documentation_urls": []
+ },
+ {
+ "name": "after",
+ "tool_parameter_name": "pagination_cursor",
+ "description": "The cursor to use for pagination. It is an opaque string that specifies your current location in the list and is obtained from the `Link` response header. See [Pagination](https://developer.okta.com/docs/api/#pagination).",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "The cursor to use for pagination. It is an opaque string that specifies your current location in the list and is obtained from the `Link` response header. See [Pagination](https://developer.okta.com/docs/api/#pagination)."
+ },
+ "accepted_as": "query",
+ "required": false,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/ListAllAuthenticators.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/ListAllAuthenticators.json
new file mode 100644
index 000000000..bb5a1d588
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/ListAllAuthenticators.json
@@ -0,0 +1,71 @@
+{
+ "name": "ListAllAuthenticators",
+ "fully_qualified_name": "OktaApi.ListAllAuthenticators@0.1.0",
+ "description": "Fetches a list of all authenticators.\n\n",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": []
+ },
+ "output": {
+ "description": "Response from the API endpoint 'listAuthenticators'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.authenticators.read"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/authenticators",
+ "http_method": "GET",
+ "headers": {},
+ "parameters": [],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/ListAllBrands.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/ListAllBrands.json
new file mode 100644
index 000000000..cfd3bdcb5
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/ListAllBrands.json
@@ -0,0 +1,201 @@
+{
+ "name": "ListAllBrands",
+ "fully_qualified_name": "OktaApi.ListAllBrands@0.1.0",
+ "description": "Retrieve all brands within your organization.\n\nUse this tool to get a comprehensive list of all the brands associated with your organization using Okta.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "include_additional_metadata",
+ "required": false,
+ "description": "Specifies additional metadata to be included in the response. Provide a list of metadata fields to expand.",
+ "value_schema": {
+ "val_type": "array",
+ "inner_val_type": "string",
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Specifies additional metadata to be included in the response"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "expand"
+ },
+ {
+ "name": "pagination_cursor",
+ "required": false,
+ "description": "The cursor for pagination. It is an opaque string obtained from the `Link` response header to specify your current location in the brand list.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "The cursor to use for pagination. It is an opaque string that specifies your current location in the list and is obtained from the `Link` response header. See [Pagination](https://developer.okta.com/docs/api/#pagination)."
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "after"
+ },
+ {
+ "name": "object_limit",
+ "required": false,
+ "description": "Sets an upper limit on the number of brand objects to return in the response. Accepts an integer value.",
+ "value_schema": {
+ "val_type": "integer",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "A limit on the number of objects to return"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "limit"
+ },
+ {
+ "name": "search_query",
+ "required": false,
+ "description": "Search string to filter the brand records for matching values.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Searches the records for matching value"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "q"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'listBrands'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.brands.read"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/brands",
+ "http_method": "GET",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "expand",
+ "tool_parameter_name": "include_additional_metadata",
+ "description": "Specifies additional metadata to be included in the response",
+ "value_schema": {
+ "val_type": "array",
+ "inner_val_type": "string",
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Specifies additional metadata to be included in the response"
+ },
+ "accepted_as": "query",
+ "required": false,
+ "deprecated": false,
+ "documentation_urls": []
+ },
+ {
+ "name": "after",
+ "tool_parameter_name": "pagination_cursor",
+ "description": "The cursor to use for pagination. It is an opaque string that specifies your current location in the list and is obtained from the `Link` response header. See [Pagination](https://developer.okta.com/docs/api/#pagination).",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "The cursor to use for pagination. It is an opaque string that specifies your current location in the list and is obtained from the `Link` response header. See [Pagination](https://developer.okta.com/docs/api/#pagination)."
+ },
+ "accepted_as": "query",
+ "required": false,
+ "deprecated": false,
+ "documentation_urls": []
+ },
+ {
+ "name": "limit",
+ "tool_parameter_name": "object_limit",
+ "description": "A limit on the number of objects to return",
+ "value_schema": {
+ "val_type": "integer",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "A limit on the number of objects to return"
+ },
+ "accepted_as": "query",
+ "required": false,
+ "deprecated": false,
+ "documentation_urls": []
+ },
+ {
+ "name": "q",
+ "tool_parameter_name": "search_query",
+ "description": "Searches the records for matching value",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Searches the records for matching value"
+ },
+ "accepted_as": "query",
+ "required": false,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/ListAllDevices.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/ListAllDevices.json
new file mode 100644
index 000000000..fbc944666
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/ListAllDevices.json
@@ -0,0 +1,207 @@
+{
+ "name": "ListAllDevices",
+ "fully_qualified_name": "OktaApi.ListAllDevices@0.1.0",
+ "description": "Fetches a paginated list of devices with optional search criteria.\n\nThis tool retrieves a list of all devices with support for pagination. It allows specifying search criteria to filter devices based on properties using SCIM filter specifications. It's important to note that search results are not suitable for critical flows due to potential data staleness. This tool is useful for querying device information, but not for operations needing real-time accuracy.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "pagination_cursor",
+ "required": false,
+ "description": "A string used to paginate and retrieve the next set of results. Use this from the previous response to access more data.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": ""
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "after"
+ },
+ {
+ "name": "device_list_limit",
+ "required": false,
+ "description": "Maximum number of devices to return. It's recommended to set this at 20.",
+ "value_schema": {
+ "val_type": "integer",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "A limit on the number of objects to return (recommend `20`)"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "limit"
+ },
+ {
+ "name": "scim_filter_expression",
+ "required": false,
+ "description": "A SCIM filter expression to filter devices based on profile, id, status, or lastUpdated properties. Supports 'co' operator with specific attributes like profile.displayName, profile.serialNumber, etc.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "A SCIM filter expression that filters the results. Searches include all device `profile` properties and the device `id`, `status`, and `lastUpdated` properties.\n\nSearches for devices can be filtered by the contains (`co`) operator. You can only use `co` with these select device profile attributes: `profile.displayName`, `profile.serialNumber`, `profile.imei`, `profile.meid`, `profile.udid`, and `profile.sid`. See [Operators](https://developer.okta.com/docs/api/#operators)."
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "search"
+ },
+ {
+ "name": "include_user_details_and_management_status",
+ "required": false,
+ "description": "Specify whether to include associated user details and management status in the `_embedded` attribute. Options are 'user' or 'userSummary'.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": [
+ "user",
+ "userSummary"
+ ],
+ "properties": null,
+ "inner_properties": null,
+ "description": "Includes associated user details and management status for the device in the `_embedded` attribute"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "expand"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'listDevices'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.devices.read"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/devices",
+ "http_method": "GET",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "after",
+ "tool_parameter_name": "pagination_cursor",
+ "description": "",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": ""
+ },
+ "accepted_as": "query",
+ "required": false,
+ "deprecated": false,
+ "documentation_urls": []
+ },
+ {
+ "name": "limit",
+ "tool_parameter_name": "device_list_limit",
+ "description": "A limit on the number of objects to return (recommend `20`)",
+ "value_schema": {
+ "val_type": "integer",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "A limit on the number of objects to return (recommend `20`)"
+ },
+ "accepted_as": "query",
+ "required": false,
+ "deprecated": false,
+ "documentation_urls": []
+ },
+ {
+ "name": "search",
+ "tool_parameter_name": "scim_filter_expression",
+ "description": "A SCIM filter expression that filters the results. Searches include all device `profile` properties and the device `id`, `status`, and `lastUpdated` properties.\n\nSearches for devices can be filtered by the contains (`co`) operator. You can only use `co` with these select device profile attributes: `profile.displayName`, `profile.serialNumber`, `profile.imei`, `profile.meid`, `profile.udid`, and `profile.sid`. See [Operators](https://developer.okta.com/docs/api/#operators).",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "A SCIM filter expression that filters the results. Searches include all device `profile` properties and the device `id`, `status`, and `lastUpdated` properties.\n\nSearches for devices can be filtered by the contains (`co`) operator. You can only use `co` with these select device profile attributes: `profile.displayName`, `profile.serialNumber`, `profile.imei`, `profile.meid`, `profile.udid`, and `profile.sid`. See [Operators](https://developer.okta.com/docs/api/#operators)."
+ },
+ "accepted_as": "query",
+ "required": false,
+ "deprecated": false,
+ "documentation_urls": []
+ },
+ {
+ "name": "expand",
+ "tool_parameter_name": "include_user_details_and_management_status",
+ "description": "Includes associated user details and management status for the device in the `_embedded` attribute",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": [
+ "user",
+ "userSummary"
+ ],
+ "properties": null,
+ "inner_properties": null,
+ "description": "Includes associated user details and management status for the device in the `_embedded` attribute"
+ },
+ "accepted_as": "query",
+ "required": false,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/ListAllUserTypes.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/ListAllUserTypes.json
new file mode 100644
index 000000000..d278170ee
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/ListAllUserTypes.json
@@ -0,0 +1,71 @@
+{
+ "name": "ListAllUserTypes",
+ "fully_qualified_name": "OktaApi.ListAllUserTypes@0.1.0",
+ "description": "Retrieve a list of all user types in your organization.\n\nUse this tool to get an overview of all user types defined in your Okta organization. Useful for managing user roles and permissions.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": []
+ },
+ "output": {
+ "description": "Response from the API endpoint 'listUserTypes'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.userTypes.read"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/meta/types/user",
+ "http_method": "GET",
+ "headers": {},
+ "parameters": [],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/ListApiServiceIntegrations.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/ListApiServiceIntegrations.json
new file mode 100644
index 000000000..e3ee3afc2
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/ListApiServiceIntegrations.json
@@ -0,0 +1,105 @@
+{
+ "name": "ListApiServiceIntegrations",
+ "fully_qualified_name": "OktaApi.ListApiServiceIntegrations@0.1.0",
+ "description": "Retrieve all API Service Integration instances.\n\nUse this tool to list all API Service Integration instances available in Okta, with optional pagination for navigating through results.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "pagination_cursor",
+ "required": false,
+ "description": "Opaque string for pagination to specify the current location in the list, obtained from the `Link` header.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "The cursor to use for pagination. It is an opaque string that specifies your current location in the list and is obtained from the `Link` response header. See [Pagination](https://developer.okta.com/docs/api/#pagination)."
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "after"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'listApiServiceIntegrationInstances'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.oauthIntegrations.read"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/integrations/api/v1/api-services",
+ "http_method": "GET",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "after",
+ "tool_parameter_name": "pagination_cursor",
+ "description": "The cursor to use for pagination. It is an opaque string that specifies your current location in the list and is obtained from the `Link` response header. See [Pagination](https://developer.okta.com/docs/api/#pagination).",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "The cursor to use for pagination. It is an opaque string that specifies your current location in the list and is obtained from the `Link` response header. See [Pagination](https://developer.okta.com/docs/api/#pagination)."
+ },
+ "accepted_as": "query",
+ "required": false,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/ListApiServiceSecrets.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/ListApiServiceSecrets.json
new file mode 100644
index 000000000..791b7f223
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/ListApiServiceSecrets.json
@@ -0,0 +1,105 @@
+{
+ "name": "ListApiServiceSecrets",
+ "fully_qualified_name": "OktaApi.ListApiServiceSecrets@0.1.0",
+ "description": "Retrieve client secrets for an API service integration.\n\nUse this tool to list all client secrets for a specific API Service Integration instance using the `apiServiceId`.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "api_service_id",
+ "required": true,
+ "description": "The unique identifier of the API Service Integration instance to retrieve secrets for.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "`id` of the API Service Integration instance"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "apiServiceId"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'listApiServiceIntegrationInstanceSecrets'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.oauthIntegrations.read"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/integrations/api/v1/api-services/{apiServiceId}/credentials/secrets",
+ "http_method": "GET",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "apiServiceId",
+ "tool_parameter_name": "api_service_id",
+ "description": "`id` of the API Service Integration instance",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "`id` of the API Service Integration instance"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/ListAppGroupAssignments.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/ListAppGroupAssignments.json
new file mode 100644
index 000000000..b2294e8c6
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/ListAppGroupAssignments.json
@@ -0,0 +1,233 @@
+{
+ "name": "ListAppGroupAssignments",
+ "fully_qualified_name": "OktaApi.ListAppGroupAssignments@0.1.0",
+ "description": "List all group assignments for a specific application.\n\nUse this tool to retrieve a list of app group assignments for a given application by specifying the app ID.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "application_id",
+ "required": true,
+ "description": "The unique identifier for the application. Use this to specify which application's group assignments to list.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Application ID"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "appId"
+ },
+ {
+ "name": "group_name_starts_with_filter",
+ "required": false,
+ "description": "A filter to match group names that start with the specified string for assigned groups.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Specifies a filter for a list of assigned groups returned based on their names. The value of `q` is matched against the group `name`. \nThis filter only supports the `startsWith` operation that matches the `q` string against the beginning of the [group name](https://developer.okta.com/docs/api/openapi/okta-management/management/tag/Group/#tag/Group/operation/listGroups!c=200&path=profile/name&t=response)."
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "q"
+ },
+ {
+ "name": "pagination_cursor",
+ "required": false,
+ "description": "Specifies the pagination cursor for the next page of results. Use the value from the 'next' link in the Link header.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Specifies the pagination cursor for the `next` page of results. Treat this as an opaque value obtained through the next link relationship. See [Pagination](https://developer.okta.com/docs/api/#pagination)."
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "after"
+ },
+ {
+ "name": "results_per_page",
+ "required": false,
+ "description": "Specifies the number of objects to return per page. Supports pagination by using the `next` link for additional pages.",
+ "value_schema": {
+ "val_type": "integer",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Specifies the number of objects to return per page.\nIf there are multiple pages of results, the Link header contains a `next` link that you need to use as an opaque value (follow it, don't parse it).\nSee [Pagination](/#pagination)."
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "limit"
+ },
+ {
+ "name": "return_assigned_group_or_metadata",
+ "required": false,
+ "description": "Optional query to return the assigned group or assignment metadata in the `_embedded` property.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "An optional query parameter to return the corresponding assigned [group](https://developer.okta.com/docs/api/openapi/okta-management/management/tag/Group/) or \nthe group assignment metadata details in the `_embedded` property."
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "expand"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'listApplicationGroupAssignments'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.apps.read"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/apps/{appId}/groups",
+ "http_method": "GET",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "q",
+ "tool_parameter_name": "group_name_starts_with_filter",
+ "description": "Specifies a filter for a list of assigned groups returned based on their names. The value of `q` is matched against the group `name`. \nThis filter only supports the `startsWith` operation that matches the `q` string against the beginning of the [group name](https://developer.okta.com/docs/api/openapi/okta-management/management/tag/Group/#tag/Group/operation/listGroups!c=200&path=profile/name&t=response).",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Specifies a filter for a list of assigned groups returned based on their names. The value of `q` is matched against the group `name`. \nThis filter only supports the `startsWith` operation that matches the `q` string against the beginning of the [group name](https://developer.okta.com/docs/api/openapi/okta-management/management/tag/Group/#tag/Group/operation/listGroups!c=200&path=profile/name&t=response)."
+ },
+ "accepted_as": "query",
+ "required": false,
+ "deprecated": false,
+ "documentation_urls": []
+ },
+ {
+ "name": "after",
+ "tool_parameter_name": "pagination_cursor",
+ "description": "Specifies the pagination cursor for the `next` page of results. Treat this as an opaque value obtained through the next link relationship. See [Pagination](https://developer.okta.com/docs/api/#pagination).",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Specifies the pagination cursor for the `next` page of results. Treat this as an opaque value obtained through the next link relationship. See [Pagination](https://developer.okta.com/docs/api/#pagination)."
+ },
+ "accepted_as": "query",
+ "required": false,
+ "deprecated": false,
+ "documentation_urls": []
+ },
+ {
+ "name": "limit",
+ "tool_parameter_name": "results_per_page",
+ "description": "Specifies the number of objects to return per page.\nIf there are multiple pages of results, the Link header contains a `next` link that you need to use as an opaque value (follow it, don't parse it).\nSee [Pagination](/#pagination).",
+ "value_schema": {
+ "val_type": "integer",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Specifies the number of objects to return per page.\nIf there are multiple pages of results, the Link header contains a `next` link that you need to use as an opaque value (follow it, don't parse it).\nSee [Pagination](/#pagination)."
+ },
+ "accepted_as": "query",
+ "required": false,
+ "deprecated": false,
+ "documentation_urls": []
+ },
+ {
+ "name": "expand",
+ "tool_parameter_name": "return_assigned_group_or_metadata",
+ "description": "An optional query parameter to return the corresponding assigned [group](https://developer.okta.com/docs/api/openapi/okta-management/management/tag/Group/) or \nthe group assignment metadata details in the `_embedded` property.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "An optional query parameter to return the corresponding assigned [group](https://developer.okta.com/docs/api/openapi/okta-management/management/tag/Group/) or \nthe group assignment metadata details in the `_embedded` property."
+ },
+ "accepted_as": "query",
+ "required": false,
+ "deprecated": false,
+ "documentation_urls": []
+ },
+ {
+ "name": "appId",
+ "tool_parameter_name": "application_id",
+ "description": "Application ID",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Application ID"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/ListAppKeys.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/ListAppKeys.json
new file mode 100644
index 000000000..ba8ed4c38
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/ListAppKeys.json
@@ -0,0 +1,105 @@
+{
+ "name": "ListAppKeys",
+ "fully_qualified_name": "OktaApi.ListAppKeys@0.1.0",
+ "description": "Retrieve all key credentials for a specific app.\n\nCall this tool to obtain all key credentials associated with a specific application in Okta. Useful for managing or auditing application key data.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "application_id",
+ "required": true,
+ "description": "The unique identifier for the application. Required to retrieve key credentials.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Application ID"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "appId"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'listApplicationKeys'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.apps.read"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/apps/{appId}/credentials/keys",
+ "http_method": "GET",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "appId",
+ "tool_parameter_name": "application_id",
+ "description": "Application ID",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Application ID"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/ListAppScopeConsentGrants.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/ListAppScopeConsentGrants.json
new file mode 100644
index 000000000..4d2d8f57a
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/ListAppScopeConsentGrants.json
@@ -0,0 +1,137 @@
+{
+ "name": "ListAppScopeConsentGrants",
+ "fully_qualified_name": "OktaApi.ListAppScopeConsentGrants@0.1.0",
+ "description": "Lists all scope consent grants for a specific app.\n\nUse this tool to retrieve all scope consent grants associated with a specific application in Okta. It should be called when you need to understand which grants have been issued for an app.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "application_id",
+ "required": true,
+ "description": "The unique identifier of the application for which you want to list scope consent grants.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Application ID"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "appId"
+ },
+ {
+ "name": "include_scope_details",
+ "required": false,
+ "description": "Set to `scope` to include scope details in the `_embedded` property. This is optional.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "An optional parameter to return scope details in the `_embedded` property. Valid value: `scope`"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "expand"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'listScopeConsentGrants'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.appGrants.read"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/apps/{appId}/grants",
+ "http_method": "GET",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "expand",
+ "tool_parameter_name": "include_scope_details",
+ "description": "An optional parameter to return scope details in the `_embedded` property. Valid value: `scope`",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "An optional parameter to return scope details in the `_embedded` property. Valid value: `scope`"
+ },
+ "accepted_as": "query",
+ "required": false,
+ "deprecated": false,
+ "documentation_urls": []
+ },
+ {
+ "name": "appId",
+ "tool_parameter_name": "application_id",
+ "description": "Application ID",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Application ID"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/ListAppServiceAccounts.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/ListAppServiceAccounts.json
new file mode 100644
index 000000000..7df111e9e
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/ListAppServiceAccounts.json
@@ -0,0 +1,169 @@
+{
+ "name": "ListAppServiceAccounts",
+ "fully_qualified_name": "OktaApi.ListAppServiceAccounts@0.1.0",
+ "description": "Retrieve all app service accounts from Okta.\n\nUse this tool to list all application service accounts in Okta's privileged-access API. It helps to manage and monitor service account details efficiently.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "number_of_accounts_limit",
+ "required": false,
+ "description": "The maximum number of app service accounts to return in the response.",
+ "value_schema": {
+ "val_type": "integer",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "A limit on the number of objects to return"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "limit"
+ },
+ {
+ "name": "pagination_cursor",
+ "required": false,
+ "description": "An opaque string for pagination, indicating current position in the list. Obtained from the `Link` response header.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "The cursor to use for pagination. It is an opaque string that specifies your current location in the list and is obtained from the `Link` response header. See [Pagination](https://developer.okta.com/docs/api/#pagination)."
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "after"
+ },
+ {
+ "name": "search_account_value",
+ "required": false,
+ "description": "Provides a search string to filter app service accounts by name, username, instance label, or key name.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Searches for app service accounts where the account name (`name`), username (`username`), app instance label (`containerInstanceName`), or OIN app key name (`containerGlobalName`) contains the given value"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "match"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'listAppServiceAccounts'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.serviceAccounts.read"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/privileged-access/api/v1/service-accounts",
+ "http_method": "GET",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "limit",
+ "tool_parameter_name": "number_of_accounts_limit",
+ "description": "A limit on the number of objects to return",
+ "value_schema": {
+ "val_type": "integer",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "A limit on the number of objects to return"
+ },
+ "accepted_as": "query",
+ "required": false,
+ "deprecated": false,
+ "documentation_urls": []
+ },
+ {
+ "name": "after",
+ "tool_parameter_name": "pagination_cursor",
+ "description": "The cursor to use for pagination. It is an opaque string that specifies your current location in the list and is obtained from the `Link` response header. See [Pagination](https://developer.okta.com/docs/api/#pagination).",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "The cursor to use for pagination. It is an opaque string that specifies your current location in the list and is obtained from the `Link` response header. See [Pagination](https://developer.okta.com/docs/api/#pagination)."
+ },
+ "accepted_as": "query",
+ "required": false,
+ "deprecated": false,
+ "documentation_urls": []
+ },
+ {
+ "name": "match",
+ "tool_parameter_name": "search_account_value",
+ "description": "Searches for app service accounts where the account name (`name`), username (`username`), app instance label (`containerInstanceName`), or OIN app key name (`containerGlobalName`) contains the given value",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Searches for app service accounts where the account name (`name`), username (`username`), app instance label (`containerInstanceName`), or OIN app key name (`containerGlobalName`) contains the given value"
+ },
+ "accepted_as": "query",
+ "required": false,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/ListAppTargetsForAdminRole.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/ListAppTargetsForAdminRole.json
new file mode 100644
index 000000000..cb115b387
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/ListAppTargetsForAdminRole.json
@@ -0,0 +1,201 @@
+{
+ "name": "ListAppTargetsForAdminRole",
+ "fully_qualified_name": "OktaApi.ListAppTargetsForAdminRole@0.1.0",
+ "description": "Retrieve OIN app targets for a specified APP_ADMIN role.\n\nThis tool is used to list all OIN app targets for an APP_ADMIN role assigned to a client, identified by clientId. It is useful for managing and reviewing application targets associated with specific administrative roles.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "client_application_id",
+ "required": true,
+ "description": "The unique identifier for the client application. Use this ID to specify which client's APP_ADMIN role targets to list.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Client app ID"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "clientId"
+ },
+ {
+ "name": "role_assignment_id",
+ "required": true,
+ "description": "The ID of the role assignment to identify the specific role assignment for the client.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "The `id` of the role assignment"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "roleAssignmentId"
+ },
+ {
+ "name": "pagination_cursor",
+ "required": false,
+ "description": "The cursor for pagination, an opaque string from the `Link` response header.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "The cursor to use for pagination. It is an opaque string that specifies your current location in the list and is obtained from the `Link` response header. See [Pagination](https://developer.okta.com/docs/api/#pagination)."
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "after"
+ },
+ {
+ "name": "max_results_limit",
+ "required": false,
+ "description": "Maximum number of objects to return in the response.",
+ "value_schema": {
+ "val_type": "integer",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "A limit on the number of objects to return"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "limit"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'listAppTargetRoleToClient'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.roles.read"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/oauth2/v1/clients/{clientId}/roles/{roleAssignmentId}/targets/catalog/apps",
+ "http_method": "GET",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "after",
+ "tool_parameter_name": "pagination_cursor",
+ "description": "The cursor to use for pagination. It is an opaque string that specifies your current location in the list and is obtained from the `Link` response header. See [Pagination](https://developer.okta.com/docs/api/#pagination).",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "The cursor to use for pagination. It is an opaque string that specifies your current location in the list and is obtained from the `Link` response header. See [Pagination](https://developer.okta.com/docs/api/#pagination)."
+ },
+ "accepted_as": "query",
+ "required": false,
+ "deprecated": false,
+ "documentation_urls": []
+ },
+ {
+ "name": "limit",
+ "tool_parameter_name": "max_results_limit",
+ "description": "A limit on the number of objects to return",
+ "value_schema": {
+ "val_type": "integer",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "A limit on the number of objects to return"
+ },
+ "accepted_as": "query",
+ "required": false,
+ "deprecated": false,
+ "documentation_urls": []
+ },
+ {
+ "name": "clientId",
+ "tool_parameter_name": "client_application_id",
+ "description": "Client app ID",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Client app ID"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ },
+ {
+ "name": "roleAssignmentId",
+ "tool_parameter_name": "role_assignment_id",
+ "description": "The `id` of the role assignment",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "The `id` of the role assignment"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/ListAppTargetsForGroupAppAdmin.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/ListAppTargetsForGroupAppAdmin.json
new file mode 100644
index 000000000..f49a84560
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/ListAppTargetsForGroupAppAdmin.json
@@ -0,0 +1,201 @@
+{
+ "name": "ListAppTargetsForGroupAppAdmin",
+ "fully_qualified_name": "OktaApi.ListAppTargetsForGroupAppAdmin@0.1.0",
+ "description": "Retrieve app targets for APP_ADMIN group role assignments.\n\nUse this tool to list all application targets for a specific application's administrative role assigned to a group. It returns a list of either OIN-cataloged apps or specific app instances associated with the role within the group.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "group_id",
+ "required": true,
+ "description": "The unique identifier of the group for which to list app targets.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "The `id` of the group"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "groupId"
+ },
+ {
+ "name": "role_assignment_id",
+ "required": true,
+ "description": "The identifier for the role assignment to a group. Use this to specify the role for which app targets are listed.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "The `id` of the role assignment"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "roleAssignmentId"
+ },
+ {
+ "name": "pagination_cursor",
+ "required": false,
+ "description": "The cursor for pagination indicating current position in the list, obtained from the `Link` header.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "The cursor to use for pagination. It is an opaque string that specifies your current location in the list and is obtained from the `Link` response header. See [Pagination](https://developer.okta.com/docs/api/#pagination)."
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "after"
+ },
+ {
+ "name": "max_number_of_objects_returned",
+ "required": false,
+ "description": "Specifies the maximum number of application targets to return in the response.",
+ "value_schema": {
+ "val_type": "integer",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "A limit on the number of objects to return"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "limit"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'listApplicationTargetsForApplicationAdministratorRoleForGroup'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.roles.read"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/groups/{groupId}/roles/{roleAssignmentId}/targets/catalog/apps",
+ "http_method": "GET",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "after",
+ "tool_parameter_name": "pagination_cursor",
+ "description": "The cursor to use for pagination. It is an opaque string that specifies your current location in the list and is obtained from the `Link` response header. See [Pagination](https://developer.okta.com/docs/api/#pagination).",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "The cursor to use for pagination. It is an opaque string that specifies your current location in the list and is obtained from the `Link` response header. See [Pagination](https://developer.okta.com/docs/api/#pagination)."
+ },
+ "accepted_as": "query",
+ "required": false,
+ "deprecated": false,
+ "documentation_urls": []
+ },
+ {
+ "name": "limit",
+ "tool_parameter_name": "max_number_of_objects_returned",
+ "description": "A limit on the number of objects to return",
+ "value_schema": {
+ "val_type": "integer",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "A limit on the number of objects to return"
+ },
+ "accepted_as": "query",
+ "required": false,
+ "deprecated": false,
+ "documentation_urls": []
+ },
+ {
+ "name": "groupId",
+ "tool_parameter_name": "group_id",
+ "description": "The `id` of the group",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "The `id` of the group"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ },
+ {
+ "name": "roleAssignmentId",
+ "tool_parameter_name": "role_assignment_id",
+ "description": "The `id` of the role assignment",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "The `id` of the role assignment"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/ListAppTargetsForUserAdminRole.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/ListAppTargetsForUserAdminRole.json
new file mode 100644
index 000000000..2c79e6e75
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/ListAppTargetsForUserAdminRole.json
@@ -0,0 +1,201 @@
+{
+ "name": "ListAppTargetsForUserAdminRole",
+ "fully_qualified_name": "OktaApi.ListAppTargetsForUserAdminRole@0.1.0",
+ "description": "Retrieve app targets for a user's admin role in Okta.\n\nUse this tool to get a list of application targets associated with an 'APP_ADMIN' role assigned to a specific user in Okta. The returned list includes OIN-cataloged applications or app instances, with the 'id' property for app instances.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "user_id",
+ "required": true,
+ "description": "The ID of an existing Okta user for which app targets are being retrieved.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "ID of an existing Okta user"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "userId"
+ },
+ {
+ "name": "role_assignment_id",
+ "required": true,
+ "description": "The ID of the role assignment for the user.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "The `id` of the role assignment"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "roleAssignmentId"
+ },
+ {
+ "name": "pagination_cursor",
+ "required": false,
+ "description": "The cursor for pagination to specify the current list location, obtained from the 'Link' response header.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "The cursor to use for pagination. It is an opaque string that specifies your current location in the list and is obtained from the `Link` response header. See [Pagination](https://developer.okta.com/docs/api/#pagination)."
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "after"
+ },
+ {
+ "name": "max_objects_to_return",
+ "required": false,
+ "description": "Specifies the maximum number of app targets to return.",
+ "value_schema": {
+ "val_type": "integer",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "A limit on the number of objects to return"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "limit"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'listApplicationTargetsForApplicationAdministratorRoleForUser'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.roles.read"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/users/{userId}/roles/{roleAssignmentId}/targets/catalog/apps",
+ "http_method": "GET",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "after",
+ "tool_parameter_name": "pagination_cursor",
+ "description": "The cursor to use for pagination. It is an opaque string that specifies your current location in the list and is obtained from the `Link` response header. See [Pagination](https://developer.okta.com/docs/api/#pagination).",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "The cursor to use for pagination. It is an opaque string that specifies your current location in the list and is obtained from the `Link` response header. See [Pagination](https://developer.okta.com/docs/api/#pagination)."
+ },
+ "accepted_as": "query",
+ "required": false,
+ "deprecated": false,
+ "documentation_urls": []
+ },
+ {
+ "name": "limit",
+ "tool_parameter_name": "max_objects_to_return",
+ "description": "A limit on the number of objects to return",
+ "value_schema": {
+ "val_type": "integer",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "A limit on the number of objects to return"
+ },
+ "accepted_as": "query",
+ "required": false,
+ "deprecated": false,
+ "documentation_urls": []
+ },
+ {
+ "name": "userId",
+ "tool_parameter_name": "user_id",
+ "description": "ID of an existing Okta user",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "ID of an existing Okta user"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ },
+ {
+ "name": "roleAssignmentId",
+ "tool_parameter_name": "role_assignment_id",
+ "description": "The `id` of the role assignment",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "The `id` of the role assignment"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/ListAppUsers.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/ListAppUsers.json
new file mode 100644
index 000000000..58034e581
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/ListAppUsers.json
@@ -0,0 +1,233 @@
+{
+ "name": "ListAppUsers",
+ "fully_qualified_name": "OktaApi.ListAppUsers@0.1.0",
+ "description": "Retrieve all users assigned to a specific app.\n\nUse this tool to list all users who have been assigned to a particular application in Okta. Useful for managing app users and access control.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "application_id",
+ "required": true,
+ "description": "The unique identifier for the application whose assigned users you want to list.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Application ID"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "appId"
+ },
+ {
+ "name": "pagination_cursor",
+ "required": false,
+ "description": "Specifies the pagination cursor for the next page of results. Use this as an opaque value from the next link.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Specifies the pagination cursor for the next page of results. Treat this as an opaque value obtained through the next link relationship. See [Pagination](/#pagination)."
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "after"
+ },
+ {
+ "name": "results_per_page",
+ "required": false,
+ "description": "Specifies the number of user records to return per page. Use this to control pagination effectively. Refer to the pagination guidelines for handling multiple pages.",
+ "value_schema": {
+ "val_type": "integer",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Specifies the number of objects to return per page.\nIf there are multiple pages of results, the Link header contains a `next` link that you need to use as an opaque value (follow it, don't parse it).\nSee [Pagination](/#pagination).\n"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "limit"
+ },
+ {
+ "name": "filter_user_profile",
+ "required": false,
+ "description": "Filter users based on profile attributes like `userName`, `firstName`, `lastName`, or `email`. Supports `startsWith` filtering.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Specifies a filter for the list of application users returned based on their profile attributes.\nThe value of `q` is matched against the beginning of the following profile attributes: `userName`, `firstName`, `lastName`, and `email`.\nThis filter only supports the `startsWith` operation that matches the `q` string against the beginning of the attribute values.\n> **Note:** For OIDC apps, user profiles don't contain the `firstName` or `lastName` attributes. Therefore, the query only matches against the `userName` or `email` attributes.\n"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "q"
+ },
+ {
+ "name": "include_user_object",
+ "required": false,
+ "description": "Include this parameter to return the corresponding User object in the embedded property. Use 'user' as the value.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "An optional query parameter to return the corresponding [User](/openapi/okta-management/management/tag/User/) object in the `_embedded` property.\nValid value: `user`"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "expand"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'listApplicationUsers'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.apps.read"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/apps/{appId}/users",
+ "http_method": "GET",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "after",
+ "tool_parameter_name": "pagination_cursor",
+ "description": "Specifies the pagination cursor for the next page of results. Treat this as an opaque value obtained through the next link relationship. See [Pagination](/#pagination).",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Specifies the pagination cursor for the next page of results. Treat this as an opaque value obtained through the next link relationship. See [Pagination](/#pagination)."
+ },
+ "accepted_as": "query",
+ "required": false,
+ "deprecated": false,
+ "documentation_urls": []
+ },
+ {
+ "name": "limit",
+ "tool_parameter_name": "results_per_page",
+ "description": "Specifies the number of objects to return per page.\nIf there are multiple pages of results, the Link header contains a `next` link that you need to use as an opaque value (follow it, don't parse it).\nSee [Pagination](/#pagination).\n",
+ "value_schema": {
+ "val_type": "integer",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Specifies the number of objects to return per page.\nIf there are multiple pages of results, the Link header contains a `next` link that you need to use as an opaque value (follow it, don't parse it).\nSee [Pagination](/#pagination).\n"
+ },
+ "accepted_as": "query",
+ "required": false,
+ "deprecated": false,
+ "documentation_urls": []
+ },
+ {
+ "name": "q",
+ "tool_parameter_name": "filter_user_profile",
+ "description": "Specifies a filter for the list of application users returned based on their profile attributes.\nThe value of `q` is matched against the beginning of the following profile attributes: `userName`, `firstName`, `lastName`, and `email`.\nThis filter only supports the `startsWith` operation that matches the `q` string against the beginning of the attribute values.\n> **Note:** For OIDC apps, user profiles don't contain the `firstName` or `lastName` attributes. Therefore, the query only matches against the `userName` or `email` attributes.\n",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Specifies a filter for the list of application users returned based on their profile attributes.\nThe value of `q` is matched against the beginning of the following profile attributes: `userName`, `firstName`, `lastName`, and `email`.\nThis filter only supports the `startsWith` operation that matches the `q` string against the beginning of the attribute values.\n> **Note:** For OIDC apps, user profiles don't contain the `firstName` or `lastName` attributes. Therefore, the query only matches against the `userName` or `email` attributes.\n"
+ },
+ "accepted_as": "query",
+ "required": false,
+ "deprecated": false,
+ "documentation_urls": []
+ },
+ {
+ "name": "expand",
+ "tool_parameter_name": "include_user_object",
+ "description": "An optional query parameter to return the corresponding [User](/openapi/okta-management/management/tag/User/) object in the `_embedded` property.\nValid value: `user`",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "An optional query parameter to return the corresponding [User](/openapi/okta-management/management/tag/User/) object in the `_embedded` property.\nValid value: `user`"
+ },
+ "accepted_as": "query",
+ "required": false,
+ "deprecated": false,
+ "documentation_urls": []
+ },
+ {
+ "name": "appId",
+ "tool_parameter_name": "application_id",
+ "description": "Application ID",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Application ID"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/ListApplicationCsrs.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/ListApplicationCsrs.json
new file mode 100644
index 000000000..c47f3e1d3
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/ListApplicationCsrs.json
@@ -0,0 +1,105 @@
+{
+ "name": "ListApplicationCsrs",
+ "fully_qualified_name": "OktaApi.ListApplicationCsrs@0.1.0",
+ "description": "Retrieve all Certificate Signing Requests for a specific application.\n\nUse this tool to obtain a list of all Certificate Signing Requests (CSRs) associated with a specific application. This is helpful for managing or auditing CSRs within the Okta platform.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "application_id",
+ "required": true,
+ "description": "The unique identifier for the application to retrieve CSRs.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Application ID"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "appId"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'listCsrsForApplication'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.apps.read"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/apps/{appId}/credentials/csrs",
+ "http_method": "GET",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "appId",
+ "tool_parameter_name": "application_id",
+ "description": "Application ID",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Application ID"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/ListApplicationFeatures.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/ListApplicationFeatures.json
new file mode 100644
index 000000000..f3907e9c5
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/ListApplicationFeatures.json
@@ -0,0 +1,105 @@
+{
+ "name": "ListApplicationFeatures",
+ "fully_qualified_name": "OktaApi.ListApplicationFeatures@0.1.0",
+ "description": "Retrieve all features for a specific app.\n\nUse this tool to list all features associated with a specific application. Note that it will return an error if provisioning isn't enabled for the app.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "application_id",
+ "required": true,
+ "description": "The unique identifier for the application whose features are to be listed. Required for retrieving feature details.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Application ID"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "appId"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'listFeaturesForApplication'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.apps.read"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/apps/{appId}/features",
+ "http_method": "GET",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "appId",
+ "tool_parameter_name": "application_id",
+ "description": "Application ID",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Application ID"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/ListAuthServerOauth2Clients.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/ListAuthServerOauth2Clients.json
new file mode 100644
index 000000000..ebccded14
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/ListAuthServerOauth2Clients.json
@@ -0,0 +1,105 @@
+{
+ "name": "ListAuthServerOauth2Clients",
+ "fully_qualified_name": "OktaApi.ListAuthServerOauth2Clients@0.1.0",
+ "description": "List OAuth2 clients for a specific authorization server.\n\nRetrieve all client resources associated with a specified authorization server that have tokens. Useful for managing client applications and understanding access scopes within an authorization environment.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "authorization_server_id",
+ "required": true,
+ "description": "The ID of the Authorization Server to list OAuth2 clients for.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "`id` of the Authorization Server"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "authServerId"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'listOAuth2ClientsForAuthorizationServer'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.authorizationServers.read"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/authorizationServers/{authServerId}/clients",
+ "http_method": "GET",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "authServerId",
+ "tool_parameter_name": "authorization_server_id",
+ "description": "`id` of the Authorization Server",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "`id` of the Authorization Server"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/ListAuthServerPolicies.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/ListAuthServerPolicies.json
new file mode 100644
index 000000000..a1da8f81b
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/ListAuthServerPolicies.json
@@ -0,0 +1,105 @@
+{
+ "name": "ListAuthServerPolicies",
+ "fully_qualified_name": "OktaApi.ListAuthServerPolicies@0.1.0",
+ "description": "Retrieve all policies for a specific authorization server.\n\nThis tool retrieves a list of all policies associated with a specific authorization server using its ID. It should be used to obtain policy details for management or review purposes.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "authorization_server_id",
+ "required": true,
+ "description": "The ID of the specific Authorization Server to retrieve policies for.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "`id` of the Authorization Server"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "authServerId"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'listAuthorizationServerPolicies'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.authorizationServers.read"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/authorizationServers/{authServerId}/policies",
+ "http_method": "GET",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "authServerId",
+ "tool_parameter_name": "authorization_server_id",
+ "description": "`id` of the Authorization Server",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "`id` of the Authorization Server"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/ListAuthServerPolicyRules.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/ListAuthServerPolicyRules.json
new file mode 100644
index 000000000..8876abaa3
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/ListAuthServerPolicyRules.json
@@ -0,0 +1,137 @@
+{
+ "name": "ListAuthServerPolicyRules",
+ "fully_qualified_name": "OktaApi.ListAuthServerPolicyRules@0.1.0",
+ "description": "Retrieve policy rules for a Custom Authorization Server.\n\nFetches a list of all policy rules for a specified Custom Authorization Server and Policy, useful for managing access policies.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "authorization_server_id",
+ "required": true,
+ "description": "The ID of the specified Custom Authorization Server to retrieve policy rules from.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "`id` of the Authorization Server"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "authServerId"
+ },
+ {
+ "name": "policy_id",
+ "required": true,
+ "description": "The unique identifier of the Policy for which to list rules.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "`id` of the Policy"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "policyId"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'listAuthorizationServerPolicyRules'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.authorizationServers.read"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/authorizationServers/{authServerId}/policies/{policyId}/rules",
+ "http_method": "GET",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "authServerId",
+ "tool_parameter_name": "authorization_server_id",
+ "description": "`id` of the Authorization Server",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "`id` of the Authorization Server"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ },
+ {
+ "name": "policyId",
+ "tool_parameter_name": "policy_id",
+ "description": "`id` of the Policy",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "`id` of the Policy"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/ListAuthenticatorEnrollments.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/ListAuthenticatorEnrollments.json
new file mode 100644
index 000000000..f4ca36cdf
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/ListAuthenticatorEnrollments.json
@@ -0,0 +1,105 @@
+{
+ "name": "ListAuthenticatorEnrollments",
+ "fully_qualified_name": "OktaApi.ListAuthenticatorEnrollments@0.1.0",
+ "description": "Retrieve all authenticator enrollments for a user.\n\nUse this tool to get a list of all authenticator enrollments associated with a specified user. This is useful for understanding which authentication methods are enrolled for a user in Okta.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "user_id",
+ "required": true,
+ "description": "The ID of an existing Okta user for whom to list authenticator enrollments.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "ID of an existing Okta user"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "userId"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'listAuthenticatorEnrollments'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.users.read"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/users/{userId}/authenticator-enrollments",
+ "http_method": "GET",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "userId",
+ "tool_parameter_name": "user_id",
+ "description": "ID of an existing Okta user",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "ID of an existing Okta user"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/ListAuthenticatorMethods.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/ListAuthenticatorMethods.json
new file mode 100644
index 000000000..6370854b5
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/ListAuthenticatorMethods.json
@@ -0,0 +1,105 @@
+{
+ "name": "ListAuthenticatorMethods",
+ "fully_qualified_name": "OktaApi.ListAuthenticatorMethods@0.1.0",
+ "description": "Retrieve all methods of a specified authenticator.\n\nCall this tool to get a list of all available methods for a specific authenticator using its authenticatorId.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "authenticator_id",
+ "required": true,
+ "description": "The unique identifier of the authenticator to list its methods.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "`id` of the authenticator"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "authenticatorId"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'listAuthenticatorMethods'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.authenticators.read"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/authenticators/{authenticatorId}/methods",
+ "http_method": "GET",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "authenticatorId",
+ "tool_parameter_name": "authenticator_id",
+ "description": "`id` of the authenticator",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "`id` of the authenticator"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/ListAuthorizationServerKeys.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/ListAuthorizationServerKeys.json
new file mode 100644
index 000000000..4c912d51f
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/ListAuthorizationServerKeys.json
@@ -0,0 +1,105 @@
+{
+ "name": "ListAuthorizationServerKeys",
+ "fully_qualified_name": "OktaApi.ListAuthorizationServerKeys@0.1.0",
+ "description": "Lists keys for a custom authorization server.\n\nRetrieves all current, future, and expired keys for a specified custom authorization server. Use this tool to manage and review authorization keys.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "authorization_server_id",
+ "required": true,
+ "description": "ID of the Authorization Server whose keys are to be listed.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "`id` of the Authorization Server"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "authServerId"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'listAuthorizationServerKeys'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.authorizationServers.read"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/authorizationServers/{authServerId}/credentials/keys",
+ "http_method": "GET",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "authServerId",
+ "tool_parameter_name": "authorization_server_id",
+ "description": "`id` of the Authorization Server",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "`id` of the Authorization Server"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/ListAuthorizationServersByTrustedType.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/ListAuthorizationServersByTrustedType.json
new file mode 100644
index 000000000..f319b7f53
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/ListAuthorizationServersByTrustedType.json
@@ -0,0 +1,233 @@
+{
+ "name": "ListAuthorizationServersByTrustedType",
+ "fully_qualified_name": "OktaApi.ListAuthorizationServersByTrustedType@0.1.0",
+ "description": "List associated authorization servers by trusted type.\n\nUse this tool to retrieve all authorization servers associated with a specific trusted type for a given `authServerId`.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "authorization_server_id",
+ "required": true,
+ "description": "The unique ID of the Authorization Server to retrieve associated servers for.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "`id` of the Authorization Server"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "authServerId"
+ },
+ {
+ "name": "search_name_or_audience",
+ "required": false,
+ "description": "A string to search for the name or audience of associated authorization servers.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Searches for the name or audience of the associated authorization servers"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "q"
+ },
+ {
+ "name": "page_size",
+ "required": false,
+ "description": "Specifies the number of results to return per page.",
+ "value_schema": {
+ "val_type": "integer",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Specifies the number of results for a page"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "limit"
+ },
+ {
+ "name": "pagination_cursor",
+ "required": false,
+ "description": "Specifies the cursor for fetching the next page of authorization servers.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Specifies the pagination cursor for the next page of the associated authorization servers"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "after"
+ },
+ {
+ "name": "search_trusted_authorization_servers",
+ "required": false,
+ "description": "Set to `true` to search for trusted authorization servers, or `false` for untrusted ones.",
+ "value_schema": {
+ "val_type": "boolean",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Searches trusted authorization servers when `true` or searches untrusted authorization servers when `false`"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "trusted"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'listAssociatedServersByTrustedType'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.authorizationServers.read"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/authorizationServers/{authServerId}/associatedServers",
+ "http_method": "GET",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "trusted",
+ "tool_parameter_name": "search_trusted_authorization_servers",
+ "description": "Searches trusted authorization servers when `true` or searches untrusted authorization servers when `false`",
+ "value_schema": {
+ "val_type": "boolean",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Searches trusted authorization servers when `true` or searches untrusted authorization servers when `false`"
+ },
+ "accepted_as": "query",
+ "required": false,
+ "deprecated": false,
+ "documentation_urls": []
+ },
+ {
+ "name": "q",
+ "tool_parameter_name": "search_name_or_audience",
+ "description": "Searches for the name or audience of the associated authorization servers",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Searches for the name or audience of the associated authorization servers"
+ },
+ "accepted_as": "query",
+ "required": false,
+ "deprecated": false,
+ "documentation_urls": []
+ },
+ {
+ "name": "limit",
+ "tool_parameter_name": "page_size",
+ "description": "Specifies the number of results for a page",
+ "value_schema": {
+ "val_type": "integer",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Specifies the number of results for a page"
+ },
+ "accepted_as": "query",
+ "required": false,
+ "deprecated": false,
+ "documentation_urls": []
+ },
+ {
+ "name": "after",
+ "tool_parameter_name": "pagination_cursor",
+ "description": "Specifies the pagination cursor for the next page of the associated authorization servers",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Specifies the pagination cursor for the next page of the associated authorization servers"
+ },
+ "accepted_as": "query",
+ "required": false,
+ "deprecated": false,
+ "documentation_urls": []
+ },
+ {
+ "name": "authServerId",
+ "tool_parameter_name": "authorization_server_id",
+ "description": "`id` of the Authorization Server",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "`id` of the Authorization Server"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/ListBehaviorDetectionRules.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/ListBehaviorDetectionRules.json
new file mode 100644
index 000000000..69b1ae896
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/ListBehaviorDetectionRules.json
@@ -0,0 +1,71 @@
+{
+ "name": "ListBehaviorDetectionRules",
+ "fully_qualified_name": "OktaApi.ListBehaviorDetectionRules@0.1.0",
+ "description": "Retrieve all behavior detection rules with pagination.\n\nUse this tool to obtain a complete list of behavior detection rules from the Okta API. It supports pagination for handling large datasets.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": []
+ },
+ "output": {
+ "description": "Response from the API endpoint 'listBehaviorDetectionRules'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.behaviors.read"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/behaviors",
+ "http_method": "GET",
+ "headers": {},
+ "parameters": [],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/ListBlockedEmailDomains.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/ListBlockedEmailDomains.json
new file mode 100644
index 000000000..f3ae1eab3
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/ListBlockedEmailDomains.json
@@ -0,0 +1,71 @@
+{
+ "name": "ListBlockedEmailDomains",
+ "fully_qualified_name": "OktaApi.ListBlockedEmailDomains@0.1.0",
+ "description": "Retrieve blocked email domains for app migration exclusion.\n\nThis tool retrieves a list of all blocked email domains that are excluded from app migration. Useful for checking which domains are currently blocked for this purpose.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": []
+ },
+ "output": {
+ "description": "Response from the API endpoint 'listPersonalAppsExportBlockList'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.personal.adminSettings.read"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/okta-personal-settings/api/v1/export-blocklists",
+ "http_method": "GET",
+ "headers": {},
+ "parameters": [],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/ListBrandDomains.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/ListBrandDomains.json
new file mode 100644
index 000000000..61153ceb6
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/ListBrandDomains.json
@@ -0,0 +1,105 @@
+{
+ "name": "ListBrandDomains",
+ "fully_qualified_name": "OktaApi.ListBrandDomains@0.1.0",
+ "description": "Retrieve all domains linked to a specific brand.\n\nUse this tool to get a list of all domains associated with a particular brand identified by `brandId`.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "brand_id",
+ "required": true,
+ "description": "The unique ID used to identify the brand whose domains are to be listed.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "The ID of the brand"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "brandId"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'listBrandDomains'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.brands.read"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/brands/{brandId}/domains",
+ "http_method": "GET",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "brandId",
+ "tool_parameter_name": "brand_id",
+ "description": "The ID of the brand",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "The ID of the brand"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/ListBrandThemes.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/ListBrandThemes.json
new file mode 100644
index 000000000..f79f2c0b9
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/ListBrandThemes.json
@@ -0,0 +1,105 @@
+{
+ "name": "ListBrandThemes",
+ "fully_qualified_name": "OktaApi.ListBrandThemes@0.1.0",
+ "description": "Retrieve all themes for a specific brand.\n\nUse this tool to list all the themes associated with a brand in your organization. Note that currently, each organization supports only one theme.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "brand_id",
+ "required": true,
+ "description": "The ID of the brand for which to list themes. Required for identifying the brand.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "The ID of the brand"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "brandId"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'listBrandThemes'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.brands.read"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/brands/{brandId}/themes",
+ "http_method": "GET",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "brandId",
+ "tool_parameter_name": "brand_id",
+ "description": "The ID of the brand",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "The ID of the brand"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/ListCaptchaInstances.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/ListCaptchaInstances.json
new file mode 100644
index 000000000..bc1dba8ae
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/ListCaptchaInstances.json
@@ -0,0 +1,71 @@
+{
+ "name": "ListCaptchaInstances",
+ "fully_qualified_name": "OktaApi.ListCaptchaInstances@0.1.0",
+ "description": "Retrieve and list all CAPTCHA instances with filters.\n\nThis tool retrieves all CAPTCHA instances, supporting pagination and filtering to match specific criteria. Use it to obtain a comprehensive list of CAPTCHA instances available in the system.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": []
+ },
+ "output": {
+ "description": "Response from the API endpoint 'listCaptchaInstances'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.captchas.read"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/captchas",
+ "http_method": "GET",
+ "headers": {},
+ "parameters": [],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/ListCustomAaguids.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/ListCustomAaguids.json
new file mode 100644
index 000000000..25e19fe0c
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/ListCustomAaguids.json
@@ -0,0 +1,105 @@
+{
+ "name": "ListCustomAaguids",
+ "fully_qualified_name": "OktaApi.ListCustomAaguids@0.1.0",
+ "description": "Retrieve all custom AAGUIDs from the organization.\n\nThis tool retrieves all custom Authenticator Attestation Global Unique Identifiers (AAGUIDs) created by an admin in the organization. Use this tool to get a list of custom AAGUIDs associated with a specific authenticator ID.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "authenticator_id",
+ "required": true,
+ "description": "The unique identifier for the authenticator to list custom AAGUIDs for.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "`id` of the authenticator"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "authenticatorId"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'listAllCustomAAGUIDs'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.authenticators.read"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/authenticators/{authenticatorId}/aaguids",
+ "http_method": "GET",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "authenticatorId",
+ "tool_parameter_name": "authenticator_id",
+ "description": "`id` of the authenticator",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "`id` of the authenticator"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/ListCustomAuthorizationServers.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/ListCustomAuthorizationServers.json
new file mode 100644
index 000000000..4ca9133be
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/ListCustomAuthorizationServers.json
@@ -0,0 +1,169 @@
+{
+ "name": "ListCustomAuthorizationServers",
+ "fully_qualified_name": "OktaApi.ListCustomAuthorizationServers@0.1.0",
+ "description": "Retrieve all custom authorization servers for the organization.\n\nUse this tool to get a list of all custom authorization servers configured in the Okta organization. Useful for managing and reviewing authorization server configurations.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "search_query",
+ "required": false,
+ "description": "Search for matching values in the `name` and `audiences` of authorization servers.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Searches the `name` and `audiences` of authorization servers for matching values"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "q"
+ },
+ {
+ "name": "results_per_page",
+ "required": false,
+ "description": "The number of authorization server results to return per page. Maximum value is 200.",
+ "value_schema": {
+ "val_type": "integer",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Specifies the number of authorization server results on a page. Maximum value: 200"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "limit"
+ },
+ {
+ "name": "pagination_cursor",
+ "required": false,
+ "description": "Specifies the pagination cursor for the next page of authorization servers. Use the value obtained from the next link of the previous response.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Specifies the pagination cursor for the next page of authorization servers. Treat as an opaque value and obtain through the next link relationship."
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "after"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'listAuthorizationServers'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.authorizationServers.read"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/authorizationServers",
+ "http_method": "GET",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "q",
+ "tool_parameter_name": "search_query",
+ "description": "Searches the `name` and `audiences` of authorization servers for matching values",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Searches the `name` and `audiences` of authorization servers for matching values"
+ },
+ "accepted_as": "query",
+ "required": false,
+ "deprecated": false,
+ "documentation_urls": []
+ },
+ {
+ "name": "limit",
+ "tool_parameter_name": "results_per_page",
+ "description": "Specifies the number of authorization server results on a page. Maximum value: 200",
+ "value_schema": {
+ "val_type": "integer",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Specifies the number of authorization server results on a page. Maximum value: 200"
+ },
+ "accepted_as": "query",
+ "required": false,
+ "deprecated": false,
+ "documentation_urls": []
+ },
+ {
+ "name": "after",
+ "tool_parameter_name": "pagination_cursor",
+ "description": "Specifies the pagination cursor for the next page of authorization servers. Treat as an opaque value and obtain through the next link relationship.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Specifies the pagination cursor for the next page of authorization servers. Treat as an opaque value and obtain through the next link relationship."
+ },
+ "accepted_as": "query",
+ "required": false,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/ListCustomEmailServers.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/ListCustomEmailServers.json
new file mode 100644
index 000000000..c6148a01a
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/ListCustomEmailServers.json
@@ -0,0 +1,71 @@
+{
+ "name": "ListCustomEmailServers",
+ "fully_qualified_name": "OktaApi.ListCustomEmailServers@0.1.0",
+ "description": "Fetch all enrolled custom SMTP server configurations.\n\nUse this tool to retrieve all configured custom SMTP server settings from Okta.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": []
+ },
+ "output": {
+ "description": "Response from the API endpoint 'listEmailServers'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.emailServers.read"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/email-servers",
+ "http_method": "GET",
+ "headers": {},
+ "parameters": [],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/ListCustomOauth2Scopes.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/ListCustomOauth2Scopes.json
new file mode 100644
index 000000000..e60952777
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/ListCustomOauth2Scopes.json
@@ -0,0 +1,233 @@
+{
+ "name": "ListCustomOauth2Scopes",
+ "fully_qualified_name": "OktaApi.ListCustomOauth2Scopes@0.1.0",
+ "description": "Retrieve all custom OAuth2 token scopes.\n\nThis tool is used to list all custom OAuth2 token scopes for a specific authorization server identified by its ID. Call this tool when you need to access or display the custom scopes defined in an OAuth2 authorization server.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "authorization_server_id",
+ "required": true,
+ "description": "The ID of the Authorization Server to retrieve custom token scopes.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "`id` of the Authorization Server"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "authServerId"
+ },
+ {
+ "name": "query_custom_scope_name",
+ "required": false,
+ "description": "Search for custom token scopes by matching values in their names.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Searches the `name` of Custom Token Scopes for matching values"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "q"
+ },
+ {
+ "name": "custom_token_scopes_filter",
+ "required": false,
+ "description": "Filter the list of custom token scopes using a specific expression.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Filter expression for Custom Token Scopes"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "filter"
+ },
+ {
+ "name": "pagination_cursor_next_page",
+ "required": false,
+ "description": "Specify the pagination cursor for fetching the next page of scopes. Use the cursor from the next link as an opaque value.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Specifies the pagination cursor for the next page of scopes.\nTreat the after cursor as an opaque value and obtain it through the next link relationship. See [Pagination](https://developer.okta.com/docs/api/#pagination)."
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "after"
+ },
+ {
+ "name": "results_per_page",
+ "required": false,
+ "description": "Specifies the number of OAuth2 scopes to return per page. Handles pagination automatically.",
+ "value_schema": {
+ "val_type": "integer",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Specifies the number of objects to return per page.\nIf there are multiple pages of results, the Link header contains a `next` link that you need to use as an opaque value (follow it, don't parse it). See [Pagination](https://developer.okta.com/docs/api/#pagination)."
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "limit"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'listOAuth2Scopes'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.authorizationServers.read"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/authorizationServers/{authServerId}/scopes",
+ "http_method": "GET",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "q",
+ "tool_parameter_name": "query_custom_scope_name",
+ "description": "Searches the `name` of Custom Token Scopes for matching values",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Searches the `name` of Custom Token Scopes for matching values"
+ },
+ "accepted_as": "query",
+ "required": false,
+ "deprecated": false,
+ "documentation_urls": []
+ },
+ {
+ "name": "filter",
+ "tool_parameter_name": "custom_token_scopes_filter",
+ "description": "Filter expression for Custom Token Scopes",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Filter expression for Custom Token Scopes"
+ },
+ "accepted_as": "query",
+ "required": false,
+ "deprecated": false,
+ "documentation_urls": []
+ },
+ {
+ "name": "after",
+ "tool_parameter_name": "pagination_cursor_next_page",
+ "description": "Specifies the pagination cursor for the next page of scopes.\nTreat the after cursor as an opaque value and obtain it through the next link relationship. See [Pagination](https://developer.okta.com/docs/api/#pagination).",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Specifies the pagination cursor for the next page of scopes.\nTreat the after cursor as an opaque value and obtain it through the next link relationship. See [Pagination](https://developer.okta.com/docs/api/#pagination)."
+ },
+ "accepted_as": "query",
+ "required": false,
+ "deprecated": false,
+ "documentation_urls": []
+ },
+ {
+ "name": "limit",
+ "tool_parameter_name": "results_per_page",
+ "description": "Specifies the number of objects to return per page.\nIf there are multiple pages of results, the Link header contains a `next` link that you need to use as an opaque value (follow it, don't parse it). See [Pagination](https://developer.okta.com/docs/api/#pagination).",
+ "value_schema": {
+ "val_type": "integer",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Specifies the number of objects to return per page.\nIf there are multiple pages of results, the Link header contains a `next` link that you need to use as an opaque value (follow it, don't parse it). See [Pagination](https://developer.okta.com/docs/api/#pagination)."
+ },
+ "accepted_as": "query",
+ "required": false,
+ "deprecated": false,
+ "documentation_urls": []
+ },
+ {
+ "name": "authServerId",
+ "tool_parameter_name": "authorization_server_id",
+ "description": "`id` of the Authorization Server",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "`id` of the Authorization Server"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/ListCustomRolePermissions.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/ListCustomRolePermissions.json
new file mode 100644
index 000000000..847603e8f
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/ListCustomRolePermissions.json
@@ -0,0 +1,105 @@
+{
+ "name": "ListCustomRolePermissions",
+ "fully_qualified_name": "OktaApi.ListCustomRolePermissions@0.1.0",
+ "description": "Retrieve permissions for a specified custom role.\n\nUse this tool to list all permissions associated with a specific custom role in Okta by providing the role ID or label.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "role_identifier",
+ "required": true,
+ "description": "The ID or label of the custom role to retrieve permissions for.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "`id` or `label` of the role"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "roleIdOrLabel"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'listRolePermissions'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.roles.read"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/iam/roles/{roleIdOrLabel}/permissions",
+ "http_method": "GET",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "roleIdOrLabel",
+ "tool_parameter_name": "role_identifier",
+ "description": "`id` or `label` of the role",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "`id` or `label` of the role"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/ListCustomRoles.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/ListCustomRoles.json
new file mode 100644
index 000000000..8f91c8eeb
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/ListCustomRoles.json
@@ -0,0 +1,105 @@
+{
+ "name": "ListCustomRoles",
+ "fully_qualified_name": "OktaApi.ListCustomRoles@0.1.0",
+ "description": "Retrieve a paginated list of all custom roles.\n\nUse this tool to fetch and view all custom roles available in the system, with support for pagination to manage large sets of data.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "pagination_cursor",
+ "required": false,
+ "description": "The cursor for pagination, an opaque string indicating your current location in the list. Obtained from the `Link` response header.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "The cursor to use for pagination. It is an opaque string that specifies your current location in the list and is obtained from the `Link` response header. See [Pagination](https://developer.okta.com/docs/api/#pagination)."
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "after"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'listRoles'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.roles.read"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/iam/roles",
+ "http_method": "GET",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "after",
+ "tool_parameter_name": "pagination_cursor",
+ "description": "The cursor to use for pagination. It is an opaque string that specifies your current location in the list and is obtained from the `Link` response header. See [Pagination](https://developer.okta.com/docs/api/#pagination).",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "The cursor to use for pagination. It is an opaque string that specifies your current location in the list and is obtained from the `Link` response header. See [Pagination](https://developer.okta.com/docs/api/#pagination)."
+ },
+ "accepted_as": "query",
+ "required": false,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/ListDefaultDevicePostureChecks.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/ListDefaultDevicePostureChecks.json
new file mode 100644
index 000000000..a7c73605e
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/ListDefaultDevicePostureChecks.json
@@ -0,0 +1,71 @@
+{
+ "name": "ListDefaultDevicePostureChecks",
+ "fully_qualified_name": "OktaApi.ListDefaultDevicePostureChecks@0.1.0",
+ "description": "Retrieve all default device posture checks from Okta.\n\nThis tool should be called to get a list of all default device posture checks defined by Okta. These posture checks are predefined and their type is always `BUILTIN`.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": []
+ },
+ "output": {
+ "description": "Response from the API endpoint 'listDefaultDevicePostureChecks'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.devicePostureChecks.read"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/device-posture-checks/default",
+ "http_method": "GET",
+ "headers": {},
+ "parameters": [],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/ListDeviceAssurancePolicies.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/ListDeviceAssurancePolicies.json
new file mode 100644
index 000000000..c4bb1c00f
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/ListDeviceAssurancePolicies.json
@@ -0,0 +1,71 @@
+{
+ "name": "ListDeviceAssurancePolicies",
+ "fully_qualified_name": "OktaApi.ListDeviceAssurancePolicies@0.1.0",
+ "description": "Retrieve all device assurance policies from Okta.\n\nUse this tool to get an overview of all device assurance policies available in Okta, which can help in managing and securing devices.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": []
+ },
+ "output": {
+ "description": "Response from the API endpoint 'listDeviceAssurancePolicies'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.deviceAssurance.read"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/device-assurances",
+ "http_method": "GET",
+ "headers": {},
+ "parameters": [],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/ListDeviceIntegrations.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/ListDeviceIntegrations.json
new file mode 100644
index 000000000..5547b71a7
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/ListDeviceIntegrations.json
@@ -0,0 +1,71 @@
+{
+ "name": "ListDeviceIntegrations",
+ "fully_qualified_name": "OktaApi.ListDeviceIntegrations@0.1.0",
+ "description": "Retrieve all device integrations for your organization.\n\nUse this tool to list all the device integrations configured for your organization, such as Device Posture Provider, Windows Security Center, Chrome Device Trust, OSQuery, and Android Device Trust.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": []
+ },
+ "output": {
+ "description": "Response from the API endpoint 'listDeviceIntegrations'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.deviceIntegrations.read"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/device-integrations",
+ "http_method": "GET",
+ "headers": {},
+ "parameters": [],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/ListDevicePostureChecks.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/ListDevicePostureChecks.json
new file mode 100644
index 000000000..da7ced9bb
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/ListDevicePostureChecks.json
@@ -0,0 +1,71 @@
+{
+ "name": "ListDevicePostureChecks",
+ "fully_qualified_name": "OktaApi.ListDevicePostureChecks@0.1.0",
+ "description": "Lists all device posture checks from Okta.\n\nUse this tool to retrieve details of all device posture checks registered in Okta. This information is useful for security assessments and compliance monitoring within an organization.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": []
+ },
+ "output": {
+ "description": "Response from the API endpoint 'listDevicePostureChecks'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.devicePostureChecks.read"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/device-posture-checks",
+ "http_method": "GET",
+ "headers": {},
+ "parameters": [],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/ListDeviceUsers.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/ListDeviceUsers.json
new file mode 100644
index 000000000..b45bb34ac
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/ListDeviceUsers.json
@@ -0,0 +1,105 @@
+{
+ "name": "ListDeviceUsers",
+ "fully_qualified_name": "OktaApi.ListDeviceUsers@0.1.0",
+ "description": "Retrieve all users for a specific device by device ID.\n\nUse this tool to get a list of users associated with a particular device, identified by its device ID. Call this tool when you need to find out which users have associated accounts with a specific device.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "device_id",
+ "required": true,
+ "description": "The ID of the device to fetch users for. This should match the device's unique identifier in the system.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "`id` of the device"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "deviceId"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'listDeviceUsers'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.devices.read"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/devices/{deviceId}/users",
+ "http_method": "GET",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "deviceId",
+ "tool_parameter_name": "device_id",
+ "description": "`id` of the device",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "`id` of the device"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/ListEmailCustomizations.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/ListEmailCustomizations.json
new file mode 100644
index 000000000..de8068c59
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/ListEmailCustomizations.json
@@ -0,0 +1,201 @@
+{
+ "name": "ListEmailCustomizations",
+ "fully_qualified_name": "OktaApi.ListEmailCustomizations@0.1.0",
+ "description": "Retrieve all customizations for an email template.\n\nUse this tool to list all available customizations of a specific email template. If custom languages are enabled, it retrieves customizations for those languages as well. Ideal for managing template variations.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "brand_id",
+ "required": true,
+ "description": "The unique identifier for the brand whose email template customizations are to be retrieved.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "The ID of the brand"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "brandId"
+ },
+ {
+ "name": "email_template_name",
+ "required": true,
+ "description": "The name of the email template to retrieve customizations for.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "The name of the email template"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "templateName"
+ },
+ {
+ "name": "pagination_cursor",
+ "required": false,
+ "description": "The cursor string for pagination, used to specify the current list position. Obtain this from the 'Link' response header.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "The cursor to use for pagination. It is an opaque string that specifies your current location in the list and is obtained from the `Link` response header. See [Pagination](https://developer.okta.com/docs/api/#pagination)."
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "after"
+ },
+ {
+ "name": "result_limit",
+ "required": false,
+ "description": "An integer specifying the maximum number of email template customizations to return.",
+ "value_schema": {
+ "val_type": "integer",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "A limit on the number of objects to return"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "limit"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'listEmailCustomizations'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.templates.read"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/brands/{brandId}/templates/email/{templateName}/customizations",
+ "http_method": "GET",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "after",
+ "tool_parameter_name": "pagination_cursor",
+ "description": "The cursor to use for pagination. It is an opaque string that specifies your current location in the list and is obtained from the `Link` response header. See [Pagination](https://developer.okta.com/docs/api/#pagination).",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "The cursor to use for pagination. It is an opaque string that specifies your current location in the list and is obtained from the `Link` response header. See [Pagination](https://developer.okta.com/docs/api/#pagination)."
+ },
+ "accepted_as": "query",
+ "required": false,
+ "deprecated": false,
+ "documentation_urls": []
+ },
+ {
+ "name": "limit",
+ "tool_parameter_name": "result_limit",
+ "description": "A limit on the number of objects to return",
+ "value_schema": {
+ "val_type": "integer",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "A limit on the number of objects to return"
+ },
+ "accepted_as": "query",
+ "required": false,
+ "deprecated": false,
+ "documentation_urls": []
+ },
+ {
+ "name": "brandId",
+ "tool_parameter_name": "brand_id",
+ "description": "The ID of the brand",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "The ID of the brand"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ },
+ {
+ "name": "templateName",
+ "tool_parameter_name": "email_template_name",
+ "description": "The name of the email template",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "The name of the email template"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/ListEmailDomains.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/ListEmailDomains.json
new file mode 100644
index 000000000..b37077082
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/ListEmailDomains.json
@@ -0,0 +1,105 @@
+{
+ "name": "ListEmailDomains",
+ "fully_qualified_name": "OktaApi.ListEmailDomains@0.1.0",
+ "description": "Lists all email domains in your organization.\n\nThis tool retrieves all the email domains configured within your organization. It should be called when you need to view or manage the existing email domains.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "include_metadata",
+ "required": false,
+ "description": "A list of metadata fields to include in the response. Each entry is a string specifying a field name.",
+ "value_schema": {
+ "val_type": "array",
+ "inner_val_type": "string",
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Specifies additional metadata to be included in the response"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "expand"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'listEmailDomains'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.emailDomains.read"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/email-domains",
+ "http_method": "GET",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "expand",
+ "tool_parameter_name": "include_metadata",
+ "description": "Specifies additional metadata to be included in the response",
+ "value_schema": {
+ "val_type": "array",
+ "inner_val_type": "string",
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Specifies additional metadata to be included in the response"
+ },
+ "accepted_as": "query",
+ "required": false,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/ListEmailTemplates.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/ListEmailTemplates.json
new file mode 100644
index 000000000..bdea209c9
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/ListEmailTemplates.json
@@ -0,0 +1,201 @@
+{
+ "name": "ListEmailTemplates",
+ "fully_qualified_name": "OktaApi.ListEmailTemplates@0.1.0",
+ "description": "Lists all supported email templates for a brand.\n\nUse this tool to retrieve all supported email templates for a specified brand in Okta. It is helpful when you need to review or manage the email templates available for customization.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "brand_id",
+ "required": true,
+ "description": "The unique identifier of the brand for which to list email templates.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "The ID of the brand"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "brandId"
+ },
+ {
+ "name": "pagination_cursor",
+ "required": false,
+ "description": "The cursor used for pagination, obtained from the response header, to continue from the current position in the list.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "The cursor to use for pagination. It is an opaque string that specifies your current location in the list and is obtained from the `Link` response header. See [Pagination](https://developer.okta.com/docs/api/#pagination)."
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "after"
+ },
+ {
+ "name": "result_limit",
+ "required": false,
+ "description": "The maximum number of email templates to return.",
+ "value_schema": {
+ "val_type": "integer",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "A limit on the number of objects to return"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "limit"
+ },
+ {
+ "name": "include_additional_metadata",
+ "required": false,
+ "description": "Array of strings specifying additional metadata to include in the response.",
+ "value_schema": {
+ "val_type": "array",
+ "inner_val_type": "string",
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Specifies additional metadata to be included in the response"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "expand"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'listEmailTemplates'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.templates.read"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/brands/{brandId}/templates/email",
+ "http_method": "GET",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "after",
+ "tool_parameter_name": "pagination_cursor",
+ "description": "The cursor to use for pagination. It is an opaque string that specifies your current location in the list and is obtained from the `Link` response header. See [Pagination](https://developer.okta.com/docs/api/#pagination).",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "The cursor to use for pagination. It is an opaque string that specifies your current location in the list and is obtained from the `Link` response header. See [Pagination](https://developer.okta.com/docs/api/#pagination)."
+ },
+ "accepted_as": "query",
+ "required": false,
+ "deprecated": false,
+ "documentation_urls": []
+ },
+ {
+ "name": "limit",
+ "tool_parameter_name": "result_limit",
+ "description": "A limit on the number of objects to return",
+ "value_schema": {
+ "val_type": "integer",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "A limit on the number of objects to return"
+ },
+ "accepted_as": "query",
+ "required": false,
+ "deprecated": false,
+ "documentation_urls": []
+ },
+ {
+ "name": "expand",
+ "tool_parameter_name": "include_additional_metadata",
+ "description": "Specifies additional metadata to be included in the response",
+ "value_schema": {
+ "val_type": "array",
+ "inner_val_type": "string",
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Specifies additional metadata to be included in the response"
+ },
+ "accepted_as": "query",
+ "required": false,
+ "deprecated": false,
+ "documentation_urls": []
+ },
+ {
+ "name": "brandId",
+ "tool_parameter_name": "brand_id",
+ "description": "The ID of the brand",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "The ID of the brand"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/ListEntitlementValues.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/ListEntitlementValues.json
new file mode 100644
index 000000000..ddf407ecf
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/ListEntitlementValues.json
@@ -0,0 +1,201 @@
+{
+ "name": "ListEntitlementValues",
+ "fully_qualified_name": "OktaApi.ListEntitlementValues@0.1.0",
+ "description": "Retrieve entitlement values for a specified bundle.\n\nUse this tool to get all entitlement values linked to a particular bundle entitlement. It is useful for accessing detailed governance information.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "bundle_id",
+ "required": true,
+ "description": "The ID of the bundle to retrieve entitlement values for. This is required to specify which bundle you are querying.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "The `id` of a bundle"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "bundleId"
+ },
+ {
+ "name": "bundle_entitlement_id",
+ "required": true,
+ "description": "The ID of the bundle entitlement for which to retrieve entitlement values.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "The `id` of a bundle entitlement"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "entitlementId"
+ },
+ {
+ "name": "pagination_cursor",
+ "required": false,
+ "description": "The cursor for pagination, indicating your current position in the list. Obtainable from the `Link` response header.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "The cursor to use for pagination. It is an opaque string that specifies your current location in the list and is obtained from the `Link` response header. See [Pagination](https://developer.okta.com/docs/api/#pagination)."
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "after"
+ },
+ {
+ "name": "max_results_to_return",
+ "required": false,
+ "description": "Sets the maximum number of entitlement values to return in the response. Use to limit the returned data size.",
+ "value_schema": {
+ "val_type": "integer",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "A limit on the number of objects to return"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "limit"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'listBundleEntitlementValues'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.roles.read"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/iam/governance/bundles/{bundleId}/entitlements/{entitlementId}/values",
+ "http_method": "GET",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "after",
+ "tool_parameter_name": "pagination_cursor",
+ "description": "The cursor to use for pagination. It is an opaque string that specifies your current location in the list and is obtained from the `Link` response header. See [Pagination](https://developer.okta.com/docs/api/#pagination).",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "The cursor to use for pagination. It is an opaque string that specifies your current location in the list and is obtained from the `Link` response header. See [Pagination](https://developer.okta.com/docs/api/#pagination)."
+ },
+ "accepted_as": "query",
+ "required": false,
+ "deprecated": false,
+ "documentation_urls": []
+ },
+ {
+ "name": "limit",
+ "tool_parameter_name": "max_results_to_return",
+ "description": "A limit on the number of objects to return",
+ "value_schema": {
+ "val_type": "integer",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "A limit on the number of objects to return"
+ },
+ "accepted_as": "query",
+ "required": false,
+ "deprecated": false,
+ "documentation_urls": []
+ },
+ {
+ "name": "bundleId",
+ "tool_parameter_name": "bundle_id",
+ "description": "The `id` of a bundle",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "The `id` of a bundle"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ },
+ {
+ "name": "entitlementId",
+ "tool_parameter_name": "bundle_entitlement_id",
+ "description": "The `id` of a bundle entitlement",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "The `id` of a bundle entitlement"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/ListEventHooks.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/ListEventHooks.json
new file mode 100644
index 000000000..070679087
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/ListEventHooks.json
@@ -0,0 +1,71 @@
+{
+ "name": "ListEventHooks",
+ "fully_qualified_name": "OktaApi.ListEventHooks@0.1.0",
+ "description": "Retrieve all event hooks from the Okta API.\n\nUse this tool to get a list of all event hooks configured in Okta. It should be called when you need to audit, review, or manage event hooks in your Okta setup.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": []
+ },
+ "output": {
+ "description": "Response from the API endpoint 'listEventHooks'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.eventHooks.read"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/eventHooks",
+ "http_method": "GET",
+ "headers": {},
+ "parameters": [],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/ListFeatureDependencies.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/ListFeatureDependencies.json
new file mode 100644
index 000000000..d97cfdf87
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/ListFeatureDependencies.json
@@ -0,0 +1,105 @@
+{
+ "name": "ListFeatureDependencies",
+ "fully_qualified_name": "OktaApi.ListFeatureDependencies@0.1.0",
+ "description": "Retrieve dependencies for a specific feature.\n\nUse this tool to get a list of all features required to enable a specified feature. Ideal for understanding prerequisite features.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "feature_id",
+ "required": true,
+ "description": "The unique identifier of the feature for which you want to list dependencies.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "`id` of the feature"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "featureId"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'listFeatureDependencies'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.features.read"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/features/{featureId}/dependencies",
+ "http_method": "GET",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "featureId",
+ "tool_parameter_name": "feature_id",
+ "description": "`id` of the feature",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "`id` of the feature"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/ListFeatureDependents.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/ListFeatureDependents.json
new file mode 100644
index 000000000..2418be1d5
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/ListFeatureDependents.json
@@ -0,0 +1,105 @@
+{
+ "name": "ListFeatureDependents",
+ "fully_qualified_name": "OktaApi.ListFeatureDependents@0.1.0",
+ "description": "Lists all feature dependents for a specified feature.\n\nThis tool retrieves a list of features that must be disabled for the specified feature to be disabled. It is useful for understanding dependencies between features.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "feature_id",
+ "required": true,
+ "description": "The unique identifier for the feature to check dependencies for. This should be a string representing the feature's ID.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "`id` of the feature"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "featureId"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'listFeatureDependents'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.features.read"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/features/{featureId}/dependents",
+ "http_method": "GET",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "featureId",
+ "tool_parameter_name": "feature_id",
+ "description": "`id` of the feature",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "`id` of the feature"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/ListFederatedClaims.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/ListFederatedClaims.json
new file mode 100644
index 000000000..3322418f8
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/ListFederatedClaims.json
@@ -0,0 +1,105 @@
+{
+ "name": "ListFederatedClaims",
+ "fully_qualified_name": "OktaApi.ListFederatedClaims@0.1.0",
+ "description": "Retrieve all federated claims for a specified app.\n\nThis tool retrieves all federated claims associated with a specific app. It should be called when you need to list or review federated claims for application management or auditing purposes.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "application_id",
+ "required": true,
+ "description": "The ID of the application for which to list federated claims.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Application ID"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "appId"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'listFederatedClaims'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.apps.read"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/apps/{appId}/federated-claims",
+ "http_method": "GET",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "appId",
+ "tool_parameter_name": "application_id",
+ "description": "Application ID",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Application ID"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/ListGovernanceBundleEntitlements.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/ListGovernanceBundleEntitlements.json
new file mode 100644
index 000000000..ee407ec53
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/ListGovernanceBundleEntitlements.json
@@ -0,0 +1,169 @@
+{
+ "name": "ListGovernanceBundleEntitlements",
+ "fully_qualified_name": "OktaApi.ListGovernanceBundleEntitlements@0.1.0",
+ "description": "Retrieve entitlements for a specific governance bundle.\n\nUse this tool to obtain a list of all entitlements associated with a specific governance bundle in Okta. It is useful when you need to review or manage the entitlements tied to a particular bundle.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "bundle_id",
+ "required": true,
+ "description": "The ID of the governance bundle whose entitlements you want to list.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "The `id` of a bundle"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "bundleId"
+ },
+ {
+ "name": "pagination_cursor",
+ "required": false,
+ "description": "The opaque cursor string for pagination, indicating the current position in the list. Obtainable from the `Link` response header.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "The cursor to use for pagination. It is an opaque string that specifies your current location in the list and is obtained from the `Link` response header. See [Pagination](https://developer.okta.com/docs/api/#pagination)."
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "after"
+ },
+ {
+ "name": "max_objects_to_return",
+ "required": false,
+ "description": "Specifies the maximum number of entitlements to return in the response. Use to limit the results.",
+ "value_schema": {
+ "val_type": "integer",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "A limit on the number of objects to return"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "limit"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'listBundleEntitlements'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.roles.read"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/iam/governance/bundles/{bundleId}/entitlements",
+ "http_method": "GET",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "after",
+ "tool_parameter_name": "pagination_cursor",
+ "description": "The cursor to use for pagination. It is an opaque string that specifies your current location in the list and is obtained from the `Link` response header. See [Pagination](https://developer.okta.com/docs/api/#pagination).",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "The cursor to use for pagination. It is an opaque string that specifies your current location in the list and is obtained from the `Link` response header. See [Pagination](https://developer.okta.com/docs/api/#pagination)."
+ },
+ "accepted_as": "query",
+ "required": false,
+ "deprecated": false,
+ "documentation_urls": []
+ },
+ {
+ "name": "limit",
+ "tool_parameter_name": "max_objects_to_return",
+ "description": "A limit on the number of objects to return",
+ "value_schema": {
+ "val_type": "integer",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "A limit on the number of objects to return"
+ },
+ "accepted_as": "query",
+ "required": false,
+ "deprecated": false,
+ "documentation_urls": []
+ },
+ {
+ "name": "bundleId",
+ "tool_parameter_name": "bundle_id",
+ "description": "The `id` of a bundle",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "The `id` of a bundle"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/ListGovernanceBundles.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/ListGovernanceBundles.json
new file mode 100644
index 000000000..3c80e00d8
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/ListGovernanceBundles.json
@@ -0,0 +1,137 @@
+{
+ "name": "ListGovernanceBundles",
+ "fully_qualified_name": "OktaApi.ListGovernanceBundles@0.1.0",
+ "description": "Retrieve all Governance Bundles for your organization's Admin Console.\n\nUse this tool to access a list of all Governance Bundles available in your organization's Admin Console. This is useful for administrators who need to manage or review available governance resources.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "pagination_cursor",
+ "required": false,
+ "description": "The cursor string for pagination, obtained from the `Link` response header, to specify the current location in the list.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "The cursor to use for pagination. It is an opaque string that specifies your current location in the list and is obtained from the `Link` response header. See [Pagination](https://developer.okta.com/docs/api/#pagination)."
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "after"
+ },
+ {
+ "name": "object_limit",
+ "required": false,
+ "description": "Specify the maximum number of governance bundles to return. This helps in controlling the size of the response.",
+ "value_schema": {
+ "val_type": "integer",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "A limit on the number of objects to return"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "limit"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'listGovernanceBundles'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.roles.read"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/iam/governance/bundles",
+ "http_method": "GET",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "after",
+ "tool_parameter_name": "pagination_cursor",
+ "description": "The cursor to use for pagination. It is an opaque string that specifies your current location in the list and is obtained from the `Link` response header. See [Pagination](https://developer.okta.com/docs/api/#pagination).",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "The cursor to use for pagination. It is an opaque string that specifies your current location in the list and is obtained from the `Link` response header. See [Pagination](https://developer.okta.com/docs/api/#pagination)."
+ },
+ "accepted_as": "query",
+ "required": false,
+ "deprecated": false,
+ "documentation_urls": []
+ },
+ {
+ "name": "limit",
+ "tool_parameter_name": "object_limit",
+ "description": "A limit on the number of objects to return",
+ "value_schema": {
+ "val_type": "integer",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "A limit on the number of objects to return"
+ },
+ "accepted_as": "query",
+ "required": false,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/ListGroupAssignedApps.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/ListGroupAssignedApps.json
new file mode 100644
index 000000000..9865bce59
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/ListGroupAssignedApps.json
@@ -0,0 +1,169 @@
+{
+ "name": "ListGroupAssignedApps",
+ "fully_qualified_name": "OktaApi.ListGroupAssignedApps@0.1.0",
+ "description": "Retrieve all applications assigned to a specific group in Okta.\n\nUse this tool to get a list of all the applications that have been assigned to a particular group in Okta. Useful for managing group access and permissions.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "group_id",
+ "required": true,
+ "description": "The unique identifier for the group. Used to fetch the assigned applications.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "The `id` of the group"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "groupId"
+ },
+ {
+ "name": "pagination_cursor_next_page",
+ "required": false,
+ "description": "The pagination cursor that indicates the starting point for the next page of app results. Use this to navigate through multiple pages of app data.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Specifies the pagination cursor for the next page of apps"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "after"
+ },
+ {
+ "name": "page_result_limit",
+ "required": false,
+ "description": "The number of application results to return per page.",
+ "value_schema": {
+ "val_type": "integer",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Specifies the number of app results for a page"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "limit"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'listAssignedApplicationsForGroup'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.groups.read"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/groups/{groupId}/apps",
+ "http_method": "GET",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "after",
+ "tool_parameter_name": "pagination_cursor_next_page",
+ "description": "Specifies the pagination cursor for the next page of apps",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Specifies the pagination cursor for the next page of apps"
+ },
+ "accepted_as": "query",
+ "required": false,
+ "deprecated": false,
+ "documentation_urls": []
+ },
+ {
+ "name": "limit",
+ "tool_parameter_name": "page_result_limit",
+ "description": "Specifies the number of app results for a page",
+ "value_schema": {
+ "val_type": "integer",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Specifies the number of app results for a page"
+ },
+ "accepted_as": "query",
+ "required": false,
+ "deprecated": false,
+ "documentation_urls": []
+ },
+ {
+ "name": "groupId",
+ "tool_parameter_name": "group_id",
+ "description": "The `id` of the group",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "The `id` of the group"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/ListGroupAssignedRoles.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/ListGroupAssignedRoles.json
new file mode 100644
index 000000000..2e7623ecd
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/ListGroupAssignedRoles.json
@@ -0,0 +1,137 @@
+{
+ "name": "ListGroupAssignedRoles",
+ "fully_qualified_name": "OktaApi.ListGroupAssignedRoles@0.1.0",
+ "description": "Retrieves all roles assigned to a specific group.\n\nUse this tool to get a list of all roles assigned to a group by providing the group's ID.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "group_id",
+ "required": true,
+ "description": "The unique identifier for the group whose roles are being retrieved. This ID is required to list the assigned roles for the group.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "The `id` of the group"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "groupId"
+ },
+ {
+ "name": "expand_targets",
+ "required": false,
+ "description": "Optional parameter to specify targets configured for standard role assignment. Supported values: 'targets/groups' or 'targets/catalog/apps'.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "An optional parameter used to return targets configured for the standard role assignment in the `embedded` property. Supported values: `targets/groups` or `targets/catalog/apps`"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "expand"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'listGroupAssignedRoles'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.roles.read"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/groups/{groupId}/roles",
+ "http_method": "GET",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "expand",
+ "tool_parameter_name": "expand_targets",
+ "description": "An optional parameter used to return targets configured for the standard role assignment in the `embedded` property. Supported values: `targets/groups` or `targets/catalog/apps`",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "An optional parameter used to return targets configured for the standard role assignment in the `embedded` property. Supported values: `targets/groups` or `targets/catalog/apps`"
+ },
+ "accepted_as": "query",
+ "required": false,
+ "deprecated": false,
+ "documentation_urls": []
+ },
+ {
+ "name": "groupId",
+ "tool_parameter_name": "group_id",
+ "description": "The `id` of the group",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "The `id` of the group"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/ListGroupOwners.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/ListGroupOwners.json
new file mode 100644
index 000000000..58a84c0ca
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/ListGroupOwners.json
@@ -0,0 +1,201 @@
+{
+ "name": "ListGroupOwners",
+ "fully_qualified_name": "OktaApi.ListGroupOwners@0.1.0",
+ "description": "Retrieve owners for a specific group in Okta.\n\nUse this tool to obtain a list of all owners for a specified group using the group ID in Okta.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "group_id",
+ "required": true,
+ "description": "The unique identifier of the group whose owners you want to list.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "The `id` of the group"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "groupId"
+ },
+ {
+ "name": "scim_filter_expression",
+ "required": false,
+ "description": "SCIM filter expression to filter group owners by type in Okta.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "SCIM filter expression for group owners. Allows you to filter owners by type."
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "search"
+ },
+ {
+ "name": "pagination_cursor",
+ "required": false,
+ "description": "Pagination cursor for fetching the next page of group owners.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Specifies the pagination cursor for the next page of owners"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "after"
+ },
+ {
+ "name": "owner_results_per_page",
+ "required": false,
+ "description": "Specifies the number of owner results to return per page.",
+ "value_schema": {
+ "val_type": "integer",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Specifies the number of owner results in a page"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "limit"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'listGroupOwners'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.groups.read"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/groups/{groupId}/owners",
+ "http_method": "GET",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "search",
+ "tool_parameter_name": "scim_filter_expression",
+ "description": "SCIM filter expression for group owners. Allows you to filter owners by type.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "SCIM filter expression for group owners. Allows you to filter owners by type."
+ },
+ "accepted_as": "query",
+ "required": false,
+ "deprecated": false,
+ "documentation_urls": []
+ },
+ {
+ "name": "after",
+ "tool_parameter_name": "pagination_cursor",
+ "description": "Specifies the pagination cursor for the next page of owners",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Specifies the pagination cursor for the next page of owners"
+ },
+ "accepted_as": "query",
+ "required": false,
+ "deprecated": false,
+ "documentation_urls": []
+ },
+ {
+ "name": "limit",
+ "tool_parameter_name": "owner_results_per_page",
+ "description": "Specifies the number of owner results in a page",
+ "value_schema": {
+ "val_type": "integer",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Specifies the number of owner results in a page"
+ },
+ "accepted_as": "query",
+ "required": false,
+ "deprecated": false,
+ "documentation_urls": []
+ },
+ {
+ "name": "groupId",
+ "tool_parameter_name": "group_id",
+ "description": "The `id` of the group",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "The `id` of the group"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/ListGroupPushMappings.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/ListGroupPushMappings.json
new file mode 100644
index 000000000..137897efc
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/ListGroupPushMappings.json
@@ -0,0 +1,274 @@
+{
+ "name": "ListGroupPushMappings",
+ "fully_qualified_name": "OktaApi.ListGroupPushMappings@0.1.0",
+ "description": "Retrieve a list of group push mappings for a specific app.\n\nThis tool is used to list all group push mappings for a specific app, identified by the app ID, with support for pagination if there are many mappings.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "application_id",
+ "required": true,
+ "description": "The ID of the application to filter group push mappings for.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Application ID"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "appId"
+ },
+ {
+ "name": "pagination_cursor",
+ "required": false,
+ "description": "Specifies the pagination cursor for retrieving the next page of group push mappings.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Specifies the pagination cursor for the next page of mappings"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "after"
+ },
+ {
+ "name": "results_limit",
+ "required": false,
+ "description": "Specifies the number of group push mappings to return in the response. Useful for pagination to limit the number of items retrieved per request.",
+ "value_schema": {
+ "val_type": "integer",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Specifies the number of results returned"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "limit"
+ },
+ {
+ "name": "filter_by_last_updated_date",
+ "required": false,
+ "description": "Filters mappings updated on or after the specified date and time in UTC. Use `YYYY-MM-DDTHH:mm:ssZ` format.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Filters group push mappings by last updated date. The `lastUpdated` parameter supports the following format: `YYYY-MM-DDTHH:mm:ssZ`. This filters mappings updated on or after the specified date and time in UTC.\n\nIf you don't specify a value, all group push mappings are returned."
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "lastUpdated"
+ },
+ {
+ "name": "source_group_id",
+ "required": false,
+ "description": "Filters group push mappings by source group ID. When omitted, returns all mappings.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Filters group push mappings by source group ID. If you don't specify a value, all group push mappings are returned."
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "sourceGroupId"
+ },
+ {
+ "name": "filter_by_status",
+ "required": false,
+ "description": "Filters group push mappings by status. Valid options include 'ACTIVE', 'ERROR', 'INACTIVE'. If omitted, all statuses are included.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": [
+ "ACTIVE",
+ "ERROR",
+ "INACTIVE"
+ ],
+ "properties": null,
+ "inner_properties": null,
+ "description": "Filters group push mappings by status. If you don't specify a value, all group push mappings are returned."
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "status"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'listGroupPushMappings'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.groups.read",
+ "okta.apps.read"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/apps/{appId}/group-push/mappings",
+ "http_method": "GET",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "after",
+ "tool_parameter_name": "pagination_cursor",
+ "description": "Specifies the pagination cursor for the next page of mappings",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Specifies the pagination cursor for the next page of mappings"
+ },
+ "accepted_as": "query",
+ "required": false,
+ "deprecated": false,
+ "documentation_urls": []
+ },
+ {
+ "name": "limit",
+ "tool_parameter_name": "results_limit",
+ "description": "Specifies the number of results returned",
+ "value_schema": {
+ "val_type": "integer",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Specifies the number of results returned"
+ },
+ "accepted_as": "query",
+ "required": false,
+ "deprecated": false,
+ "documentation_urls": []
+ },
+ {
+ "name": "lastUpdated",
+ "tool_parameter_name": "filter_by_last_updated_date",
+ "description": "Filters group push mappings by last updated date. The `lastUpdated` parameter supports the following format: `YYYY-MM-DDTHH:mm:ssZ`. This filters mappings updated on or after the specified date and time in UTC.\n\nIf you don't specify a value, all group push mappings are returned.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Filters group push mappings by last updated date. The `lastUpdated` parameter supports the following format: `YYYY-MM-DDTHH:mm:ssZ`. This filters mappings updated on or after the specified date and time in UTC.\n\nIf you don't specify a value, all group push mappings are returned."
+ },
+ "accepted_as": "query",
+ "required": false,
+ "deprecated": false,
+ "documentation_urls": []
+ },
+ {
+ "name": "sourceGroupId",
+ "tool_parameter_name": "source_group_id",
+ "description": "Filters group push mappings by source group ID. If you don't specify a value, all group push mappings are returned.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Filters group push mappings by source group ID. If you don't specify a value, all group push mappings are returned."
+ },
+ "accepted_as": "query",
+ "required": false,
+ "deprecated": false,
+ "documentation_urls": []
+ },
+ {
+ "name": "status",
+ "tool_parameter_name": "filter_by_status",
+ "description": "Filters group push mappings by status. If you don't specify a value, all group push mappings are returned.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": [
+ "ACTIVE",
+ "ERROR",
+ "INACTIVE"
+ ],
+ "properties": null,
+ "inner_properties": null,
+ "description": "Filters group push mappings by status. If you don't specify a value, all group push mappings are returned."
+ },
+ "accepted_as": "query",
+ "required": false,
+ "deprecated": false,
+ "documentation_urls": []
+ },
+ {
+ "name": "appId",
+ "tool_parameter_name": "application_id",
+ "description": "Application ID",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Application ID"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/ListGroupRules.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/ListGroupRules.json
new file mode 100644
index 000000000..27854c5f4
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/ListGroupRules.json
@@ -0,0 +1,201 @@
+{
+ "name": "ListGroupRules",
+ "fully_qualified_name": "OktaApi.ListGroupRules@0.1.0",
+ "description": "Retrieve all group rules in your organization.\n\nThis tool fetches a list of all group rules configured within your organization. Use it to review or manage group rules effectively.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "page_result_limit",
+ "required": false,
+ "description": "Specifies the number of rule results to display per page. Provide an integer value.",
+ "value_schema": {
+ "val_type": "integer",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Specifies the number of rule results in a page"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "limit"
+ },
+ {
+ "name": "pagination_cursor_for_next_page",
+ "required": false,
+ "description": "Specifies the pagination cursor for retrieving the next page of group rules.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Specifies the pagination cursor for the next page of rules"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "after"
+ },
+ {
+ "name": "search_keyword",
+ "required": false,
+ "description": "Keyword to search for specific group rules.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Specifies the keyword to search rules for"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "search"
+ },
+ {
+ "name": "display_group_names",
+ "required": false,
+ "description": "Set to `groupIdToGroupNameMap` to display group names in the response.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "If specified as `groupIdToGroupNameMap`, then displays group names"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "expand"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'listGroupRules'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.groups.read"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/groups/rules",
+ "http_method": "GET",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "limit",
+ "tool_parameter_name": "page_result_limit",
+ "description": "Specifies the number of rule results in a page",
+ "value_schema": {
+ "val_type": "integer",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Specifies the number of rule results in a page"
+ },
+ "accepted_as": "query",
+ "required": false,
+ "deprecated": false,
+ "documentation_urls": []
+ },
+ {
+ "name": "after",
+ "tool_parameter_name": "pagination_cursor_for_next_page",
+ "description": "Specifies the pagination cursor for the next page of rules",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Specifies the pagination cursor for the next page of rules"
+ },
+ "accepted_as": "query",
+ "required": false,
+ "deprecated": false,
+ "documentation_urls": []
+ },
+ {
+ "name": "search",
+ "tool_parameter_name": "search_keyword",
+ "description": "Specifies the keyword to search rules for",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Specifies the keyword to search rules for"
+ },
+ "accepted_as": "query",
+ "required": false,
+ "deprecated": false,
+ "documentation_urls": []
+ },
+ {
+ "name": "expand",
+ "tool_parameter_name": "display_group_names",
+ "description": "If specified as `groupIdToGroupNameMap`, then displays group names",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "If specified as `groupIdToGroupNameMap`, then displays group names"
+ },
+ "accepted_as": "query",
+ "required": false,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/ListGroupTargetsForClientRole.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/ListGroupTargetsForClientRole.json
new file mode 100644
index 000000000..67fb263a6
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/ListGroupTargetsForClientRole.json
@@ -0,0 +1,201 @@
+{
+ "name": "ListGroupTargetsForClientRole",
+ "fully_qualified_name": "OktaApi.ListGroupTargetsForClientRole@0.1.0",
+ "description": "Retrieve group targets for a specified client role assignment.\n\nUse this tool to list all group targets associated with a specified role assignment (`USER_ADMIN`, `HELP_DESK_ADMIN`, or `GROUP_MEMBERSHIP_ADMIN`) for a client. If no specific group targets are scoped, an empty array will be returned.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "client_app_id",
+ "required": true,
+ "description": "The unique identifier of the client application for which the role group targets are being listed.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Client app ID"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "clientId"
+ },
+ {
+ "name": "role_assignment_id",
+ "required": true,
+ "description": "The ID of the role assignment for which to list group targets. It specifies the role tied to the specific client.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "The `id` of the role assignment"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "roleAssignmentId"
+ },
+ {
+ "name": "pagination_cursor",
+ "required": false,
+ "description": "The opaque string cursor for pagination, indicating the current position in the list. Obtain this from the `Link` response header.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "The cursor to use for pagination. It is an opaque string that specifies your current location in the list and is obtained from the `Link` response header. See [Pagination](https://developer.okta.com/docs/api/#pagination)."
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "after"
+ },
+ {
+ "name": "object_limit",
+ "required": false,
+ "description": "Specify the maximum number of objects to return.",
+ "value_schema": {
+ "val_type": "integer",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "A limit on the number of objects to return"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "limit"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'listGroupTargetRoleForClient'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.roles.read"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/oauth2/v1/clients/{clientId}/roles/{roleAssignmentId}/targets/groups",
+ "http_method": "GET",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "after",
+ "tool_parameter_name": "pagination_cursor",
+ "description": "The cursor to use for pagination. It is an opaque string that specifies your current location in the list and is obtained from the `Link` response header. See [Pagination](https://developer.okta.com/docs/api/#pagination).",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "The cursor to use for pagination. It is an opaque string that specifies your current location in the list and is obtained from the `Link` response header. See [Pagination](https://developer.okta.com/docs/api/#pagination)."
+ },
+ "accepted_as": "query",
+ "required": false,
+ "deprecated": false,
+ "documentation_urls": []
+ },
+ {
+ "name": "limit",
+ "tool_parameter_name": "object_limit",
+ "description": "A limit on the number of objects to return",
+ "value_schema": {
+ "val_type": "integer",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "A limit on the number of objects to return"
+ },
+ "accepted_as": "query",
+ "required": false,
+ "deprecated": false,
+ "documentation_urls": []
+ },
+ {
+ "name": "clientId",
+ "tool_parameter_name": "client_app_id",
+ "description": "Client app ID",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Client app ID"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ },
+ {
+ "name": "roleAssignmentId",
+ "tool_parameter_name": "role_assignment_id",
+ "description": "The `id` of the role assignment",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "The `id` of the role assignment"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/ListGroupTargetsForRole.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/ListGroupTargetsForRole.json
new file mode 100644
index 000000000..c1438ae21
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/ListGroupTargetsForRole.json
@@ -0,0 +1,201 @@
+{
+ "name": "ListGroupTargetsForRole",
+ "fully_qualified_name": "OktaApi.ListGroupTargetsForRole@0.1.0",
+ "description": "Retrieve group targets for specific role assignments to a group.\n\nUse this tool to get all group targets associated with a `USER_ADMIN`, `HELP_DESK_ADMIN`, or `GROUP_MEMBERSHIP_ADMIN` role assigned to a group. If no specific targets are scoped, the response will be an empty list.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "group_id",
+ "required": true,
+ "description": "The ID of the group for which to list role assignment targets.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "The `id` of the group"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "groupId"
+ },
+ {
+ "name": "role_assignment_id",
+ "required": true,
+ "description": "The unique identifier of the role assignment for which group targets are listed.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "The `id` of the role assignment"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "roleAssignmentId"
+ },
+ {
+ "name": "pagination_cursor",
+ "required": false,
+ "description": "The cursor for pagination, specifying the current location in the list. It is an opaque string obtained from the 'Link' response header.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "The cursor to use for pagination. It is an opaque string that specifies your current location in the list and is obtained from the `Link` response header. See [Pagination](https://developer.okta.com/docs/api/#pagination)."
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "after"
+ },
+ {
+ "name": "max_number_of_objects",
+ "required": false,
+ "description": "Specify the maximum number of group targets to return.",
+ "value_schema": {
+ "val_type": "integer",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "A limit on the number of objects to return"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "limit"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'listGroupTargetsForGroupRole'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.roles.read"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/groups/{groupId}/roles/{roleAssignmentId}/targets/groups",
+ "http_method": "GET",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "after",
+ "tool_parameter_name": "pagination_cursor",
+ "description": "The cursor to use for pagination. It is an opaque string that specifies your current location in the list and is obtained from the `Link` response header. See [Pagination](https://developer.okta.com/docs/api/#pagination).",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "The cursor to use for pagination. It is an opaque string that specifies your current location in the list and is obtained from the `Link` response header. See [Pagination](https://developer.okta.com/docs/api/#pagination)."
+ },
+ "accepted_as": "query",
+ "required": false,
+ "deprecated": false,
+ "documentation_urls": []
+ },
+ {
+ "name": "limit",
+ "tool_parameter_name": "max_number_of_objects",
+ "description": "A limit on the number of objects to return",
+ "value_schema": {
+ "val_type": "integer",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "A limit on the number of objects to return"
+ },
+ "accepted_as": "query",
+ "required": false,
+ "deprecated": false,
+ "documentation_urls": []
+ },
+ {
+ "name": "groupId",
+ "tool_parameter_name": "group_id",
+ "description": "The `id` of the group",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "The `id` of the group"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ },
+ {
+ "name": "roleAssignmentId",
+ "tool_parameter_name": "role_assignment_id",
+ "description": "The `id` of the role assignment",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "The `id` of the role assignment"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/ListGroupUsers.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/ListGroupUsers.json
new file mode 100644
index 000000000..a2418c8f7
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/ListGroupUsers.json
@@ -0,0 +1,169 @@
+{
+ "name": "ListGroupUsers",
+ "fully_qualified_name": "OktaApi.ListGroupUsers@0.1.0",
+ "description": "Retrieve users from a specified group in Okta.\n\nUse this tool to get a list of users who are members of a specific group in Okta. Suitable for managing group memberships and auditing user lists within an organization.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "group_id",
+ "required": true,
+ "description": "The unique identifier of the group whose members you want to list.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "The `id` of the group"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "groupId"
+ },
+ {
+ "name": "pagination_cursor",
+ "required": false,
+ "description": "The cursor for pagination, obtained from the `Link` header indicating the current location in the list.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "The cursor to use for pagination. It is an opaque string that specifies your current location in the list and is obtained from the `Link` response header. See [Pagination](https://developer.okta.com/docs/api/#pagination)."
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "after"
+ },
+ {
+ "name": "page_user_limit",
+ "required": false,
+ "description": "Specifies the maximum number of user results returned per page. Recommended limit is 200.",
+ "value_schema": {
+ "val_type": "integer",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Specifies the number of user results in a page"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "limit"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'listGroupUsers'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.groups.read"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/groups/{groupId}/users",
+ "http_method": "GET",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "after",
+ "tool_parameter_name": "pagination_cursor",
+ "description": "The cursor to use for pagination. It is an opaque string that specifies your current location in the list and is obtained from the `Link` response header. See [Pagination](https://developer.okta.com/docs/api/#pagination).",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "The cursor to use for pagination. It is an opaque string that specifies your current location in the list and is obtained from the `Link` response header. See [Pagination](https://developer.okta.com/docs/api/#pagination)."
+ },
+ "accepted_as": "query",
+ "required": false,
+ "deprecated": false,
+ "documentation_urls": []
+ },
+ {
+ "name": "limit",
+ "tool_parameter_name": "page_user_limit",
+ "description": "Specifies the number of user results in a page",
+ "value_schema": {
+ "val_type": "integer",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Specifies the number of user results in a page"
+ },
+ "accepted_as": "query",
+ "required": false,
+ "deprecated": false,
+ "documentation_urls": []
+ },
+ {
+ "name": "groupId",
+ "tool_parameter_name": "group_id",
+ "description": "The `id` of the group",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "The `id` of the group"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/ListHookKeys.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/ListHookKeys.json
new file mode 100644
index 000000000..5988c5715
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/ListHookKeys.json
@@ -0,0 +1,71 @@
+{
+ "name": "ListHookKeys",
+ "fully_qualified_name": "OktaApi.ListHookKeys@0.1.0",
+ "description": "Retrieve all hook keys from the API.\n\nThis tool is used to call the Okta API endpoint that lists all available hook keys. It should be called when you need to obtain a complete list of hook keys for management or integration purposes.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": []
+ },
+ "output": {
+ "description": "Response from the API endpoint 'listHookKeys'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.inlineHooks.read"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/hook-keys",
+ "http_method": "GET",
+ "headers": {},
+ "parameters": [],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/ListIdentityProviderKeys.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/ListIdentityProviderKeys.json
new file mode 100644
index 000000000..d8af4a861
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/ListIdentityProviderKeys.json
@@ -0,0 +1,137 @@
+{
+ "name": "ListIdentityProviderKeys",
+ "fully_qualified_name": "OktaApi.ListIdentityProviderKeys@0.1.0",
+ "description": "Retrieve all identity provider key credentials.\n\nUse this tool to obtain a list of all identity provider (IdP) key credentials. This is useful for managing and reviewing authentication setups.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "pagination_cursor",
+ "required": false,
+ "description": "Cursor for pagination, specifying current location in the list; obtained from the `Link` response header.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "The cursor to use for pagination. It is an opaque string that specifies your current location in the list and is obtained from the `Link` response header. See [Pagination](https://developer.okta.com/docs/api/#pagination)."
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "after"
+ },
+ {
+ "name": "maximum_number_of_objects_to_return",
+ "required": false,
+ "description": "Sets the maximum number of IdP key credentials to retrieve.",
+ "value_schema": {
+ "val_type": "integer",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "A limit on the number of objects to return"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "limit"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'listIdentityProviderKeys'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.idps.read"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/idps/credentials/keys",
+ "http_method": "GET",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "after",
+ "tool_parameter_name": "pagination_cursor",
+ "description": "The cursor to use for pagination. It is an opaque string that specifies your current location in the list and is obtained from the `Link` response header. See [Pagination](https://developer.okta.com/docs/api/#pagination).",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "The cursor to use for pagination. It is an opaque string that specifies your current location in the list and is obtained from the `Link` response header. See [Pagination](https://developer.okta.com/docs/api/#pagination)."
+ },
+ "accepted_as": "query",
+ "required": false,
+ "deprecated": false,
+ "documentation_urls": []
+ },
+ {
+ "name": "limit",
+ "tool_parameter_name": "maximum_number_of_objects_to_return",
+ "description": "A limit on the number of objects to return",
+ "value_schema": {
+ "val_type": "integer",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "A limit on the number of objects to return"
+ },
+ "accepted_as": "query",
+ "required": false,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/ListIdentityProviders.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/ListIdentityProviders.json
new file mode 100644
index 000000000..eb825ae35
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/ListIdentityProviders.json
@@ -0,0 +1,253 @@
+{
+ "name": "ListIdentityProviders",
+ "fully_qualified_name": "OktaApi.ListIdentityProviders@0.1.0",
+ "description": "Retrieve a list of all identity provider integrations.\n\nThis tool retrieves all identity provider (IdP) integrations from Okta, with support for filtering and pagination. Use this tool to obtain information about connected IdPs.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "search_identity_provider_name",
+ "required": false,
+ "description": "Search for matching identity provider names in the list.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Searches the `name` property of IdPs for matching value"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "q"
+ },
+ {
+ "name": "pagination_cursor",
+ "required": false,
+ "description": "The cursor to use for pagination, obtained from the `Link` response header.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "The cursor to use for pagination. It is an opaque string that specifies your current location in the list and is obtained from the `Link` response header. See [Pagination](https://developer.okta.com/docs/api/#pagination)."
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "after"
+ },
+ {
+ "name": "object_limit",
+ "required": false,
+ "description": "Specify the maximum number of identity provider objects to return.",
+ "value_schema": {
+ "val_type": "integer",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "A limit on the number of objects to return"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "limit"
+ },
+ {
+ "name": "filter_by_idp_type",
+ "required": false,
+ "description": "Specify the type of IdP to filter the list. Options include providers like 'GOOGLE', 'FACEBOOK', etc.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": [
+ "AMAZON",
+ "APPLE",
+ "DISCORD",
+ "FACEBOOK",
+ "GITHUB",
+ "GITLAB",
+ "GOOGLE",
+ "IDV_CLEAR",
+ "IDV_INCODE",
+ "IDV_PERSONA",
+ "LINKEDIN",
+ "LOGINGOV",
+ "LOGINGOV_SANDBOX",
+ "MICROSOFT",
+ "OIDC",
+ "OKTA_INTEGRATION",
+ "PAYPAL",
+ "PAYPAL_SANDBOX",
+ "SALESFORCE",
+ "SAML2",
+ "SPOTIFY",
+ "X509",
+ "XERO",
+ "YAHOO",
+ "YAHOOJP"
+ ],
+ "properties": null,
+ "inner_properties": null,
+ "description": "Filters IdPs by `type`"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "type"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'listIdentityProviders'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.idps.read"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/idps",
+ "http_method": "GET",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "q",
+ "tool_parameter_name": "search_identity_provider_name",
+ "description": "Searches the `name` property of IdPs for matching value",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Searches the `name` property of IdPs for matching value"
+ },
+ "accepted_as": "query",
+ "required": false,
+ "deprecated": false,
+ "documentation_urls": []
+ },
+ {
+ "name": "after",
+ "tool_parameter_name": "pagination_cursor",
+ "description": "The cursor to use for pagination. It is an opaque string that specifies your current location in the list and is obtained from the `Link` response header. See [Pagination](https://developer.okta.com/docs/api/#pagination).",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "The cursor to use for pagination. It is an opaque string that specifies your current location in the list and is obtained from the `Link` response header. See [Pagination](https://developer.okta.com/docs/api/#pagination)."
+ },
+ "accepted_as": "query",
+ "required": false,
+ "deprecated": false,
+ "documentation_urls": []
+ },
+ {
+ "name": "limit",
+ "tool_parameter_name": "object_limit",
+ "description": "A limit on the number of objects to return",
+ "value_schema": {
+ "val_type": "integer",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "A limit on the number of objects to return"
+ },
+ "accepted_as": "query",
+ "required": false,
+ "deprecated": false,
+ "documentation_urls": []
+ },
+ {
+ "name": "type",
+ "tool_parameter_name": "filter_by_idp_type",
+ "description": "Filters IdPs by `type`",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": [
+ "AMAZON",
+ "APPLE",
+ "DISCORD",
+ "FACEBOOK",
+ "GITHUB",
+ "GITLAB",
+ "GOOGLE",
+ "IDV_CLEAR",
+ "IDV_INCODE",
+ "IDV_PERSONA",
+ "LINKEDIN",
+ "LOGINGOV",
+ "LOGINGOV_SANDBOX",
+ "MICROSOFT",
+ "OIDC",
+ "OKTA_INTEGRATION",
+ "PAYPAL",
+ "PAYPAL_SANDBOX",
+ "SALESFORCE",
+ "SAML2",
+ "SPOTIFY",
+ "X509",
+ "XERO",
+ "YAHOO",
+ "YAHOOJP"
+ ],
+ "properties": null,
+ "inner_properties": null,
+ "description": "Filters IdPs by `type`"
+ },
+ "accepted_as": "query",
+ "required": false,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/ListIdentitySourceSessions.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/ListIdentitySourceSessions.json
new file mode 100644
index 000000000..08638cfbe
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/ListIdentitySourceSessions.json
@@ -0,0 +1,105 @@
+{
+ "name": "ListIdentitySourceSessions",
+ "fully_qualified_name": "OktaApi.ListIdentitySourceSessions@0.1.0",
+ "description": "Retrieve sessions for a specific identity source instance.\n\nThis tool lists all identity source sessions for a specified identity source ID. It should be used to monitor or audit sessions associated with a particular identity source instance.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "identity_source_id",
+ "required": true,
+ "description": "The ID of the identity source instance to list sessions for.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "The ID of the identity source for which the session is created"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "identitySourceId"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'listIdentitySourceSessions'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.identitySources.read"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/identity-sources/{identitySourceId}/sessions",
+ "http_method": "GET",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "identitySourceId",
+ "tool_parameter_name": "identity_source_id",
+ "description": "The ID of the identity source for which the session is created",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "The ID of the identity source for which the session is created"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/ListIdpCertificateSigningRequests.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/ListIdpCertificateSigningRequests.json
new file mode 100644
index 000000000..045768de8
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/ListIdpCertificateSigningRequests.json
@@ -0,0 +1,105 @@
+{
+ "name": "ListIdpCertificateSigningRequests",
+ "fully_qualified_name": "OktaApi.ListIdpCertificateSigningRequests@0.1.0",
+ "description": "Retrieve CSRs for a given identity provider from Okta.\n\n",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "identity_provider_id",
+ "required": true,
+ "description": "The ID of the Identity Provider to retrieve CSRs for.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "`id` of IdP"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "idpId"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'listCsrsForIdentityProvider'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.idps.read"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/idps/{idpId}/credentials/csrs",
+ "http_method": "GET",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "idpId",
+ "tool_parameter_name": "identity_provider_id",
+ "description": "`id` of IdP",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "`id` of IdP"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/ListIdpLinkedUsers.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/ListIdpLinkedUsers.json
new file mode 100644
index 000000000..9f7c8a516
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/ListIdpLinkedUsers.json
@@ -0,0 +1,233 @@
+{
+ "name": "ListIdpLinkedUsers",
+ "fully_qualified_name": "OktaApi.ListIdpLinkedUsers@0.1.0",
+ "description": "Lists users linked to an identity provider.\n\nCall this tool to obtain a list of users associated with a specific identity provider. It helps in managing and auditing user access linked with identity providers.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "identity_provider_id",
+ "required": true,
+ "description": "The unique identifier for the identity provider (IdP) whose linked users are to be listed.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "`id` of IdP"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "idpId"
+ },
+ {
+ "name": "search_query",
+ "required": false,
+ "description": "A string to search records for matching values in linked user data.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Searches the records for matching value"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "q"
+ },
+ {
+ "name": "pagination_cursor",
+ "required": false,
+ "description": "The cursor for pagination, an opaque string indicating current list position. Retrieved from `Link` response header.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "The cursor to use for pagination. It is an opaque string that specifies your current location in the list and is obtained from the `Link` response header. See [Pagination](https://developer.okta.com/docs/api/#pagination)."
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "after"
+ },
+ {
+ "name": "result_limit",
+ "required": false,
+ "description": "The maximum number of user records to return. Useful for controlling pagination and large dataset handling.",
+ "value_schema": {
+ "val_type": "integer",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "A limit on the number of objects to return"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "limit"
+ },
+ {
+ "name": "expand_user_data",
+ "required": false,
+ "description": "Specify if additional user details should be included in the response. Use the string 'user' to expand user data.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Expand user data"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "expand"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'listIdentityProviderApplicationUsers'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.idps.read"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/idps/{idpId}/users",
+ "http_method": "GET",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "q",
+ "tool_parameter_name": "search_query",
+ "description": "Searches the records for matching value",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Searches the records for matching value"
+ },
+ "accepted_as": "query",
+ "required": false,
+ "deprecated": false,
+ "documentation_urls": []
+ },
+ {
+ "name": "after",
+ "tool_parameter_name": "pagination_cursor",
+ "description": "The cursor to use for pagination. It is an opaque string that specifies your current location in the list and is obtained from the `Link` response header. See [Pagination](https://developer.okta.com/docs/api/#pagination).",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "The cursor to use for pagination. It is an opaque string that specifies your current location in the list and is obtained from the `Link` response header. See [Pagination](https://developer.okta.com/docs/api/#pagination)."
+ },
+ "accepted_as": "query",
+ "required": false,
+ "deprecated": false,
+ "documentation_urls": []
+ },
+ {
+ "name": "limit",
+ "tool_parameter_name": "result_limit",
+ "description": "A limit on the number of objects to return",
+ "value_schema": {
+ "val_type": "integer",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "A limit on the number of objects to return"
+ },
+ "accepted_as": "query",
+ "required": false,
+ "deprecated": false,
+ "documentation_urls": []
+ },
+ {
+ "name": "expand",
+ "tool_parameter_name": "expand_user_data",
+ "description": "Expand user data",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Expand user data"
+ },
+ "accepted_as": "query",
+ "required": false,
+ "deprecated": false,
+ "documentation_urls": []
+ },
+ {
+ "name": "idpId",
+ "tool_parameter_name": "identity_provider_id",
+ "description": "`id` of IdP",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "`id` of IdP"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/ListIdpSigningKeys.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/ListIdpSigningKeys.json
new file mode 100644
index 000000000..0c82d4e79
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/ListIdpSigningKeys.json
@@ -0,0 +1,105 @@
+{
+ "name": "ListIdpSigningKeys",
+ "fully_qualified_name": "OktaApi.ListIdpSigningKeys@0.1.0",
+ "description": "Retrieve signing key credentials for an identity provider.\n\nThis tool lists all signing key credentials associated with a specific identity provider (IdP). It should be called when there's a need to view or manage the signing keys for authentication or integration purposes.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "identity_provider_id",
+ "required": true,
+ "description": "The unique identifier for the identity provider (IdP) whose signing keys are to be listed.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "`id` of IdP"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "idpId"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'listIdentityProviderSigningKeys'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.idps.read"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/idps/{idpId}/credentials/keys",
+ "http_method": "GET",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "idpId",
+ "tool_parameter_name": "identity_provider_id",
+ "description": "`id` of IdP",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "`id` of IdP"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/ListLinkedObjectDefinitions.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/ListLinkedObjectDefinitions.json
new file mode 100644
index 000000000..eac062229
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/ListLinkedObjectDefinitions.json
@@ -0,0 +1,71 @@
+{
+ "name": "ListLinkedObjectDefinitions",
+ "fully_qualified_name": "OktaApi.ListLinkedObjectDefinitions@0.1.0",
+ "description": "Retrieve all Linked Object definitions from Okta.\n\nUse this tool to list all Linked Object definitions in your Okta instance. This is helpful for understanding relationships between different object schemas in your Okta environment.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": []
+ },
+ "output": {
+ "description": "Response from the API endpoint 'listLinkedObjectDefinitions'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.linkedObjects.read"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/meta/schemas/user/linkedObjects",
+ "http_method": "GET",
+ "headers": {},
+ "parameters": [],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/ListLinkedUsers.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/ListLinkedUsers.json
new file mode 100644
index 000000000..56ffdd8b2
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/ListLinkedUsers.json
@@ -0,0 +1,137 @@
+{
+ "name": "ListLinkedUsers",
+ "fully_qualified_name": "OktaApi.ListLinkedUsers@0.1.0",
+ "description": "Retrieve linked or associated users for a given relationship.\n\nUtilize this tool to list either the self link for a primary user or all associated users based on a specified relationship name. If no associations exist, it returns an empty array. Suitable for retrieving user associations in applications using Okta.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "user_identifier_or_login",
+ "required": true,
+ "description": "The ID or login of the user to get the primary user ID or associated users. Use 'me' for the current session user.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "If for the `self` link, this is the ID of the user for whom you want to get the primary user ID. If for the `associated` relation, this is the user ID or login value of the user assigned the associated relationship.\n\nThis can be `me` to represent the current session user."
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "userIdOrLogin"
+ },
+ {
+ "name": "relationship_name",
+ "required": true,
+ "description": "Specify the name of the primary or associated relationship to be queried for linked users.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Name of the `primary` or `associated` relationship being queried"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "relationshipName"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'listLinkedObjectsForUser'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.users.read"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/users/{userIdOrLogin}/linkedObjects/{relationshipName}",
+ "http_method": "GET",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "userIdOrLogin",
+ "tool_parameter_name": "user_identifier_or_login",
+ "description": "If for the `self` link, this is the ID of the user for whom you want to get the primary user ID. If for the `associated` relation, this is the user ID or login value of the user assigned the associated relationship.\n\nThis can be `me` to represent the current session user.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "If for the `self` link, this is the ID of the user for whom you want to get the primary user ID. If for the `associated` relation, this is the user ID or login value of the user assigned the associated relationship.\n\nThis can be `me` to represent the current session user."
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ },
+ {
+ "name": "relationshipName",
+ "tool_parameter_name": "relationship_name",
+ "description": "Name of the `primary` or `associated` relationship being queried",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Name of the `primary` or `associated` relationship being queried"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/ListLogStreamSchemas.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/ListLogStreamSchemas.json
new file mode 100644
index 000000000..00611942b
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/ListLogStreamSchemas.json
@@ -0,0 +1,71 @@
+{
+ "name": "ListLogStreamSchemas",
+ "fully_qualified_name": "OktaApi.ListLogStreamSchemas@0.1.0",
+ "description": "Retrieve schema for all log stream types for an organization.\n\nUse this tool to obtain the schema details for every log stream type accessible to the organization. This is useful for understanding the data structure and fields available for each log stream type.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": []
+ },
+ "output": {
+ "description": "Response from the API endpoint 'listLogStreamSchemas'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.logStreams.read"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/meta/schemas/logStream",
+ "http_method": "GET",
+ "headers": {},
+ "parameters": [],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/ListLogStreams.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/ListLogStreams.json
new file mode 100644
index 000000000..251907278
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/ListLogStreams.json
@@ -0,0 +1,169 @@
+{
+ "name": "ListLogStreams",
+ "fully_qualified_name": "OktaApi.ListLogStreams@0.1.0",
+ "description": "Retrieve all log stream objects in your organization.\n\nUse this tool to get a list of all log streams in your organization, with options for pagination and filtering.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "pagination_cursor",
+ "required": false,
+ "description": "The opaque string cursor used for pagination, obtained from the `Link` response header.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "The cursor to use for pagination. It is an opaque string that specifies your current location in the list and is obtained from the `Link` response header. See [Pagination](https://developer.okta.com/docs/api/#pagination)."
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "after"
+ },
+ {
+ "name": "max_number_of_log_streams",
+ "required": false,
+ "description": "The maximum number of log stream objects to return.",
+ "value_schema": {
+ "val_type": "integer",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "A limit on the number of objects to return"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "limit"
+ },
+ {
+ "name": "filter_expression",
+ "required": false,
+ "description": "A filter expression using the 'eq' operator on 'status' or 'type' properties to filter log streams.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "An expression that [filters](/#filter) the returned objects. You can only use the `eq` operator on either the `status` or `type` properties in the filter expression."
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "filter"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'listLogStreams'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.logStreams.read"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/logStreams",
+ "http_method": "GET",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "after",
+ "tool_parameter_name": "pagination_cursor",
+ "description": "The cursor to use for pagination. It is an opaque string that specifies your current location in the list and is obtained from the `Link` response header. See [Pagination](https://developer.okta.com/docs/api/#pagination).",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "The cursor to use for pagination. It is an opaque string that specifies your current location in the list and is obtained from the `Link` response header. See [Pagination](https://developer.okta.com/docs/api/#pagination)."
+ },
+ "accepted_as": "query",
+ "required": false,
+ "deprecated": false,
+ "documentation_urls": []
+ },
+ {
+ "name": "limit",
+ "tool_parameter_name": "max_number_of_log_streams",
+ "description": "A limit on the number of objects to return",
+ "value_schema": {
+ "val_type": "integer",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "A limit on the number of objects to return"
+ },
+ "accepted_as": "query",
+ "required": false,
+ "deprecated": false,
+ "documentation_urls": []
+ },
+ {
+ "name": "filter",
+ "tool_parameter_name": "filter_expression",
+ "description": "An expression that [filters](/#filter) the returned objects. You can only use the `eq` operator on either the `status` or `type` properties in the filter expression.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "An expression that [filters](/#filter) the returned objects. You can only use the `eq` operator on either the `status` or `type` properties in the filter expression."
+ },
+ "accepted_as": "query",
+ "required": false,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/ListNetworkZones.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/ListNetworkZones.json
new file mode 100644
index 000000000..a62ca32a9
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/ListNetworkZones.json
@@ -0,0 +1,169 @@
+{
+ "name": "ListNetworkZones",
+ "fully_qualified_name": "OktaApi.ListNetworkZones@0.1.0",
+ "description": "Retrieve all network zones with optional filtering.\n\nThis tool retrieves all network zones from Okta, allowing for optional filtering based on zone ID, usage, or system properties. It supports pagination and URL-encoded filter expressions.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "pagination_cursor_after",
+ "required": false,
+ "description": "The cursor for retrieving the next page of results. Used for pagination to specify the starting point after the given item.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": ""
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "after"
+ },
+ {
+ "name": "max_results",
+ "required": false,
+ "description": "The maximum number of network zones to retrieve in one call. This helps control pagination.",
+ "value_schema": {
+ "val_type": "integer",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": ""
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "limit"
+ },
+ {
+ "name": "filter_expression",
+ "required": false,
+ "description": "A URL-encoded string to filter network zones by id, usage, or system properties.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": ""
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "filter"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'listNetworkZones'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.networkZones.read"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/zones",
+ "http_method": "GET",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "after",
+ "tool_parameter_name": "pagination_cursor_after",
+ "description": "",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": ""
+ },
+ "accepted_as": "query",
+ "required": false,
+ "deprecated": false,
+ "documentation_urls": []
+ },
+ {
+ "name": "limit",
+ "tool_parameter_name": "max_results",
+ "description": "",
+ "value_schema": {
+ "val_type": "integer",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": ""
+ },
+ "accepted_as": "query",
+ "required": false,
+ "deprecated": false,
+ "documentation_urls": []
+ },
+ {
+ "name": "filter",
+ "tool_parameter_name": "filter_expression",
+ "description": "",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": ""
+ },
+ "accepted_as": "query",
+ "required": false,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/ListOauth2Claims.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/ListOauth2Claims.json
new file mode 100644
index 000000000..03bfd7c2c
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/ListOauth2Claims.json
@@ -0,0 +1,105 @@
+{
+ "name": "ListOauth2Claims",
+ "fully_qualified_name": "OktaApi.ListOauth2Claims@0.1.0",
+ "description": "Retrieve all custom token claims for a specified authorization server.\n\nThis tool should be called to list all custom token claims defined for a specified custom authorization server in Okta. It's useful for managing token customization and understanding what claims are currently configured.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "authorization_server_id",
+ "required": true,
+ "description": "`id` of the Authorization Server to list custom token claims for.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "`id` of the Authorization Server"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "authServerId"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'listOAuth2Claims'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.authorizationServers.read"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/authorizationServers/{authServerId}/claims",
+ "http_method": "GET",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "authServerId",
+ "tool_parameter_name": "authorization_server_id",
+ "description": "`id` of the Authorization Server",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "`id` of the Authorization Server"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/ListOauth2ClientSecrets.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/ListOauth2ClientSecrets.json
new file mode 100644
index 000000000..ed7b67934
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/ListOauth2ClientSecrets.json
@@ -0,0 +1,105 @@
+{
+ "name": "ListOauth2ClientSecrets",
+ "fully_qualified_name": "OktaApi.ListOauth2ClientSecrets@0.1.0",
+ "description": "List all client secrets for an OAuth 2.0 client app.\n\nUse this tool to retrieve all client secrets associated with a specific OAuth 2.0 client application. It should be called when you need to access or manage the secrets for an app.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "application_id",
+ "required": true,
+ "description": "The ID of the OAuth 2.0 client application for which to list client secrets.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Application ID"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "appId"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'listOAuth2ClientSecrets'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.apps.read"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/apps/{appId}/credentials/secrets",
+ "http_method": "GET",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "appId",
+ "tool_parameter_name": "application_id",
+ "description": "Application ID",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Application ID"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/ListOauthJwks.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/ListOauthJwks.json
new file mode 100644
index 000000000..3b9a5100b
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/ListOauthJwks.json
@@ -0,0 +1,105 @@
+{
+ "name": "ListOauthJwks",
+ "fully_qualified_name": "OktaApi.ListOauthJwks@0.1.0",
+ "description": "Retrieve JSON Web Keys for an OAuth 2.0 client app.\n\nUse this tool to fetch all JSON Web Keys associated with a specific OAuth 2.0 client application. This is essential for managing or inspecting the keys used in the app's OAuth security setup.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "application_id",
+ "required": true,
+ "description": "The ID of the OAuth 2.0 client application for which to list JSON Web Keys. This is required to identify the specific application's keys.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Application ID"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "appId"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'listJwk'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.apps.read"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/apps/{appId}/credentials/jwks",
+ "http_method": "GET",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "appId",
+ "tool_parameter_name": "application_id",
+ "description": "Application ID",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Application ID"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/ListOktaInlineHooks.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/ListOktaInlineHooks.json
new file mode 100644
index 000000000..a0d87ef73
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/ListOktaInlineHooks.json
@@ -0,0 +1,119 @@
+{
+ "name": "ListOktaInlineHooks",
+ "fully_qualified_name": "OktaApi.ListOktaInlineHooks@0.1.0",
+ "description": "Retrieve all inline hooks or those of a specific type in Okta.\n\nThis tool retrieves all Okta inline hooks or can be used to list inline hooks of a specific type. Supported types include user import, token transformation, SAML assertion, telephony provider, password import, and registration inline hooks.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "inline_hook_type",
+ "required": false,
+ "description": "Specify one of the supported inline hook types to filter results. Options include user import, token transformation, SAML assertion, telephony provider, password import, and registration.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": [
+ "com.okta.import.transform",
+ "com.okta.oauth2.tokens.transform",
+ "com.okta.saml.tokens.transform",
+ "com.okta.user.credential.password.import",
+ "com.okta.user.pre-registration",
+ "com.okta.telephony.provider"
+ ],
+ "properties": null,
+ "inner_properties": null,
+ "description": "One of the supported inline hook types"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "type"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'listInlineHooks'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.inlineHooks.read"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/inlineHooks",
+ "http_method": "GET",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "type",
+ "tool_parameter_name": "inline_hook_type",
+ "description": "One of the supported inline hook types",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": [
+ "com.okta.import.transform",
+ "com.okta.oauth2.tokens.transform",
+ "com.okta.saml.tokens.transform",
+ "com.okta.user.credential.password.import",
+ "com.okta.user.pre-registration",
+ "com.okta.telephony.provider"
+ ],
+ "properties": null,
+ "inner_properties": null,
+ "description": "One of the supported inline hook types"
+ },
+ "accepted_as": "query",
+ "required": false,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/ListOktaOrgContactTypes.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/ListOktaOrgContactTypes.json
new file mode 100644
index 000000000..722dfadb6
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/ListOktaOrgContactTypes.json
@@ -0,0 +1,71 @@
+{
+ "name": "ListOktaOrgContactTypes",
+ "fully_qualified_name": "OktaApi.ListOktaOrgContactTypes@0.1.0",
+ "description": "List all organization contact types in Okta.\n\nUse this tool to retrieve all organization contact types for your Okta organization. This can help in understanding the roles and contact information available within the organization.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": []
+ },
+ "output": {
+ "description": "Response from the API endpoint 'listOrgContactTypes'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.orgs.read"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/org/contacts",
+ "http_method": "GET",
+ "headers": {},
+ "parameters": [],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/ListOktaSupportCases.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/ListOktaSupportCases.json
new file mode 100644
index 000000000..a13f1849c
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/ListOktaSupportCases.json
@@ -0,0 +1,71 @@
+{
+ "name": "ListOktaSupportCases",
+ "fully_qualified_name": "OktaApi.ListOktaSupportCases@0.1.0",
+ "description": "Retrieve a list of Okta Support cases.\n\nThis tool retrieves all Okta Support cases that the user has permission to view. It should be called when a user needs to access their Okta Support cases.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": []
+ },
+ "output": {
+ "description": "Response from the API endpoint 'listOktaSupportCases'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.orgs.read"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/org/privacy/oktaSupport/cases",
+ "http_method": "GET",
+ "headers": {},
+ "parameters": [],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/ListOrganizationApplications.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/ListOrganizationApplications.json
new file mode 100644
index 000000000..35c7806ea
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/ListOrganizationApplications.json
@@ -0,0 +1,297 @@
+{
+ "name": "ListOrganizationApplications",
+ "fully_qualified_name": "OktaApi.ListOrganizationApplications@0.1.0",
+ "description": "Lists all applications in the organization with filters.\n\nUse this tool to retrieve a list of all applications within the organization. Supports filtering and pagination to manage large sets of applications efficiently.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "search_query",
+ "required": false,
+ "description": "Search for applications with names or labels starting with this value using the `startsWith` operation.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Searches for apps with `name` or `label` properties that starts with the `q` value using the `startsWith` operation"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "q"
+ },
+ {
+ "name": "pagination_cursor",
+ "required": false,
+ "description": "Opaque string to fetch the next page of results. Obtained from the 'next' link.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Specifies the [pagination](/#pagination) cursor for the next page of results. Treat this as an opaque value obtained through the `next` link relationship."
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "after"
+ },
+ {
+ "name": "results_per_page",
+ "required": false,
+ "description": "Specifies the number of results per page for pagination.",
+ "value_schema": {
+ "val_type": "integer",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Specifies the number of results per page"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "limit"
+ },
+ {
+ "name": "filter_expression_for_applications",
+ "required": false,
+ "description": "Filters applications using `status`, `user.id`, `group.id`, `credentials.signing.kid`, or `name` with `eq` operator.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Filters apps by `status`, `user.id`, `group.id`, `credentials.signing.kid` or `name` expression that supports the `eq` operator"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "filter"
+ },
+ {
+ "name": "expand_user_resources",
+ "required": false,
+ "description": "Embeds more resources in the response, supports `expand=user/{userId}`. Requires the `user.id eq \"{userId}\"` filter.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "An optional parameter used for link expansion to embed more resources in the response.\nOnly supports `expand=user/{userId}` and must be used with the `user.id eq \"{userId}\"` filter query for the same user.\nReturns the assigned [application user](/openapi/okta-management/management/tag/ApplicationUsers/) in the `_embedded` property."
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "expand"
+ },
+ {
+ "name": "use_query_optimization",
+ "required": false,
+ "description": "Set to true to use query optimization, returning a subset of app instance properties.",
+ "value_schema": {
+ "val_type": "boolean",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Specifies whether to use query optimization. If you specify `useOptimization=true` in the request query, the response contains a subset of app instance properties."
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "useOptimization"
+ },
+ {
+ "name": "include_non_deleted_apps",
+ "required": false,
+ "description": "Include non-active but not deleted apps in the results.",
+ "value_schema": {
+ "val_type": "boolean",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Specifies whether to include non-active, but not deleted apps in the results"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "includeNonDeleted"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'listApplications'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.apps.read"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/apps",
+ "http_method": "GET",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "q",
+ "tool_parameter_name": "search_query",
+ "description": "Searches for apps with `name` or `label` properties that starts with the `q` value using the `startsWith` operation",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Searches for apps with `name` or `label` properties that starts with the `q` value using the `startsWith` operation"
+ },
+ "accepted_as": "query",
+ "required": false,
+ "deprecated": false,
+ "documentation_urls": []
+ },
+ {
+ "name": "after",
+ "tool_parameter_name": "pagination_cursor",
+ "description": "Specifies the [pagination](/#pagination) cursor for the next page of results. Treat this as an opaque value obtained through the `next` link relationship.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Specifies the [pagination](/#pagination) cursor for the next page of results. Treat this as an opaque value obtained through the `next` link relationship."
+ },
+ "accepted_as": "query",
+ "required": false,
+ "deprecated": false,
+ "documentation_urls": []
+ },
+ {
+ "name": "useOptimization",
+ "tool_parameter_name": "use_query_optimization",
+ "description": "Specifies whether to use query optimization. If you specify `useOptimization=true` in the request query, the response contains a subset of app instance properties.",
+ "value_schema": {
+ "val_type": "boolean",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Specifies whether to use query optimization. If you specify `useOptimization=true` in the request query, the response contains a subset of app instance properties."
+ },
+ "accepted_as": "query",
+ "required": false,
+ "deprecated": false,
+ "documentation_urls": []
+ },
+ {
+ "name": "limit",
+ "tool_parameter_name": "results_per_page",
+ "description": "Specifies the number of results per page",
+ "value_schema": {
+ "val_type": "integer",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Specifies the number of results per page"
+ },
+ "accepted_as": "query",
+ "required": false,
+ "deprecated": false,
+ "documentation_urls": []
+ },
+ {
+ "name": "filter",
+ "tool_parameter_name": "filter_expression_for_applications",
+ "description": "Filters apps by `status`, `user.id`, `group.id`, `credentials.signing.kid` or `name` expression that supports the `eq` operator",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Filters apps by `status`, `user.id`, `group.id`, `credentials.signing.kid` or `name` expression that supports the `eq` operator"
+ },
+ "accepted_as": "query",
+ "required": false,
+ "deprecated": false,
+ "documentation_urls": []
+ },
+ {
+ "name": "expand",
+ "tool_parameter_name": "expand_user_resources",
+ "description": "An optional parameter used for link expansion to embed more resources in the response.\nOnly supports `expand=user/{userId}` and must be used with the `user.id eq \"{userId}\"` filter query for the same user.\nReturns the assigned [application user](/openapi/okta-management/management/tag/ApplicationUsers/) in the `_embedded` property.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "An optional parameter used for link expansion to embed more resources in the response.\nOnly supports `expand=user/{userId}` and must be used with the `user.id eq \"{userId}\"` filter query for the same user.\nReturns the assigned [application user](/openapi/okta-management/management/tag/ApplicationUsers/) in the `_embedded` property."
+ },
+ "accepted_as": "query",
+ "required": false,
+ "deprecated": false,
+ "documentation_urls": []
+ },
+ {
+ "name": "includeNonDeleted",
+ "tool_parameter_name": "include_non_deleted_apps",
+ "description": "Specifies whether to include non-active, but not deleted apps in the results",
+ "value_schema": {
+ "val_type": "boolean",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Specifies whether to include non-active, but not deleted apps in the results"
+ },
+ "accepted_as": "query",
+ "required": false,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/ListOrganizationUsers.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/ListOrganizationUsers.json
new file mode 100644
index 000000000..d5160ed9f
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/ListOrganizationUsers.json
@@ -0,0 +1,361 @@
+{
+ "name": "ListOrganizationUsers",
+ "fully_qualified_name": "OktaApi.ListOrganizationUsers@0.1.0",
+ "description": "Retrieve a list of active users in the organization.\n\nUse this tool to obtain a list of active users within your organization. You can filter or search for a specific subset of users, but users with a status of 'DEPROVISIONED' are excluded from the default response.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "user_search_query",
+ "required": false,
+ "description": "Search for users using a filtering expression. Supports various properties and must be URL encoded. Warning: Complex or overly long queries can cause errors.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Searches for users with a supported filtering expression for most properties. Okta recommends using this parameter for optimal search performance. \n\n> **Note:** Using an overly complex or long search query can result in an error.\n\nThis operation supports [pagination](https://developer.okta.com/docs/api/#pagination). Use an ID lookup for records that you update to ensure your results contain the latest data. Returned users include those with the `DEPROVISIONED` status.\n\nProperty names in the search parameter are case sensitive, whereas operators (`eq`, `sw`, and so on) and string values are case insensitive. Unlike with user logins, diacritical marks are significant in search string values: a search for `isaac.brock` finds `Isaac.Brock`, but doesn't find a property whose value is `is\u00e1\u00e0c.br\u00f6ck`. \n\nThis operation requires [URL encoding](https://developer.mozilla.org/en-US/docs/Glossary/Percent-encoding). For example, `search=profile.department eq \"Engineering\"` is encoded as `search=profile.department%20eq%20%22Engineering%22`. If you use the special character `\"` within a quoted string, it must also be escaped `\\` and encoded. For example, `search=profile.lastName eq \"bob\"smith\"` is encoded as `search=profile.lastName%20eq%20%22bob%5C%22smith%22`. See [Special Characters](https://developer.okta.com/docs/api/#special-characters).\n\nThis operation searches many properties:\n * Any user profile attribute, including custom-defined attributes\n * The top-level properties: `id`, `status`, `created`, `activated`, `statusChanged`, and `lastUpdated`\n * The [user type](https://developer.okta.com/docs/api/openapi/okta-management/management/tag/UserType/#tag/UserType/operation/updateUserType) accessed as `type.id`\n\n> **Note:** The ability to search by user classification is available as an [Early Access](https://developer.okta.com/docs/api/openapi/okta-management/guides/release-lifecycle/#early-access-ea) feature. The `classification.type` property cannot be used in conjunction with other search terms. You can search using `classification.type eq \"LITE\"` or `classification.type eq \"STANDARD\"`.\n\nYou can also use `sortBy` and `sortOrder` parameters. The `ne` (not equal) operator isn't supported, but you can obtain the same result by using `lt ... or ... gt`. For example, to see all users except those that have a status of `STAGED`, use `(status lt \"STAGED\" or status gt \"STAGED\")`.\n\nYou can search properties that are arrays. If any element matches the search term, the entire array (object) is returned. Okta follows the [SCIM Protocol Specification](https://tools.ietf.org/html/rfc7644#section-3.4.2.2) for searching arrays. You can search multiple arrays, multiple values in an array, as well as using the standard logical and filtering operators. See [Filter](https://developer.okta.com/docs/reference/core-okta-api/#filter).\n\nSearches for users can be filtered by the following operators: `sw`, `eq`, and `co`. You can only use `co` with these select user profile attributes: `profile.firstName`, `profile.lastName`, `profile.email`, and `profile.login`. See [Operators](https://developer.okta.com/docs/api/#operators)."
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "search"
+ },
+ {
+ "name": "filter_expression",
+ "required": false,
+ "description": "A URL-encoded string to filter users by supported properties like `status`, `lastUpdated`, `id`, `profile.login`, `profile.email`, `profile.firstName`, and `profile.lastName`. Supports `eq` and some inequality operators for `lastUpdated`. Logical operators `and` and `or` are also supported.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Filters users with a supported expression for a subset of properties. \n\n> **Note:** Returned users include those with the `DEPROVISIONED` status.\n\nThis requires [URL encoding](https://developer.mozilla.org/en-US/docs/Glossary/Percent-encoding). For example, `filter=lastUpdated gt \"2013-06-01T00:00:00.000Z\"` is encoded as `filter=lastUpdated%20gt%20%222013-06-01T00:00:00.000Z%22`. Filtering is case-sensitive for property names and query values, while operators are case-insensitive.\n\nFiltering supports the following limited number of properties: `status`, `lastUpdated`, `id`, `profile.login`, `profile.email`, `profile.firstName`, and `profile.lastName`.\n\nAdditionally, filtering supports only the equal `eq` operator from the standard Okta API filtering semantics, except in the case of the `lastUpdated` property. This property can also use the inequality operators (`gt`, `ge`, `lt`, and `le`). For logical operators, only the logical operators `and` and `or` are supported. The `not` operator isn't supported. See [Filter](https://developer.okta.com/docs/api/#filter) and [Operators](https://developer.okta.com/docs/api/#operators)."
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "filter"
+ },
+ {
+ "name": "query_user_search",
+ "required": false,
+ "description": "Retrieve users by matching queries against firstName, lastName, or email. Omits `DEPROVISIONED` users.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Finds users who match the specified query. This doesn't support pagination.\n\n> **Note:** For optimal performance, use the `search` parameter instead.\n\nUse the `q` parameter for simple queries, such as a lookup of users by name when creating a people picker.\n\nThe value of `q` is matched against `firstName`, `lastName`, or `email`. This performs a `startsWith` match, but this is an implementation detail and can change without notice. You don't need to specify `firstName`, `lastName`, or `email`.\n\n> **Note:** Using the `q` parameter in a request omits users that have a status of `DEPROVISIONED`. To return all users, use a filter or search query instead."
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "q"
+ },
+ {
+ "name": "pagination_cursor",
+ "required": false,
+ "description": "An opaque string used as a cursor for pagination to specify the current location in the user list.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "The cursor to use for pagination. It is an opaque string that specifies your current location in the list and is obtained from the `Link` response header. See [Pagination](https://developer.okta.com/docs/api/#pagination)."
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "after"
+ },
+ {
+ "name": "result_limit",
+ "required": false,
+ "description": "Specifies the number of user records to return. Defaults to 10 if `q` is provided.",
+ "value_schema": {
+ "val_type": "integer",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Specifies the number of results returned. Defaults to 10 if `q` is provided."
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "limit"
+ },
+ {
+ "name": "sort_users_by_field",
+ "required": false,
+ "description": "Specify the field to sort users by. Use for search queries only. Example: `profile.lastName`. Users with the same value will be ordered by `id`.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Specifies field to sort by (for search queries only). This can be any single property, for example `sortBy=profile.lastName`. Users with the same value for the `sortBy` property will be ordered by `id`."
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "sortBy"
+ },
+ {
+ "name": "sort_order",
+ "required": false,
+ "description": "Specifies the sort order for user listing, either 'asc' for ascending or 'desc' for descending. This is relevant only when 'sort_by' is used.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Specifies the sort order: `asc` or `desc` (for search queries only). Sorting is done in ASCII sort order (that is, by ASCII character value), but isn't case sensitive. `sortOrder` is ignored if `sortBy` isn't present."
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "sortOrder"
+ },
+ {
+ "name": "include_metadata_classification",
+ "required": false,
+ "description": "Include metadata in the `_embedded` property to retrieve user classification details. Supported value: `classification`.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "A parameter to include metadata in the `_embedded` property. Supported value: `classification`."
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "expand"
+ },
+ {
+ "name": "response_media_type",
+ "required": false,
+ "description": "Specifies the media type of the resource with optional `okta-response` values for performance optimization. Enum values are `omitCredentials`, `omitCredentialsLinks`, and `omitTransitioningToStatus`.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Specifies the media type of the resource. Optional `okta-response` value can be included for performance optimization.\n\nComplex DelAuth configurations may degrade performance when fetching specific parts of the response, and passing this parameter can omit these parts, bypassing the bottleneck.\n\nEnum values for `okta-response`:\n * `omitCredentials`: Omits the credentials subobject from the response.\n * `omitCredentialsLinks`: Omits the following HAL links from the response: Update password, Change recovery question, Start forgot password flow, Reset password, Reset factors, Unlock.\n * `omitTransitioningToStatus`: Omits the `transitioningToStatus` field from the response."
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "Content-Type"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'listUsers'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.users.read"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/users",
+ "http_method": "GET",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "search",
+ "tool_parameter_name": "user_search_query",
+ "description": "Searches for users with a supported filtering expression for most properties. Okta recommends using this parameter for optimal search performance. \n\n> **Note:** Using an overly complex or long search query can result in an error.\n\nThis operation supports [pagination](https://developer.okta.com/docs/api/#pagination). Use an ID lookup for records that you update to ensure your results contain the latest data. Returned users include those with the `DEPROVISIONED` status.\n\nProperty names in the search parameter are case sensitive, whereas operators (`eq`, `sw`, and so on) and string values are case insensitive. Unlike with user logins, diacritical marks are significant in search string values: a search for `isaac.brock` finds `Isaac.Brock`, but doesn't find a property whose value is `is\u00e1\u00e0c.br\u00f6ck`. \n\nThis operation requires [URL encoding](https://developer.mozilla.org/en-US/docs/Glossary/Percent-encoding). For example, `search=profile.department eq \"Engineering\"` is encoded as `search=profile.department%20eq%20%22Engineering%22`. If you use the special character `\"` within a quoted string, it must also be escaped `\\` and encoded. For example, `search=profile.lastName eq \"bob\"smith\"` is encoded as `search=profile.lastName%20eq%20%22bob%5C%22smith%22`. See [Special Characters](https://developer.okta.com/docs/api/#special-characters).\n\nThis operation searches many properties:\n * Any user profile attribute, including custom-defined attributes\n * The top-level properties: `id`, `status`, `created`, `activated`, `statusChanged`, and `lastUpdated`\n * The [user type](https://developer.okta.com/docs/api/openapi/okta-management/management/tag/UserType/#tag/UserType/operation/updateUserType) accessed as `type.id`\n\n> **Note:** The ability to search by user classification is available as an [Early Access](https://developer.okta.com/docs/api/openapi/okta-management/guides/release-lifecycle/#early-access-ea) feature. The `classification.type` property cannot be used in conjunction with other search terms. You can search using `classification.type eq \"LITE\"` or `classification.type eq \"STANDARD\"`.\n\nYou can also use `sortBy` and `sortOrder` parameters. The `ne` (not equal) operator isn't supported, but you can obtain the same result by using `lt ... or ... gt`. For example, to see all users except those that have a status of `STAGED`, use `(status lt \"STAGED\" or status gt \"STAGED\")`.\n\nYou can search properties that are arrays. If any element matches the search term, the entire array (object) is returned. Okta follows the [SCIM Protocol Specification](https://tools.ietf.org/html/rfc7644#section-3.4.2.2) for searching arrays. You can search multiple arrays, multiple values in an array, as well as using the standard logical and filtering operators. See [Filter](https://developer.okta.com/docs/reference/core-okta-api/#filter).\n\nSearches for users can be filtered by the following operators: `sw`, `eq`, and `co`. You can only use `co` with these select user profile attributes: `profile.firstName`, `profile.lastName`, `profile.email`, and `profile.login`. See [Operators](https://developer.okta.com/docs/api/#operators).",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Searches for users with a supported filtering expression for most properties. Okta recommends using this parameter for optimal search performance. \n\n> **Note:** Using an overly complex or long search query can result in an error.\n\nThis operation supports [pagination](https://developer.okta.com/docs/api/#pagination). Use an ID lookup for records that you update to ensure your results contain the latest data. Returned users include those with the `DEPROVISIONED` status.\n\nProperty names in the search parameter are case sensitive, whereas operators (`eq`, `sw`, and so on) and string values are case insensitive. Unlike with user logins, diacritical marks are significant in search string values: a search for `isaac.brock` finds `Isaac.Brock`, but doesn't find a property whose value is `is\u00e1\u00e0c.br\u00f6ck`. \n\nThis operation requires [URL encoding](https://developer.mozilla.org/en-US/docs/Glossary/Percent-encoding). For example, `search=profile.department eq \"Engineering\"` is encoded as `search=profile.department%20eq%20%22Engineering%22`. If you use the special character `\"` within a quoted string, it must also be escaped `\\` and encoded. For example, `search=profile.lastName eq \"bob\"smith\"` is encoded as `search=profile.lastName%20eq%20%22bob%5C%22smith%22`. See [Special Characters](https://developer.okta.com/docs/api/#special-characters).\n\nThis operation searches many properties:\n * Any user profile attribute, including custom-defined attributes\n * The top-level properties: `id`, `status`, `created`, `activated`, `statusChanged`, and `lastUpdated`\n * The [user type](https://developer.okta.com/docs/api/openapi/okta-management/management/tag/UserType/#tag/UserType/operation/updateUserType) accessed as `type.id`\n\n> **Note:** The ability to search by user classification is available as an [Early Access](https://developer.okta.com/docs/api/openapi/okta-management/guides/release-lifecycle/#early-access-ea) feature. The `classification.type` property cannot be used in conjunction with other search terms. You can search using `classification.type eq \"LITE\"` or `classification.type eq \"STANDARD\"`.\n\nYou can also use `sortBy` and `sortOrder` parameters. The `ne` (not equal) operator isn't supported, but you can obtain the same result by using `lt ... or ... gt`. For example, to see all users except those that have a status of `STAGED`, use `(status lt \"STAGED\" or status gt \"STAGED\")`.\n\nYou can search properties that are arrays. If any element matches the search term, the entire array (object) is returned. Okta follows the [SCIM Protocol Specification](https://tools.ietf.org/html/rfc7644#section-3.4.2.2) for searching arrays. You can search multiple arrays, multiple values in an array, as well as using the standard logical and filtering operators. See [Filter](https://developer.okta.com/docs/reference/core-okta-api/#filter).\n\nSearches for users can be filtered by the following operators: `sw`, `eq`, and `co`. You can only use `co` with these select user profile attributes: `profile.firstName`, `profile.lastName`, `profile.email`, and `profile.login`. See [Operators](https://developer.okta.com/docs/api/#operators)."
+ },
+ "accepted_as": "query",
+ "required": false,
+ "deprecated": false,
+ "documentation_urls": []
+ },
+ {
+ "name": "filter",
+ "tool_parameter_name": "filter_expression",
+ "description": "Filters users with a supported expression for a subset of properties. \n\n> **Note:** Returned users include those with the `DEPROVISIONED` status.\n\nThis requires [URL encoding](https://developer.mozilla.org/en-US/docs/Glossary/Percent-encoding). For example, `filter=lastUpdated gt \"2013-06-01T00:00:00.000Z\"` is encoded as `filter=lastUpdated%20gt%20%222013-06-01T00:00:00.000Z%22`. Filtering is case-sensitive for property names and query values, while operators are case-insensitive.\n\nFiltering supports the following limited number of properties: `status`, `lastUpdated`, `id`, `profile.login`, `profile.email`, `profile.firstName`, and `profile.lastName`.\n\nAdditionally, filtering supports only the equal `eq` operator from the standard Okta API filtering semantics, except in the case of the `lastUpdated` property. This property can also use the inequality operators (`gt`, `ge`, `lt`, and `le`). For logical operators, only the logical operators `and` and `or` are supported. The `not` operator isn't supported. See [Filter](https://developer.okta.com/docs/api/#filter) and [Operators](https://developer.okta.com/docs/api/#operators).",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Filters users with a supported expression for a subset of properties. \n\n> **Note:** Returned users include those with the `DEPROVISIONED` status.\n\nThis requires [URL encoding](https://developer.mozilla.org/en-US/docs/Glossary/Percent-encoding). For example, `filter=lastUpdated gt \"2013-06-01T00:00:00.000Z\"` is encoded as `filter=lastUpdated%20gt%20%222013-06-01T00:00:00.000Z%22`. Filtering is case-sensitive for property names and query values, while operators are case-insensitive.\n\nFiltering supports the following limited number of properties: `status`, `lastUpdated`, `id`, `profile.login`, `profile.email`, `profile.firstName`, and `profile.lastName`.\n\nAdditionally, filtering supports only the equal `eq` operator from the standard Okta API filtering semantics, except in the case of the `lastUpdated` property. This property can also use the inequality operators (`gt`, `ge`, `lt`, and `le`). For logical operators, only the logical operators `and` and `or` are supported. The `not` operator isn't supported. See [Filter](https://developer.okta.com/docs/api/#filter) and [Operators](https://developer.okta.com/docs/api/#operators)."
+ },
+ "accepted_as": "query",
+ "required": false,
+ "deprecated": false,
+ "documentation_urls": []
+ },
+ {
+ "name": "q",
+ "tool_parameter_name": "query_user_search",
+ "description": "Finds users who match the specified query. This doesn't support pagination.\n\n> **Note:** For optimal performance, use the `search` parameter instead.\n\nUse the `q` parameter for simple queries, such as a lookup of users by name when creating a people picker.\n\nThe value of `q` is matched against `firstName`, `lastName`, or `email`. This performs a `startsWith` match, but this is an implementation detail and can change without notice. You don't need to specify `firstName`, `lastName`, or `email`.\n\n> **Note:** Using the `q` parameter in a request omits users that have a status of `DEPROVISIONED`. To return all users, use a filter or search query instead.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Finds users who match the specified query. This doesn't support pagination.\n\n> **Note:** For optimal performance, use the `search` parameter instead.\n\nUse the `q` parameter for simple queries, such as a lookup of users by name when creating a people picker.\n\nThe value of `q` is matched against `firstName`, `lastName`, or `email`. This performs a `startsWith` match, but this is an implementation detail and can change without notice. You don't need to specify `firstName`, `lastName`, or `email`.\n\n> **Note:** Using the `q` parameter in a request omits users that have a status of `DEPROVISIONED`. To return all users, use a filter or search query instead."
+ },
+ "accepted_as": "query",
+ "required": false,
+ "deprecated": false,
+ "documentation_urls": []
+ },
+ {
+ "name": "after",
+ "tool_parameter_name": "pagination_cursor",
+ "description": "The cursor to use for pagination. It is an opaque string that specifies your current location in the list and is obtained from the `Link` response header. See [Pagination](https://developer.okta.com/docs/api/#pagination).",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "The cursor to use for pagination. It is an opaque string that specifies your current location in the list and is obtained from the `Link` response header. See [Pagination](https://developer.okta.com/docs/api/#pagination)."
+ },
+ "accepted_as": "query",
+ "required": false,
+ "deprecated": false,
+ "documentation_urls": []
+ },
+ {
+ "name": "limit",
+ "tool_parameter_name": "result_limit",
+ "description": "Specifies the number of results returned. Defaults to 10 if `q` is provided.",
+ "value_schema": {
+ "val_type": "integer",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Specifies the number of results returned. Defaults to 10 if `q` is provided."
+ },
+ "accepted_as": "query",
+ "required": false,
+ "deprecated": false,
+ "documentation_urls": []
+ },
+ {
+ "name": "sortBy",
+ "tool_parameter_name": "sort_users_by_field",
+ "description": "Specifies field to sort by (for search queries only). This can be any single property, for example `sortBy=profile.lastName`. Users with the same value for the `sortBy` property will be ordered by `id`.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Specifies field to sort by (for search queries only). This can be any single property, for example `sortBy=profile.lastName`. Users with the same value for the `sortBy` property will be ordered by `id`."
+ },
+ "accepted_as": "query",
+ "required": false,
+ "deprecated": false,
+ "documentation_urls": []
+ },
+ {
+ "name": "sortOrder",
+ "tool_parameter_name": "sort_order",
+ "description": "Specifies the sort order: `asc` or `desc` (for search queries only). Sorting is done in ASCII sort order (that is, by ASCII character value), but isn't case sensitive. `sortOrder` is ignored if `sortBy` isn't present.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Specifies the sort order: `asc` or `desc` (for search queries only). Sorting is done in ASCII sort order (that is, by ASCII character value), but isn't case sensitive. `sortOrder` is ignored if `sortBy` isn't present."
+ },
+ "accepted_as": "query",
+ "required": false,
+ "deprecated": false,
+ "documentation_urls": []
+ },
+ {
+ "name": "expand",
+ "tool_parameter_name": "include_metadata_classification",
+ "description": "A parameter to include metadata in the `_embedded` property. Supported value: `classification`.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "A parameter to include metadata in the `_embedded` property. Supported value: `classification`."
+ },
+ "accepted_as": "query",
+ "required": false,
+ "deprecated": false,
+ "documentation_urls": []
+ },
+ {
+ "name": "Content-Type",
+ "tool_parameter_name": "response_media_type",
+ "description": "Specifies the media type of the resource. Optional `okta-response` value can be included for performance optimization.\n\nComplex DelAuth configurations may degrade performance when fetching specific parts of the response, and passing this parameter can omit these parts, bypassing the bottleneck.\n\nEnum values for `okta-response`:\n * `omitCredentials`: Omits the credentials subobject from the response.\n * `omitCredentialsLinks`: Omits the following HAL links from the response: Update password, Change recovery question, Start forgot password flow, Reset password, Reset factors, Unlock.\n * `omitTransitioningToStatus`: Omits the `transitioningToStatus` field from the response.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Specifies the media type of the resource. Optional `okta-response` value can be included for performance optimization.\n\nComplex DelAuth configurations may degrade performance when fetching specific parts of the response, and passing this parameter can omit these parts, bypassing the bottleneck.\n\nEnum values for `okta-response`:\n * `omitCredentials`: Omits the credentials subobject from the response.\n * `omitCredentialsLinks`: Omits the following HAL links from the response: Update password, Change recovery question, Start forgot password flow, Reset password, Reset factors, Unlock.\n * `omitTransitioningToStatus`: Omits the `transitioningToStatus` field from the response."
+ },
+ "accepted_as": "header",
+ "required": false,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/ListPoliciesByType.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/ListPoliciesByType.json
new file mode 100644
index 000000000..68d5dfa56
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/ListPoliciesByType.json
@@ -0,0 +1,349 @@
+{
+ "name": "ListPoliciesByType",
+ "fully_qualified_name": "OktaApi.ListPoliciesByType@0.1.0",
+ "description": "Lists all policies of a specified type.\n\nUse this tool to retrieve a list of policies filtered by a specified type. It is useful for managing or reviewing specific policy sets within the Okta platform.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "policy_type",
+ "required": true,
+ "description": "Specifies the type of policy to return. Available types include `OKTA_SIGN_ON`, `PASSWORD`, `MFA_ENROLL`, `IDP_DISCOVERY`, and those exclusive to Okta Identity Engine like `ACCESS_POLICY`, `DEVICE_SIGNAL_COLLECTION`, `PROFILE_ENROLLMENT`, `POST_AUTH_SESSION`, and `ENTITY_RISK`.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": [
+ "OKTA_SIGN_ON",
+ "PASSWORD",
+ "MFA_ENROLL",
+ "IDP_DISCOVERY",
+ "ACCESS_POLICY",
+ "DEVICE_SIGNAL_COLLECTION",
+ "PROFILE_ENROLLMENT",
+ "POST_AUTH_SESSION",
+ "ENTITY_RISK"
+ ],
+ "properties": null,
+ "inner_properties": null,
+ "description": "Specifies the type of policy to return. The following policy types are available only with the Okta Identity Engine - `ACCESS_POLICY`, `DEVICE_SIGNAL_COLLECTION`, `PROFILE_ENROLLMENT`, `POST_AUTH_SESSION`, and `ENTITY_RISK`."
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "type"
+ },
+ {
+ "name": "filter_by_policy_status",
+ "required": false,
+ "description": "Filter policies by their status. Acceptable values are `ACTIVE` or `INACTIVE`.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Refines the query by the `status` of the policy - `ACTIVE` or `INACTIVE`"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "status"
+ },
+ {
+ "name": "policy_name_prefix_query",
+ "required": false,
+ "description": "Refines the query by specifying the prefix of the policy name using the startWith method.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Refines the query by policy name prefix (startWith method) passed in as `q=string`"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "q"
+ },
+ {
+ "name": "expand_policy_details",
+ "required": false,
+ "description": "Determines if additional policy details should be included in the response.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": ""
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "expand"
+ },
+ {
+ "name": "sort_policies_by_name",
+ "required": false,
+ "description": "Set to refine the query by sorting policies based on their names in ascending order.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Refines the query by sorting on the policy `name` in ascending order"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "sortBy"
+ },
+ {
+ "name": "max_policies_to_return",
+ "required": false,
+ "description": "Specifies the maximum number of policies to return. Use this for controlling pagination size.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Defines the number of policies returned, see [Pagination](https://developer.okta.com/docs/api/#pagination)"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "limit"
+ },
+ {
+ "name": "authorization_server_reference",
+ "required": false,
+ "description": "Reference ID for the associated authorization server to filter policies.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Reference to the associated authorization server"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "resourceId"
+ },
+ {
+ "name": "pagination_end_cursor",
+ "required": false,
+ "description": "End page cursor for pagination. Use to retrieve the next set of results in a paginated list.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "End page cursor for pagination, see [Pagination](https://developer.okta.com/docs/api/#pagination)"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "after"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'listPolicies'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.policies.read"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/policies",
+ "http_method": "GET",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "type",
+ "tool_parameter_name": "policy_type",
+ "description": "Specifies the type of policy to return. The following policy types are available only with the Okta Identity Engine - `ACCESS_POLICY`, `DEVICE_SIGNAL_COLLECTION`, `PROFILE_ENROLLMENT`, `POST_AUTH_SESSION`, and `ENTITY_RISK`.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": [
+ "OKTA_SIGN_ON",
+ "PASSWORD",
+ "MFA_ENROLL",
+ "IDP_DISCOVERY",
+ "ACCESS_POLICY",
+ "DEVICE_SIGNAL_COLLECTION",
+ "PROFILE_ENROLLMENT",
+ "POST_AUTH_SESSION",
+ "ENTITY_RISK"
+ ],
+ "properties": null,
+ "inner_properties": null,
+ "description": "Specifies the type of policy to return. The following policy types are available only with the Okta Identity Engine - `ACCESS_POLICY`, `DEVICE_SIGNAL_COLLECTION`, `PROFILE_ENROLLMENT`, `POST_AUTH_SESSION`, and `ENTITY_RISK`."
+ },
+ "accepted_as": "query",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ },
+ {
+ "name": "status",
+ "tool_parameter_name": "filter_by_policy_status",
+ "description": "Refines the query by the `status` of the policy - `ACTIVE` or `INACTIVE`",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Refines the query by the `status` of the policy - `ACTIVE` or `INACTIVE`"
+ },
+ "accepted_as": "query",
+ "required": false,
+ "deprecated": false,
+ "documentation_urls": []
+ },
+ {
+ "name": "q",
+ "tool_parameter_name": "policy_name_prefix_query",
+ "description": "Refines the query by policy name prefix (startWith method) passed in as `q=string`",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Refines the query by policy name prefix (startWith method) passed in as `q=string`"
+ },
+ "accepted_as": "query",
+ "required": false,
+ "deprecated": false,
+ "documentation_urls": []
+ },
+ {
+ "name": "expand",
+ "tool_parameter_name": "expand_policy_details",
+ "description": "",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": ""
+ },
+ "accepted_as": "query",
+ "required": false,
+ "deprecated": false,
+ "documentation_urls": []
+ },
+ {
+ "name": "sortBy",
+ "tool_parameter_name": "sort_policies_by_name",
+ "description": "Refines the query by sorting on the policy `name` in ascending order",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Refines the query by sorting on the policy `name` in ascending order"
+ },
+ "accepted_as": "query",
+ "required": false,
+ "deprecated": false,
+ "documentation_urls": []
+ },
+ {
+ "name": "limit",
+ "tool_parameter_name": "max_policies_to_return",
+ "description": "Defines the number of policies returned, see [Pagination](https://developer.okta.com/docs/api/#pagination)",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Defines the number of policies returned, see [Pagination](https://developer.okta.com/docs/api/#pagination)"
+ },
+ "accepted_as": "query",
+ "required": false,
+ "deprecated": false,
+ "documentation_urls": []
+ },
+ {
+ "name": "resourceId",
+ "tool_parameter_name": "authorization_server_reference",
+ "description": "Reference to the associated authorization server",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Reference to the associated authorization server"
+ },
+ "accepted_as": "query",
+ "required": false,
+ "deprecated": false,
+ "documentation_urls": []
+ },
+ {
+ "name": "after",
+ "tool_parameter_name": "pagination_end_cursor",
+ "description": "End page cursor for pagination, see [Pagination](https://developer.okta.com/docs/api/#pagination)",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "End page cursor for pagination, see [Pagination](https://developer.okta.com/docs/api/#pagination)"
+ },
+ "accepted_as": "query",
+ "required": false,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/ListPolicyMappings.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/ListPolicyMappings.json
new file mode 100644
index 000000000..da7e155a2
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/ListPolicyMappings.json
@@ -0,0 +1,105 @@
+{
+ "name": "ListPolicyMappings",
+ "fully_qualified_name": "OktaApi.ListPolicyMappings@0.1.0",
+ "description": "Retrieve resources mapped to a specific policy using its ID.\n\nUse this tool to obtain a list of all resources that are associated with a given policy, identified by its `policyId`. This can be helpful for auditing and managing policy resource links.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "policy_id",
+ "required": true,
+ "description": "The unique `id` of the policy to list its mapped resources.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "`id` of the Policy"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "policyId"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'listPolicyMappings'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.policies.read"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/policies/{policyId}/mappings",
+ "http_method": "GET",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "policyId",
+ "tool_parameter_name": "policy_id",
+ "description": "`id` of the Policy",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "`id` of the Policy"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/ListPolicyRules.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/ListPolicyRules.json
new file mode 100644
index 000000000..5bf7dd4cc
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/ListPolicyRules.json
@@ -0,0 +1,137 @@
+{
+ "name": "ListPolicyRules",
+ "fully_qualified_name": "OktaApi.ListPolicyRules@0.1.0",
+ "description": "Retrieve all rules for a specified Okta policy.\n\nCall this tool to fetch all the policy rules associated with a specific Okta policy. Useful for managing policy configurations and understanding rule details.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "policy_id",
+ "required": true,
+ "description": "The unique `id` of the Okta policy to retrieve rules for.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "`id` of the Policy"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "policyId"
+ },
+ {
+ "name": "number_of_policy_rules",
+ "required": false,
+ "description": "Defines the maximum number of policy rules to return. Refer to Okta's pagination guidelines for more information.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Defines the number of policy rules returned. See [Pagination](https://developer.okta.com/docs/api/#pagination)."
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "limit"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'listPolicyRules'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.policies.read"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/policies/{policyId}/rules",
+ "http_method": "GET",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "limit",
+ "tool_parameter_name": "number_of_policy_rules",
+ "description": "Defines the number of policy rules returned. See [Pagination](https://developer.okta.com/docs/api/#pagination).",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Defines the number of policy rules returned. See [Pagination](https://developer.okta.com/docs/api/#pagination)."
+ },
+ "accepted_as": "query",
+ "required": false,
+ "deprecated": false,
+ "documentation_urls": []
+ },
+ {
+ "name": "policyId",
+ "tool_parameter_name": "policy_id",
+ "description": "`id` of the Policy",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "`id` of the Policy"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/ListPrincipalRateLimitEntities.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/ListPrincipalRateLimitEntities.json
new file mode 100644
index 000000000..d5613762a
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/ListPrincipalRateLimitEntities.json
@@ -0,0 +1,169 @@
+{
+ "name": "ListPrincipalRateLimitEntities",
+ "fully_qualified_name": "OktaApi.ListPrincipalRateLimitEntities@0.1.0",
+ "description": "Retrieve all Principal Rate Limit entities.\n\nThis tool lists all Principal Rate Limit entities considering the provided parameters, helping to manage and monitor rate limits effectively.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "principal_type_filter",
+ "required": true,
+ "description": "Filters the list by principal type, e.g., `SSWS_TOKEN` or `OAUTH_CLIENT`.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Filters the list of principal rate limit entities by the provided principal type (`principalType`). For example,\n`filter=principalType eq \"SSWS_TOKEN\"` or `filter=principalType eq \"OAUTH_CLIENT\"`."
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "filter"
+ },
+ {
+ "name": "pagination_cursor",
+ "required": false,
+ "description": "The cursor for pagination, an opaque string specifying current location in the list, obtained from the `Link` response header.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "The cursor to use for pagination. It's an opaque string that specifies your current location in the list and is obtained from the `Link` response header. See [Pagination](https://developer.okta.com/docs/api/#pagination)."
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "after"
+ },
+ {
+ "name": "page_size",
+ "required": false,
+ "description": "The number of items to return in a single response page.",
+ "value_schema": {
+ "val_type": "integer",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Specifies the number of items to return in a single response page."
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "limit"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'listPrincipalRateLimitEntities'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.principalRateLimits.read"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/principal-rate-limits",
+ "http_method": "GET",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "filter",
+ "tool_parameter_name": "principal_type_filter",
+ "description": "Filters the list of principal rate limit entities by the provided principal type (`principalType`). For example,\n`filter=principalType eq \"SSWS_TOKEN\"` or `filter=principalType eq \"OAUTH_CLIENT\"`.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Filters the list of principal rate limit entities by the provided principal type (`principalType`). For example,\n`filter=principalType eq \"SSWS_TOKEN\"` or `filter=principalType eq \"OAUTH_CLIENT\"`."
+ },
+ "accepted_as": "query",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ },
+ {
+ "name": "after",
+ "tool_parameter_name": "pagination_cursor",
+ "description": "The cursor to use for pagination. It's an opaque string that specifies your current location in the list and is obtained from the `Link` response header. See [Pagination](https://developer.okta.com/docs/api/#pagination).",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "The cursor to use for pagination. It's an opaque string that specifies your current location in the list and is obtained from the `Link` response header. See [Pagination](https://developer.okta.com/docs/api/#pagination)."
+ },
+ "accepted_as": "query",
+ "required": false,
+ "deprecated": false,
+ "documentation_urls": []
+ },
+ {
+ "name": "limit",
+ "tool_parameter_name": "page_size",
+ "description": "Specifies the number of items to return in a single response page.",
+ "value_schema": {
+ "val_type": "integer",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Specifies the number of items to return in a single response page."
+ },
+ "accepted_as": "query",
+ "required": false,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/ListProfileMappings.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/ListProfileMappings.json
new file mode 100644
index 000000000..4675824cf
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/ListProfileMappings.json
@@ -0,0 +1,201 @@
+{
+ "name": "ListProfileMappings",
+ "fully_qualified_name": "OktaApi.ListProfileMappings@0.1.0",
+ "description": "Retrieve all profile mappings in your Okta organization.\n\nUse this tool to list all profile mappings available in your Okta organization. It supports pagination and can filter results by `sourceId` and/or `targetId`. This helps users understand how properties map between Okta user profiles and app user profiles.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "pagination_cursor_after",
+ "required": false,
+ "description": "Mapping ID for pagination cursor to fetch the next page of profile mappings.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Mapping `id` that specifies the pagination cursor for the next page of mappings"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "after"
+ },
+ {
+ "name": "results_per_page",
+ "required": false,
+ "description": "Number of profile mappings to return per page, used for pagination.",
+ "value_schema": {
+ "val_type": "integer",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Specifies the number of results per page"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "limit"
+ },
+ {
+ "name": "source_id",
+ "required": false,
+ "description": "The user type or app instance ID acting as the source for the mappings. Filters results by this ID.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "The user type or app instance ID that acts as the source of expressions in a mapping. If this parameter is included, all returned mappings have this as their `source.id`."
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "sourceId"
+ },
+ {
+ "name": "target_id",
+ "required": false,
+ "description": "The user type or app instance ID to be used as the target for expressions in a mapping. Filters returned mappings to have this as their `target.id`.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "The user type or app instance ID that acts as the target of expressions in a mapping. If this parameter is included, all returned mappings have this as their `target.id`."
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "targetId"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'listProfileMappings'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.profileMappings.read"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/mappings",
+ "http_method": "GET",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "after",
+ "tool_parameter_name": "pagination_cursor_after",
+ "description": "Mapping `id` that specifies the pagination cursor for the next page of mappings",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Mapping `id` that specifies the pagination cursor for the next page of mappings"
+ },
+ "accepted_as": "query",
+ "required": false,
+ "deprecated": false,
+ "documentation_urls": []
+ },
+ {
+ "name": "limit",
+ "tool_parameter_name": "results_per_page",
+ "description": "Specifies the number of results per page",
+ "value_schema": {
+ "val_type": "integer",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Specifies the number of results per page"
+ },
+ "accepted_as": "query",
+ "required": false,
+ "deprecated": false,
+ "documentation_urls": []
+ },
+ {
+ "name": "sourceId",
+ "tool_parameter_name": "source_id",
+ "description": "The user type or app instance ID that acts as the source of expressions in a mapping. If this parameter is included, all returned mappings have this as their `source.id`.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "The user type or app instance ID that acts as the source of expressions in a mapping. If this parameter is included, all returned mappings have this as their `source.id`."
+ },
+ "accepted_as": "query",
+ "required": false,
+ "deprecated": false,
+ "documentation_urls": []
+ },
+ {
+ "name": "targetId",
+ "tool_parameter_name": "target_id",
+ "description": "The user type or app instance ID that acts as the target of expressions in a mapping. If this parameter is included, all returned mappings have this as their `target.id`.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "The user type or app instance ID that acts as the target of expressions in a mapping. If this parameter is included, all returned mappings have this as their `target.id`."
+ },
+ "accepted_as": "query",
+ "required": false,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/ListPublicKeys.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/ListPublicKeys.json
new file mode 100644
index 000000000..eff93dcd3
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/ListPublicKeys.json
@@ -0,0 +1,105 @@
+{
+ "name": "ListPublicKeys",
+ "fully_qualified_name": "OktaApi.ListPublicKeys@0.1.0",
+ "description": "Retrieve public keys for the custom authorization server.\n\nThis tool retrieves all public keys used by a specified custom authorization server for OAuth2. Use it when you need to verify JWTs or manage security keys for your authorization server.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "authorization_server_id",
+ "required": true,
+ "description": "The unique identifier of the authorization server for which public keys are requested.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "`id` of the Authorization Server"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "authServerId"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'listOAuth2ResourceServerJsonWebKeys'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.authorizationServers.read"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/authorizationServers/{authServerId}/resourceservercredentials/keys",
+ "http_method": "GET",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "authServerId",
+ "tool_parameter_name": "authorization_server_id",
+ "description": "`id` of the Authorization Server",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "`id` of the Authorization Server"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/ListPushProviders.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/ListPushProviders.json
new file mode 100644
index 000000000..9d40e853c
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/ListPushProviders.json
@@ -0,0 +1,111 @@
+{
+ "name": "ListPushProviders",
+ "fully_qualified_name": "OktaApi.ListPushProviders@0.1.0",
+ "description": "Retrieve a list of all push providers.\n\nThis tool should be called when there's a need to obtain information about all available push providers. It returns a list detailing each provider.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "provider_type_filter",
+ "required": false,
+ "description": "Filters push providers by `providerType`. Possible values are 'APNS' and 'FCM'.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": [
+ "APNS",
+ "FCM"
+ ],
+ "properties": null,
+ "inner_properties": null,
+ "description": "Filters push providers by `providerType`"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "type"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'listPushProviders'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.pushProviders.read"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/push-providers",
+ "http_method": "GET",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "type",
+ "tool_parameter_name": "provider_type_filter",
+ "description": "Filters push providers by `providerType`",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": [
+ "APNS",
+ "FCM"
+ ],
+ "properties": null,
+ "inner_properties": null,
+ "description": "Filters push providers by `providerType`"
+ },
+ "accepted_as": "query",
+ "required": false,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/ListRealmAssignmentOperations.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/ListRealmAssignmentOperations.json
new file mode 100644
index 000000000..4e014f736
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/ListRealmAssignmentOperations.json
@@ -0,0 +1,137 @@
+{
+ "name": "ListRealmAssignmentOperations",
+ "fully_qualified_name": "OktaApi.ListRealmAssignmentOperations@0.1.0",
+ "description": "Retrieve a list of realm assignment operations.\n\nThis tool lists all realm assignment operations, with a limit of 200, sorted from most recent to oldest by ID.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "return_limit",
+ "required": false,
+ "description": "The maximum number of realm assignment operations to return. The upper limit is 200.",
+ "value_schema": {
+ "val_type": "integer",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "A limit on the number of objects to return"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "limit"
+ },
+ {
+ "name": "pagination_cursor",
+ "required": false,
+ "description": "The cursor for pagination. An opaque string from the `Link` response header indicating the current list position.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "The cursor to use for pagination. It is an opaque string that specifies your current location in the list and is obtained from the `Link` response header. See [Pagination](https://developer.okta.com/docs/api/#pagination)."
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "after"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'listRealmAssignmentOperations'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.realmAssignments.read"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/realm-assignments/operations",
+ "http_method": "GET",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "limit",
+ "tool_parameter_name": "return_limit",
+ "description": "A limit on the number of objects to return",
+ "value_schema": {
+ "val_type": "integer",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "A limit on the number of objects to return"
+ },
+ "accepted_as": "query",
+ "required": false,
+ "deprecated": false,
+ "documentation_urls": []
+ },
+ {
+ "name": "after",
+ "tool_parameter_name": "pagination_cursor",
+ "description": "The cursor to use for pagination. It is an opaque string that specifies your current location in the list and is obtained from the `Link` response header. See [Pagination](https://developer.okta.com/docs/api/#pagination).",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "The cursor to use for pagination. It is an opaque string that specifies your current location in the list and is obtained from the `Link` response header. See [Pagination](https://developer.okta.com/docs/api/#pagination)."
+ },
+ "accepted_as": "query",
+ "required": false,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/ListRealmAssignments.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/ListRealmAssignments.json
new file mode 100644
index 000000000..d236748d4
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/ListRealmAssignments.json
@@ -0,0 +1,137 @@
+{
+ "name": "ListRealmAssignments",
+ "fully_qualified_name": "OktaApi.ListRealmAssignments@0.1.0",
+ "description": "Retrieve all realm assignments from Okta.\n\nUse this tool to list all realm assignments in Okta. It is helpful for managing and reviewing current realm assignments.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "max_results",
+ "required": false,
+ "description": "The maximum number of realm assignments to return.",
+ "value_schema": {
+ "val_type": "integer",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "A limit on the number of objects to return"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "limit"
+ },
+ {
+ "name": "pagination_cursor",
+ "required": false,
+ "description": "The cursor for pagination to continue listing from the last fetched realm assignment.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "The cursor used for pagination. It represents the priority of the last realm assignment returned in the previous fetch operation."
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "after"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'listRealmAssignments'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.realmAssignments.read"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/realm-assignments",
+ "http_method": "GET",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "limit",
+ "tool_parameter_name": "max_results",
+ "description": "A limit on the number of objects to return",
+ "value_schema": {
+ "val_type": "integer",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "A limit on the number of objects to return"
+ },
+ "accepted_as": "query",
+ "required": false,
+ "deprecated": false,
+ "documentation_urls": []
+ },
+ {
+ "name": "after",
+ "tool_parameter_name": "pagination_cursor",
+ "description": "The cursor used for pagination. It represents the priority of the last realm assignment returned in the previous fetch operation.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "The cursor used for pagination. It represents the priority of the last realm assignment returned in the previous fetch operation."
+ },
+ "accepted_as": "query",
+ "required": false,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/ListRealms.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/ListRealms.json
new file mode 100644
index 000000000..1dc6af78a
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/ListRealms.json
@@ -0,0 +1,233 @@
+{
+ "name": "ListRealms",
+ "fully_qualified_name": "OktaApi.ListRealms@0.1.0",
+ "description": "Retrieve a list of all Realms available.\n\nUse this tool to obtain a comprehensive list of all Realms from the service, providing essential information about the Realms configuration and availability.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "results_limit",
+ "required": false,
+ "description": "Specifies the number of results to return. Defaults to 10 when `search` is used.",
+ "value_schema": {
+ "val_type": "integer",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Specifies the number of results returned. Defaults to 10 if `search` is provided."
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "limit"
+ },
+ {
+ "name": "pagination_cursor",
+ "required": false,
+ "description": "The opaque string cursor for pagination, obtained from the `Link` response header to specify the current location in the list.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "The cursor to use for pagination. It is an opaque string that specifies your current location in the list and is obtained from the `Link` response header. See [Pagination](https://developer.okta.com/docs/api/#pagination)."
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "after"
+ },
+ {
+ "name": "search_expression",
+ "required": false,
+ "description": "Filter realms using the 'co' operator with 'profile.name'. Only supports searching by 'profile.name'.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Searches for realms with a supported filtering expression for most properties.\n\nSearches for realms can be filtered by the contains (`co`) operator. You can only use `co` with the `profile.name` property. See [Operators](https://developer.okta.com/docs/api/#operators)."
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "search"
+ },
+ {
+ "name": "sort_by_field",
+ "required": false,
+ "description": "Specifies the field to sort the search results by. Only applicable if `search` is used.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Specifies the field to sort by and can be any single property (for search queries only)"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "sortBy"
+ },
+ {
+ "name": "sort_order_for_search",
+ "required": false,
+ "description": "Specifies the sorting order as 'asc' or 'desc' when search queries are used. Ignored if 'sort_by' isn't present.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Specifies the sort order: `asc` or `desc` (for search queries only). This parameter is ignored if `sortBy` isn't present."
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "sortOrder"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'listRealms'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.realms.read"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/realms",
+ "http_method": "GET",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "limit",
+ "tool_parameter_name": "results_limit",
+ "description": "Specifies the number of results returned. Defaults to 10 if `search` is provided.",
+ "value_schema": {
+ "val_type": "integer",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Specifies the number of results returned. Defaults to 10 if `search` is provided."
+ },
+ "accepted_as": "query",
+ "required": false,
+ "deprecated": false,
+ "documentation_urls": []
+ },
+ {
+ "name": "after",
+ "tool_parameter_name": "pagination_cursor",
+ "description": "The cursor to use for pagination. It is an opaque string that specifies your current location in the list and is obtained from the `Link` response header. See [Pagination](https://developer.okta.com/docs/api/#pagination).",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "The cursor to use for pagination. It is an opaque string that specifies your current location in the list and is obtained from the `Link` response header. See [Pagination](https://developer.okta.com/docs/api/#pagination)."
+ },
+ "accepted_as": "query",
+ "required": false,
+ "deprecated": false,
+ "documentation_urls": []
+ },
+ {
+ "name": "search",
+ "tool_parameter_name": "search_expression",
+ "description": "Searches for realms with a supported filtering expression for most properties.\n\nSearches for realms can be filtered by the contains (`co`) operator. You can only use `co` with the `profile.name` property. See [Operators](https://developer.okta.com/docs/api/#operators).",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Searches for realms with a supported filtering expression for most properties.\n\nSearches for realms can be filtered by the contains (`co`) operator. You can only use `co` with the `profile.name` property. See [Operators](https://developer.okta.com/docs/api/#operators)."
+ },
+ "accepted_as": "query",
+ "required": false,
+ "deprecated": false,
+ "documentation_urls": []
+ },
+ {
+ "name": "sortBy",
+ "tool_parameter_name": "sort_by_field",
+ "description": "Specifies the field to sort by and can be any single property (for search queries only)",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Specifies the field to sort by and can be any single property (for search queries only)"
+ },
+ "accepted_as": "query",
+ "required": false,
+ "deprecated": false,
+ "documentation_urls": []
+ },
+ {
+ "name": "sortOrder",
+ "tool_parameter_name": "sort_order_for_search",
+ "description": "Specifies the sort order: `asc` or `desc` (for search queries only). This parameter is ignored if `sortBy` isn't present.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Specifies the sort order: `asc` or `desc` (for search queries only). This parameter is ignored if `sortBy` isn't present."
+ },
+ "accepted_as": "query",
+ "required": false,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/ListRefreshTokens.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/ListRefreshTokens.json
new file mode 100644
index 000000000..fe9468694
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/ListRefreshTokens.json
@@ -0,0 +1,233 @@
+{
+ "name": "ListRefreshTokens",
+ "fully_qualified_name": "OktaApi.ListRefreshTokens@0.1.0",
+ "description": "List refresh tokens for a specific client and authorization server.\n\nUse this tool to retrieve all refresh tokens issued by an authorization server for a particular client. Ideal for managing client access and monitoring tokens.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "authorization_server_id",
+ "required": true,
+ "description": "The unique identifier of the Authorization Server. Required to list tokens.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "`id` of the Authorization Server"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "authServerId"
+ },
+ {
+ "name": "client_application_id",
+ "required": true,
+ "description": "The ID of the client application to fetch refresh tokens for.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Client app ID"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "clientId"
+ },
+ {
+ "name": "include_scope_details",
+ "required": false,
+ "description": "Specify 'scope' to include scope details in the embedded attribute.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Valid value: `scope`. If specified, scope details are included in the `_embedded` attribute."
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "expand"
+ },
+ {
+ "name": "next_page_cursor",
+ "required": false,
+ "description": "Specifies the pagination cursor for retrieving the next page of tokens. Use this for navigating through pages of results.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Specifies the pagination cursor for the next page of tokens"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "after"
+ },
+ {
+ "name": "maximum_tokens_to_return",
+ "required": false,
+ "description": "Specify the maximum number of tokens to return. It must not exceed 200.",
+ "value_schema": {
+ "val_type": "integer",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "The maximum number of tokens to return (maximum 200)"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "limit"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'listRefreshTokensForAuthorizationServerAndClient'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.authorizationServers.read"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/authorizationServers/{authServerId}/clients/{clientId}/tokens",
+ "http_method": "GET",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "expand",
+ "tool_parameter_name": "include_scope_details",
+ "description": "Valid value: `scope`. If specified, scope details are included in the `_embedded` attribute.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Valid value: `scope`. If specified, scope details are included in the `_embedded` attribute."
+ },
+ "accepted_as": "query",
+ "required": false,
+ "deprecated": false,
+ "documentation_urls": []
+ },
+ {
+ "name": "after",
+ "tool_parameter_name": "next_page_cursor",
+ "description": "Specifies the pagination cursor for the next page of tokens",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Specifies the pagination cursor for the next page of tokens"
+ },
+ "accepted_as": "query",
+ "required": false,
+ "deprecated": false,
+ "documentation_urls": []
+ },
+ {
+ "name": "limit",
+ "tool_parameter_name": "maximum_tokens_to_return",
+ "description": "The maximum number of tokens to return (maximum 200)",
+ "value_schema": {
+ "val_type": "integer",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "The maximum number of tokens to return (maximum 200)"
+ },
+ "accepted_as": "query",
+ "required": false,
+ "deprecated": false,
+ "documentation_urls": []
+ },
+ {
+ "name": "authServerId",
+ "tool_parameter_name": "authorization_server_id",
+ "description": "`id` of the Authorization Server",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "`id` of the Authorization Server"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ },
+ {
+ "name": "clientId",
+ "tool_parameter_name": "client_application_id",
+ "description": "Client app ID",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Client app ID"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/ListRefreshTokensForApp.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/ListRefreshTokensForApp.json
new file mode 100644
index 000000000..fa198b8b2
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/ListRefreshTokensForApp.json
@@ -0,0 +1,201 @@
+{
+ "name": "ListRefreshTokensForApp",
+ "fully_qualified_name": "OktaApi.ListRefreshTokensForApp@0.1.0",
+ "description": "Retrieve all refresh tokens for a specific app in Okta.\n\nUse this tool to get a list of all OAuth2 refresh tokens associated with a specified application in Okta. Useful for managing and auditing app tokens.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "application_id",
+ "required": true,
+ "description": "The unique identifier for the application to retrieve refresh tokens.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Application ID"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "appId"
+ },
+ {
+ "name": "include_scope_details",
+ "required": false,
+ "description": "Set to 'scope' to include scope details in the response (_embedded property).",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "An optional parameter to return scope details in the `_embedded` property. Valid value: `scope`"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "expand"
+ },
+ {
+ "name": "pagination_cursor",
+ "required": false,
+ "description": "Pagination cursor for retrieving the next page of results. Use the opaque value from the next link.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Specifies the pagination cursor for the next page of results. Treat this as an opaque value obtained through the next link relationship. See [Pagination](/#pagination)."
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "after"
+ },
+ {
+ "name": "max_tokens_to_return",
+ "required": false,
+ "description": "Sets the maximum number of refresh tokens to retrieve for the application.",
+ "value_schema": {
+ "val_type": "integer",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "A limit on the number of objects to return"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "limit"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'listOAuth2TokensForApplication'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.apps.read"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/apps/{appId}/tokens",
+ "http_method": "GET",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "expand",
+ "tool_parameter_name": "include_scope_details",
+ "description": "An optional parameter to return scope details in the `_embedded` property. Valid value: `scope`",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "An optional parameter to return scope details in the `_embedded` property. Valid value: `scope`"
+ },
+ "accepted_as": "query",
+ "required": false,
+ "deprecated": false,
+ "documentation_urls": []
+ },
+ {
+ "name": "after",
+ "tool_parameter_name": "pagination_cursor",
+ "description": "Specifies the pagination cursor for the next page of results. Treat this as an opaque value obtained through the next link relationship. See [Pagination](/#pagination).",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Specifies the pagination cursor for the next page of results. Treat this as an opaque value obtained through the next link relationship. See [Pagination](/#pagination)."
+ },
+ "accepted_as": "query",
+ "required": false,
+ "deprecated": false,
+ "documentation_urls": []
+ },
+ {
+ "name": "limit",
+ "tool_parameter_name": "max_tokens_to_return",
+ "description": "A limit on the number of objects to return",
+ "value_schema": {
+ "val_type": "integer",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "A limit on the number of objects to return"
+ },
+ "accepted_as": "query",
+ "required": false,
+ "deprecated": false,
+ "documentation_urls": []
+ },
+ {
+ "name": "appId",
+ "tool_parameter_name": "application_id",
+ "description": "Application ID",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Application ID"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/ListResourceSetBindings.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/ListResourceSetBindings.json
new file mode 100644
index 000000000..2803d4a40
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/ListResourceSetBindings.json
@@ -0,0 +1,137 @@
+{
+ "name": "ListResourceSetBindings",
+ "fully_qualified_name": "OktaApi.ListResourceSetBindings@0.1.0",
+ "description": "Retrieve all bindings and roles for a specified resource set.\n\nUse this tool to list all bindings associated with a specified resource set in Okta. It supports pagination if there are more than 100 bindings. Useful for managing access and roles in a resource set.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "resource_set_id_or_label",
+ "required": true,
+ "description": "The ID or label of the resource set to list bindings for.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "`id` or `label` of the resource set"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "resourceSetIdOrLabel"
+ },
+ {
+ "name": "pagination_cursor",
+ "required": false,
+ "description": "A string cursor for pagination, specifying the current position in the list. Obtained from the `Link` response header.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "The cursor to use for pagination. It is an opaque string that specifies your current location in the list and is obtained from the `Link` response header. See [Pagination](https://developer.okta.com/docs/api/#pagination)."
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "after"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'listBindings'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.roles.read"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/iam/resource-sets/{resourceSetIdOrLabel}/bindings",
+ "http_method": "GET",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "after",
+ "tool_parameter_name": "pagination_cursor",
+ "description": "The cursor to use for pagination. It is an opaque string that specifies your current location in the list and is obtained from the `Link` response header. See [Pagination](https://developer.okta.com/docs/api/#pagination).",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "The cursor to use for pagination. It is an opaque string that specifies your current location in the list and is obtained from the `Link` response header. See [Pagination](https://developer.okta.com/docs/api/#pagination)."
+ },
+ "accepted_as": "query",
+ "required": false,
+ "deprecated": false,
+ "documentation_urls": []
+ },
+ {
+ "name": "resourceSetIdOrLabel",
+ "tool_parameter_name": "resource_set_id_or_label",
+ "description": "`id` or `label` of the resource set",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "`id` or `label` of the resource set"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/ListResourceSetResources.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/ListResourceSetResources.json
new file mode 100644
index 000000000..ce3cda998
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/ListResourceSetResources.json
@@ -0,0 +1,105 @@
+{
+ "name": "ListResourceSetResources",
+ "fully_qualified_name": "OktaApi.ListResourceSetResources@0.1.0",
+ "description": "Lists all resources for a specified resource set in Okta.\n\nUse this tool to retrieve all resources associated with a specific resource set in Okta, identified by the resource set ID or label.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "resource_set_id_or_label",
+ "required": true,
+ "description": "The ID or label of the resource set to list resources for.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "`id` or `label` of the resource set"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "resourceSetIdOrLabel"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'listResourceSetResources'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.roles.read"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/iam/resource-sets/{resourceSetIdOrLabel}/resources",
+ "http_method": "GET",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "resourceSetIdOrLabel",
+ "tool_parameter_name": "resource_set_id_or_label",
+ "description": "`id` or `label` of the resource set",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "`id` or `label` of the resource set"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/ListResourceSets.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/ListResourceSets.json
new file mode 100644
index 000000000..da4f971c7
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/ListResourceSets.json
@@ -0,0 +1,105 @@
+{
+ "name": "ListResourceSets",
+ "fully_qualified_name": "OktaApi.ListResourceSets@0.1.0",
+ "description": "Retrieve all resource sets with pagination support.\n\nThis tool calls the Okta API to list all resource sets, including pagination information. Use it to fetch comprehensive details about existing resource sets in your organization.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "pagination_cursor",
+ "required": false,
+ "description": "The opaque cursor string for pagination, obtained from the `Link` response header.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "The cursor to use for pagination. It is an opaque string that specifies your current location in the list and is obtained from the `Link` response header. See [Pagination](https://developer.okta.com/docs/api/#pagination)."
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "after"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'listResourceSets'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.roles.read"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/iam/resource-sets",
+ "http_method": "GET",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "after",
+ "tool_parameter_name": "pagination_cursor",
+ "description": "The cursor to use for pagination. It is an opaque string that specifies your current location in the list and is obtained from the `Link` response header. See [Pagination](https://developer.okta.com/docs/api/#pagination).",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "The cursor to use for pagination. It is an opaque string that specifies your current location in the list and is obtained from the `Link` response header. See [Pagination](https://developer.okta.com/docs/api/#pagination)."
+ },
+ "accepted_as": "query",
+ "required": false,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/ListRoleResourceMembers.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/ListRoleResourceMembers.json
new file mode 100644
index 000000000..99782d9e0
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/ListRoleResourceMembers.json
@@ -0,0 +1,169 @@
+{
+ "name": "ListRoleResourceMembers",
+ "fully_qualified_name": "OktaApi.ListRoleResourceMembers@0.1.0",
+ "description": "List all members of a role resource set binding.\n\nThis tool retrieves all members associated with a specified role resource set binding, supporting pagination for large datasets.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "resource_set_id_or_label",
+ "required": true,
+ "description": "The ID or label of the resource set to list members from.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "`id` or `label` of the resource set"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "resourceSetIdOrLabel"
+ },
+ {
+ "name": "role_identifier",
+ "required": true,
+ "description": "The ID or label of the role to list members for. It helps specify the role resource set binding.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "`id` or `label` of the role"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "roleIdOrLabel"
+ },
+ {
+ "name": "pagination_cursor",
+ "required": false,
+ "description": "The opaque cursor string for pagination, indicating your current position in the list. Obtain this from the `Link` response header.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "The cursor to use for pagination. It is an opaque string that specifies your current location in the list and is obtained from the `Link` response header. See [Pagination](https://developer.okta.com/docs/api/#pagination)."
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "after"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'listMembersOfBinding'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.roles.read"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/iam/resource-sets/{resourceSetIdOrLabel}/bindings/{roleIdOrLabel}/members",
+ "http_method": "GET",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "after",
+ "tool_parameter_name": "pagination_cursor",
+ "description": "The cursor to use for pagination. It is an opaque string that specifies your current location in the list and is obtained from the `Link` response header. See [Pagination](https://developer.okta.com/docs/api/#pagination).",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "The cursor to use for pagination. It is an opaque string that specifies your current location in the list and is obtained from the `Link` response header. See [Pagination](https://developer.okta.com/docs/api/#pagination)."
+ },
+ "accepted_as": "query",
+ "required": false,
+ "deprecated": false,
+ "documentation_urls": []
+ },
+ {
+ "name": "resourceSetIdOrLabel",
+ "tool_parameter_name": "resource_set_id_or_label",
+ "description": "`id` or `label` of the resource set",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "`id` or `label` of the resource set"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ },
+ {
+ "name": "roleIdOrLabel",
+ "tool_parameter_name": "role_identifier",
+ "description": "`id` or `label` of the role",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "`id` or `label` of the role"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/ListRoleSubscriptions.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/ListRoleSubscriptions.json
new file mode 100644
index 000000000..e35fda89e
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/ListRoleSubscriptions.json
@@ -0,0 +1,105 @@
+{
+ "name": "ListRoleSubscriptions",
+ "fully_qualified_name": "OktaApi.ListRoleSubscriptions@0.1.0",
+ "description": "Retrieve all subscriptions for a specific role.\n\nUse this tool to get a detailed list of all subscriptions associated with a particular role in Okta, providing insight into the role's permissions and access.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "role_reference",
+ "required": true,
+ "description": "A reference to an existing role. Use `roleType` for standard roles and `roleId` for custom roles.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "A reference to an existing role. Standard roles require a `roleType`, while Custom Roles require a `roleId`. See [Standard Roles](/openapi/okta-management/guides/roles/#standard-roles)."
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "roleRef"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'listSubscriptionsRole'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.roles.read"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/roles/{roleRef}/subscriptions",
+ "http_method": "GET",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "roleRef",
+ "tool_parameter_name": "role_reference",
+ "description": "A reference to an existing role. Standard roles require a `roleType`, while Custom Roles require a `roleId`. See [Standard Roles](/openapi/okta-management/guides/roles/#standard-roles).",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "A reference to an existing role. Standard roles require a `roleType`, while Custom Roles require a `roleId`. See [Standard Roles](/openapi/okta-management/guides/roles/#standard-roles)."
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/ListRolesForClient.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/ListRolesForClient.json
new file mode 100644
index 000000000..dc2884fcb
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/ListRolesForClient.json
@@ -0,0 +1,105 @@
+{
+ "name": "ListRolesForClient",
+ "fully_qualified_name": "OktaApi.ListRolesForClient@0.1.0",
+ "description": "Lists all roles assigned to a specific client app.\n\nUse this tool to retrieve all roles assigned to a client application by providing the client ID. This can help in understanding client access and permissions.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "client_app_id",
+ "required": true,
+ "description": "The unique identifier of the client application for which roles are being listed.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Client app ID"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "clientId"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'listRolesForClient'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.roles.read"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/oauth2/v1/clients/{clientId}/roles",
+ "http_method": "GET",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "clientId",
+ "tool_parameter_name": "client_app_id",
+ "description": "Client app ID",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Client app ID"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/ListSecurityEventsProviders.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/ListSecurityEventsProviders.json
new file mode 100644
index 000000000..56d06f061
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/ListSecurityEventsProviders.json
@@ -0,0 +1,71 @@
+{
+ "name": "ListSecurityEventsProviders",
+ "fully_qualified_name": "OktaApi.ListSecurityEventsProviders@0.1.0",
+ "description": "Retrieve all Security Events Provider instances from Okta.\n\nThis tool is used to list all instances of Security Events Providers configured in Okta. It should be called when there is a need to retrieve information about these provider instances.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": []
+ },
+ "output": {
+ "description": "Response from the API endpoint 'listSecurityEventsProviderInstances'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.securityEventsProviders.read"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/security-events-providers",
+ "http_method": "GET",
+ "headers": {},
+ "parameters": [],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/ListSelfServiceFeatures.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/ListSelfServiceFeatures.json
new file mode 100644
index 000000000..cf00db70e
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/ListSelfServiceFeatures.json
@@ -0,0 +1,71 @@
+{
+ "name": "ListSelfServiceFeatures",
+ "fully_qualified_name": "OktaApi.ListSelfServiceFeatures@0.1.0",
+ "description": "Lists all self-service features for your organization.\n\nUse this tool to retrieve a comprehensive list of self-service features available in your organization. Useful for understanding or displaying the capabilities enabled for users.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": []
+ },
+ "output": {
+ "description": "Response from the API endpoint 'listFeatures'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.features.read"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/features",
+ "http_method": "GET",
+ "headers": {},
+ "parameters": [],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/ListSignInWidgetVersions.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/ListSignInWidgetVersions.json
new file mode 100644
index 000000000..bd1eacdcd
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/ListSignInWidgetVersions.json
@@ -0,0 +1,105 @@
+{
+ "name": "ListSignInWidgetVersions",
+ "fully_qualified_name": "OktaApi.ListSignInWidgetVersions@0.1.0",
+ "description": "Retrieve all sign-in widget versions for your organization.\n\nCall this tool to obtain a list of all sign-in widget versions supported by your organization. This is useful for overseeing compatibility and versioning of authentication interfaces within your system.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "brand_id",
+ "required": true,
+ "description": "The unique identifier of the brand for which you want to list all supported sign-in widget versions. This is required to specify the brand associated with your organization.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "The ID of the brand"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "brandId"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'listAllSignInWidgetVersions'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.brands.read"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/brands/{brandId}/pages/sign-in/widget-versions",
+ "http_method": "GET",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "brandId",
+ "tool_parameter_name": "brand_id",
+ "description": "The ID of the brand",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "The ID of the brand"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/ListSmsTemplates.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/ListSmsTemplates.json
new file mode 100644
index 000000000..cb1533201
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/ListSmsTemplates.json
@@ -0,0 +1,109 @@
+{
+ "name": "ListSmsTemplates",
+ "fully_qualified_name": "OktaApi.ListSmsTemplates@0.1.0",
+ "description": "Retrieve all custom SMS templates from Okta.\n\nUse this tool to get a list of custom SMS templates. You can optionally filter the templates by type if needed.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "sms_template_type",
+ "required": false,
+ "description": "Specify the type of SMS templates to filter, e.g., 'SMS_VERIFY_CODE'.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": [
+ "SMS_VERIFY_CODE"
+ ],
+ "properties": null,
+ "inner_properties": null,
+ "description": ""
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "templateType"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'listSmsTemplates'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.templates.read"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/templates/sms",
+ "http_method": "GET",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "templateType",
+ "tool_parameter_name": "sms_template_type",
+ "description": "",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": [
+ "SMS_VERIFY_CODE"
+ ],
+ "properties": null,
+ "inner_properties": null,
+ "description": ""
+ },
+ "accepted_as": "query",
+ "required": false,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/ListSupportedAuthFactors.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/ListSupportedAuthFactors.json
new file mode 100644
index 000000000..269dde0dc
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/ListSupportedAuthFactors.json
@@ -0,0 +1,105 @@
+{
+ "name": "ListSupportedAuthFactors",
+ "fully_qualified_name": "OktaApi.ListSupportedAuthFactors@0.1.0",
+ "description": "Retrieve supported authentication factors for a user.\n\nUse this tool to list all the supported authentication factors that can be enrolled for a specified user, based on the highest priority authenticator enrollment policy applicable to them. Only factors within the categories of 'REQUIRED' or 'OPTIONAL' are included. This is useful for understanding which security measures a user can set up in Okta.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "okta_user_id",
+ "required": true,
+ "description": "The unique identifier of an existing Okta user for whom the supported authentication factors are to be listed.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "ID of an existing Okta user"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "userId"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'listSupportedFactors'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.users.read"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/users/{userId}/factors/catalog",
+ "http_method": "GET",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "userId",
+ "tool_parameter_name": "okta_user_id",
+ "description": "ID of an existing Okta user",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "ID of an existing Okta user"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/ListSystemLogEvents.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/ListSystemLogEvents.json
new file mode 100644
index 000000000..2bb66acc0
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/ListSystemLogEvents.json
@@ -0,0 +1,303 @@
+{
+ "name": "ListSystemLogEvents",
+ "fully_qualified_name": "OktaApi.ListSystemLogEvents@0.1.0",
+ "description": "Fetches recent Okta System Log events.\n\nUse this tool to retrieve Okta System Log events for monitoring and auditing purposes. It returns up to 100 events by default, with options to paginate or modify the limit.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "start_time_filter",
+ "required": false,
+ "description": "Filters events to those published after this time. Use ISO 8601 format, e.g., '2023-01-01T00:00:00Z'.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Filters the lower time bound of the log events `published` property for bounded queries or persistence time for polling queries"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "since"
+ },
+ {
+ "name": "upper_time_bound_for_events",
+ "required": false,
+ "description": "Specifies the upper time boundary for filtering Okta log events, using the 'published' property.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Filters the upper time bound of the log events `published` property for bounded queries or persistence time for polling queries."
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "until"
+ },
+ {
+ "name": "pagination_after_cursor",
+ "required": false,
+ "description": "Retrieves the next page of log events using the token provided in the HTTP header ('rel=next').",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Retrieves the next page of results. Okta returns a link in the HTTP Header (`rel=next`) that includes the after query parameter"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "after"
+ },
+ {
+ "name": "filter_expression",
+ "required": false,
+ "description": "Filter the System Log events using a specific filter expression. All operators, except brackets, are supported. Refer to Okta's Filter and Operator documentation for detailed usage.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Filter expression that filters the results. All operators except [ ] are supported. See [Filter](https://developer.okta.com/docs/api/#filter) and [Operators](https://developer.okta.com/docs/api/#operators)."
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "filter"
+ },
+ {
+ "name": "keyword_filter",
+ "required": false,
+ "description": "Filters log events by one or more case-insensitive keywords.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Filters log events results by one or more case insensitive keywords."
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "q"
+ },
+ {
+ "name": "result_limit",
+ "required": false,
+ "description": "Sets the number of results to be returned in the response. Default is 100; adjust to increase or decrease.",
+ "value_schema": {
+ "val_type": "integer",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Sets the number of results that are returned in the response"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "limit"
+ },
+ {
+ "name": "event_sort_order",
+ "required": false,
+ "description": "Specifies the sort order for returned events based on the `published` property. Choose either 'ASCENDING' or 'DESCENDING'.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": [
+ "ASCENDING",
+ "DESCENDING"
+ ],
+ "properties": null,
+ "inner_properties": null,
+ "description": "The order of the returned events that are sorted by the `published` property"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "sortOrder"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'listLogEvents'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.logs.read"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/logs",
+ "http_method": "GET",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "since",
+ "tool_parameter_name": "start_time_filter",
+ "description": "Filters the lower time bound of the log events `published` property for bounded queries or persistence time for polling queries",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Filters the lower time bound of the log events `published` property for bounded queries or persistence time for polling queries"
+ },
+ "accepted_as": "query",
+ "required": false,
+ "deprecated": false,
+ "documentation_urls": []
+ },
+ {
+ "name": "until",
+ "tool_parameter_name": "upper_time_bound_for_events",
+ "description": "Filters the upper time bound of the log events `published` property for bounded queries or persistence time for polling queries.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Filters the upper time bound of the log events `published` property for bounded queries or persistence time for polling queries."
+ },
+ "accepted_as": "query",
+ "required": false,
+ "deprecated": false,
+ "documentation_urls": []
+ },
+ {
+ "name": "after",
+ "tool_parameter_name": "pagination_after_cursor",
+ "description": "Retrieves the next page of results. Okta returns a link in the HTTP Header (`rel=next`) that includes the after query parameter",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Retrieves the next page of results. Okta returns a link in the HTTP Header (`rel=next`) that includes the after query parameter"
+ },
+ "accepted_as": "query",
+ "required": false,
+ "deprecated": false,
+ "documentation_urls": []
+ },
+ {
+ "name": "filter",
+ "tool_parameter_name": "filter_expression",
+ "description": "Filter expression that filters the results. All operators except [ ] are supported. See [Filter](https://developer.okta.com/docs/api/#filter) and [Operators](https://developer.okta.com/docs/api/#operators).",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Filter expression that filters the results. All operators except [ ] are supported. See [Filter](https://developer.okta.com/docs/api/#filter) and [Operators](https://developer.okta.com/docs/api/#operators)."
+ },
+ "accepted_as": "query",
+ "required": false,
+ "deprecated": false,
+ "documentation_urls": []
+ },
+ {
+ "name": "q",
+ "tool_parameter_name": "keyword_filter",
+ "description": "Filters log events results by one or more case insensitive keywords.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Filters log events results by one or more case insensitive keywords."
+ },
+ "accepted_as": "query",
+ "required": false,
+ "deprecated": false,
+ "documentation_urls": []
+ },
+ {
+ "name": "limit",
+ "tool_parameter_name": "result_limit",
+ "description": "Sets the number of results that are returned in the response",
+ "value_schema": {
+ "val_type": "integer",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Sets the number of results that are returned in the response"
+ },
+ "accepted_as": "query",
+ "required": false,
+ "deprecated": false,
+ "documentation_urls": []
+ },
+ {
+ "name": "sortOrder",
+ "tool_parameter_name": "event_sort_order",
+ "description": "The order of the returned events that are sorted by the `published` property",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": [
+ "ASCENDING",
+ "DESCENDING"
+ ],
+ "properties": null,
+ "inner_properties": null,
+ "description": "The order of the returned events that are sorted by the `published` property"
+ },
+ "accepted_as": "query",
+ "required": false,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/ListTrustedOrigins.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/ListTrustedOrigins.json
new file mode 100644
index 000000000..d5332152a
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/ListTrustedOrigins.json
@@ -0,0 +1,201 @@
+{
+ "name": "ListTrustedOrigins",
+ "fully_qualified_name": "OktaApi.ListTrustedOrigins@0.1.0",
+ "description": "Retrieve all trusted origins from Okta.\n\nThis tool should be used to obtain a list of all trusted origins configured in Okta. It is useful for managing security settings by identifying domains that are trusted by your Okta instance.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "search_prefix_string",
+ "required": false,
+ "description": "A search string to filter origins, matching the beginning of `name` or `origin`.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "A search string that prefix matches against the `name` and `origin`"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "q"
+ },
+ {
+ "name": "filter_trusted_origins",
+ "required": false,
+ "description": "Filter trusted origins using expressions for properties like `name`, `origin`, `status`, and `type`.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "[Filter](https://developer.okta.com/docs/api/#filter) trusted origins with a supported expression for a subset of properties. You can filter on the following properties: `name`, `origin`, `status`, and `type` (type of scopes).\n"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "filter"
+ },
+ {
+ "name": "cursor_after_prior_request",
+ "required": false,
+ "description": "Use this cursor to continue listing from where the previous request left off.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "After cursor provided by a prior request"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "after"
+ },
+ {
+ "name": "results_limit",
+ "required": false,
+ "description": "Specifies the maximum number of trusted origins to return in the response.",
+ "value_schema": {
+ "val_type": "integer",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Specifies the number of results"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "limit"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'listTrustedOrigins'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.trustedOrigins.read"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/trustedOrigins",
+ "http_method": "GET",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "q",
+ "tool_parameter_name": "search_prefix_string",
+ "description": "A search string that prefix matches against the `name` and `origin`",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "A search string that prefix matches against the `name` and `origin`"
+ },
+ "accepted_as": "query",
+ "required": false,
+ "deprecated": false,
+ "documentation_urls": []
+ },
+ {
+ "name": "filter",
+ "tool_parameter_name": "filter_trusted_origins",
+ "description": "[Filter](https://developer.okta.com/docs/api/#filter) trusted origins with a supported expression for a subset of properties. You can filter on the following properties: `name`, `origin`, `status`, and `type` (type of scopes).\n",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "[Filter](https://developer.okta.com/docs/api/#filter) trusted origins with a supported expression for a subset of properties. You can filter on the following properties: `name`, `origin`, `status`, and `type` (type of scopes).\n"
+ },
+ "accepted_as": "query",
+ "required": false,
+ "deprecated": false,
+ "documentation_urls": []
+ },
+ {
+ "name": "after",
+ "tool_parameter_name": "cursor_after_prior_request",
+ "description": "After cursor provided by a prior request",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "After cursor provided by a prior request"
+ },
+ "accepted_as": "query",
+ "required": false,
+ "deprecated": false,
+ "documentation_urls": []
+ },
+ {
+ "name": "limit",
+ "tool_parameter_name": "results_limit",
+ "description": "Specifies the number of results",
+ "value_schema": {
+ "val_type": "integer",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Specifies the number of results"
+ },
+ "accepted_as": "query",
+ "required": false,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/ListUiSchemas.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/ListUiSchemas.json
new file mode 100644
index 000000000..36668d32e
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/ListUiSchemas.json
@@ -0,0 +1,71 @@
+{
+ "name": "ListUiSchemas",
+ "fully_qualified_name": "OktaApi.ListUiSchemas@0.1.0",
+ "description": "Retrieve all UI Schemas in your organization.\n\nThis tool retrieves a list of all UI Schemas available in your organization from Okta. It should be called when you need to access or manage the UI configurations for various applications and components in your environment.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": []
+ },
+ "output": {
+ "description": "Response from the API endpoint 'listUISchemas'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.uischemas.read"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/meta/uischemas",
+ "http_method": "GET",
+ "headers": {},
+ "parameters": [],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/ListUserAppLinks.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/ListUserAppLinks.json
new file mode 100644
index 000000000..44b101a0c
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/ListUserAppLinks.json
@@ -0,0 +1,105 @@
+{
+ "name": "ListUserAppLinks",
+ "fully_qualified_name": "OktaApi.ListUserAppLinks@0.1.0",
+ "description": "Retrieve app links for a user's assigned applications.\n\nThis tool lists all app links for applications directly or indirectly assigned to a user through group membership. Use this tool to fetch application access links for a specific user by their ID.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "user_identifier",
+ "required": true,
+ "description": "An ID, login, or login shortname of an existing Okta user to list app links for.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "An ID, login, or login shortname (as long as the shortname is unambiguous) of an existing Okta user"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "id"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'listAppLinks'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.users.read"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/users/{id}/appLinks",
+ "http_method": "GET",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "id",
+ "tool_parameter_name": "user_identifier",
+ "description": "An ID, login, or login shortname (as long as the shortname is unambiguous) of an existing Okta user",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "An ID, login, or login shortname (as long as the shortname is unambiguous) of an existing Okta user"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/ListUserClientGrants.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/ListUserClientGrants.json
new file mode 100644
index 000000000..b60fb2203
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/ListUserClientGrants.json
@@ -0,0 +1,233 @@
+{
+ "name": "ListUserClientGrants",
+ "fully_qualified_name": "OktaApi.ListUserClientGrants@0.1.0",
+ "description": "Lists all grants for a specified user and client.\n\nUse this tool to retrieve all grants associated with a specific user and client. It's useful when you need to check the permissions or access rights granted to a user for a particular client application.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "user_id",
+ "required": true,
+ "description": "The ID of an existing Okta user for whom the grants are to be listed.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "ID of an existing Okta user"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "userId"
+ },
+ {
+ "name": "client_app_id",
+ "required": true,
+ "description": "The unique identifier of the client application for which you want to list the grants.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Client app ID"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "clientId"
+ },
+ {
+ "name": "include_scope_details",
+ "required": false,
+ "description": "Set to 'scope' to include scope details in the response's `_embedded` attribute.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Valid value: `scope`. If specified, scope details are included in the `_embedded` attribute."
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "expand"
+ },
+ {
+ "name": "pagination_cursor",
+ "required": false,
+ "description": "The cursor string for pagination, indicating your current position in the list. Obtained from the `Link` response header.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "The cursor to use for pagination. It is an opaque string that specifies your current location in the list and is obtained from the `Link` response header. See [Pagination](https://developer.okta.com/docs/api/#pagination)."
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "after"
+ },
+ {
+ "name": "number_of_tokens_to_return",
+ "required": false,
+ "description": "Specifies the maximum number of grants to return for the user and client.",
+ "value_schema": {
+ "val_type": "integer",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Specifies the number of tokens to return"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "limit"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'listGrantsForUserAndClient'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.users.read"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/users/{userId}/clients/{clientId}/grants",
+ "http_method": "GET",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "expand",
+ "tool_parameter_name": "include_scope_details",
+ "description": "Valid value: `scope`. If specified, scope details are included in the `_embedded` attribute.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Valid value: `scope`. If specified, scope details are included in the `_embedded` attribute."
+ },
+ "accepted_as": "query",
+ "required": false,
+ "deprecated": false,
+ "documentation_urls": []
+ },
+ {
+ "name": "after",
+ "tool_parameter_name": "pagination_cursor",
+ "description": "The cursor to use for pagination. It is an opaque string that specifies your current location in the list and is obtained from the `Link` response header. See [Pagination](https://developer.okta.com/docs/api/#pagination).",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "The cursor to use for pagination. It is an opaque string that specifies your current location in the list and is obtained from the `Link` response header. See [Pagination](https://developer.okta.com/docs/api/#pagination)."
+ },
+ "accepted_as": "query",
+ "required": false,
+ "deprecated": false,
+ "documentation_urls": []
+ },
+ {
+ "name": "limit",
+ "tool_parameter_name": "number_of_tokens_to_return",
+ "description": "Specifies the number of tokens to return",
+ "value_schema": {
+ "val_type": "integer",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Specifies the number of tokens to return"
+ },
+ "accepted_as": "query",
+ "required": false,
+ "deprecated": false,
+ "documentation_urls": []
+ },
+ {
+ "name": "userId",
+ "tool_parameter_name": "user_id",
+ "description": "ID of an existing Okta user",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "ID of an existing Okta user"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ },
+ {
+ "name": "clientId",
+ "tool_parameter_name": "client_app_id",
+ "description": "Client app ID",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Client app ID"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/ListUserClientRefreshTokens.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/ListUserClientRefreshTokens.json
new file mode 100644
index 000000000..3d1cfcf11
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/ListUserClientRefreshTokens.json
@@ -0,0 +1,233 @@
+{
+ "name": "ListUserClientRefreshTokens",
+ "fully_qualified_name": "OktaApi.ListUserClientRefreshTokens@0.1.0",
+ "description": "Retrieve refresh tokens for a specific user and client.\n\nThis tool retrieves all refresh tokens issued for a specified user and client in the Okta system. It should be called when you need to manage or audit tokens related to user access.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "user_id",
+ "required": true,
+ "description": "ID of an existing Okta user to retrieve refresh tokens for.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "ID of an existing Okta user"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "userId"
+ },
+ {
+ "name": "client_id",
+ "required": true,
+ "description": "The ID of the client application for which to list refresh tokens.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Client app ID"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "clientId"
+ },
+ {
+ "name": "include_scope_details",
+ "required": false,
+ "description": "Set to 'true' to include scope details in the response. Valid value: `scope`.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Valid value: `scope`. If specified, scope details are included in the `_embedded` attribute."
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "expand"
+ },
+ {
+ "name": "pagination_cursor",
+ "required": false,
+ "description": "An opaque string for continuing pagination, obtained from the `Link` response header.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "The cursor to use for pagination. It is an opaque string that specifies your current location in the list and is obtained from the `Link` response header. See [Pagination](https://developer.okta.com/docs/api/#pagination)."
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "after"
+ },
+ {
+ "name": "token_return_limit",
+ "required": false,
+ "description": "Specifies the maximum number of refresh tokens to return.",
+ "value_schema": {
+ "val_type": "integer",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Specifies the number of tokens to return"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "limit"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'listRefreshTokensForUserAndClient'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.users.read"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/users/{userId}/clients/{clientId}/tokens",
+ "http_method": "GET",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "expand",
+ "tool_parameter_name": "include_scope_details",
+ "description": "Valid value: `scope`. If specified, scope details are included in the `_embedded` attribute.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Valid value: `scope`. If specified, scope details are included in the `_embedded` attribute."
+ },
+ "accepted_as": "query",
+ "required": false,
+ "deprecated": false,
+ "documentation_urls": []
+ },
+ {
+ "name": "after",
+ "tool_parameter_name": "pagination_cursor",
+ "description": "The cursor to use for pagination. It is an opaque string that specifies your current location in the list and is obtained from the `Link` response header. See [Pagination](https://developer.okta.com/docs/api/#pagination).",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "The cursor to use for pagination. It is an opaque string that specifies your current location in the list and is obtained from the `Link` response header. See [Pagination](https://developer.okta.com/docs/api/#pagination)."
+ },
+ "accepted_as": "query",
+ "required": false,
+ "deprecated": false,
+ "documentation_urls": []
+ },
+ {
+ "name": "limit",
+ "tool_parameter_name": "token_return_limit",
+ "description": "Specifies the number of tokens to return",
+ "value_schema": {
+ "val_type": "integer",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Specifies the number of tokens to return"
+ },
+ "accepted_as": "query",
+ "required": false,
+ "deprecated": false,
+ "documentation_urls": []
+ },
+ {
+ "name": "userId",
+ "tool_parameter_name": "user_id",
+ "description": "ID of an existing Okta user",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "ID of an existing Okta user"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ },
+ {
+ "name": "clientId",
+ "tool_parameter_name": "client_id",
+ "description": "Client app ID",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Client app ID"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/ListUserClients.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/ListUserClients.json
new file mode 100644
index 000000000..5b410156e
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/ListUserClients.json
@@ -0,0 +1,105 @@
+{
+ "name": "ListUserClients",
+ "fully_qualified_name": "OktaApi.ListUserClients@0.1.0",
+ "description": "List client resources for a user with grants or tokens.\n\nRetrieves all client resources associated with the specified user that have grants or tokens. Useful for managing user client access and identifying resource associations.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "okta_user_id",
+ "required": true,
+ "description": "ID of an existing Okta user to list associated client resources.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "ID of an existing Okta user"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "userId"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'listUserClients'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.users.read"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/users/{userId}/clients",
+ "http_method": "GET",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "userId",
+ "tool_parameter_name": "okta_user_id",
+ "description": "ID of an existing Okta user",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "ID of an existing Okta user"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/ListUserDevices.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/ListUserDevices.json
new file mode 100644
index 000000000..eb7e12b1d
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/ListUserDevices.json
@@ -0,0 +1,105 @@
+{
+ "name": "ListUserDevices",
+ "fully_qualified_name": "OktaApi.ListUserDevices@0.1.0",
+ "description": "Retrieve a user's enrolled devices from Okta.\n\nUse this tool to list all devices enrolled by a specific user in Okta. Specify the user's ID to get their device list. Useful for managing user devices within an organization.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "user_id",
+ "required": true,
+ "description": "The unique identifier of an existing Okta user whose devices you want to list.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "ID of an existing Okta user"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "userId"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'listUserDevices'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.users.read"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/users/{userId}/devices",
+ "http_method": "GET",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "userId",
+ "tool_parameter_name": "user_id",
+ "description": "ID of an existing Okta user",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "ID of an existing Okta user"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/ListUserFactors.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/ListUserFactors.json
new file mode 100644
index 000000000..bd18ca1b4
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/ListUserFactors.json
@@ -0,0 +1,105 @@
+{
+ "name": "ListUserFactors",
+ "fully_qualified_name": "OktaApi.ListUserFactors@0.1.0",
+ "description": "Retrieve enrolled factors for a user from Okta.\n\nThis tool retrieves all enrolled authentication factors for a specified user from Okta, according to the applicable authenticator enrollment policy. It only returns factors that are either \"REQUIRED\" or \"OPTIONAL\" in the highest priority policy applicable to the user. Admins can use this tool for other users, but the client's conditions affect policy evaluation.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "user_id",
+ "required": true,
+ "description": "ID of an existing Okta user for whom the enrolled factors are retrieved.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "ID of an existing Okta user"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "userId"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'listFactors'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.users.read"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/users/{userId}/factors",
+ "http_method": "GET",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "userId",
+ "tool_parameter_name": "user_id",
+ "description": "ID of an existing Okta user",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "ID of an existing Okta user"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/ListUserGrants.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/ListUserGrants.json
new file mode 100644
index 000000000..3076d88ff
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/ListUserGrants.json
@@ -0,0 +1,233 @@
+{
+ "name": "ListUserGrants",
+ "fully_qualified_name": "OktaApi.ListUserGrants@0.1.0",
+ "description": "Retrieve all grants for a specific user in Okta.\n\nUse this tool to list all the grants assigned to a specified user in the Okta system. It's useful for understanding user permissions and access levels.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "user_id",
+ "required": true,
+ "description": "ID of an existing Okta user for whom to list grants.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "ID of an existing Okta user"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "userId"
+ },
+ {
+ "name": "scope_id_filter",
+ "required": false,
+ "description": "The scope ID used to filter user grants.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "The scope ID to filter on"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "scopeId"
+ },
+ {
+ "name": "include_scope_details",
+ "required": false,
+ "description": "Include scope details in the response using the `_embedded` attribute. Use `scope` as the value.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Valid value: `scope`. If specified, scope details are included in the `_embedded` attribute."
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "expand"
+ },
+ {
+ "name": "pagination_cursor",
+ "required": false,
+ "description": "The cursor string for pagination, obtained from the `Link` header to track the current position in the list.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "The cursor to use for pagination. It is an opaque string that specifies your current location in the list and is obtained from the `Link` response header. See [Pagination](https://developer.okta.com/docs/api/#pagination)."
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "after"
+ },
+ {
+ "name": "grant_limit",
+ "required": false,
+ "description": "Specifies the maximum number of grants to return for a user. Use an integer value to determine how many results you want to retrieve.",
+ "value_schema": {
+ "val_type": "integer",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Specifies the number of grants to return"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "limit"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'listUserGrants'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.users.read"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/users/{userId}/grants",
+ "http_method": "GET",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "scopeId",
+ "tool_parameter_name": "scope_id_filter",
+ "description": "The scope ID to filter on",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "The scope ID to filter on"
+ },
+ "accepted_as": "query",
+ "required": false,
+ "deprecated": false,
+ "documentation_urls": []
+ },
+ {
+ "name": "expand",
+ "tool_parameter_name": "include_scope_details",
+ "description": "Valid value: `scope`. If specified, scope details are included in the `_embedded` attribute.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Valid value: `scope`. If specified, scope details are included in the `_embedded` attribute."
+ },
+ "accepted_as": "query",
+ "required": false,
+ "deprecated": false,
+ "documentation_urls": []
+ },
+ {
+ "name": "after",
+ "tool_parameter_name": "pagination_cursor",
+ "description": "The cursor to use for pagination. It is an opaque string that specifies your current location in the list and is obtained from the `Link` response header. See [Pagination](https://developer.okta.com/docs/api/#pagination).",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "The cursor to use for pagination. It is an opaque string that specifies your current location in the list and is obtained from the `Link` response header. See [Pagination](https://developer.okta.com/docs/api/#pagination)."
+ },
+ "accepted_as": "query",
+ "required": false,
+ "deprecated": false,
+ "documentation_urls": []
+ },
+ {
+ "name": "limit",
+ "tool_parameter_name": "grant_limit",
+ "description": "Specifies the number of grants to return",
+ "value_schema": {
+ "val_type": "integer",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Specifies the number of grants to return"
+ },
+ "accepted_as": "query",
+ "required": false,
+ "deprecated": false,
+ "documentation_urls": []
+ },
+ {
+ "name": "userId",
+ "tool_parameter_name": "user_id",
+ "description": "ID of an existing Okta user",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "ID of an existing Okta user"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/ListUserSubscriptions.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/ListUserSubscriptions.json
new file mode 100644
index 000000000..c962a6977
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/ListUserSubscriptions.json
@@ -0,0 +1,105 @@
+{
+ "name": "ListUserSubscriptions",
+ "fully_qualified_name": "OktaApi.ListUserSubscriptions@0.1.0",
+ "description": "Retrieve all subscriptions for a specified user.\n\nUse this tool to get a list of all subscriptions that are available to a specific user in Okta. Ensure that you request for a user you have access to, as requests for other users will result in an `AccessDeniedException`.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "user_id",
+ "required": true,
+ "description": "The unique identifier for the user whose subscriptions you want to retrieve. Ensure you have access rights to this user's data to avoid an `AccessDeniedException`.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": ""
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "userId"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'listSubscriptionsUser'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.users.read"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/users/{userId}/subscriptions",
+ "http_method": "GET",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "userId",
+ "tool_parameter_name": "user_id",
+ "description": "",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": ""
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/ListUsersWithRoles.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/ListUsersWithRoles.json
new file mode 100644
index 000000000..0f5c95565
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/ListUsersWithRoles.json
@@ -0,0 +1,137 @@
+{
+ "name": "ListUsersWithRoles",
+ "fully_qualified_name": "OktaApi.ListUsersWithRoles@0.1.0",
+ "description": "Lists all users with their role assignments.\n\nUse this tool to retrieve a list of users along with their assigned roles. This can be useful for managing user permissions and roles within an organization.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "pagination_cursor",
+ "required": false,
+ "description": "Specifies the pagination cursor for retrieving the next page of users with roles.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Specifies the pagination cursor for the next page of targets"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "after"
+ },
+ {
+ "name": "results_limit",
+ "required": false,
+ "description": "Specifies the maximum number of user results to return. Defaults to 100 if not set.",
+ "value_schema": {
+ "val_type": "integer",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Specifies the number of results returned. Defaults to `100`."
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "limit"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'listUsersWithRoleAssignments'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.roles.read"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/iam/assignees/users",
+ "http_method": "GET",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "after",
+ "tool_parameter_name": "pagination_cursor",
+ "description": "Specifies the pagination cursor for the next page of targets",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Specifies the pagination cursor for the next page of targets"
+ },
+ "accepted_as": "query",
+ "required": false,
+ "deprecated": false,
+ "documentation_urls": []
+ },
+ {
+ "name": "limit",
+ "tool_parameter_name": "results_limit",
+ "description": "Specifies the number of results returned. Defaults to `100`.",
+ "value_schema": {
+ "val_type": "integer",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Specifies the number of results returned. Defaults to `100`."
+ },
+ "accepted_as": "query",
+ "required": false,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/ListVerifiedCustomDomains.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/ListVerifiedCustomDomains.json
new file mode 100644
index 000000000..10a46fcd5
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/ListVerifiedCustomDomains.json
@@ -0,0 +1,71 @@
+{
+ "name": "ListVerifiedCustomDomains",
+ "fully_qualified_name": "OktaApi.ListVerifiedCustomDomains@0.1.0",
+ "description": "Retrieve verified custom domains for the organization.\n\nUse this tool to get a list of all the verified custom domains associated with your organization. It is useful for managing and reviewing domain settings.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": []
+ },
+ "output": {
+ "description": "Response from the API endpoint 'listCustomDomains'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.domains.read"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/domains",
+ "http_method": "GET",
+ "headers": {},
+ "parameters": [],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/ListWebauthnPreregistrationFactors.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/ListWebauthnPreregistrationFactors.json
new file mode 100644
index 000000000..f44fc8e3d
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/ListWebauthnPreregistrationFactors.json
@@ -0,0 +1,105 @@
+{
+ "name": "ListWebauthnPreregistrationFactors",
+ "fully_qualified_name": "OktaApi.ListWebauthnPreregistrationFactors@0.1.0",
+ "description": "Get WebAuthn preregistration factors for a user.\n\nUse this tool to retrieve all WebAuthn preregistration factors for a specified user. Useful for managing or verifying user authentication methods.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "user_id",
+ "required": true,
+ "description": "ID of an existing Okta user to retrieve their WebAuthn preregistration factors.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "ID of an existing Okta user"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "userId"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'listWebAuthnPreregistrationFactors'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.users.read"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/webauthn-registration/api/v1/users/{userId}/enrollments",
+ "http_method": "GET",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "userId",
+ "tool_parameter_name": "user_id",
+ "description": "ID of an existing Okta user",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "ID of an existing Okta user"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/ListYubikeyOtpTokens.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/ListYubikeyOtpTokens.json
new file mode 100644
index 000000000..bd6f87507
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/ListYubikeyOtpTokens.json
@@ -0,0 +1,335 @@
+{
+ "name": "ListYubikeyOtpTokens",
+ "fully_qualified_name": "OktaApi.ListYubikeyOtpTokens@0.1.0",
+ "description": "Lists all YubiKey OTP tokens in the organization.\n\nUse this tool to retrieve all YubiKey OTP tokens associated with the organization. It helps in managing and auditing YubiKey token deployments.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "pagination_cursor_for_next_page",
+ "required": false,
+ "description": "Specifies the pagination cursor for the next page of YubiKey OTP tokens.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Specifies the pagination cursor for the next page of tokens"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "after"
+ },
+ {
+ "name": "expand_user_resource",
+ "required": false,
+ "description": "Set to 'user' to embed the User resource if assigned to a YubiKey token.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Embeds the [user](/openapi/okta-management/management/tag/User/) resource if the YubiKey token is assigned to a user and `expand` is set to `user`"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "expand"
+ },
+ {
+ "name": "filter_tokens_by",
+ "required": false,
+ "description": "Filter expression to narrow down tokens (e.g., by email, serial, status, etc.).",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": [
+ "profile.email",
+ "profile.serial",
+ "activated",
+ "user.id",
+ "created",
+ "status",
+ "lastVerified"
+ ],
+ "properties": null,
+ "inner_properties": null,
+ "description": "The expression used to filter tokens"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "filter"
+ },
+ {
+ "name": "results_per_page",
+ "required": false,
+ "description": "Specifies the number of YubiKey OTP tokens returned per page.",
+ "value_schema": {
+ "val_type": "integer",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Specifies the number of results per page"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "limit"
+ },
+ {
+ "name": "sort_tokens_by",
+ "required": false,
+ "description": "Specify how to sort the YubiKey tokens. Options: profile.email, profile.serial, activated, user.id, created, status, lastVerified.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": [
+ "profile.email",
+ "profile.serial",
+ "activated",
+ "user.id",
+ "created",
+ "status",
+ "lastVerified"
+ ],
+ "properties": null,
+ "inner_properties": null,
+ "description": "The value of how the tokens are sorted"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "sortBy"
+ },
+ {
+ "name": "sort_order",
+ "required": false,
+ "description": "Specifies the sort order for the YubiKey OTP tokens, either `ASC` for ascending or `DESC` for descending.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": [
+ "ASC",
+ "DESC"
+ ],
+ "properties": null,
+ "inner_properties": null,
+ "description": "Specifies the sort order, either `ASC` or `DESC`"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "sortOrder"
+ },
+ {
+ "name": "download_as_csv",
+ "required": false,
+ "description": "Set to True to return tokens as a downloadable CSV. The default limit changes to 1000.",
+ "value_schema": {
+ "val_type": "boolean",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Returns tokens in a CSV to download instead of in the response. When you use this query parameter, the `limit` default changes to 1000."
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "forDownload"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'listYubikeyOtpTokens'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.users.read"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/org/factors/yubikey_token/tokens",
+ "http_method": "GET",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "after",
+ "tool_parameter_name": "pagination_cursor_for_next_page",
+ "description": "Specifies the pagination cursor for the next page of tokens",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Specifies the pagination cursor for the next page of tokens"
+ },
+ "accepted_as": "query",
+ "required": false,
+ "deprecated": false,
+ "documentation_urls": []
+ },
+ {
+ "name": "expand",
+ "tool_parameter_name": "expand_user_resource",
+ "description": "Embeds the [user](/openapi/okta-management/management/tag/User/) resource if the YubiKey token is assigned to a user and `expand` is set to `user`",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Embeds the [user](/openapi/okta-management/management/tag/User/) resource if the YubiKey token is assigned to a user and `expand` is set to `user`"
+ },
+ "accepted_as": "query",
+ "required": false,
+ "deprecated": false,
+ "documentation_urls": []
+ },
+ {
+ "name": "filter",
+ "tool_parameter_name": "filter_tokens_by",
+ "description": "The expression used to filter tokens",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": [
+ "profile.email",
+ "profile.serial",
+ "activated",
+ "user.id",
+ "created",
+ "status",
+ "lastVerified"
+ ],
+ "properties": null,
+ "inner_properties": null,
+ "description": "The expression used to filter tokens"
+ },
+ "accepted_as": "query",
+ "required": false,
+ "deprecated": false,
+ "documentation_urls": []
+ },
+ {
+ "name": "forDownload",
+ "tool_parameter_name": "download_as_csv",
+ "description": "Returns tokens in a CSV to download instead of in the response. When you use this query parameter, the `limit` default changes to 1000.",
+ "value_schema": {
+ "val_type": "boolean",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Returns tokens in a CSV to download instead of in the response. When you use this query parameter, the `limit` default changes to 1000."
+ },
+ "accepted_as": "query",
+ "required": false,
+ "deprecated": false,
+ "documentation_urls": []
+ },
+ {
+ "name": "limit",
+ "tool_parameter_name": "results_per_page",
+ "description": "Specifies the number of results per page",
+ "value_schema": {
+ "val_type": "integer",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Specifies the number of results per page"
+ },
+ "accepted_as": "query",
+ "required": false,
+ "deprecated": false,
+ "documentation_urls": []
+ },
+ {
+ "name": "sortBy",
+ "tool_parameter_name": "sort_tokens_by",
+ "description": "The value of how the tokens are sorted",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": [
+ "profile.email",
+ "profile.serial",
+ "activated",
+ "user.id",
+ "created",
+ "status",
+ "lastVerified"
+ ],
+ "properties": null,
+ "inner_properties": null,
+ "description": "The value of how the tokens are sorted"
+ },
+ "accepted_as": "query",
+ "required": false,
+ "deprecated": false,
+ "documentation_urls": []
+ },
+ {
+ "name": "sortOrder",
+ "tool_parameter_name": "sort_order",
+ "description": "Specifies the sort order, either `ASC` or `DESC`",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": [
+ "ASC",
+ "DESC"
+ ],
+ "properties": null,
+ "inner_properties": null,
+ "description": "Specifies the sort order, either `ASC` or `DESC`"
+ },
+ "accepted_as": "query",
+ "required": false,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/OptInAdminConsoleRamp.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/OptInAdminConsoleRamp.json
new file mode 100644
index 000000000..a5bc7e270
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/OptInAdminConsoleRamp.json
@@ -0,0 +1,71 @@
+{
+ "name": "OptInAdminConsoleRamp",
+ "fully_qualified_name": "OktaApi.OptInAdminConsoleRamp@0.1.0",
+ "description": "Opt in the Admin Console to RAMP in Okta.\n\nThis tool opts in the Admin Console to RAMP using Okta's API. Call this tool when you need to enable RAMP in the Admin Console.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": []
+ },
+ "output": {
+ "description": "Response from the API endpoint 'optIn'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.roles.manage"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/iam/governance/optIn",
+ "http_method": "POST",
+ "headers": {},
+ "parameters": [],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/OptInUsersToOktaEmails.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/OptInUsersToOktaEmails.json
new file mode 100644
index 000000000..ac637d148
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/OptInUsersToOktaEmails.json
@@ -0,0 +1,71 @@
+{
+ "name": "OptInUsersToOktaEmails",
+ "fully_qualified_name": "OktaApi.OptInUsersToOktaEmails@0.1.0",
+ "description": "Opt in all users to Okta communication emails.\n\nUse this tool to opt in all users of an organization to receive communication emails from Okta.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": []
+ },
+ "output": {
+ "description": "Response from the API endpoint 'optInUsersToOktaCommunicationEmails'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.orgs.manage"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/org/privacy/oktaCommunication/optIn",
+ "http_method": "POST",
+ "headers": {},
+ "parameters": [],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/OptOutAdminConsoleRamp.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/OptOutAdminConsoleRamp.json
new file mode 100644
index 000000000..24b4342b6
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/OptOutAdminConsoleRamp.json
@@ -0,0 +1,71 @@
+{
+ "name": "OptOutAdminConsoleRamp",
+ "fully_qualified_name": "OktaApi.OptOutAdminConsoleRamp@0.1.0",
+ "description": "Opt out the Admin Console from RAMP.\n\nThis tool should be called to opt the Admin Console out of RAMP. Use this when you need to discontinue the RAMP service for the Admin Console.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": []
+ },
+ "output": {
+ "description": "Response from the API endpoint 'optOut'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.roles.manage"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/iam/governance/optOut",
+ "http_method": "POST",
+ "headers": {},
+ "parameters": [],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/OptOutOktaEmails.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/OptOutOktaEmails.json
new file mode 100644
index 000000000..69f4d2706
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/OptOutOktaEmails.json
@@ -0,0 +1,71 @@
+{
+ "name": "OptOutOktaEmails",
+ "fully_qualified_name": "OktaApi.OptOutOktaEmails@0.1.0",
+ "description": "Opt out all users from Okta communication emails.\n\nUse this tool to opt out all users in the organization from receiving Okta communication emails.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": []
+ },
+ "output": {
+ "description": "Response from the API endpoint 'optOutUsersFromOktaCommunicationEmails'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.orgs.manage"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/org/privacy/oktaCommunication/optOut",
+ "http_method": "POST",
+ "headers": {},
+ "parameters": [],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/PauseAgentPoolsUpdate.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/PauseAgentPoolsUpdate.json
new file mode 100644
index 000000000..cf4b1b89b
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/PauseAgentPoolsUpdate.json
@@ -0,0 +1,137 @@
+{
+ "name": "PauseAgentPoolsUpdate",
+ "fully_qualified_name": "OktaApi.PauseAgentPoolsUpdate@0.1.0",
+ "description": "Pause a running or queued agent pool update.\n\nThis tool pauses an ongoing or scheduled update for an agent pool, identified by poolId and updateId. Use it to temporarily halt updates you don't want to proceed immediately.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "agent_pool_id",
+ "required": true,
+ "description": "ID of the agent pool for which the update settings apply. Required to specify which pool's update is being paused.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "ID of the agent pool for which the settings apply to"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "poolId"
+ },
+ {
+ "name": "update_id",
+ "required": true,
+ "description": "ID of the update to be paused. This is required to identify which specific update to stop within the agent pool.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "ID of the update"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "updateId"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'pauseAgentPoolsUpdate'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.agentPools.manage"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/agentPools/{poolId}/updates/{updateId}/pause",
+ "http_method": "POST",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "poolId",
+ "tool_parameter_name": "agent_pool_id",
+ "description": "ID of the agent pool for which the settings apply to",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "ID of the agent pool for which the settings apply to"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ },
+ {
+ "name": "updateId",
+ "tool_parameter_name": "update_id",
+ "description": "ID of the update",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "ID of the update"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/PreviewEmailTemplateContent.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/PreviewEmailTemplateContent.json
new file mode 100644
index 000000000..f44c239d2
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/PreviewEmailTemplateContent.json
@@ -0,0 +1,169 @@
+{
+ "name": "PreviewEmailTemplateContent",
+ "fully_qualified_name": "OktaApi.PreviewEmailTemplateContent@0.1.0",
+ "description": "Retrieve a preview of an email template's default content.\n\nThis tool fetches a preview of an email template's default content with populated variable references using the current user's context. It considers the user's language if custom languages for Okta Email Templates are enabled.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "brand_id",
+ "required": true,
+ "description": "The ID of the brand for which the email template preview is to be retrieved.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "The ID of the brand"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "brandId"
+ },
+ {
+ "name": "email_template_name",
+ "required": true,
+ "description": "The name of the email template to preview. This specifies which template's content will be retrieved.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "The name of the email template"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "templateName"
+ },
+ {
+ "name": "email_language",
+ "required": false,
+ "description": "The language for the email template. Defaults to the current user's language if unspecified.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "The language to use for the email. Defaults to the current user's language if unspecified."
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "language"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'getEmailDefaultPreview'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.templates.read"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/brands/{brandId}/templates/email/{templateName}/default-content/preview",
+ "http_method": "GET",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "language",
+ "tool_parameter_name": "email_language",
+ "description": "The language to use for the email. Defaults to the current user's language if unspecified.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "The language to use for the email. Defaults to the current user's language if unspecified."
+ },
+ "accepted_as": "query",
+ "required": false,
+ "deprecated": false,
+ "documentation_urls": []
+ },
+ {
+ "name": "brandId",
+ "tool_parameter_name": "brand_id",
+ "description": "The ID of the brand",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "The ID of the brand"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ },
+ {
+ "name": "templateName",
+ "tool_parameter_name": "email_template_name",
+ "description": "The name of the email template",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "The name of the email template"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/PreviewSamlMetadata.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/PreviewSamlMetadata.json
new file mode 100644
index 000000000..9edc07a19
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/PreviewSamlMetadata.json
@@ -0,0 +1,137 @@
+{
+ "name": "PreviewSamlMetadata",
+ "fully_qualified_name": "OktaApi.PreviewSamlMetadata@0.1.0",
+ "description": "Preview SSO SAML metadata for a specific application.\n\nThis tool retrieves the SSO SAML metadata for a given application using its appId. It should be called when you need to preview or validate the SAML settings for an application.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "key_identifier",
+ "required": true,
+ "description": "The Key Identifier (kid) used in the SAML metadata request.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": ""
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "kid"
+ },
+ {
+ "name": "application_id",
+ "required": true,
+ "description": "The ID of the application for which to preview the SSO SAML metadata. This is required to specify which application's metadata to retrieve.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Application ID"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "appId"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'previewSAMLmetadataForApplication'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.apps.read"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/apps/{appId}/sso/saml/metadata",
+ "http_method": "GET",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "kid",
+ "tool_parameter_name": "key_identifier",
+ "description": "",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": ""
+ },
+ "accepted_as": "query",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ },
+ {
+ "name": "appId",
+ "tool_parameter_name": "application_id",
+ "description": "Application ID",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Application ID"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/PublishCertificate.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/PublishCertificate.json
new file mode 100644
index 000000000..329bf216d
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/PublishCertificate.json
@@ -0,0 +1,233 @@
+{
+ "name": "PublishCertificate",
+ "fully_qualified_name": "OktaApi.PublishCertificate@0.1.0",
+ "description": "Publish a signed certificate for an application's CSR.\n\nUse this tool to publish a Certificate Signing Request (CSR) for an application by attaching a signed X.509 certificate. This completes the CSR's lifecycle, making it inaccessible afterwards.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "application_id",
+ "required": true,
+ "description": "Unique identifier for the application to which the CSR belongs.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Application ID"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "appId"
+ },
+ {
+ "name": "csr_id",
+ "required": true,
+ "description": "The ID of the Certificate Signing Request (CSR) to publish for the application.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "`id` of the CSR"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "csrId"
+ },
+ {
+ "name": "certificate_content",
+ "required": true,
+ "description": "The signed X.509 certificate content to be published for the CSR.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": ""
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "requestBody"
+ },
+ {
+ "name": "certificate_data",
+ "required": true,
+ "description": "The signed X.509 certificate content in PEM format to be published with the CSR.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": ""
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "requestBody"
+ },
+ {
+ "name": "signed_certificate",
+ "required": true,
+ "description": "The signed X.509 certificate content to be published for the application CSR.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": ""
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "requestBody"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'publishCsrFromApplication'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.apps.manage"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/apps/{appId}/credentials/csrs/{csrId}/lifecycle/publish",
+ "http_method": "POST",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "appId",
+ "tool_parameter_name": "application_id",
+ "description": "Application ID",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Application ID"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ },
+ {
+ "name": "csrId",
+ "tool_parameter_name": "csr_id",
+ "description": "`id` of the CSR",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "`id` of the CSR"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ },
+ {
+ "name": "requestBody",
+ "tool_parameter_name": "signed_certificate",
+ "description": "",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": ""
+ },
+ "accepted_as": "body",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ },
+ {
+ "name": "requestBody",
+ "tool_parameter_name": "signed_certificate",
+ "description": "",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": ""
+ },
+ "accepted_as": "body",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ },
+ {
+ "name": "requestBody",
+ "tool_parameter_name": "signed_certificate",
+ "description": "",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": ""
+ },
+ "accepted_as": "body",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/PublishCsrCertificate.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/PublishCsrCertificate.json
new file mode 100644
index 000000000..1ae4d6508
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/PublishCsrCertificate.json
@@ -0,0 +1,233 @@
+{
+ "name": "PublishCsrCertificate",
+ "fully_qualified_name": "OktaApi.PublishCsrCertificate@0.1.0",
+ "description": "Publishes a signed X.509 certificate for an IdP CSR.\n\nUse this tool to complete the certificate signing request lifecycle by publishing a signed X.509 certificate for an identity provider (IdP). Note that once published, the CSR is no longer accessible. Publishing will fail if the certificate validity is under 90 days.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "identity_provider_id",
+ "required": true,
+ "description": "The unique `id` of the Identity Provider (IdP) for which the CSR is being published.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "`id` of IdP"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "idpId"
+ },
+ {
+ "name": "identity_provider_csr_id",
+ "required": true,
+ "description": "The unique identifier for the Identity Provider's Certificate Signing Request (CSR).",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "`id` of the IdP CSR"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "idpCsrId"
+ },
+ {
+ "name": "signed_x509_certificate",
+ "required": true,
+ "description": "The signed X.509 certificate in string format to be published for the CSR.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": ""
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "requestBody"
+ },
+ {
+ "name": "signed_certificate_x509",
+ "required": true,
+ "description": "A string containing the signed X.509 certificate to be published for the IdP CSR.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": ""
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "requestBody"
+ },
+ {
+ "name": "certificate_content",
+ "required": true,
+ "description": "The signed X.509 certificate content in string format to publish for the IdP CSR.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": ""
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "requestBody"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'publishCsrForIdentityProvider'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.idps.manage"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/idps/{idpId}/credentials/csrs/{idpCsrId}/lifecycle/publish",
+ "http_method": "POST",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "idpId",
+ "tool_parameter_name": "identity_provider_id",
+ "description": "`id` of IdP",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "`id` of IdP"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ },
+ {
+ "name": "idpCsrId",
+ "tool_parameter_name": "identity_provider_csr_id",
+ "description": "`id` of the IdP CSR",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "`id` of the IdP CSR"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ },
+ {
+ "name": "requestBody",
+ "tool_parameter_name": "certificate_content",
+ "description": "",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": ""
+ },
+ "accepted_as": "body",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ },
+ {
+ "name": "requestBody",
+ "tool_parameter_name": "certificate_content",
+ "description": "",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": ""
+ },
+ "accepted_as": "body",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ },
+ {
+ "name": "requestBody",
+ "tool_parameter_name": "certificate_content",
+ "description": "",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": ""
+ },
+ "accepted_as": "body",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/PublishSecurityEventTokens.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/PublishSecurityEventTokens.json
new file mode 100644
index 000000000..e047295aa
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/PublishSecurityEventTokens.json
@@ -0,0 +1,101 @@
+{
+ "name": "PublishSecurityEventTokens",
+ "fully_qualified_name": "OktaApi.PublishSecurityEventTokens@0.1.0",
+ "description": "Publish a Security Event Token to Okta.\n\nUse this tool to send a Security Event Token from a Security Events Provider to Okta. After verification, Okta ingests the event and triggers any appropriate actions.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "signed_security_event_token",
+ "required": true,
+ "description": "A signed Security Event Token (SET), formatted as a JSON Web Token (JWT).",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "The request body is a signed [SET](https://datatracker.ietf.org/doc/html/rfc8417), which is a type of JSON Web Token (JWT).\n\nFor SET JWT header and body descriptions, see [SET JWT header](/openapi/okta-management/management/tag/SSFSecurityEventToken/#tag/SSFSecurityEventToken/schema/SecurityEventTokenRequestJwtHeader) and [SET JWT body payload](/openapi/okta-management/management/tag/SSFSecurityEventToken/#tag/SSFSecurityEventToken/schema/SecurityEventTokenRequestJwtBody).\n"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "requestBody"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'publishSecurityEventTokens'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": null
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/security/api/v1/security-events",
+ "http_method": "POST",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "requestBody",
+ "tool_parameter_name": "signed_security_event_token",
+ "description": "The request body is a signed [SET](https://datatracker.ietf.org/doc/html/rfc8417), which is a type of JSON Web Token (JWT).\n\nFor SET JWT header and body descriptions, see [SET JWT header](/openapi/okta-management/management/tag/SSFSecurityEventToken/#tag/SSFSecurityEventToken/schema/SecurityEventTokenRequestJwtHeader) and [SET JWT body payload](/openapi/okta-management/management/tag/SSFSecurityEventToken/#tag/SSFSecurityEventToken/schema/SecurityEventTokenRequestJwtBody).\n",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "The request body is a signed [SET](https://datatracker.ietf.org/doc/html/rfc8417), which is a type of JSON Web Token (JWT).\n\nFor SET JWT header and body descriptions, see [SET JWT header](/openapi/okta-management/management/tag/SSFSecurityEventToken/#tag/SSFSecurityEventToken/schema/SecurityEventTokenRequestJwtHeader) and [SET JWT body payload](/openapi/okta-management/management/tag/SSFSecurityEventToken/#tag/SSFSecurityEventToken/schema/SecurityEventTokenRequestJwtBody).\n"
+ },
+ "accepted_as": "body",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/ReactivateUser.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/ReactivateUser.json
new file mode 100644
index 000000000..e0a5af278
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/ReactivateUser.json
@@ -0,0 +1,137 @@
+{
+ "name": "ReactivateUser",
+ "fully_qualified_name": "OktaApi.ReactivateUser@0.1.0",
+ "description": "Reactivates a user in PROVISIONED or RECOVERY status.\n\nUse this tool to reactivate a user who is in 'PROVISIONED' or 'RECOVERY' status. It restarts the activation workflow, providing either a direct reactivation via email or an activation link if email sending is disabled. The user may need to complete password reset and MFA enrollment to become 'ACTIVE'.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "user_identifier",
+ "required": true,
+ "description": "An ID, login, or unambiguous shortname of an existing Okta user to be reactivated.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "An ID, login, or login shortname (as long as the shortname is unambiguous) of an existing Okta user"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "id"
+ },
+ {
+ "name": "send_activation_email",
+ "required": false,
+ "description": "Set to true to send an activation email to the user; false to generate an activation link.",
+ "value_schema": {
+ "val_type": "boolean",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Sends an activation email to the user if `true`"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "sendEmail"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'reactivateUser'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.users.manage"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/users/{id}/lifecycle/reactivate",
+ "http_method": "POST",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "sendEmail",
+ "tool_parameter_name": "send_activation_email",
+ "description": "Sends an activation email to the user if `true`",
+ "value_schema": {
+ "val_type": "boolean",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Sends an activation email to the user if `true`"
+ },
+ "accepted_as": "query",
+ "required": false,
+ "deprecated": false,
+ "documentation_urls": []
+ },
+ {
+ "name": "id",
+ "tool_parameter_name": "user_identifier",
+ "description": "An ID, login, or login shortname (as long as the shortname is unambiguous) of an existing Okta user",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "An ID, login, or login shortname (as long as the shortname is unambiguous) of an existing Okta user"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/RefreshUserSession.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/RefreshUserSession.json
new file mode 100644
index 000000000..dbfa1b109
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/RefreshUserSession.json
@@ -0,0 +1,101 @@
+{
+ "name": "RefreshUserSession",
+ "fully_qualified_name": "OktaApi.RefreshUserSession@0.1.0",
+ "description": "Refresh the current user's session.\n\nUse this tool to refresh the session for the current user. This requires a session cookie and cannot be performed with an API token.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "session_cookie",
+ "required": false,
+ "description": "The session cookie for the current user is required to refresh their session. Must be a valid session cookie.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": ""
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "Cookie"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'refreshCurrentSession'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": null
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/sessions/me/lifecycle/refresh",
+ "http_method": "POST",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "Cookie",
+ "tool_parameter_name": "session_cookie",
+ "description": "",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": ""
+ },
+ "accepted_as": "header",
+ "required": false,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/RemoveAppTargetFromRole.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/RemoveAppTargetFromRole.json
new file mode 100644
index 000000000..74a1c0f28
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/RemoveAppTargetFromRole.json
@@ -0,0 +1,169 @@
+{
+ "name": "RemoveAppTargetFromRole",
+ "fully_qualified_name": "OktaApi.RemoveAppTargetFromRole@0.1.0",
+ "description": "Unassign an app target from an admin role for a user.\n\nThis tool is used to unassign an OIN app target from an `APP_ADMIN` role assigned to an admin user in Okta. Note that the last app target cannot be removed if it causes an exception. To cover all apps, delete the role assignment and recreate it with the desired settings.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "okta_user_id",
+ "required": true,
+ "description": "ID of an existing Okta user to unassign an app target from the role.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "ID of an existing Okta user"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "userId"
+ },
+ {
+ "name": "role_assignment_id",
+ "required": true,
+ "description": "The unique identifier of the role assignment to be unassigned from the user.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "The `id` of the role assignment"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "roleAssignmentId"
+ },
+ {
+ "name": "app_name",
+ "required": true,
+ "description": "Name of the app definition from the OIN catalog (the app key name).",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Name of the app definition (the OIN catalog app key name)"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "appName"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'unassignAppTargetFromAppAdminRoleForUser'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.roles.manage"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/users/{userId}/roles/{roleAssignmentId}/targets/catalog/apps/{appName}",
+ "http_method": "DELETE",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "userId",
+ "tool_parameter_name": "okta_user_id",
+ "description": "ID of an existing Okta user",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "ID of an existing Okta user"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ },
+ {
+ "name": "roleAssignmentId",
+ "tool_parameter_name": "role_assignment_id",
+ "description": "The `id` of the role assignment",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "The `id` of the role assignment"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ },
+ {
+ "name": "appName",
+ "tool_parameter_name": "app_name",
+ "description": "Name of the app definition (the OIN catalog app key name)",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Name of the app definition (the OIN catalog app key name)"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/RemoveGroupOwner.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/RemoveGroupOwner.json
new file mode 100644
index 000000000..8109e1dbe
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/RemoveGroupOwner.json
@@ -0,0 +1,137 @@
+{
+ "name": "RemoveGroupOwner",
+ "fully_qualified_name": "OktaApi.RemoveGroupOwner@0.1.0",
+ "description": "Removes a specific group owner from a group.\n\nThis tool should be called when a user needs to delete an owner from a specified group. It removes the association of an owner with a particular group in Okta.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "group_identifier",
+ "required": true,
+ "description": "The unique identifier of the group from which the owner will be removed.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "The `id` of the group"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "groupId"
+ },
+ {
+ "name": "group_owner_id",
+ "required": true,
+ "description": "The ID of the group owner to be removed.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "The `id` of the group owner"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "ownerId"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'deleteGroupOwner'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.groups.manage"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/groups/{groupId}/owners/{ownerId}",
+ "http_method": "DELETE",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "groupId",
+ "tool_parameter_name": "group_identifier",
+ "description": "The `id` of the group",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "The `id` of the group"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ },
+ {
+ "name": "ownerId",
+ "tool_parameter_name": "group_owner_id",
+ "description": "The `id` of the group owner",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "The `id` of the group owner"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/RemoveGroupTargetRole.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/RemoveGroupTargetRole.json
new file mode 100644
index 000000000..9eaf1a89e
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/RemoveGroupTargetRole.json
@@ -0,0 +1,169 @@
+{
+ "name": "RemoveGroupTargetRole",
+ "fully_qualified_name": "OktaApi.RemoveGroupTargetRole@0.1.0",
+ "description": "Removes a group target from a role in a client app.\n\nThis tool unassigns a specified group target from roles such as `USER_ADMIN`, `HELP_DESK_ADMIN`, or `GROUP_MEMBERSHIP_ADMIN` in a client application. Note that it cannot remove the last group target in a role assignment.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "client_app_id",
+ "required": true,
+ "description": "The unique identifier for the client application from which the group target will be removed.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Client app ID"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "clientId"
+ },
+ {
+ "name": "role_assignment_id",
+ "required": true,
+ "description": "The unique identifier for the role assignment to modify. This ID specifies which role assignment the group target will be removed from. Ensure it does not refer to the last group target in a role.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "The `id` of the role assignment"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "roleAssignmentId"
+ },
+ {
+ "name": "group_id",
+ "required": true,
+ "description": "The unique ID of the group to be unassigned from the role in the client app.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "The `id` of the group"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "groupId"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'removeGroupTargetRoleFromClient'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.roles.manage"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/oauth2/v1/clients/{clientId}/roles/{roleAssignmentId}/targets/groups/{groupId}",
+ "http_method": "DELETE",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "clientId",
+ "tool_parameter_name": "client_app_id",
+ "description": "Client app ID",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Client app ID"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ },
+ {
+ "name": "roleAssignmentId",
+ "tool_parameter_name": "role_assignment_id",
+ "description": "The `id` of the role assignment",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "The `id` of the role assignment"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ },
+ {
+ "name": "groupId",
+ "tool_parameter_name": "group_id",
+ "description": "The `id` of the group",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "The `id` of the group"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/RemoveRolePermission.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/RemoveRolePermission.json
new file mode 100644
index 000000000..c3abe2968
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/RemoveRolePermission.json
@@ -0,0 +1,137 @@
+{
+ "name": "RemoveRolePermission",
+ "fully_qualified_name": "OktaApi.RemoveRolePermission@0.1.0",
+ "description": "Remove a permission from a custom role in Okta.\n\nUse this tool to delete a specific permission from a custom role in Okta by specifying the role and permission type.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "role_identifier",
+ "required": true,
+ "description": "The `id` or `label` of the Okta role from which the permission will be removed.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "`id` or `label` of the role"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "roleIdOrLabel"
+ },
+ {
+ "name": "permission_type",
+ "required": true,
+ "description": "Specify the type of Okta permission to remove from the custom role. It should match the defined permissions in Okta.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "An Okta [permission](/openapi/okta-management/guides/permissions)"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "permissionType"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'deleteRolePermission'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.roles.manage"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/iam/roles/{roleIdOrLabel}/permissions/{permissionType}",
+ "http_method": "DELETE",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "roleIdOrLabel",
+ "tool_parameter_name": "role_identifier",
+ "description": "`id` or `label` of the role",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "`id` or `label` of the role"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ },
+ {
+ "name": "permissionType",
+ "tool_parameter_name": "permission_type",
+ "description": "An Okta [permission](/openapi/okta-management/guides/permissions)",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "An Okta [permission](/openapi/okta-management/guides/permissions)"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/RemoveUserFromOktaGroup.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/RemoveUserFromOktaGroup.json
new file mode 100644
index 000000000..18ae174ed
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/RemoveUserFromOktaGroup.json
@@ -0,0 +1,137 @@
+{
+ "name": "RemoveUserFromOktaGroup",
+ "fully_qualified_name": "OktaApi.RemoveUserFromOktaGroup@0.1.0",
+ "description": "Remove a user from an OKTA group.\n\nUse this tool to unassign a user from a specified OKTA group. It only works with groups of the 'OKTA_GROUP' type. This action cannot be performed on 'APP_GROUP' types, such as Active Directory groups.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "group_id",
+ "required": true,
+ "description": "The ID of the OKTA group. Required to specify which group the user will be removed from.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "The `id` of the group"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "groupId"
+ },
+ {
+ "name": "user_id",
+ "required": true,
+ "description": "The ID of an existing Okta user to be removed from the group.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "ID of an existing Okta user"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "userId"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'unassignUserFromGroup'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.groups.manage"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/groups/{groupId}/users/{userId}",
+ "http_method": "DELETE",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "groupId",
+ "tool_parameter_name": "group_id",
+ "description": "The `id` of the group",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "The `id` of the group"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ },
+ {
+ "name": "userId",
+ "tool_parameter_name": "user_id",
+ "description": "ID of an existing Okta user",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "ID of an existing Okta user"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/ReplaceAuthenticatorProperties.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/ReplaceAuthenticatorProperties.json
new file mode 100644
index 000000000..841c90d51
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/ReplaceAuthenticatorProperties.json
@@ -0,0 +1,105 @@
+{
+ "name": "ReplaceAuthenticatorProperties",
+ "fully_qualified_name": "OktaApi.ReplaceAuthenticatorProperties@0.1.0",
+ "description": "Replace properties of a specified authenticator.\n\nInvoke this tool to update the properties of an authenticator using its `authenticatorId`. Use when you need to modify authenticator settings in the Okta system.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "authenticator_id",
+ "required": true,
+ "description": "The unique identifier of the authenticator whose properties need to be replaced.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "`id` of the authenticator"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "authenticatorId"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'replaceAuthenticator'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.authenticators.manage"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/authenticators/{authenticatorId}",
+ "http_method": "PUT",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "authenticatorId",
+ "tool_parameter_name": "authenticator_id",
+ "description": "`id` of the authenticator",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "`id` of the authenticator"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/ResetMfaFactors.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/ResetMfaFactors.json
new file mode 100644
index 000000000..c20f5ecc9
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/ResetMfaFactors.json
@@ -0,0 +1,105 @@
+{
+ "name": "ResetMfaFactors",
+ "fully_qualified_name": "OktaApi.ResetMfaFactors@0.1.0",
+ "description": "Reset all MFA factors for a specified user.\n\nThis tool should be called to reset all MFA factors for a specific user, returning them to the unenrolled state. It is used when a user needs to re-enroll in MFA factors without affecting their active status.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "user_identifier",
+ "required": true,
+ "description": "An ID, login, or unambiguous login shortname of an existing Okta user to reset MFA factors.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "An ID, login, or login shortname (as long as the shortname is unambiguous) of an existing Okta user"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "id"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'resetFactors'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.users.manage"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/users/{id}/lifecycle/reset_factors",
+ "http_method": "POST",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "id",
+ "tool_parameter_name": "user_identifier",
+ "description": "An ID, login, or login shortname (as long as the shortname is unambiguous) of an existing Okta user",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "An ID, login, or login shortname (as long as the shortname is unambiguous) of an existing Okta user"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/ResetPasswordWithTemp.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/ResetPasswordWithTemp.json
new file mode 100644
index 000000000..8ec20965c
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/ResetPasswordWithTemp.json
@@ -0,0 +1,137 @@
+{
+ "name": "ResetPasswordWithTemp",
+ "fully_qualified_name": "OktaApi.ResetPasswordWithTemp@0.1.0",
+ "description": "Reset a user's password to a temporary one and expire it.\n\nThis tool expires a user's password and resets it to a temporary password, transitioning the user's status to `PASSWORD_EXPIRED`. It requires the user to change their password upon next sign-in. Optionally, it can revoke the user's current sessions. This is especially useful in scenarios needing immediate password changes for security reasons.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "user_identifier",
+ "required": true,
+ "description": "An ID, login, or unambiguous shortname of an existing Okta user for whom the password will be reset.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "An ID, login, or login shortname (as long as the shortname is unambiguous) of an existing Okta user"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "id"
+ },
+ {
+ "name": "revoke_user_sessions",
+ "required": false,
+ "description": "Set to true to revoke the user's existing sessions, forcing re-authentication.",
+ "value_schema": {
+ "val_type": "boolean",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Revokes the user's existing sessions if `true`"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "revokeSessions"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'expirePasswordWithTempPassword'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.users.manage"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/users/{id}/lifecycle/expire_password_with_temp_password",
+ "http_method": "POST",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "revokeSessions",
+ "tool_parameter_name": "revoke_user_sessions",
+ "description": "Revokes the user's existing sessions if `true`",
+ "value_schema": {
+ "val_type": "boolean",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Revokes the user's existing sessions if `true`"
+ },
+ "accepted_as": "query",
+ "required": false,
+ "deprecated": false,
+ "documentation_urls": []
+ },
+ {
+ "name": "id",
+ "tool_parameter_name": "user_identifier",
+ "description": "An ID, login, or login shortname (as long as the shortname is unambiguous) of an existing Okta user",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "An ID, login, or login shortname (as long as the shortname is unambiguous) of an existing Okta user"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/ResetUserPassword.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/ResetUserPassword.json
new file mode 100644
index 000000000..b3bcc8309
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/ResetUserPassword.json
@@ -0,0 +1,169 @@
+{
+ "name": "ResetUserPassword",
+ "fully_qualified_name": "OktaApi.ResetUserPassword@0.1.0",
+ "description": "Reset user's password and generate a one-time token link.\n\nThis tool resets a user's password, generating a one-time token (OTT) for a password reset. It transitions the user to 'RECOVERY' status, preventing sign-in until the reset is complete. An option to delete all user sessions is available, except in the current session's context. The tool can convert users to and from Okta credential providers. Can email the OTT or return it for custom distribution.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "user_identifier",
+ "required": true,
+ "description": "An ID, login, or unambiguous shortname of an existing Okta user for whom the password reset is initiated.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "An ID, login, or login shortname (as long as the shortname is unambiguous) of an existing Okta user"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "id"
+ },
+ {
+ "name": "send_ott_email",
+ "required": true,
+ "description": "Set to true to automatically email the one-time token link to the user for password reset.",
+ "value_schema": {
+ "val_type": "boolean",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": ""
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "sendEmail"
+ },
+ {
+ "name": "revoke_all_sessions_except_current",
+ "required": false,
+ "description": "If true, revokes all user sessions except the current one.",
+ "value_schema": {
+ "val_type": "boolean",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Revokes all user sessions, except for the current session, if set to `true`"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "revokeSessions"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'resetPassword'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.users.manage"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/users/{id}/lifecycle/reset_password",
+ "http_method": "POST",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "sendEmail",
+ "tool_parameter_name": "send_ott_email",
+ "description": "",
+ "value_schema": {
+ "val_type": "boolean",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": ""
+ },
+ "accepted_as": "query",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ },
+ {
+ "name": "revokeSessions",
+ "tool_parameter_name": "revoke_all_sessions_except_current",
+ "description": "Revokes all user sessions, except for the current session, if set to `true`",
+ "value_schema": {
+ "val_type": "boolean",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Revokes all user sessions, except for the current session, if set to `true`"
+ },
+ "accepted_as": "query",
+ "required": false,
+ "deprecated": false,
+ "documentation_urls": []
+ },
+ {
+ "name": "id",
+ "tool_parameter_name": "user_identifier",
+ "description": "An ID, login, or login shortname (as long as the shortname is unambiguous) of an existing Okta user",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "An ID, login, or login shortname (as long as the shortname is unambiguous) of an existing Okta user"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/ResumeAgentPoolUpdate.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/ResumeAgentPoolUpdate.json
new file mode 100644
index 000000000..ca7f8073f
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/ResumeAgentPoolUpdate.json
@@ -0,0 +1,137 @@
+{
+ "name": "ResumeAgentPoolUpdate",
+ "fully_qualified_name": "OktaApi.ResumeAgentPoolUpdate@0.1.0",
+ "description": "Resume a running or queued agent pool update.\n\nUse this tool to resume an update for a specific agent pool that is either running or queued. This is useful when updates need to be restarted or continued after a pause.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "agent_pool_id",
+ "required": true,
+ "description": "The ID of the agent pool to resume update for. Required to specify which pool's update is being resumed.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "ID of the agent pool for which the settings apply to"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "poolId"
+ },
+ {
+ "name": "update_id",
+ "required": true,
+ "description": "The unique ID of the update to be resumed for the specified agent pool.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "ID of the update"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "updateId"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'resumeAgentPoolsUpdate'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.agentPools.manage"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/agentPools/{poolId}/updates/{updateId}/resume",
+ "http_method": "POST",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "poolId",
+ "tool_parameter_name": "agent_pool_id",
+ "description": "ID of the agent pool for which the settings apply to",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "ID of the agent pool for which the settings apply to"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ },
+ {
+ "name": "updateId",
+ "tool_parameter_name": "update_id",
+ "description": "ID of the update",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "ID of the update"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/RetrieveAdminConsoleOptInStatus.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/RetrieveAdminConsoleOptInStatus.json
new file mode 100644
index 000000000..4470044c8
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/RetrieveAdminConsoleOptInStatus.json
@@ -0,0 +1,71 @@
+{
+ "name": "RetrieveAdminConsoleOptInStatus",
+ "fully_qualified_name": "OktaApi.RetrieveAdminConsoleOptInStatus@0.1.0",
+ "description": "Retrieve the Admin Console opt-in status from RAMP.\n\nUse this tool to check the opt-in status of the Admin Console via the RAMP service.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": []
+ },
+ "output": {
+ "description": "Response from the API endpoint 'getOptInStatus'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.roles.read"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/iam/governance/optIn",
+ "http_method": "GET",
+ "headers": {},
+ "parameters": [],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/RetrieveAgentPoolUpdate.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/RetrieveAgentPoolUpdate.json
new file mode 100644
index 000000000..be43e95f0
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/RetrieveAgentPoolUpdate.json
@@ -0,0 +1,137 @@
+{
+ "name": "RetrieveAgentPoolUpdate",
+ "fully_qualified_name": "OktaApi.RetrieveAgentPoolUpdate@0.1.0",
+ "description": "Retrieve details of a specific agent pool update.\n\nUse this tool to obtain information about a specific agent pool update using its `updateId`. This is useful for tracking update progress or verifying update configurations.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "agent_pool_id",
+ "required": true,
+ "description": "The ID of the agent pool for which you want to retrieve update details. Provide a valid agent pool ID.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "ID of the agent pool for which the settings apply to"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "poolId"
+ },
+ {
+ "name": "update_id",
+ "required": true,
+ "description": "The identifier for the specific agent pool update to retrieve details for.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "ID of the update"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "updateId"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'getAgentPoolsUpdateInstance'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.agentPools.read"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/agentPools/{poolId}/updates/{updateId}",
+ "http_method": "GET",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "poolId",
+ "tool_parameter_name": "agent_pool_id",
+ "description": "ID of the agent pool for which the settings apply to",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "ID of the agent pool for which the settings apply to"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ },
+ {
+ "name": "updateId",
+ "tool_parameter_name": "update_id",
+ "description": "ID of the update",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "ID of the update"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/RetrieveApiServiceIntegration.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/RetrieveApiServiceIntegration.json
new file mode 100644
index 000000000..b65604f02
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/RetrieveApiServiceIntegration.json
@@ -0,0 +1,105 @@
+{
+ "name": "RetrieveApiServiceIntegration",
+ "fully_qualified_name": "OktaApi.RetrieveApiServiceIntegration@0.1.0",
+ "description": "Retrieve an API Service Integration instance by ID.\n\nUse this tool to get detailed information about a specific API Service Integration instance by providing its ID.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "api_service_integration_id",
+ "required": true,
+ "description": "The ID of the API Service Integration instance to retrieve details for.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "`id` of the API Service Integration instance"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "apiServiceId"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'getApiServiceIntegrationInstance'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.oauthIntegrations.read"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/integrations/api/v1/api-services/{apiServiceId}",
+ "http_method": "GET",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "apiServiceId",
+ "tool_parameter_name": "api_service_integration_id",
+ "description": "`id` of the API Service Integration instance",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "`id` of the API Service Integration instance"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/RetrieveApiTokenMetadata.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/RetrieveApiTokenMetadata.json
new file mode 100644
index 000000000..65daa260e
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/RetrieveApiTokenMetadata.json
@@ -0,0 +1,105 @@
+{
+ "name": "RetrieveApiTokenMetadata",
+ "fully_qualified_name": "OktaApi.RetrieveApiTokenMetadata@0.1.0",
+ "description": "Retrieve metadata for a specific API token.\n\nThis tool retrieves metadata for an active API token using the `apiTokenId`. It should be called when there's a need to understand the details or status of a specific API token.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "api_token_id",
+ "required": true,
+ "description": "The unique identifier for the API token to retrieve its metadata.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "id of the API Token"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "apiTokenId"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'getApiToken'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.apiTokens.read"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/api-tokens/{apiTokenId}",
+ "http_method": "GET",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "apiTokenId",
+ "tool_parameter_name": "api_token_id",
+ "description": "id of the API Token",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "id of the API Token"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/RetrieveAppFeature.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/RetrieveAppFeature.json
new file mode 100644
index 000000000..a625cc666
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/RetrieveAppFeature.json
@@ -0,0 +1,143 @@
+{
+ "name": "RetrieveAppFeature",
+ "fully_qualified_name": "OktaApi.RetrieveAppFeature@0.1.0",
+ "description": "Retrieve a feature for a specific application.\n\nUse this tool to get detailed information about a specific feature in an application by providing the app ID and feature name. It helps in understanding the feature's status and properties for a given app.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "application_id",
+ "required": true,
+ "description": "The unique ID of the application for which the feature should be retrieved.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Application ID"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "appId"
+ },
+ {
+ "name": "feature_name",
+ "required": true,
+ "description": "Specify the feature name to retrieve. Options are 'USER_PROVISIONING' or 'INBOUND_PROVISIONING'.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": [
+ "USER_PROVISIONING",
+ "INBOUND_PROVISIONING"
+ ],
+ "properties": null,
+ "inner_properties": null,
+ "description": "Name of the Feature"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "featureName"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'getFeatureForApplication'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.apps.read"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/apps/{appId}/features/{featureName}",
+ "http_method": "GET",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "appId",
+ "tool_parameter_name": "application_id",
+ "description": "Application ID",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Application ID"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ },
+ {
+ "name": "featureName",
+ "tool_parameter_name": "feature_name",
+ "description": "Name of the Feature",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": [
+ "USER_PROVISIONING",
+ "INBOUND_PROVISIONING"
+ ],
+ "properties": null,
+ "inner_properties": null,
+ "description": "Name of the Feature"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/RetrieveAppGroupAssignment.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/RetrieveAppGroupAssignment.json
new file mode 100644
index 000000000..bf3a23ea8
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/RetrieveAppGroupAssignment.json
@@ -0,0 +1,169 @@
+{
+ "name": "RetrieveAppGroupAssignment",
+ "fully_qualified_name": "OktaApi.RetrieveAppGroupAssignment@0.1.0",
+ "description": "Retrieve details of an app group assignment from Okta.\n\nUse this tool to get information about a specific application group assignment within Okta. It requires the application ID and group ID to retrieve the relevant details.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "application_id",
+ "required": true,
+ "description": "The unique identifier of the application to retrieve group assignment details.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Application ID"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "appId"
+ },
+ {
+ "name": "group_id",
+ "required": true,
+ "description": "The unique identifier for the group to retrieve assignment details.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "The `id` of the group"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "groupId"
+ },
+ {
+ "name": "include_assigned_group_details",
+ "required": false,
+ "description": "Specifies whether to include assigned group or assignment metadata details in the `_embedded` property.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "An optional query parameter to return the corresponding assigned [group](https://developer.okta.com/docs/api/openapi/okta-management/management/tag/Group/) or \nthe group assignment metadata details in the `_embedded` property."
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "expand"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'getApplicationGroupAssignment'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.apps.read"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/apps/{appId}/groups/{groupId}",
+ "http_method": "GET",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "expand",
+ "tool_parameter_name": "include_assigned_group_details",
+ "description": "An optional query parameter to return the corresponding assigned [group](https://developer.okta.com/docs/api/openapi/okta-management/management/tag/Group/) or \nthe group assignment metadata details in the `_embedded` property.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "An optional query parameter to return the corresponding assigned [group](https://developer.okta.com/docs/api/openapi/okta-management/management/tag/Group/) or \nthe group assignment metadata details in the `_embedded` property."
+ },
+ "accepted_as": "query",
+ "required": false,
+ "deprecated": false,
+ "documentation_urls": []
+ },
+ {
+ "name": "appId",
+ "tool_parameter_name": "application_id",
+ "description": "Application ID",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Application ID"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ },
+ {
+ "name": "groupId",
+ "tool_parameter_name": "group_id",
+ "description": "The `id` of the group",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "The `id` of the group"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/RetrieveAppUserAssignment.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/RetrieveAppUserAssignment.json
new file mode 100644
index 000000000..c1924df7c
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/RetrieveAppUserAssignment.json
@@ -0,0 +1,169 @@
+{
+ "name": "RetrieveAppUserAssignment",
+ "fully_qualified_name": "OktaApi.RetrieveAppUserAssignment@0.1.0",
+ "description": "Retrieve a specific user's assignment for an app.\n\nUse this tool to get information about a user's assignment for a particular application in Okta. It should be called when you need to verify or inspect user access and assignments related to specific applications.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "application_id",
+ "required": true,
+ "description": "The unique identifier for the application. Used to specify which application's user assignment to retrieve.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Application ID"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "appId"
+ },
+ {
+ "name": "okta_user_id",
+ "required": true,
+ "description": "Specify the ID of an existing Okta user to retrieve their assignment information for a specific app.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "ID of an existing Okta user"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "userId"
+ },
+ {
+ "name": "include_user_in_response",
+ "required": false,
+ "description": "Optionally include the corresponding user object in the response. Valid value: 'user'.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "An optional query parameter to return the corresponding [User](/openapi/okta-management/management/tag/User/) object in the `_embedded` property.\nValid value: `user`"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "expand"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'getApplicationUser'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.apps.read"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/apps/{appId}/users/{userId}",
+ "http_method": "GET",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "expand",
+ "tool_parameter_name": "include_user_in_response",
+ "description": "An optional query parameter to return the corresponding [User](/openapi/okta-management/management/tag/User/) object in the `_embedded` property.\nValid value: `user`",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "An optional query parameter to return the corresponding [User](/openapi/okta-management/management/tag/User/) object in the `_embedded` property.\nValid value: `user`"
+ },
+ "accepted_as": "query",
+ "required": false,
+ "deprecated": false,
+ "documentation_urls": []
+ },
+ {
+ "name": "appId",
+ "tool_parameter_name": "application_id",
+ "description": "Application ID",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Application ID"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ },
+ {
+ "name": "userId",
+ "tool_parameter_name": "okta_user_id",
+ "description": "ID of an existing Okta user",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "ID of an existing Okta user"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/RetrieveApplicationKey.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/RetrieveApplicationKey.json
new file mode 100644
index 000000000..75b52d7fa
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/RetrieveApplicationKey.json
@@ -0,0 +1,137 @@
+{
+ "name": "RetrieveApplicationKey",
+ "fully_qualified_name": "OktaApi.RetrieveApplicationKey@0.1.0",
+ "description": "Retrieve a specific application key credential.\n\nUse this tool to retrieve a specific application key credential by its key ID ('kid') for a particular application in Okta.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "application_id",
+ "required": true,
+ "description": "The unique identifier for the application in Okta. Required to retrieve a key credential.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Application ID"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "appId"
+ },
+ {
+ "name": "key_credential_id",
+ "required": true,
+ "description": "The unique identifier of the Key Credential for the application. Used to specify which key to retrieve.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "ID of the Key Credential for the application"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "keyId"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'getApplicationKey'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.apps.read"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/apps/{appId}/credentials/keys/{keyId}",
+ "http_method": "GET",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "appId",
+ "tool_parameter_name": "application_id",
+ "description": "Application ID",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Application ID"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ },
+ {
+ "name": "keyId",
+ "tool_parameter_name": "key_credential_id",
+ "description": "ID of the Key Credential for the application",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "ID of the Key Credential for the application"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/RetrieveAssetLinks.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/RetrieveAssetLinks.json
new file mode 100644
index 000000000..0757b7085
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/RetrieveAssetLinks.json
@@ -0,0 +1,67 @@
+{
+ "name": "RetrieveAssetLinks",
+ "fully_qualified_name": "OktaApi.RetrieveAssetLinks@0.1.0",
+ "description": "Retrieve the content of the assetlinks.json URI.\n\nUse this tool to obtain the content of the assetlinks.json well-known URI, often used for app-link verification and asset relationship management.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": []
+ },
+ "output": {
+ "description": "Response from the API endpoint 'getAssetLinksWellKnownURI'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": null
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/.well-known/assetlinks.json",
+ "http_method": "GET",
+ "headers": {},
+ "parameters": [],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/RetrieveAuthPolicy.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/RetrieveAuthPolicy.json
new file mode 100644
index 000000000..138369d85
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/RetrieveAuthPolicy.json
@@ -0,0 +1,137 @@
+{
+ "name": "RetrieveAuthPolicy",
+ "fully_qualified_name": "OktaApi.RetrieveAuthPolicy@0.1.0",
+ "description": "Retrieve details of an authorization server policy.\n\nThis tool retrieves the details of a specific policy from an authorization server using the provided authorization server ID and policy ID. It should be called when detailed information about an authorization server policy is needed.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "authorization_server_id",
+ "required": true,
+ "description": "The ID of the Authorization Server to retrieve the policy from.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "`id` of the Authorization Server"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "authServerId"
+ },
+ {
+ "name": "policy_id",
+ "required": true,
+ "description": "The unique `id` of the Policy to retrieve its details.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "`id` of the Policy"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "policyId"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'getAuthorizationServerPolicy'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.authorizationServers.read"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/authorizationServers/{authServerId}/policies/{policyId}",
+ "http_method": "GET",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "authServerId",
+ "tool_parameter_name": "authorization_server_id",
+ "description": "`id` of the Authorization Server",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "`id` of the Authorization Server"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ },
+ {
+ "name": "policyId",
+ "tool_parameter_name": "policy_id",
+ "description": "`id` of the Policy",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "`id` of the Policy"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/RetrieveAuthServerKey.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/RetrieveAuthServerKey.json
new file mode 100644
index 000000000..cc52f56ea
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/RetrieveAuthServerKey.json
@@ -0,0 +1,137 @@
+{
+ "name": "RetrieveAuthServerKey",
+ "fully_qualified_name": "OktaApi.RetrieveAuthServerKey@0.1.0",
+ "description": "Retrieve specific Authorization Server Key details.\n\nUsed to fetch details of a specified Authorization Server Key using the `keyId`. This is helpful when verifying or utilizing specific keys in the Okta system.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "authorization_server_id",
+ "required": true,
+ "description": "The unique identifier of the Authorization Server whose key details are to be retrieved.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "`id` of the Authorization Server"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "authServerId"
+ },
+ {
+ "name": "certificate_key_id",
+ "required": true,
+ "description": "The unique identifier (`id`) of the certificate key to retrieve.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "`id` of the certificate key"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "keyId"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'getAuthorizationServerKey'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.authorizationServers.read"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/authorizationServers/{authServerId}/credentials/keys/{keyId}",
+ "http_method": "GET",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "authServerId",
+ "tool_parameter_name": "authorization_server_id",
+ "description": "`id` of the Authorization Server",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "`id` of the Authorization Server"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ },
+ {
+ "name": "keyId",
+ "tool_parameter_name": "certificate_key_id",
+ "description": "`id` of the certificate key",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "`id` of the certificate key"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/RetrieveAuthenticatorMethod.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/RetrieveAuthenticatorMethod.json
new file mode 100644
index 000000000..c910c894d
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/RetrieveAuthenticatorMethod.json
@@ -0,0 +1,167 @@
+{
+ "name": "RetrieveAuthenticatorMethod",
+ "fully_qualified_name": "OktaApi.RetrieveAuthenticatorMethod@0.1.0",
+ "description": "Retrieve a specific authenticator method by ID and type.\n\nThis tool is used to get details of a specific authentication method identified by method type and authenticator ID. It is useful for retrieving information about how users authenticate using specific methods.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "authenticator_id",
+ "required": true,
+ "description": "The unique identifier for the authenticator to retrieve the method from.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "`id` of the authenticator"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "authenticatorId"
+ },
+ {
+ "name": "authenticator_method_type",
+ "required": true,
+ "description": "The type of authenticator method. Possible values include: 'cert', 'duo', 'email', 'idp', 'otp', 'password', 'push', 'security_question', 'signed_nonce', 'sms', 'totp', 'voice', 'webauthn', 'tac'.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": [
+ "cert",
+ "duo",
+ "email",
+ "idp",
+ "otp",
+ "password",
+ "push",
+ "security_question",
+ "signed_nonce",
+ "sms",
+ "totp",
+ "voice",
+ "webauthn",
+ "tac"
+ ],
+ "properties": null,
+ "inner_properties": null,
+ "description": "Type of authenticator method"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "methodType"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'getAuthenticatorMethod'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.authenticators.read"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/authenticators/{authenticatorId}/methods/{methodType}",
+ "http_method": "GET",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "authenticatorId",
+ "tool_parameter_name": "authenticator_id",
+ "description": "`id` of the authenticator",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "`id` of the authenticator"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ },
+ {
+ "name": "methodType",
+ "tool_parameter_name": "authenticator_method_type",
+ "description": "Type of authenticator method",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": [
+ "cert",
+ "duo",
+ "email",
+ "idp",
+ "otp",
+ "password",
+ "push",
+ "security_question",
+ "signed_nonce",
+ "sms",
+ "totp",
+ "voice",
+ "webauthn",
+ "tac"
+ ],
+ "properties": null,
+ "inner_properties": null,
+ "description": "Type of authenticator method"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/RetrieveAuthorizationServer.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/RetrieveAuthorizationServer.json
new file mode 100644
index 000000000..ca38283de
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/RetrieveAuthorizationServer.json
@@ -0,0 +1,105 @@
+{
+ "name": "RetrieveAuthorizationServer",
+ "fully_qualified_name": "OktaApi.RetrieveAuthorizationServer@0.1.0",
+ "description": "Retrieve details of a specific authorization server.\n\nCall this tool to get information about a specific authorization server using its ID. Useful for managing or reviewing authorization server configurations.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "authorization_server_id",
+ "required": true,
+ "description": "ID of the authorization server to retrieve. This is required to identify which server's details to fetch.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "`id` of the Authorization Server"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "authServerId"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'getAuthorizationServer'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.authorizationServers.read"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/authorizationServers/{authServerId}",
+ "http_method": "GET",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "authServerId",
+ "tool_parameter_name": "authorization_server_id",
+ "description": "`id` of the Authorization Server",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "`id` of the Authorization Server"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/RetrieveBehaviorDetectionRule.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/RetrieveBehaviorDetectionRule.json
new file mode 100644
index 000000000..8bf7c7b08
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/RetrieveBehaviorDetectionRule.json
@@ -0,0 +1,105 @@
+{
+ "name": "RetrieveBehaviorDetectionRule",
+ "fully_qualified_name": "OktaApi.RetrieveBehaviorDetectionRule@0.1.0",
+ "description": "Retrieve details of a Behavior Detection Rule by ID.\n\nThis tool retrieves information about a specific Behavior Detection Rule using its unique behaviorId. It's useful for obtaining rule configurations and settings.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "behavior_detection_rule_id",
+ "required": true,
+ "description": "The unique ID of the Behavior Detection Rule to retrieve details for.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "ID of the Behavior Detection Rule"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "behaviorId"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'getBehaviorDetectionRule'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.behaviors.read"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/behaviors/{behaviorId}",
+ "http_method": "GET",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "behaviorId",
+ "tool_parameter_name": "behavior_detection_rule_id",
+ "description": "ID of the Behavior Detection Rule",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "ID of the Behavior Detection Rule"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/RetrieveBrandDetails.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/RetrieveBrandDetails.json
new file mode 100644
index 000000000..4a44e675d
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/RetrieveBrandDetails.json
@@ -0,0 +1,137 @@
+{
+ "name": "RetrieveBrandDetails",
+ "fully_qualified_name": "OktaApi.RetrieveBrandDetails@0.1.0",
+ "description": "Fetches brand details using the brand ID.\n\nUse this tool to retrieve detailed information about a specific brand by providing the brand ID.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "brand_id",
+ "required": true,
+ "description": "The unique identifier for the brand to retrieve details for.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "The ID of the brand"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "brandId"
+ },
+ {
+ "name": "include_additional_metadata",
+ "required": false,
+ "description": "An array of strings specifying additional metadata to be included in the response.",
+ "value_schema": {
+ "val_type": "array",
+ "inner_val_type": "string",
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Specifies additional metadata to be included in the response"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "expand"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'getBrand'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.brands.read"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/brands/{brandId}",
+ "http_method": "GET",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "expand",
+ "tool_parameter_name": "include_additional_metadata",
+ "description": "Specifies additional metadata to be included in the response",
+ "value_schema": {
+ "val_type": "array",
+ "inner_val_type": "string",
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Specifies additional metadata to be included in the response"
+ },
+ "accepted_as": "query",
+ "required": false,
+ "deprecated": false,
+ "documentation_urls": []
+ },
+ {
+ "name": "brandId",
+ "tool_parameter_name": "brand_id",
+ "description": "The ID of the brand",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "The ID of the brand"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/RetrieveBrandTheme.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/RetrieveBrandTheme.json
new file mode 100644
index 000000000..db8a6ac5d
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/RetrieveBrandTheme.json
@@ -0,0 +1,137 @@
+{
+ "name": "RetrieveBrandTheme",
+ "fully_qualified_name": "OktaApi.RetrieveBrandTheme@0.1.0",
+ "description": "Retrieve the theme for a specific brand.\n\nUse this tool to get the theme associated with a particular brand by specifying the brand and theme IDs.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "brand_id",
+ "required": true,
+ "description": "The unique identifier for the brand to retrieve the theme.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "The ID of the brand"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "brandId"
+ },
+ {
+ "name": "theme_id",
+ "required": true,
+ "description": "Specify the ID of the theme to retrieve details for a particular brand.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "The ID of the theme"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "themeId"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'getBrandTheme'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.brands.read"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/brands/{brandId}/themes/{themeId}",
+ "http_method": "GET",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "brandId",
+ "tool_parameter_name": "brand_id",
+ "description": "The ID of the brand",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "The ID of the brand"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ },
+ {
+ "name": "themeId",
+ "tool_parameter_name": "theme_id",
+ "description": "The ID of the theme",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "The ID of the theme"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/RetrieveBrandWellKnownUri.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/RetrieveBrandWellKnownUri.json
new file mode 100644
index 000000000..f233526e8
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/RetrieveBrandWellKnownUri.json
@@ -0,0 +1,145 @@
+{
+ "name": "RetrieveBrandWellKnownUri",
+ "fully_qualified_name": "OktaApi.RetrieveBrandWellKnownUri@0.1.0",
+ "description": "Retrieve customized content for a brand's well-known URI.\n\nThis tool retrieves the customized content of a specific well-known URI for a given brand and URI path. It should be used when you need information on the customized settings or configurations associated with a brand's specific URI.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "brand_id",
+ "required": true,
+ "description": "The unique identifier of the brand for which the well-known URI content is being retrieved.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "The ID of the brand"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "brandId"
+ },
+ {
+ "name": "well_known_uri_path",
+ "required": true,
+ "description": "The specific path of the well-known URI. Expected values are 'apple-app-site-association', 'assetlinks.json', or 'webauthn'.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": [
+ "apple-app-site-association",
+ "assetlinks.json",
+ "webauthn"
+ ],
+ "properties": null,
+ "inner_properties": null,
+ "description": "The path of the well-known URI"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "path"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'getBrandWellKnownURI'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.brands.read"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/brands/{brandId}/well-known-uris/{path}/customized",
+ "http_method": "GET",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "brandId",
+ "tool_parameter_name": "brand_id",
+ "description": "The ID of the brand",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "The ID of the brand"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ },
+ {
+ "name": "path",
+ "tool_parameter_name": "well_known_uri_path",
+ "description": "The path of the well-known URI",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": [
+ "apple-app-site-association",
+ "assetlinks.json",
+ "webauthn"
+ ],
+ "properties": null,
+ "inner_properties": null,
+ "description": "The path of the well-known URI"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/RetrieveCaptchaDetails.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/RetrieveCaptchaDetails.json
new file mode 100644
index 000000000..fdd0de6f7
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/RetrieveCaptchaDetails.json
@@ -0,0 +1,105 @@
+{
+ "name": "RetrieveCaptchaDetails",
+ "fully_qualified_name": "OktaApi.RetrieveCaptchaDetails@0.1.0",
+ "description": "Retrieve properties of a CAPTCHA instance.\n\nThis tool fetches detailed properties of a specified CAPTCHA instance in the Okta system. Use it when you need information about a particular CAPTCHA by providing its ID.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "captcha_instance_id",
+ "required": true,
+ "description": "The unique key identifying the CAPTCHA instance to retrieve details for in Okta.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "The unique key used to identify your CAPTCHA instance"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "captchaId"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'getCaptchaInstance'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.captchas.read"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/captchas/{captchaId}",
+ "http_method": "GET",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "captchaId",
+ "tool_parameter_name": "captcha_instance_id",
+ "description": "The unique key used to identify your CAPTCHA instance",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "The unique key used to identify your CAPTCHA instance"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/RetrieveCrossAppAccessConnection.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/RetrieveCrossAppAccessConnection.json
new file mode 100644
index 000000000..5c5161e99
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/RetrieveCrossAppAccessConnection.json
@@ -0,0 +1,137 @@
+{
+ "name": "RetrieveCrossAppAccessConnection",
+ "fully_qualified_name": "OktaApi.RetrieveCrossAppAccessConnection@0.1.0",
+ "description": "Retrieve details of a Cross App Access connection by ID.\n\nUse this tool to fetch information about a specific Cross App Access connection using the app and connection IDs.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "application_id",
+ "required": true,
+ "description": "The unique ID of the application for which to retrieve the cross app access connection.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Application ID"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "appId"
+ },
+ {
+ "name": "connection_id",
+ "required": true,
+ "description": "The unique identifier for the Cross App Access connection you want to retrieve.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Connection ID"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "connectionId"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'getCrossAppAccessConnection'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.apps.read"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/apps/{appId}/cwo/connections/{connectionId}",
+ "http_method": "GET",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "appId",
+ "tool_parameter_name": "application_id",
+ "description": "Application ID",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Application ID"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ },
+ {
+ "name": "connectionId",
+ "tool_parameter_name": "connection_id",
+ "description": "Connection ID",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Connection ID"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/RetrieveCsrForApp.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/RetrieveCsrForApp.json
new file mode 100644
index 000000000..8aed89b1e
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/RetrieveCsrForApp.json
@@ -0,0 +1,137 @@
+{
+ "name": "RetrieveCsrForApp",
+ "fully_qualified_name": "OktaApi.RetrieveCsrForApp@0.1.0",
+ "description": "Retrieve a CSR for a specific application.\n\nUse this tool to obtain a Certificate Signing Request (CSR) for a given application, identified by the CSR ID. The CSR can be returned as a Base64-encoded string or a JSON object, depending on the requested media type.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "application_id",
+ "required": true,
+ "description": "The unique identifier of the application for which to retrieve the CSR.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Application ID"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "appId"
+ },
+ {
+ "name": "certificate_signing_request_id",
+ "required": true,
+ "description": "The unique identifier of the Certificate Signing Request (CSR) to retrieve.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "`id` of the CSR"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "csrId"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'getCsrForApplication'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.apps.read"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/apps/{appId}/credentials/csrs/{csrId}",
+ "http_method": "GET",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "appId",
+ "tool_parameter_name": "application_id",
+ "description": "Application ID",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Application ID"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ },
+ {
+ "name": "csrId",
+ "tool_parameter_name": "certificate_signing_request_id",
+ "description": "`id` of the CSR",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "`id` of the CSR"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/RetrieveCustomAaguid.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/RetrieveCustomAaguid.json
new file mode 100644
index 000000000..e3a8e8f0d
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/RetrieveCustomAaguid.json
@@ -0,0 +1,137 @@
+{
+ "name": "RetrieveCustomAaguid",
+ "fully_qualified_name": "OktaApi.RetrieveCustomAaguid@0.1.0",
+ "description": "Retrieve a custom AAGUID for a specific authenticator.\n\nCall this tool to obtain the custom AAGUID for a given authenticator using its ID. This is useful for authentication processes requiring specific AAGUID details.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "authenticator_id",
+ "required": true,
+ "description": "The ID of the authenticator for which to retrieve the custom AAGUID.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "`id` of the authenticator"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "authenticatorId"
+ },
+ {
+ "name": "custom_aaguid",
+ "required": true,
+ "description": "The unique identifier for a custom AAGUID. This is used to specify which AAGUID to retrieve.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Unique ID of a custom AAGUID"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "aaguid"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'getCustomAAGUID'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.authenticators.read"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/authenticators/{authenticatorId}/aaguids/{aaguid}",
+ "http_method": "GET",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "authenticatorId",
+ "tool_parameter_name": "authenticator_id",
+ "description": "`id` of the authenticator",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "`id` of the authenticator"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ },
+ {
+ "name": "aaguid",
+ "tool_parameter_name": "custom_aaguid",
+ "description": "Unique ID of a custom AAGUID",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Unique ID of a custom AAGUID"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/RetrieveCustomDomain.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/RetrieveCustomDomain.json
new file mode 100644
index 000000000..7609d5f0a
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/RetrieveCustomDomain.json
@@ -0,0 +1,105 @@
+{
+ "name": "RetrieveCustomDomain",
+ "fully_qualified_name": "OktaApi.RetrieveCustomDomain@0.1.0",
+ "description": "Retrieve details of a custom domain by ID.\n\nUse this tool to obtain information about a specific custom domain in Okta by providing its domain ID.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "domain_id",
+ "required": true,
+ "description": "The unique ID of the custom domain to retrieve details for.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "`id` of the Domain"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "domainId"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'getCustomDomain'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.domains.read"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/domains/{domainId}",
+ "http_method": "GET",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "domainId",
+ "tool_parameter_name": "domain_id",
+ "description": "`id` of the Domain",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "`id` of the Domain"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/RetrieveCustomTokenScope.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/RetrieveCustomTokenScope.json
new file mode 100644
index 000000000..7c559e883
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/RetrieveCustomTokenScope.json
@@ -0,0 +1,137 @@
+{
+ "name": "RetrieveCustomTokenScope",
+ "fully_qualified_name": "OktaApi.RetrieveCustomTokenScope@0.1.0",
+ "description": "Retrieve details of a specific OAuth2 custom token scope.\n\nThis tool is used to obtain details of a particular OAuth2 custom token scope from a specified authorization server using the Auth Server ID and Scope ID.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "authorization_server_id",
+ "required": true,
+ "description": "`id` of the Authorization Server. Required to specify which authorization server to use.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "`id` of the Authorization Server"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "authServerId"
+ },
+ {
+ "name": "scope_id",
+ "required": true,
+ "description": "The `id` of the OAuth2 custom token scope to be retrieved.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "`id` of Scope"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "scopeId"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'getOAuth2Scope'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.authorizationServers.read"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/authorizationServers/{authServerId}/scopes/{scopeId}",
+ "http_method": "GET",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "authServerId",
+ "tool_parameter_name": "authorization_server_id",
+ "description": "`id` of the Authorization Server",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "`id` of the Authorization Server"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ },
+ {
+ "name": "scopeId",
+ "tool_parameter_name": "scope_id",
+ "description": "`id` of Scope",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "`id` of Scope"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/RetrieveDefaultErrorPage.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/RetrieveDefaultErrorPage.json
new file mode 100644
index 000000000..9b785e61f
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/RetrieveDefaultErrorPage.json
@@ -0,0 +1,105 @@
+{
+ "name": "RetrieveDefaultErrorPage",
+ "fully_qualified_name": "OktaApi.RetrieveDefaultErrorPage@0.1.0",
+ "description": "Retrieve the default error page for a brand.\n\nThis tool retrieves the default error page for a specified brand when no customized error page is present.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "brand_id",
+ "required": true,
+ "description": "The unique identifier for the brand to retrieve its default error page.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "The ID of the brand"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "brandId"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'getDefaultErrorPage'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.brands.read"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/brands/{brandId}/pages/error/default",
+ "http_method": "GET",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "brandId",
+ "tool_parameter_name": "brand_id",
+ "description": "The ID of the brand",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "The ID of the brand"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/RetrieveDeviceInformation.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/RetrieveDeviceInformation.json
new file mode 100644
index 000000000..99713096f
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/RetrieveDeviceInformation.json
@@ -0,0 +1,105 @@
+{
+ "name": "RetrieveDeviceInformation",
+ "fully_qualified_name": "OktaApi.RetrieveDeviceInformation@0.1.0",
+ "description": "Retrieve information about a specific device using its ID.\n\nThis tool is used to get detailed information about a device by its `deviceId`. It should be called when you need to access specific details or status of a device managed in the Okta system.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "device_id",
+ "required": true,
+ "description": "The unique ID of the device to retrieve information for.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "`id` of the device"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "deviceId"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'getDevice'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.devices.read"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/devices/{deviceId}",
+ "http_method": "GET",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "deviceId",
+ "tool_parameter_name": "device_id",
+ "description": "`id` of the device",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "`id` of the device"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/RetrieveDeviceIntegration.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/RetrieveDeviceIntegration.json
new file mode 100644
index 000000000..5aa0cb749
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/RetrieveDeviceIntegration.json
@@ -0,0 +1,105 @@
+{
+ "name": "RetrieveDeviceIntegration",
+ "fully_qualified_name": "OktaApi.RetrieveDeviceIntegration@0.1.0",
+ "description": "Retrieve details of a device integration by ID.\n\nUse this tool to get specific information about a device integration using its unique ID.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "device_integration_id",
+ "required": true,
+ "description": "The unique ID of the device integration to retrieve details for.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "The ID of the device integration"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "deviceIntegrationId"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'getDeviceIntegration'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.deviceIntegrations.read"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/device-integrations/{deviceIntegrationId}",
+ "http_method": "GET",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "deviceIntegrationId",
+ "tool_parameter_name": "device_integration_id",
+ "description": "The ID of the device integration",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "The ID of the device integration"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/RetrieveDevicePostureCheck.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/RetrieveDevicePostureCheck.json
new file mode 100644
index 000000000..f4e2c3cca
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/RetrieveDevicePostureCheck.json
@@ -0,0 +1,105 @@
+{
+ "name": "RetrieveDevicePostureCheck",
+ "fully_qualified_name": "OktaApi.RetrieveDevicePostureCheck@0.1.0",
+ "description": "Retrieve a device posture check by ID.\n\nUse this tool to retrieve details of a specific device posture check using the `postureCheckId`. This is helpful for managing or verifying device compliance and security status.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "device_posture_check_id",
+ "required": true,
+ "description": "The unique identifier for the device posture check to retrieve.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "ID of the device posture check"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "postureCheckId"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'getDevicePostureCheck'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.devicePostureChecks.read"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/device-posture-checks/{postureCheckId}",
+ "http_method": "GET",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "postureCheckId",
+ "tool_parameter_name": "device_posture_check_id",
+ "description": "ID of the device posture check",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "ID of the device posture check"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/RetrieveEmailCustomization.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/RetrieveEmailCustomization.json
new file mode 100644
index 000000000..12c2099a5
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/RetrieveEmailCustomization.json
@@ -0,0 +1,169 @@
+{
+ "name": "RetrieveEmailCustomization",
+ "fully_qualified_name": "OktaApi.RetrieveEmailCustomization@0.1.0",
+ "description": "Retrieve email customization details by ID.\n\nUse this tool to fetch the details of a specific email customization in Okta by its unique identifier. Note that if custom languages for Okta Email Templates are disabled, attempting to retrieve a customization by ID for an additional language will result in a '404 Not Found' error.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "brand_id",
+ "required": true,
+ "description": "The unique identifier for the brand to retrieve the email customization associated with it.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "The ID of the brand"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "brandId"
+ },
+ {
+ "name": "email_template_name",
+ "required": true,
+ "description": "The name of the email template to customize.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "The name of the email template"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "templateName"
+ },
+ {
+ "name": "email_customization_id",
+ "required": true,
+ "description": "The unique identifier for the specific email customization to retrieve.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "The ID of the email customization"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "customizationId"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'getEmailCustomization'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.templates.read"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/brands/{brandId}/templates/email/{templateName}/customizations/{customizationId}",
+ "http_method": "GET",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "brandId",
+ "tool_parameter_name": "brand_id",
+ "description": "The ID of the brand",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "The ID of the brand"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ },
+ {
+ "name": "templateName",
+ "tool_parameter_name": "email_template_name",
+ "description": "The name of the email template",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "The name of the email template"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ },
+ {
+ "name": "customizationId",
+ "tool_parameter_name": "email_customization_id",
+ "description": "The ID of the email customization",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "The ID of the email customization"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/RetrieveEmailDomain.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/RetrieveEmailDomain.json
new file mode 100644
index 000000000..773a3515a
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/RetrieveEmailDomain.json
@@ -0,0 +1,137 @@
+{
+ "name": "RetrieveEmailDomain",
+ "fully_qualified_name": "OktaApi.RetrieveEmailDomain@0.1.0",
+ "description": "Retrieve email domain details by ID.\n\nFetches details of a specific email domain using the given `emailDomainId`. Ideal for obtaining information about a particular domain managed by Okta.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "email_domain_id",
+ "required": true,
+ "description": "The unique identifier for the email domain to retrieve information about in Okta.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": ""
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "emailDomainId"
+ },
+ {
+ "name": "include_additional_metadata",
+ "required": false,
+ "description": "List of strings specifying additional metadata to include in the response.",
+ "value_schema": {
+ "val_type": "array",
+ "inner_val_type": "string",
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Specifies additional metadata to be included in the response"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "expand"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'getEmailDomain'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.emailDomains.read"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/email-domains/{emailDomainId}",
+ "http_method": "GET",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "expand",
+ "tool_parameter_name": "include_additional_metadata",
+ "description": "Specifies additional metadata to be included in the response",
+ "value_schema": {
+ "val_type": "array",
+ "inner_val_type": "string",
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Specifies additional metadata to be included in the response"
+ },
+ "accepted_as": "query",
+ "required": false,
+ "deprecated": false,
+ "documentation_urls": []
+ },
+ {
+ "name": "emailDomainId",
+ "tool_parameter_name": "email_domain_id",
+ "description": "",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": ""
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/RetrieveEmailTemplateDefaultContent.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/RetrieveEmailTemplateDefaultContent.json
new file mode 100644
index 000000000..6d66b9842
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/RetrieveEmailTemplateDefaultContent.json
@@ -0,0 +1,169 @@
+{
+ "name": "RetrieveEmailTemplateDefaultContent",
+ "fully_qualified_name": "OktaApi.RetrieveEmailTemplateDefaultContent@0.1.0",
+ "description": "Retrieves the default content of a specific email template.\n\nUse this tool to retrieve the default content for a specified email template in Okta. The content defaults to the current user's language, considering Okta's custom language settings and any additional language specified.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "brand_id",
+ "required": true,
+ "description": "The unique ID of the brand for which the email template content is being retrieved.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "The ID of the brand"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "brandId"
+ },
+ {
+ "name": "email_template_name",
+ "required": true,
+ "description": "Specify the name of the email template to retrieve its default content.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "The name of the email template"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "templateName"
+ },
+ {
+ "name": "email_language",
+ "required": false,
+ "description": "Specify the language for the email content. Defaults to the user's current language if unspecified.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "The language to use for the email. Defaults to the current user's language if unspecified."
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "language"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'getEmailDefaultContent'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.templates.read"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/brands/{brandId}/templates/email/{templateName}/default-content",
+ "http_method": "GET",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "language",
+ "tool_parameter_name": "email_language",
+ "description": "The language to use for the email. Defaults to the current user's language if unspecified.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "The language to use for the email. Defaults to the current user's language if unspecified."
+ },
+ "accepted_as": "query",
+ "required": false,
+ "deprecated": false,
+ "documentation_urls": []
+ },
+ {
+ "name": "brandId",
+ "tool_parameter_name": "brand_id",
+ "description": "The ID of the brand",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "The ID of the brand"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ },
+ {
+ "name": "templateName",
+ "tool_parameter_name": "email_template_name",
+ "description": "The name of the email template",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "The name of the email template"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/RetrieveEmailTemplateDetails.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/RetrieveEmailTemplateDetails.json
new file mode 100644
index 000000000..47629c5d6
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/RetrieveEmailTemplateDetails.json
@@ -0,0 +1,169 @@
+{
+ "name": "RetrieveEmailTemplateDetails",
+ "fully_qualified_name": "OktaApi.RetrieveEmailTemplateDetails@0.1.0",
+ "description": "Retrieve details of an email template by its name.\n\nThis tool retrieves detailed information about a specific email template by its name, for a given brand ID. It should be called when you need to access or display the details of an email template managed by Okta.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "brand_id",
+ "required": true,
+ "description": "The unique identifier for the brand. It's required to specify which brand's email template details to retrieve.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "The ID of the brand"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "brandId"
+ },
+ {
+ "name": "email_template_name",
+ "required": true,
+ "description": "The name of the email template you want to retrieve details for.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "The name of the email template"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "templateName"
+ },
+ {
+ "name": "include_additional_metadata",
+ "required": false,
+ "description": "A list of strings specifying additional metadata to include in the response.",
+ "value_schema": {
+ "val_type": "array",
+ "inner_val_type": "string",
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Specifies additional metadata to be included in the response"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "expand"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'getEmailTemplate'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.templates.read"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/brands/{brandId}/templates/email/{templateName}",
+ "http_method": "GET",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "expand",
+ "tool_parameter_name": "include_additional_metadata",
+ "description": "Specifies additional metadata to be included in the response",
+ "value_schema": {
+ "val_type": "array",
+ "inner_val_type": "string",
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Specifies additional metadata to be included in the response"
+ },
+ "accepted_as": "query",
+ "required": false,
+ "deprecated": false,
+ "documentation_urls": []
+ },
+ {
+ "name": "brandId",
+ "tool_parameter_name": "brand_id",
+ "description": "The ID of the brand",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "The ID of the brand"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ },
+ {
+ "name": "templateName",
+ "tool_parameter_name": "email_template_name",
+ "description": "The name of the email template",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "The name of the email template"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/RetrieveErrorPageDetails.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/RetrieveErrorPageDetails.json
new file mode 100644
index 000000000..bf809e627
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/RetrieveErrorPageDetails.json
@@ -0,0 +1,137 @@
+{
+ "name": "RetrieveErrorPageDetails",
+ "fully_qualified_name": "OktaApi.RetrieveErrorPageDetails@0.1.0",
+ "description": "Retrieve error page sub-resource details.\n\nThis tool retrieves the error page sub-resources for a specified brand using the Okta service. Use this tool to obtain detailed information about error pages, tailored by the `expand` parameter to specify included sub-resources.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "brand_id",
+ "required": true,
+ "description": "The unique identifier for the brand whose error page details you want to retrieve.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "The ID of the brand"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "brandId"
+ },
+ {
+ "name": "include_sub_resources",
+ "required": false,
+ "description": "A list of sub-resource names to include additional metadata in the response.",
+ "value_schema": {
+ "val_type": "array",
+ "inner_val_type": "string",
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Specifies additional metadata to be included in the response"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "expand"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'getErrorPage'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.brands.read"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/brands/{brandId}/pages/error",
+ "http_method": "GET",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "expand",
+ "tool_parameter_name": "include_sub_resources",
+ "description": "Specifies additional metadata to be included in the response",
+ "value_schema": {
+ "val_type": "array",
+ "inner_val_type": "string",
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Specifies additional metadata to be included in the response"
+ },
+ "accepted_as": "query",
+ "required": false,
+ "deprecated": false,
+ "documentation_urls": []
+ },
+ {
+ "name": "brandId",
+ "tool_parameter_name": "brand_id",
+ "description": "The ID of the brand",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "The ID of the brand"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/RetrieveEventHook.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/RetrieveEventHook.json
new file mode 100644
index 000000000..591cff9ca
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/RetrieveEventHook.json
@@ -0,0 +1,105 @@
+{
+ "name": "RetrieveEventHook",
+ "fully_qualified_name": "OktaApi.RetrieveEventHook@0.1.0",
+ "description": "Retrieve details of a specific event hook by ID.\n\nCall this tool to get detailed information about a specific event hook in Okta using the eventHookId.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "event_hook_id",
+ "required": true,
+ "description": "The unique `id` of the event hook to retrieve details for.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "`id` of the Event Hook"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "eventHookId"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'getEventHook'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.eventHooks.read"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/eventHooks/{eventHookId}",
+ "http_method": "GET",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "eventHookId",
+ "tool_parameter_name": "event_hook_id",
+ "description": "`id` of the Event Hook",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "`id` of the Event Hook"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/RetrieveFederatedClaim.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/RetrieveFederatedClaim.json
new file mode 100644
index 000000000..8bca08340
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/RetrieveFederatedClaim.json
@@ -0,0 +1,137 @@
+{
+ "name": "RetrieveFederatedClaim",
+ "fully_qualified_name": "OktaApi.RetrieveFederatedClaim@0.1.0",
+ "description": "Retrieve a federated claim by its ID.\n\nUse this tool to retrieve details of a federated claim by providing the specific claim ID and application ID. This is useful for obtaining information about a particular federated identity claim in an Okta application.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "application_id",
+ "required": true,
+ "description": "The ID of the application for which the federated claim is retrieved. Required to specify which application the claim is associated with.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Application ID"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "appId"
+ },
+ {
+ "name": "federated_claim_id",
+ "required": true,
+ "description": "The unique ID of the federated claim to retrieve details for.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "The unique `id` of the federated claim"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "claimId"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'getFederatedClaim'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.apps.read"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/apps/{appId}/federated-claims/{claimId}",
+ "http_method": "GET",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "appId",
+ "tool_parameter_name": "application_id",
+ "description": "Application ID",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Application ID"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ },
+ {
+ "name": "claimId",
+ "tool_parameter_name": "federated_claim_id",
+ "description": "The unique `id` of the federated claim",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "The unique `id` of the federated claim"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/RetrieveGovernanceBundle.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/RetrieveGovernanceBundle.json
new file mode 100644
index 000000000..3056c7fbf
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/RetrieveGovernanceBundle.json
@@ -0,0 +1,105 @@
+{
+ "name": "RetrieveGovernanceBundle",
+ "fully_qualified_name": "OktaApi.RetrieveGovernanceBundle@0.1.0",
+ "description": "Retrieve a Governance Bundle from Okta RAMP.\n\nUse this tool to fetch information about a specific Governance Bundle from Okta's RAMP service using the bundle ID.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "bundle_id",
+ "required": true,
+ "description": "The unique identifier of the Governance Bundle to retrieve.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "The `id` of a bundle"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "bundleId"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'getGovernanceBundle'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.roles.read"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/iam/governance/bundles/{bundleId}",
+ "http_method": "GET",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "bundleId",
+ "tool_parameter_name": "bundle_id",
+ "description": "The `id` of a bundle",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "The `id` of a bundle"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/RetrieveGroupById.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/RetrieveGroupById.json
new file mode 100644
index 000000000..064dfffff
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/RetrieveGroupById.json
@@ -0,0 +1,105 @@
+{
+ "name": "RetrieveGroupById",
+ "fully_qualified_name": "OktaApi.RetrieveGroupById@0.1.0",
+ "description": "Retrieve specific group details by ID from your org.\n\nUse this tool to get information about a specific group in your organization by providing the group's ID.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "group_id",
+ "required": true,
+ "description": "The unique identifier for the group to retrieve from the organization.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "The `id` of the group"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "groupId"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'getGroup'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.groups.read"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/groups/{groupId}",
+ "http_method": "GET",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "groupId",
+ "tool_parameter_name": "group_id",
+ "description": "The `id` of the group",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "The `id` of the group"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/RetrieveGroupPushMapping.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/RetrieveGroupPushMapping.json
new file mode 100644
index 000000000..e0f4931b9
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/RetrieveGroupPushMapping.json
@@ -0,0 +1,138 @@
+{
+ "name": "RetrieveGroupPushMapping",
+ "fully_qualified_name": "OktaApi.RetrieveGroupPushMapping@0.1.0",
+ "description": "Retrieve a group push mapping by ID.\n\nUse this tool to get details of a specific group push mapping by providing the application and mapping IDs.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "application_id",
+ "required": true,
+ "description": "The ID of the application. This is required to retrieve the group push mapping.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Application ID"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "appId"
+ },
+ {
+ "name": "group_push_mapping_id",
+ "required": true,
+ "description": "The ID of the group push mapping to retrieve.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Group push mapping ID"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "mappingId"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'getGroupPushMapping'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.groups.read",
+ "okta.apps.read"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/apps/{appId}/group-push/mappings/{mappingId}",
+ "http_method": "GET",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "appId",
+ "tool_parameter_name": "application_id",
+ "description": "Application ID",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Application ID"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ },
+ {
+ "name": "mappingId",
+ "tool_parameter_name": "group_push_mapping_id",
+ "description": "Group push mapping ID",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Group push mapping ID"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/RetrieveGroupRoleAssignment.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/RetrieveGroupRoleAssignment.json
new file mode 100644
index 000000000..b6ae3f309
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/RetrieveGroupRoleAssignment.json
@@ -0,0 +1,137 @@
+{
+ "name": "RetrieveGroupRoleAssignment",
+ "fully_qualified_name": "OktaApi.RetrieveGroupRoleAssignment@0.1.0",
+ "description": "Retrieve a role assignment for a specified group.\n\nFetches the details of a role assigned to a group using group and role assignment identifiers. Use this to understand the role binding for a specific group in the system.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "group_id",
+ "required": true,
+ "description": "The unique ID of the group to retrieve the assigned role for.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "The `id` of the group"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "groupId"
+ },
+ {
+ "name": "role_assignment_id",
+ "required": true,
+ "description": "The unique ID of the role assignment to fetch details for a group.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "The `id` of the role assignment"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "roleAssignmentId"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'getGroupAssignedRole'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.roles.read"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/groups/{groupId}/roles/{roleAssignmentId}",
+ "http_method": "GET",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "groupId",
+ "tool_parameter_name": "group_id",
+ "description": "The `id` of the group",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "The `id` of the group"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ },
+ {
+ "name": "roleAssignmentId",
+ "tool_parameter_name": "role_assignment_id",
+ "description": "The `id` of the role assignment",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "The `id` of the role assignment"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/RetrieveGroupRuleById.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/RetrieveGroupRuleById.json
new file mode 100644
index 000000000..c30b49105
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/RetrieveGroupRuleById.json
@@ -0,0 +1,137 @@
+{
+ "name": "RetrieveGroupRuleById",
+ "fully_qualified_name": "OktaApi.RetrieveGroupRuleById@0.1.0",
+ "description": "Retrieve detailed information about a group rule by ID.\n\nUse this tool to obtain details of a specific group rule from your organization by providing the rule ID.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "group_rule_id",
+ "required": true,
+ "description": "The ID of the group rule to retrieve.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "The `id` of the group rule"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "groupRuleId"
+ },
+ {
+ "name": "show_group_names",
+ "required": false,
+ "description": "Set to 'groupIdToGroupNameMap' to show group names in the response.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "If specified as `groupIdToGroupNameMap`, then show group names"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "expand"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'getGroupRule'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.groups.read"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/groups/rules/{groupRuleId}",
+ "http_method": "GET",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "expand",
+ "tool_parameter_name": "show_group_names",
+ "description": "If specified as `groupIdToGroupNameMap`, then show group names",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "If specified as `groupIdToGroupNameMap`, then show group names"
+ },
+ "accepted_as": "query",
+ "required": false,
+ "deprecated": false,
+ "documentation_urls": []
+ },
+ {
+ "name": "groupRuleId",
+ "tool_parameter_name": "group_rule_id",
+ "description": "The `id` of the group rule",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "The `id` of the group rule"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/RetrieveHookKey.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/RetrieveHookKey.json
new file mode 100644
index 000000000..9ac01cda9
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/RetrieveHookKey.json
@@ -0,0 +1,105 @@
+{
+ "name": "RetrieveHookKey",
+ "fully_qualified_name": "OktaApi.RetrieveHookKey@0.1.0",
+ "description": "Retrieve the public portion of a Key object by ID.\n\nUse this tool to obtain the public portion of a Key object using the specified ID. Optionally, you can expand the response to include full details of the public key.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "key_id",
+ "required": false,
+ "description": "A valid key ID to retrieve the public portion of the Key object.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "A valid key ID"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "id"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'getHookKey'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.inlineHooks.read"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/hook-keys/{id}",
+ "http_method": "GET",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "id",
+ "tool_parameter_name": "key_id",
+ "description": "A valid key ID",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "A valid key ID"
+ },
+ "accepted_as": "path",
+ "required": false,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/RetrieveIdentityProvider.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/RetrieveIdentityProvider.json
new file mode 100644
index 000000000..2b11d7514
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/RetrieveIdentityProvider.json
@@ -0,0 +1,105 @@
+{
+ "name": "RetrieveIdentityProvider",
+ "fully_qualified_name": "OktaApi.RetrieveIdentityProvider@0.1.0",
+ "description": "Retrieves an identity provider integration by ID.\n\nUse this tool to retrieve details about a specific identity provider (IdP) integration using its unique ID.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "identity_provider_id",
+ "required": true,
+ "description": "The unique ID of the identity provider (IdP) to retrieve details for.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "`id` of IdP"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "idpId"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'getIdentityProvider'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.idps.read"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/idps/{idpId}",
+ "http_method": "GET",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "idpId",
+ "tool_parameter_name": "identity_provider_id",
+ "description": "`id` of IdP",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "`id` of IdP"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/RetrieveIdentityProviderKey.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/RetrieveIdentityProviderKey.json
new file mode 100644
index 000000000..aebc2adb0
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/RetrieveIdentityProviderKey.json
@@ -0,0 +1,105 @@
+{
+ "name": "RetrieveIdentityProviderKey",
+ "fully_qualified_name": "OktaApi.RetrieveIdentityProviderKey@0.1.0",
+ "description": "Retrieve a specific IdP key credential by `kid`.\n\nUse this tool to obtain details of an identity provider key credential by providing the `kid` (key ID). This is useful for managing and auditing identity provider configurations.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "identity_provider_key_id",
+ "required": true,
+ "description": "The unique identifier (`kid`) of the identity provider key credential needed to retrieve its details.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Unique `id` of the IdP key credential"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "kid"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'getIdentityProviderKey'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.idps.read"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/idps/credentials/keys/{kid}",
+ "http_method": "GET",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "kid",
+ "tool_parameter_name": "identity_provider_key_id",
+ "description": "Unique `id` of the IdP key credential",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Unique `id` of the IdP key credential"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/RetrieveIdentitySourceSession.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/RetrieveIdentitySourceSession.json
new file mode 100644
index 000000000..b11fc7479
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/RetrieveIdentitySourceSession.json
@@ -0,0 +1,137 @@
+{
+ "name": "RetrieveIdentitySourceSession",
+ "fully_qualified_name": "OktaApi.RetrieveIdentitySourceSession@0.1.0",
+ "description": "Retrieve an identity source session by ID and session.\n\nThis tool fetches session details for a specified identity source and session ID, helping manage authentication and identity processes.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "identity_source_id",
+ "required": true,
+ "description": "The ID of the identity source for which the session is created. This ID is used to specify which identity source's session details are to be retrieved.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "The ID of the identity source for which the session is created"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "identitySourceId"
+ },
+ {
+ "name": "identity_source_session_id",
+ "required": true,
+ "description": "The ID used to identify the specific identity source session.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "The ID of the identity source session"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "sessionId"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'getIdentitySourceSession'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.identitySources.read"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/identity-sources/{identitySourceId}/sessions/{sessionId}",
+ "http_method": "GET",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "identitySourceId",
+ "tool_parameter_name": "identity_source_id",
+ "description": "The ID of the identity source for which the session is created",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "The ID of the identity source for which the session is created"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ },
+ {
+ "name": "sessionId",
+ "tool_parameter_name": "identity_source_session_id",
+ "description": "The ID of the identity source session",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "The ID of the identity source session"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/RetrieveIdpUser.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/RetrieveIdpUser.json
new file mode 100644
index 000000000..dcf061443
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/RetrieveIdpUser.json
@@ -0,0 +1,137 @@
+{
+ "name": "RetrieveIdpUser",
+ "fully_qualified_name": "OktaApi.RetrieveIdpUser@0.1.0",
+ "description": "Retrieve a linked identity provider user by ID.\n\nThis tool retrieves a linked identity provider (IdP) user by their ID, useful for accessing detailed IdP user information.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "identity_provider_id",
+ "required": true,
+ "description": "The ID of the Identity Provider to retrieve the linked user from.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "`id` of IdP"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "idpId"
+ },
+ {
+ "name": "okta_user_id",
+ "required": true,
+ "description": "The unique ID of an existing Okta user to retrieve information for.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "ID of an existing Okta user"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "userId"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'getIdentityProviderApplicationUser'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.idps.read"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/idps/{idpId}/users/{userId}",
+ "http_method": "GET",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "idpId",
+ "tool_parameter_name": "identity_provider_id",
+ "description": "`id` of IdP",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "`id` of IdP"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ },
+ {
+ "name": "userId",
+ "tool_parameter_name": "okta_user_id",
+ "description": "ID of an existing Okta user",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "ID of an existing Okta user"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/RetrieveInlineHook.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/RetrieveInlineHook.json
new file mode 100644
index 000000000..b728329f1
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/RetrieveInlineHook.json
@@ -0,0 +1,105 @@
+{
+ "name": "RetrieveInlineHook",
+ "fully_qualified_name": "OktaApi.RetrieveInlineHook@0.1.0",
+ "description": "Fetches details of a specific inline hook by its ID.\n\nUse this tool to obtain detailed information about an inline hook specified by its ID. Ideal for scenarios where identification and configuration details of a specific inline hook are required.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "inline_hook_id",
+ "required": true,
+ "description": "The ID of the inline hook to retrieve details for. This should be a string representing the unique identifier of the hook.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "`id` of the inline hook"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "inlineHookId"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'getInlineHook'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.inlineHooks.read"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/inlineHooks/{inlineHookId}",
+ "http_method": "GET",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "inlineHookId",
+ "tool_parameter_name": "inline_hook_id",
+ "description": "`id` of the inline hook",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "`id` of the inline hook"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/RetrieveLinkedObjectDefinition.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/RetrieveLinkedObjectDefinition.json
new file mode 100644
index 000000000..8da699522
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/RetrieveLinkedObjectDefinition.json
@@ -0,0 +1,105 @@
+{
+ "name": "RetrieveLinkedObjectDefinition",
+ "fully_qualified_name": "OktaApi.RetrieveLinkedObjectDefinition@0.1.0",
+ "description": "Retrieve a Linked Object definition from Okta.\n\nUse this tool to get details about a specific Linked Object definition in Okta. It should be called when you need to understand the configuration or schema of a Linked Object by its name.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "linked_object_name",
+ "required": true,
+ "description": "The Primary or Associated name of the Linked Object to retrieve its definition from Okta.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Primary or Associated name"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "linkedObjectName"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'getLinkedObjectDefinition'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.linkedObjects.read"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/meta/schemas/user/linkedObjects/{linkedObjectName}",
+ "http_method": "GET",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "linkedObjectName",
+ "tool_parameter_name": "linked_object_name",
+ "description": "Primary or Associated name",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Primary or Associated name"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/RetrieveLogStreamSchema.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/RetrieveLogStreamSchema.json
new file mode 100644
index 000000000..e6d6c6df5
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/RetrieveLogStreamSchema.json
@@ -0,0 +1,111 @@
+{
+ "name": "RetrieveLogStreamSchema",
+ "fully_qualified_name": "OktaApi.RetrieveLogStreamSchema@0.1.0",
+ "description": "Retrieve the schema for a specific log stream type.\n\nThis tool retrieves the schema for a specified log stream type in Okta. Use it to obtain schema details for either AWS EventBridge or Splunk Cloud log streaming by specifying the appropriate type.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "log_stream_type",
+ "required": true,
+ "description": "Specify the log stream type: 'aws_eventbridge' for AWS EventBridge or 'splunk_cloud_logstreaming' for Splunk Cloud.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": [
+ "aws_eventbridge",
+ "splunk_cloud_logstreaming"
+ ],
+ "properties": null,
+ "inner_properties": null,
+ "description": ""
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "logStreamType"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'getLogStreamSchema'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.logStreams.read"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/meta/schemas/logStream/{logStreamType}",
+ "http_method": "GET",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "logStreamType",
+ "tool_parameter_name": "log_stream_type",
+ "description": "",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": [
+ "aws_eventbridge",
+ "splunk_cloud_logstreaming"
+ ],
+ "properties": null,
+ "inner_properties": null,
+ "description": ""
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/RetrieveOauth2Claim.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/RetrieveOauth2Claim.json
new file mode 100644
index 000000000..640a732fa
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/RetrieveOauth2Claim.json
@@ -0,0 +1,137 @@
+{
+ "name": "RetrieveOauth2Claim",
+ "fully_qualified_name": "OktaApi.RetrieveOauth2Claim@0.1.0",
+ "description": "Retrieve a custom OAuth2 token claim by ID.\n\nThis tool retrieves a specific custom token claim from an authorization server using the provided claim ID. It is used when you need to access detailed information about a particular OAuth2 custom token claim.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "authorization_server_id",
+ "required": true,
+ "description": "The ID of the Authorization Server whose claim is being retrieved.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "`id` of the Authorization Server"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "authServerId"
+ },
+ {
+ "name": "claim_id",
+ "required": true,
+ "description": "The unique identifier of the custom token claim to retrieve.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "`id` of Claim"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "claimId"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'getOAuth2Claim'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.authorizationServers.read"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/authorizationServers/{authServerId}/claims/{claimId}",
+ "http_method": "GET",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "authServerId",
+ "tool_parameter_name": "authorization_server_id",
+ "description": "`id` of the Authorization Server",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "`id` of the Authorization Server"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ },
+ {
+ "name": "claimId",
+ "tool_parameter_name": "claim_id",
+ "description": "`id` of Claim",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "`id` of Claim"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/RetrieveOauth2ClientSecret.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/RetrieveOauth2ClientSecret.json
new file mode 100644
index 000000000..495805f37
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/RetrieveOauth2ClientSecret.json
@@ -0,0 +1,137 @@
+{
+ "name": "RetrieveOauth2ClientSecret",
+ "fully_qualified_name": "OktaApi.RetrieveOauth2ClientSecret@0.1.0",
+ "description": "Retrieve an OAuth 2.0 client secret by secret ID.\n\nThis tool is used to retrieve the details of an OAuth 2.0 client secret using its secret ID and app ID. It should be called when you need information about a specific OAuth client secret for an application.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "application_id",
+ "required": true,
+ "description": "The unique identifier for the application to retrieve the client secret for.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Application ID"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "appId"
+ },
+ {
+ "name": "oauth_client_secret_id",
+ "required": true,
+ "description": "The unique identifier for the OAuth 2.0 client secret you want to retrieve.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Unique `id` of the OAuth 2.0 Client Secret"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "secretId"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'getOAuth2ClientSecret'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.apps.read"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/apps/{appId}/credentials/secrets/{secretId}",
+ "http_method": "GET",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "appId",
+ "tool_parameter_name": "application_id",
+ "description": "Application ID",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Application ID"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ },
+ {
+ "name": "secretId",
+ "tool_parameter_name": "oauth_client_secret_id",
+ "description": "Unique `id` of the OAuth 2.0 Client Secret",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Unique `id` of the OAuth 2.0 Client Secret"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/RetrieveOauth2ServerKey.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/RetrieveOauth2ServerKey.json
new file mode 100644
index 000000000..8e57c6604
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/RetrieveOauth2ServerKey.json
@@ -0,0 +1,137 @@
+{
+ "name": "RetrieveOauth2ServerKey",
+ "fully_qualified_name": "OktaApi.RetrieveOauth2ServerKey@0.1.0",
+ "description": "Retrieve a custom authorization server's public JSON web key.\n\nUse this tool to obtain a public JSON web key for a specified custom authorization server by providing the server and key identifiers.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "authorization_server_id",
+ "required": true,
+ "description": "The unique `id` of the Authorization Server to retrieve the JSON web key from.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "`id` of the Authorization Server"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "authServerId"
+ },
+ {
+ "name": "custom_auth_server_jwk_id",
+ "required": true,
+ "description": "Unique identifier of the custom authorization server JSON web key.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Unique `id` of the Custom Authorization Server JSON Web Key"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "keyId"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'getOAuth2ResourceServerJsonWebKey'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.authorizationServers.read"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/authorizationServers/{authServerId}/resourceservercredentials/keys/{keyId}",
+ "http_method": "GET",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "authServerId",
+ "tool_parameter_name": "authorization_server_id",
+ "description": "`id` of the Authorization Server",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "`id` of the Authorization Server"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ },
+ {
+ "name": "keyId",
+ "tool_parameter_name": "custom_auth_server_jwk_id",
+ "description": "Unique `id` of the Custom Authorization Server JSON Web Key",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Unique `id` of the Custom Authorization Server JSON Web Key"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/RetrieveOauth2Token.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/RetrieveOauth2Token.json
new file mode 100644
index 000000000..cbfc3f2c5
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/RetrieveOauth2Token.json
@@ -0,0 +1,169 @@
+{
+ "name": "RetrieveOauth2Token",
+ "fully_qualified_name": "OktaApi.RetrieveOauth2Token@0.1.0",
+ "description": "Retrieve a refresh token for a specified application.\n\nThis tool retrieves a refresh token for a specified application using its app ID and token ID. It should be called when there's a need to obtain a new refresh token for app authentication.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "application_id",
+ "required": true,
+ "description": "The ID of the application for which you wish to retrieve the refresh token.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Application ID"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "appId"
+ },
+ {
+ "name": "token_id",
+ "required": true,
+ "description": "The `id` of the token for which a refresh token is to be retrieved.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "`id` of Token"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "tokenId"
+ },
+ {
+ "name": "include_scope_details",
+ "required": false,
+ "description": "Set to 'scope' to return scope details in the `_embedded` property.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "An optional parameter to return scope details in the `_embedded` property. Valid value: `scope`"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "expand"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'getOAuth2TokenForApplication'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.apps.read"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/apps/{appId}/tokens/{tokenId}",
+ "http_method": "GET",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "expand",
+ "tool_parameter_name": "include_scope_details",
+ "description": "An optional parameter to return scope details in the `_embedded` property. Valid value: `scope`",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "An optional parameter to return scope details in the `_embedded` property. Valid value: `scope`"
+ },
+ "accepted_as": "query",
+ "required": false,
+ "deprecated": false,
+ "documentation_urls": []
+ },
+ {
+ "name": "appId",
+ "tool_parameter_name": "application_id",
+ "description": "Application ID",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Application ID"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ },
+ {
+ "name": "tokenId",
+ "tool_parameter_name": "token_id",
+ "description": "`id` of Token",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "`id` of Token"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/RetrieveOauthClientJwk.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/RetrieveOauthClientJwk.json
new file mode 100644
index 000000000..9ad27c659
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/RetrieveOauthClientJwk.json
@@ -0,0 +1,137 @@
+{
+ "name": "RetrieveOauthClientJwk",
+ "fully_qualified_name": "OktaApi.RetrieveOauthClientJwk@0.1.0",
+ "description": "Retrieve an OAuth 2.0 Client JSON Web Key by keyId.\n\nUse this tool to obtain the JSON Web Key associated with a specific OAuth 2.0 client using the provided keyId. Useful for verifying signatures and encrypting/un-decrypting data.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "application_id",
+ "required": true,
+ "description": "The unique ID of the application. Used to identify which application's OAuth 2.0 Client JSON Web Key to retrieve.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Application ID"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "appId"
+ },
+ {
+ "name": "key_id",
+ "required": true,
+ "description": "Unique ID of the Custom Authorization Server JSON Web Key for OAuth 2.0 clients.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Unique `id` of the Custom Authorization Server JSON Web Key"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "keyId"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'getJwk'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.apps.read"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/apps/{appId}/credentials/jwks/{keyId}",
+ "http_method": "GET",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "appId",
+ "tool_parameter_name": "application_id",
+ "description": "Application ID",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Application ID"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ },
+ {
+ "name": "keyId",
+ "tool_parameter_name": "key_id",
+ "description": "Unique `id` of the Custom Authorization Server JSON Web Key",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Unique `id` of the Custom Authorization Server JSON Web Key"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/RetrieveOktaApplication.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/RetrieveOktaApplication.json
new file mode 100644
index 000000000..4f7a54888
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/RetrieveOktaApplication.json
@@ -0,0 +1,137 @@
+{
+ "name": "RetrieveOktaApplication",
+ "fully_qualified_name": "OktaApi.RetrieveOktaApplication@0.1.0",
+ "description": "Retrieves application details from Okta by ID.\n\nUse this tool to get detailed information about a specific application in your Okta organization by providing the application's ID.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "application_id",
+ "required": true,
+ "description": "The unique identifier of the application in Okta.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Application ID"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "appId"
+ },
+ {
+ "name": "expand_user_info",
+ "required": false,
+ "description": "Specifies if the details of a particular Application User should be returned in the response. Use the format `user/{userId}` to expand.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "An optional query parameter to return the specified [Application User](/openapi/okta-management/management/tag/ApplicationUsers/) in the `_embedded` property.\nValid value: `expand=user/{userId}`"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "expand"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'getApplication'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.apps.read"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/apps/{appId}",
+ "http_method": "GET",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "expand",
+ "tool_parameter_name": "expand_user_info",
+ "description": "An optional query parameter to return the specified [Application User](/openapi/okta-management/management/tag/ApplicationUsers/) in the `_embedded` property.\nValid value: `expand=user/{userId}`",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "An optional query parameter to return the specified [Application User](/openapi/okta-management/management/tag/ApplicationUsers/) in the `_embedded` property.\nValid value: `expand=user/{userId}`"
+ },
+ "accepted_as": "query",
+ "required": false,
+ "deprecated": false,
+ "documentation_urls": []
+ },
+ {
+ "name": "appId",
+ "tool_parameter_name": "application_id",
+ "description": "Application ID",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Application ID"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/RetrieveOktaAuthenticator.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/RetrieveOktaAuthenticator.json
new file mode 100644
index 000000000..fd8f3e423
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/RetrieveOktaAuthenticator.json
@@ -0,0 +1,105 @@
+{
+ "name": "RetrieveOktaAuthenticator",
+ "fully_qualified_name": "OktaApi.RetrieveOktaAuthenticator@0.1.0",
+ "description": "Fetches an authenticator from Okta using its ID.\n\nUse this tool to retrieve detailed information about a specific authenticator in your Okta organization by providing its ID.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "authenticator_id",
+ "required": true,
+ "description": "The unique `id` of the authenticator to retrieve from Okta.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "`id` of the authenticator"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "authenticatorId"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'getAuthenticator'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.authenticators.read"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/authenticators/{authenticatorId}",
+ "http_method": "GET",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "authenticatorId",
+ "tool_parameter_name": "authenticator_id",
+ "description": "`id` of the authenticator",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "`id` of the authenticator"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/RetrieveOktaFeatureById.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/RetrieveOktaFeatureById.json
new file mode 100644
index 000000000..fdb0730dd
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/RetrieveOktaFeatureById.json
@@ -0,0 +1,105 @@
+{
+ "name": "RetrieveOktaFeatureById",
+ "fully_qualified_name": "OktaApi.RetrieveOktaFeatureById@0.1.0",
+ "description": "Retrieve details of a specific Okta feature by ID.\n\nUse this tool to get detailed information about a specific feature in Okta using its ID. Useful for accessing configuration or status of Okta features.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "feature_id",
+ "required": true,
+ "description": "The ID of the Okta feature to retrieve. This should be a string representing the unique identifier of the feature.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "`id` of the feature"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "featureId"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'getFeature'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.features.read"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/features/{featureId}",
+ "http_method": "GET",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "featureId",
+ "tool_parameter_name": "feature_id",
+ "description": "`id` of the feature",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "`id` of the feature"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/RetrieveOktaRole.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/RetrieveOktaRole.json
new file mode 100644
index 000000000..5369695f1
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/RetrieveOktaRole.json
@@ -0,0 +1,105 @@
+{
+ "name": "RetrieveOktaRole",
+ "fully_qualified_name": "OktaApi.RetrieveOktaRole@0.1.0",
+ "description": "Retrieve role details from Okta using role ID or label.\n\nThis tool is used to obtain detailed information about a specific role from Okta by providing either the role ID or its label. Use this tool when you need to access role specifications, permissions, or other role-related data within Okta.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "role_id_or_label",
+ "required": true,
+ "description": "The ID or label of the role to retrieve details from Okta.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "`id` or `label` of the role"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "roleIdOrLabel"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'getRole'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.roles.read"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/iam/roles/{roleIdOrLabel}",
+ "http_method": "GET",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "roleIdOrLabel",
+ "tool_parameter_name": "role_id_or_label",
+ "description": "`id` or `label` of the role",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "`id` or `label` of the role"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/RetrieveOrgContactUser.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/RetrieveOrgContactUser.json
new file mode 100644
index 000000000..5aff7c5c4
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/RetrieveOrgContactUser.json
@@ -0,0 +1,111 @@
+{
+ "name": "RetrieveOrgContactUser",
+ "fully_qualified_name": "OktaApi.RetrieveOrgContactUser@0.1.0",
+ "description": "Retrieve ID and user resource for a specific contact type in an organization.\n\nThis tool retrieves the ID and user resource associated with a specified contact type within an organization using Okta. It is useful for accessing contact details for organizational roles or responsibilities.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "contact_type",
+ "required": true,
+ "description": "Specify the contact type within the organization. Possible values: 'BILLING', 'TECHNICAL'.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": [
+ "BILLING",
+ "TECHNICAL"
+ ],
+ "properties": null,
+ "inner_properties": null,
+ "description": ""
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "contactType"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'getOrgContactUser'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.orgs.read"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/org/contacts/{contactType}",
+ "http_method": "GET",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "contactType",
+ "tool_parameter_name": "contact_type",
+ "description": "",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": [
+ "BILLING",
+ "TECHNICAL"
+ ],
+ "properties": null,
+ "inner_properties": null,
+ "description": ""
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/RetrieveOrgGeneralSettings.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/RetrieveOrgGeneralSettings.json
new file mode 100644
index 000000000..10c1898a8
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/RetrieveOrgGeneralSettings.json
@@ -0,0 +1,71 @@
+{
+ "name": "RetrieveOrgGeneralSettings",
+ "fully_qualified_name": "OktaApi.RetrieveOrgGeneralSettings@0.1.0",
+ "description": "Retrieve the organization's general settings.\n\nThis tool calls the Okta API to retrieve the organization's general settings, providing essential configuration details.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": []
+ },
+ "output": {
+ "description": "Response from the API endpoint 'getOrgSettings'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.orgs.read"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/org",
+ "http_method": "GET",
+ "headers": {},
+ "parameters": [],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/RetrievePolicy.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/RetrievePolicy.json
new file mode 100644
index 000000000..d026be861
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/RetrievePolicy.json
@@ -0,0 +1,137 @@
+{
+ "name": "RetrievePolicy",
+ "fully_qualified_name": "OktaApi.RetrievePolicy@0.1.0",
+ "description": "Retrieve details of a specific policy using its ID.\n\nThis tool should be called when a user wants to retrieve detailed information about a specific policy by providing the policy ID.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "policy_id",
+ "required": true,
+ "description": "The unique ID of the policy to retrieve details for.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "`id` of the Policy"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "policyId"
+ },
+ {
+ "name": "expand_policy_details",
+ "required": false,
+ "description": "Include additional policy details in the response. Provide parameters like 'groups'.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": ""
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "expand"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'getPolicy'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.policies.read"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/policies/{policyId}",
+ "http_method": "GET",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "expand",
+ "tool_parameter_name": "expand_policy_details",
+ "description": "",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": ""
+ },
+ "accepted_as": "query",
+ "required": false,
+ "deprecated": false,
+ "documentation_urls": []
+ },
+ {
+ "name": "policyId",
+ "tool_parameter_name": "policy_id",
+ "description": "`id` of the Policy",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "`id` of the Policy"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/RetrievePolicyMapping.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/RetrievePolicyMapping.json
new file mode 100644
index 000000000..4fc8a2293
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/RetrievePolicyMapping.json
@@ -0,0 +1,137 @@
+{
+ "name": "RetrievePolicyMapping",
+ "fully_qualified_name": "OktaApi.RetrievePolicyMapping@0.1.0",
+ "description": "Retrieves resource mapping for a specific policy.\n\nUse this tool to get the resource mapping for a policy by providing the `policyId` and `mappingId`. It is useful for viewing the details of how a policy is mapped to resources.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "policy_id",
+ "required": true,
+ "description": "The unique identifier of the policy to retrieve the resource mapping for.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "`id` of the Policy"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "policyId"
+ },
+ {
+ "name": "policy_resource_mapping_id",
+ "required": true,
+ "description": "The unique `id` of the policy resource Mapping. Required to retrieve the specific mapping details.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "`id` of the policy resource Mapping"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "mappingId"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'getPolicyMapping'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.policies.read"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/policies/{policyId}/mappings/{mappingId}",
+ "http_method": "GET",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "policyId",
+ "tool_parameter_name": "policy_id",
+ "description": "`id` of the Policy",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "`id` of the Policy"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ },
+ {
+ "name": "mappingId",
+ "tool_parameter_name": "policy_resource_mapping_id",
+ "description": "`id` of the policy resource Mapping",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "`id` of the policy resource Mapping"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/RetrievePolicyRule.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/RetrievePolicyRule.json
new file mode 100644
index 000000000..877ae21b7
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/RetrievePolicyRule.json
@@ -0,0 +1,137 @@
+{
+ "name": "RetrievePolicyRule",
+ "fully_qualified_name": "OktaApi.RetrievePolicyRule@0.1.0",
+ "description": "Retrieve details of a specific policy rule by its ID.\n\nThis tool is used to retrieve the details of a specific policy rule from Okta by providing the policy ID and rule ID. Use this when you need information about a particular rule within a policy.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "policy_id",
+ "required": true,
+ "description": "The unique ID of the Policy to retrieve the rule from.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "`id` of the Policy"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "policyId"
+ },
+ {
+ "name": "policy_rule_id",
+ "required": true,
+ "description": "The unique ID of the policy rule to retrieve from Okta.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "`id` of the policy rule"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "ruleId"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'getPolicyRule'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.policies.read"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/policies/{policyId}/rules/{ruleId}",
+ "http_method": "GET",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "policyId",
+ "tool_parameter_name": "policy_id",
+ "description": "`id` of the Policy",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "`id` of the Policy"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ },
+ {
+ "name": "ruleId",
+ "tool_parameter_name": "policy_rule_id",
+ "description": "`id` of the policy rule",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "`id` of the policy rule"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/RetrievePreviewSignInPage.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/RetrievePreviewSignInPage.json
new file mode 100644
index 000000000..e38da417c
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/RetrievePreviewSignInPage.json
@@ -0,0 +1,105 @@
+{
+ "name": "RetrievePreviewSignInPage",
+ "fully_qualified_name": "OktaApi.RetrievePreviewSignInPage@0.1.0",
+ "description": "Retrieve the preview sign-in page for unpublished changes.\n\nThis tool retrieves the preview version of the sign-in page, which includes any unpublished changes. Use this to view the page at `${yourOktaDomain}/login/preview` before it goes live.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "brand_identifier",
+ "required": true,
+ "description": "The unique identifier for the brand whose preview sign-in page you want to retrieve.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "The ID of the brand"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "brandId"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'getPreviewSignInPage'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.brands.read"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/brands/{brandId}/pages/sign-in/preview",
+ "http_method": "GET",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "brandId",
+ "tool_parameter_name": "brand_identifier",
+ "description": "The ID of the brand",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "The ID of the brand"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/RetrievePrincipalRateLimit.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/RetrievePrincipalRateLimit.json
new file mode 100644
index 000000000..2e80c5687
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/RetrievePrincipalRateLimit.json
@@ -0,0 +1,105 @@
+{
+ "name": "RetrievePrincipalRateLimit",
+ "fully_qualified_name": "OktaApi.RetrievePrincipalRateLimit@0.1.0",
+ "description": "Retrieve details of a principal rate limit entity by ID.\n\nUse this tool to obtain comprehensive information about a specific principal rate limit entity by providing the `principalRateLimitId`. This helps in understanding the rate limits applied to a principal.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "principal_rate_limit_id",
+ "required": true,
+ "description": "The ID of the principal rate limit entity to retrieve details for.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "ID of the principal rate limit"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "principalRateLimitId"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'getPrincipalRateLimitEntity'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.principalRateLimits.read"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/principal-rate-limits/{principalRateLimitId}",
+ "http_method": "GET",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "principalRateLimitId",
+ "tool_parameter_name": "principal_rate_limit_id",
+ "description": "ID of the principal rate limit",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "ID of the principal rate limit"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/RetrieveProfileMappingById.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/RetrieveProfileMappingById.json
new file mode 100644
index 000000000..8c9e0d360
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/RetrieveProfileMappingById.json
@@ -0,0 +1,105 @@
+{
+ "name": "RetrieveProfileMappingById",
+ "fully_qualified_name": "OktaApi.RetrieveProfileMappingById@0.1.0",
+ "description": "Retrieve profile mapping details by ID.\n\nUse this tool to get detailed information about a specific profile mapping using its unique identifier. Call this tool when you need to access details of a profile mapping from Okta.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "profile_mapping_id",
+ "required": true,
+ "description": "The unique ID of the profile mapping to retrieve.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "`id` of the Mapping"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "mappingId"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'getProfileMapping'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.profileMappings.read"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/mappings/{mappingId}",
+ "http_method": "GET",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "mappingId",
+ "tool_parameter_name": "profile_mapping_id",
+ "description": "`id` of the Mapping",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "`id` of the Mapping"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/RetrievePublicKey.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/RetrievePublicKey.json
new file mode 100644
index 000000000..52cb9bcf8
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/RetrievePublicKey.json
@@ -0,0 +1,105 @@
+{
+ "name": "RetrievePublicKey",
+ "fully_qualified_name": "OktaApi.RetrievePublicKey@0.1.0",
+ "description": "Retrieve a public key by its keyId.\n\nUse the tool to obtain the public key details associated with a specified keyId. This is useful for validating signatures or for other security operations requiring the public key.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "public_key_id",
+ "required": true,
+ "description": "The unique identifier for the public key to retrieve. This is used for obtaining the specific public key details.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "id\" of the Public Key"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "keyId"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'getPublicKey'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.inlineHooks.read"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/hook-keys/public/{keyId}",
+ "http_method": "GET",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "keyId",
+ "tool_parameter_name": "public_key_id",
+ "description": "id\" of the Public Key",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "id\" of the Public Key"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/RetrievePushProvider.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/RetrievePushProvider.json
new file mode 100644
index 000000000..ae9c72121
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/RetrievePushProvider.json
@@ -0,0 +1,105 @@
+{
+ "name": "RetrievePushProvider",
+ "fully_qualified_name": "OktaApi.RetrievePushProvider@0.1.0",
+ "description": "Fetch details of a push provider by ID.\n\nUse this tool to get information about a specific push provider using its ID. It's helpful when you need to retrieve detailed information about push notification configurations.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "push_provider_id",
+ "required": true,
+ "description": "The ID of the push provider to retrieve details for.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Id of the push provider"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "pushProviderId"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'getPushProvider'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.pushProviders.read"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/push-providers/{pushProviderId}",
+ "http_method": "GET",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "pushProviderId",
+ "tool_parameter_name": "push_provider_id",
+ "description": "Id of the push provider",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Id of the push provider"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/RetrieveRealmInfo.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/RetrieveRealmInfo.json
new file mode 100644
index 000000000..230b1c74e
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/RetrieveRealmInfo.json
@@ -0,0 +1,105 @@
+{
+ "name": "RetrieveRealmInfo",
+ "fully_qualified_name": "OktaApi.RetrieveRealmInfo@0.1.0",
+ "description": "Retrieve information about a specified realm.\n\nThis tool retrieves details about a specific realm identified by its ID. Use it to access information such as configuration and properties associated with a realm.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "realm_id",
+ "required": true,
+ "description": "The unique identifier for the realm to retrieve information for.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "ID of the realm"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "realmId"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'getRealm'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.realms.read"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/realms/{realmId}",
+ "http_method": "GET",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "realmId",
+ "tool_parameter_name": "realm_id",
+ "description": "ID of the realm",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "ID of the realm"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/RetrieveRefreshToken.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/RetrieveRefreshToken.json
new file mode 100644
index 000000000..9efc54759
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/RetrieveRefreshToken.json
@@ -0,0 +1,201 @@
+{
+ "name": "RetrieveRefreshToken",
+ "fully_qualified_name": "OktaApi.RetrieveRefreshToken@0.1.0",
+ "description": "Retrieve a refresh token for a client.\n\nUse this tool to get a refresh token for a specified client within an authorization server.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "authorization_server_id",
+ "required": true,
+ "description": "The ID of the Authorization Server for which the refresh token is retrieved.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "`id` of the Authorization Server"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "authServerId"
+ },
+ {
+ "name": "client_app_id",
+ "required": true,
+ "description": "The ID of the client application for which the refresh token is being retrieved.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Client app ID"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "clientId"
+ },
+ {
+ "name": "token_id",
+ "required": true,
+ "description": "The ID of the token to retrieve a refresh token for a specific client within an authorization server.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "`id` of Token"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "tokenId"
+ },
+ {
+ "name": "include_scope_details",
+ "required": false,
+ "description": "Specify 'scope' to include scope details in the `_embedded` attribute.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Valid value: `scope`. If specified, scope details are included in the `_embedded` attribute."
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "expand"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'getRefreshTokenForAuthorizationServerAndClient'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.authorizationServers.read"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/authorizationServers/{authServerId}/clients/{clientId}/tokens/{tokenId}",
+ "http_method": "GET",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "expand",
+ "tool_parameter_name": "include_scope_details",
+ "description": "Valid value: `scope`. If specified, scope details are included in the `_embedded` attribute.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Valid value: `scope`. If specified, scope details are included in the `_embedded` attribute."
+ },
+ "accepted_as": "query",
+ "required": false,
+ "deprecated": false,
+ "documentation_urls": []
+ },
+ {
+ "name": "authServerId",
+ "tool_parameter_name": "authorization_server_id",
+ "description": "`id` of the Authorization Server",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "`id` of the Authorization Server"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ },
+ {
+ "name": "clientId",
+ "tool_parameter_name": "client_app_id",
+ "description": "Client app ID",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Client app ID"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ },
+ {
+ "name": "tokenId",
+ "tool_parameter_name": "token_id",
+ "description": "`id` of Token",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "`id` of Token"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/RetrieveResourceSetDetails.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/RetrieveResourceSetDetails.json
new file mode 100644
index 000000000..44196f8ca
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/RetrieveResourceSetDetails.json
@@ -0,0 +1,137 @@
+{
+ "name": "RetrieveResourceSetDetails",
+ "fully_qualified_name": "OktaApi.RetrieveResourceSetDetails@0.1.0",
+ "description": "Retrieve details of a resource in a specific resource set.\n\nUse this tool to obtain details about a specific resource within a resource set using the resource ID.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "resource_set_identifier",
+ "required": true,
+ "description": "The ID or label of the resource set to retrieve the resource from.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "`id` or `label` of the resource set"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "resourceSetIdOrLabel"
+ },
+ {
+ "name": "resource_identifier",
+ "required": true,
+ "description": "The unique ID of the resource to be retrieved from the resource set.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "`id` of the resource"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "resourceId"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'getResourceSetResource'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.roles.read"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/iam/resource-sets/{resourceSetIdOrLabel}/resources/{resourceId}",
+ "http_method": "GET",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "resourceSetIdOrLabel",
+ "tool_parameter_name": "resource_set_identifier",
+ "description": "`id` or `label` of the resource set",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "`id` or `label` of the resource set"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ },
+ {
+ "name": "resourceId",
+ "tool_parameter_name": "resource_identifier",
+ "description": "`id` of the resource",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "`id` of the resource"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/RetrieveResourceSetOkta.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/RetrieveResourceSetOkta.json
new file mode 100644
index 000000000..6aaeab322
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/RetrieveResourceSetOkta.json
@@ -0,0 +1,105 @@
+{
+ "name": "RetrieveResourceSetOkta",
+ "fully_qualified_name": "OktaApi.RetrieveResourceSetOkta@0.1.0",
+ "description": "Retrieve a resource set by its ID or label from Okta.\n\nThis tool is used to fetch details of a specific resource set from Okta using a resource set ID or label. It should be called when information about a particular resource set is needed.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "resource_set_identifier",
+ "required": true,
+ "description": "The ID or label of the resource set to retrieve from Okta.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "`id` or `label` of the resource set"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "resourceSetIdOrLabel"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'getResourceSet'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.roles.read"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/iam/resource-sets/{resourceSetIdOrLabel}",
+ "http_method": "GET",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "resourceSetIdOrLabel",
+ "tool_parameter_name": "resource_set_identifier",
+ "description": "`id` or `label` of the resource set",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "`id` or `label` of the resource set"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/RetrieveRoleAssignmentGovernanceDetails.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/RetrieveRoleAssignmentGovernanceDetails.json
new file mode 100644
index 000000000..420400b53
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/RetrieveRoleAssignmentGovernanceDetails.json
@@ -0,0 +1,169 @@
+{
+ "name": "RetrieveRoleAssignmentGovernanceDetails",
+ "fully_qualified_name": "OktaApi.RetrieveRoleAssignmentGovernanceDetails@0.1.0",
+ "description": "Retrieve governance details for a user's role assignment.\n\nThis tool retrieves governance source information for a specific role assigned to a user. It should be called when you need detailed governance data about a user's role assignment identified by specific role and grant IDs.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "user_id",
+ "required": true,
+ "description": "The unique identifier for an existing Okta user. This ID is required to retrieve governance details related to their role assignments.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "ID of an existing Okta user"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "userId"
+ },
+ {
+ "name": "role_assignment_id",
+ "required": true,
+ "description": "The ID of the role assignment linked to the user. Required for retrieving governance details.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "The `id` of the role assignment"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "roleAssignmentId"
+ },
+ {
+ "name": "grant_id",
+ "required": true,
+ "description": "The ID for the specific grant related to the user's role assignment. This is used to retrieve governance details.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Grant ID"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "grantId"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'getRoleAssignmentGovernanceGrant'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.roles.read"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/users/{userId}/roles/{roleAssignmentId}/governance/{grantId}",
+ "http_method": "GET",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "userId",
+ "tool_parameter_name": "user_id",
+ "description": "ID of an existing Okta user",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "ID of an existing Okta user"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ },
+ {
+ "name": "roleAssignmentId",
+ "tool_parameter_name": "role_assignment_id",
+ "description": "The `id` of the role assignment",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "The `id` of the role assignment"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ },
+ {
+ "name": "grantId",
+ "tool_parameter_name": "grant_id",
+ "description": "Grant ID",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Grant ID"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/RetrieveRoleMember.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/RetrieveRoleMember.json
new file mode 100644
index 000000000..17ad91e97
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/RetrieveRoleMember.json
@@ -0,0 +1,169 @@
+{
+ "name": "RetrieveRoleMember",
+ "fully_qualified_name": "OktaApi.RetrieveRoleMember@0.1.0",
+ "description": "Retrieve member details in a role resource set binding.\n\nThis tool retrieves information about a specific member identified by `memberId` within a role resource set binding using the given resource set and role identifiers. It should be called when you need details about a member's role or permissions in a resource set.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "resource_set_identifier",
+ "required": true,
+ "description": "The `id` or `label` of the resource set to identify which set to retrieve the member from.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "`id` or `label` of the resource set"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "resourceSetIdOrLabel"
+ },
+ {
+ "name": "role_id_or_label",
+ "required": true,
+ "description": "The `id` or `label` of the role to identify which role the member belongs to.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "`id` or `label` of the role"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "roleIdOrLabel"
+ },
+ {
+ "name": "member_id",
+ "required": true,
+ "description": "ID of the member to look up in the role resource set binding.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "`id` of the member"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "memberId"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'getMemberOfBinding'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.roles.read"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/iam/resource-sets/{resourceSetIdOrLabel}/bindings/{roleIdOrLabel}/members/{memberId}",
+ "http_method": "GET",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "resourceSetIdOrLabel",
+ "tool_parameter_name": "resource_set_identifier",
+ "description": "`id` or `label` of the resource set",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "`id` or `label` of the resource set"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ },
+ {
+ "name": "roleIdOrLabel",
+ "tool_parameter_name": "role_id_or_label",
+ "description": "`id` or `label` of the role",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "`id` or `label` of the role"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ },
+ {
+ "name": "memberId",
+ "tool_parameter_name": "member_id",
+ "description": "`id` of the member",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "`id` of the member"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/RetrieveRolePermission.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/RetrieveRolePermission.json
new file mode 100644
index 000000000..fff0a2ecc
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/RetrieveRolePermission.json
@@ -0,0 +1,137 @@
+{
+ "name": "RetrieveRolePermission",
+ "fully_qualified_name": "OktaApi.RetrieveRolePermission@0.1.0",
+ "description": "Retrieve a specific permission for a custom role by type.\n\nUse this tool to obtain details about a specific permission associated with a custom role in Okta, identified by the permission type.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "role_id_or_label",
+ "required": true,
+ "description": "Identifier or label of the custom role to retrieve permission for.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "`id` or `label` of the role"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "roleIdOrLabel"
+ },
+ {
+ "name": "permission_type",
+ "required": true,
+ "description": "Specify the type of permission to retrieve for a custom role in Okta.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "An Okta [permission](/openapi/okta-management/guides/permissions)"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "permissionType"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'getRolePermission'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.roles.read"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/iam/roles/{roleIdOrLabel}/permissions/{permissionType}",
+ "http_method": "GET",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "roleIdOrLabel",
+ "tool_parameter_name": "role_id_or_label",
+ "description": "`id` or `label` of the role",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "`id` or `label` of the role"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ },
+ {
+ "name": "permissionType",
+ "tool_parameter_name": "permission_type",
+ "description": "An Okta [permission](/openapi/okta-management/guides/permissions)",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "An Okta [permission](/openapi/okta-management/guides/permissions)"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/RetrieveScopeConsentGrant.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/RetrieveScopeConsentGrant.json
new file mode 100644
index 000000000..86e504d4b
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/RetrieveScopeConsentGrant.json
@@ -0,0 +1,169 @@
+{
+ "name": "RetrieveScopeConsentGrant",
+ "fully_qualified_name": "OktaApi.RetrieveScopeConsentGrant@0.1.0",
+ "description": "Retrieve a single scope consent grant for an app.\n\nUse this tool to get details of a specific scope consent grant object for a given application, using app and grant identifiers.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "application_id",
+ "required": true,
+ "description": "The unique identifier for the application. Used to specify which application's scope consent grant to retrieve.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Application ID"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "appId"
+ },
+ {
+ "name": "grant_id",
+ "required": true,
+ "description": "The unique identifier for the grant to retrieve details for the specific scope consent grant.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Grant ID"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "grantId"
+ },
+ {
+ "name": "include_scope_details",
+ "required": false,
+ "description": "Set to 'scope' to include scope details in the `_embedded` property.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "An optional parameter to return scope details in the `_embedded` property. Valid value: `scope`"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "expand"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'getScopeConsentGrant'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.appGrants.read"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/apps/{appId}/grants/{grantId}",
+ "http_method": "GET",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "expand",
+ "tool_parameter_name": "include_scope_details",
+ "description": "An optional parameter to return scope details in the `_embedded` property. Valid value: `scope`",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "An optional parameter to return scope details in the `_embedded` property. Valid value: `scope`"
+ },
+ "accepted_as": "query",
+ "required": false,
+ "deprecated": false,
+ "documentation_urls": []
+ },
+ {
+ "name": "appId",
+ "tool_parameter_name": "application_id",
+ "description": "Application ID",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Application ID"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ },
+ {
+ "name": "grantId",
+ "tool_parameter_name": "grant_id",
+ "description": "Grant ID",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Grant ID"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/RetrieveSecurityEventProvider.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/RetrieveSecurityEventProvider.json
new file mode 100644
index 000000000..1be0650dc
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/RetrieveSecurityEventProvider.json
@@ -0,0 +1,105 @@
+{
+ "name": "RetrieveSecurityEventProvider",
+ "fully_qualified_name": "OktaApi.RetrieveSecurityEventProvider@0.1.0",
+ "description": "Retrieve details of a specific Security Events Provider.\n\nThis tool retrieves the details of a Security Events Provider instance using the specified ID. It is useful when you need to obtain information about a particular security events provider associated with your organization.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "security_event_provider_id",
+ "required": true,
+ "description": "The ID of the Security Events Provider instance to retrieve details for.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "`id` of the Security Events Provider instance"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "securityEventProviderId"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'getSecurityEventsProviderInstance'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.securityEventsProviders.read"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/security-events-providers/{securityEventProviderId}",
+ "http_method": "GET",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "securityEventProviderId",
+ "tool_parameter_name": "security_event_provider_id",
+ "description": "`id` of the Security Events Provider instance",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "`id` of the Security Events Provider instance"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/RetrieveServiceAccount.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/RetrieveServiceAccount.json
new file mode 100644
index 000000000..fa6fc5152
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/RetrieveServiceAccount.json
@@ -0,0 +1,105 @@
+{
+ "name": "RetrieveServiceAccount",
+ "fully_qualified_name": "OktaApi.RetrieveServiceAccount@0.1.0",
+ "description": "Retrieve details of an app service account by ID.\n\nThis tool retrieves information for a specific app service account using its ID. Use it to access service account details in Okta.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "service_account_id",
+ "required": true,
+ "description": "The unique identifier of an existing service account to retrieve details for.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "ID of an existing service account"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "id"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'getAppServiceAccount'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.serviceAccounts.read"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/privileged-access/api/v1/service-accounts/{id}",
+ "http_method": "GET",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "id",
+ "tool_parameter_name": "service_account_id",
+ "description": "ID of an existing service account",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "ID of an existing service account"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/RetrieveSessionInfo.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/RetrieveSessionInfo.json
new file mode 100644
index 000000000..cc0063335
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/RetrieveSessionInfo.json
@@ -0,0 +1,105 @@
+{
+ "name": "RetrieveSessionInfo",
+ "fully_qualified_name": "OktaApi.RetrieveSessionInfo@0.1.0",
+ "description": "Retrieve session details using a session ID.\n\nUse this tool to obtain detailed information about a specific session by providing the session ID. Ideal for managing user sessions and tracking session activities.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "session_id",
+ "required": true,
+ "description": "The ID of the session to retrieve information for. Required to identify and obtain session details.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "`id` of the Session"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "sessionId"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'getSession'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.sessions.read"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/sessions/{sessionId}",
+ "http_method": "GET",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "sessionId",
+ "tool_parameter_name": "session_id",
+ "description": "`id` of the Session",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "`id` of the Session"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/RetrieveSignInPage.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/RetrieveSignInPage.json
new file mode 100644
index 000000000..cd4120c0c
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/RetrieveSignInPage.json
@@ -0,0 +1,137 @@
+{
+ "name": "RetrieveSignInPage",
+ "fully_qualified_name": "OktaApi.RetrieveSignInPage@0.1.0",
+ "description": "Retrieve sign-in page sub-resources for a brand.\n\nThis tool retrieves the sub-resources of a sign-in page for a specified brand on Okta. You can specify which sub-resources to include using the `expand` query parameter. Call this tool to access detailed elements of the sign-in page configuration.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "brand_id",
+ "required": true,
+ "description": "The unique identifier for the brand. Required to retrieve specific sign-in page resources.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "The ID of the brand"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "brandId"
+ },
+ {
+ "name": "include_additional_metadata",
+ "required": false,
+ "description": "List specific sub-resources to include in the sign-in page response as metadata.",
+ "value_schema": {
+ "val_type": "array",
+ "inner_val_type": "string",
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Specifies additional metadata to be included in the response"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "expand"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'getSignInPage'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.brands.read"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/brands/{brandId}/pages/sign-in",
+ "http_method": "GET",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "expand",
+ "tool_parameter_name": "include_additional_metadata",
+ "description": "Specifies additional metadata to be included in the response",
+ "value_schema": {
+ "val_type": "array",
+ "inner_val_type": "string",
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Specifies additional metadata to be included in the response"
+ },
+ "accepted_as": "query",
+ "required": false,
+ "deprecated": false,
+ "documentation_urls": []
+ },
+ {
+ "name": "brandId",
+ "tool_parameter_name": "brand_id",
+ "description": "The ID of the brand",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "The ID of the brand"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/RetrieveSmsTemplate.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/RetrieveSmsTemplate.json
new file mode 100644
index 000000000..63a83edaf
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/RetrieveSmsTemplate.json
@@ -0,0 +1,105 @@
+{
+ "name": "RetrieveSmsTemplate",
+ "fully_qualified_name": "OktaApi.RetrieveSmsTemplate@0.1.0",
+ "description": "Retrieve details of a specific SMS template by ID.\n\nUse this tool to get the details of an SMS template using its unique identifier. Ideal for when you need to view or manage specific SMS templates in the system.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "template_id",
+ "required": true,
+ "description": "The unique identifier for the SMS template to be retrieved.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "`id` of the Template"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "templateId"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'getSmsTemplate'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.templates.read"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/templates/sms/{templateId}",
+ "http_method": "GET",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "templateId",
+ "tool_parameter_name": "template_id",
+ "description": "`id` of the Template",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "`id` of the Template"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/RetrieveSmtpServerConfig.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/RetrieveSmtpServerConfig.json
new file mode 100644
index 000000000..96f5676d0
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/RetrieveSmtpServerConfig.json
@@ -0,0 +1,105 @@
+{
+ "name": "RetrieveSmtpServerConfig",
+ "fully_qualified_name": "OktaApi.RetrieveSmtpServerConfig@0.1.0",
+ "description": "Retrieve custom SMTP server configuration details.\n\nUse this tool to get the configuration details of a specified custom SMTP server by providing the email server identifier.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "email_server_identifier",
+ "required": true,
+ "description": "The unique identifier for the custom SMTP server to retrieve its configuration.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": ""
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "emailServerId"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'getEmailServer'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.emailServers.read"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/email-servers/{emailServerId}",
+ "http_method": "GET",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "emailServerId",
+ "tool_parameter_name": "email_server_identifier",
+ "description": "",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": ""
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/RetrieveSsfStreamStatus.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/RetrieveSsfStreamStatus.json
new file mode 100644
index 000000000..4cadf01cd
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/RetrieveSsfStreamStatus.json
@@ -0,0 +1,105 @@
+{
+ "name": "RetrieveSsfStreamStatus",
+ "fully_qualified_name": "OktaApi.RetrieveSsfStreamStatus@0.1.0",
+ "description": "Retrieve the status of an SSF Stream transmission.\n\nUse this tool to check if the SSF Stream is able to transmit events. It returns the current status of the stream's transmission capability.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "ssf_stream_id",
+ "required": true,
+ "description": "The unique ID of the specified SSF Stream configuration to retrieve its status.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "The ID of the specified SSF Stream configuration"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "stream_id"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'getSsfStreamStatus'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "ssf.read"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/ssf/stream/status",
+ "http_method": "GET",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "stream_id",
+ "tool_parameter_name": "ssf_stream_id",
+ "description": "The ID of the specified SSF Stream configuration",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "The ID of the specified SSF Stream configuration"
+ },
+ "accepted_as": "query",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/RetrieveSsfStreams.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/RetrieveSsfStreams.json
new file mode 100644
index 000000000..e1a5f02c2
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/RetrieveSsfStreams.json
@@ -0,0 +1,105 @@
+{
+ "name": "RetrieveSsfStreams",
+ "fully_qualified_name": "OktaApi.RetrieveSsfStreams@0.1.0",
+ "description": "Retrieve SSF Stream configurations by client ID.\n\nThis tool retrieves either a list of all known SSF Stream configurations or an individual configuration specified by ID. Only streams associated with the Client ID of the OAuth 2.0 access token can be viewed.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "stream_id",
+ "required": false,
+ "description": "The ID of the specified SSF Stream configuration to retrieve. If not provided, all configurations are retrieved.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "The ID of the specified SSF Stream configuration"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "stream_id"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'getSsfStreams'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "ssf.read"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/ssf/stream",
+ "http_method": "GET",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "stream_id",
+ "tool_parameter_name": "stream_id",
+ "description": "The ID of the specified SSF Stream configuration",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "The ID of the specified SSF Stream configuration"
+ },
+ "accepted_as": "query",
+ "required": false,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/RetrieveThirdPartyAdminSetting.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/RetrieveThirdPartyAdminSetting.json
new file mode 100644
index 000000000..88a8baa99
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/RetrieveThirdPartyAdminSetting.json
@@ -0,0 +1,71 @@
+{
+ "name": "RetrieveThirdPartyAdminSetting",
+ "fully_qualified_name": "OktaApi.RetrieveThirdPartyAdminSetting@0.1.0",
+ "description": "Retrieve the third-party admin setting from Okta.\n\nCall this tool to obtain the current third-party admin settings configured in Okta. Useful for managing and auditing access settings.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": []
+ },
+ "output": {
+ "description": "Response from the API endpoint 'getThirdPartyAdminSetting'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.orgs.read"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/org/orgSettings/thirdPartyAdminSetting",
+ "http_method": "GET",
+ "headers": {},
+ "parameters": [],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/RetrieveTrustedOrigin.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/RetrieveTrustedOrigin.json
new file mode 100644
index 000000000..029afb157
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/RetrieveTrustedOrigin.json
@@ -0,0 +1,105 @@
+{
+ "name": "RetrieveTrustedOrigin",
+ "fully_qualified_name": "OktaApi.RetrieveTrustedOrigin@0.1.0",
+ "description": "Retrieve details of a trusted origin by ID.\n\nThis tool retrieves information about a specific trusted origin using its ID. Use this to get details of trusted origins configured in the system.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "trusted_origin_id",
+ "required": true,
+ "description": "The ID of the trusted origin to retrieve details for.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "`id` of the trusted origin"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "trustedOriginId"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'getTrustedOrigin'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.trustedOrigins.read"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/trustedOrigins/{trustedOriginId}",
+ "http_method": "GET",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "trustedOriginId",
+ "tool_parameter_name": "trusted_origin_id",
+ "description": "`id` of the trusted origin",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "`id` of the trusted origin"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/RetrieveUiSchema.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/RetrieveUiSchema.json
new file mode 100644
index 000000000..c127c4d46
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/RetrieveUiSchema.json
@@ -0,0 +1,105 @@
+{
+ "name": "RetrieveUiSchema",
+ "fully_qualified_name": "OktaApi.RetrieveUiSchema@0.1.0",
+ "description": "Retrieve UI Schema details by ID from Okta.\n\nUse this tool to fetch the UI Schema details from Okta by providing a specific ID. This is useful for accessing configuration details of the user interface schema.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "ui_schema_id",
+ "required": true,
+ "description": "The unique ID of the UI Schema to retrieve from Okta.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "The unique ID of the UI Schema"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "id"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'getUISchema'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.uischemas.read"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/meta/uischemas/{id}",
+ "http_method": "GET",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "id",
+ "tool_parameter_name": "ui_schema_id",
+ "description": "The unique ID of the UI Schema",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "The unique ID of the UI Schema"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/RetrieveUserAuthenticatorEnrollment.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/RetrieveUserAuthenticatorEnrollment.json
new file mode 100644
index 000000000..c4100a105
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/RetrieveUserAuthenticatorEnrollment.json
@@ -0,0 +1,137 @@
+{
+ "name": "RetrieveUserAuthenticatorEnrollment",
+ "fully_qualified_name": "OktaApi.RetrieveUserAuthenticatorEnrollment@0.1.0",
+ "description": "Retrieve a user's authenticator enrollment details.\n\nThis tool fetches a user's authenticator enrollment details using the enrollment ID. It should be called when you need information about a user's security device or mechanism enrollment status.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "okta_user_id",
+ "required": true,
+ "description": "The ID of an existing Okta user whose authenticator enrollment details are to be retrieved.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "ID of an existing Okta user"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "userId"
+ },
+ {
+ "name": "authenticator_enrollment_id",
+ "required": true,
+ "description": "Unique identifier for the user's authenticator enrollment.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Unique identifier of an enrollment"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "enrollmentId"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'getAuthenticatorEnrollment'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.users.read"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/users/{userId}/authenticator-enrollments/{enrollmentId}",
+ "http_method": "GET",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "userId",
+ "tool_parameter_name": "okta_user_id",
+ "description": "ID of an existing Okta user",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "ID of an existing Okta user"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ },
+ {
+ "name": "enrollmentId",
+ "tool_parameter_name": "authenticator_enrollment_id",
+ "description": "Unique identifier of an enrollment",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Unique identifier of an enrollment"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/RetrieveUserClassification.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/RetrieveUserClassification.json
new file mode 100644
index 000000000..aea2e89f4
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/RetrieveUserClassification.json
@@ -0,0 +1,105 @@
+{
+ "name": "RetrieveUserClassification",
+ "fully_qualified_name": "OktaApi.RetrieveUserClassification@0.1.0",
+ "description": "Retrieve a user's classification from Okta.\n\nUse this tool to get classification details for a specific user in Okta. It should be called when user classification information is needed for decision making or display.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "user_id",
+ "required": true,
+ "description": "The unique identifier for an existing Okta user.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "ID of an existing Okta user"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "userId"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'getUserClassification'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.users.read"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/users/{userId}/classification",
+ "http_method": "GET",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "userId",
+ "tool_parameter_name": "user_id",
+ "description": "ID of an existing Okta user",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "ID of an existing Okta user"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/RetrieveUserFactor.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/RetrieveUserFactor.json
new file mode 100644
index 000000000..dff6d8da4
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/RetrieveUserFactor.json
@@ -0,0 +1,137 @@
+{
+ "name": "RetrieveUserFactor",
+ "fully_qualified_name": "OktaApi.RetrieveUserFactor@0.1.0",
+ "description": "Retrieve security factor for a specific user.\n\nUse this tool to retrieve information about an existing security factor associated with a specified user in the Okta system. It helps in managing and reviewing user security settings.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "user_id",
+ "required": true,
+ "description": "ID of an existing Okta user to retrieve the security factor for.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "ID of an existing Okta user"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "userId"
+ },
+ {
+ "name": "user_factor_id",
+ "required": true,
+ "description": "ID of an existing user factor to retrieve details for a specific user.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "ID of an existing user factor"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "factorId"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'getFactor'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.users.read"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/users/{userId}/factors/{factorId}",
+ "http_method": "GET",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "userId",
+ "tool_parameter_name": "user_id",
+ "description": "ID of an existing Okta user",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "ID of an existing Okta user"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ },
+ {
+ "name": "factorId",
+ "tool_parameter_name": "user_factor_id",
+ "description": "ID of an existing user factor",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "ID of an existing user factor"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/RetrieveUserGrant.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/RetrieveUserGrant.json
new file mode 100644
index 000000000..8b66c23f9
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/RetrieveUserGrant.json
@@ -0,0 +1,169 @@
+{
+ "name": "RetrieveUserGrant",
+ "fully_qualified_name": "OktaApi.RetrieveUserGrant@0.1.0",
+ "description": "Fetches a specific grant for a given user.\n\nUse this tool to retrieve details about a specific grant assigned to a user, identified by user ID and grant ID.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "okta_user_id",
+ "required": true,
+ "description": "The unique identifier for an existing Okta user to fetch the grant for.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "ID of an existing Okta user"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "userId"
+ },
+ {
+ "name": "grant_id",
+ "required": true,
+ "description": "The unique identifier of the grant to retrieve details for a specific user.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Grant ID"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "grantId"
+ },
+ {
+ "name": "include_scope_details",
+ "required": false,
+ "description": "Specify `True` to include scope details in the `_embedded` attribute. Accepts only the value 'scope'.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Valid value: `scope`. If specified, scope details are included in the `_embedded` attribute."
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "expand"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'getUserGrant'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.users.read"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/users/{userId}/grants/{grantId}",
+ "http_method": "GET",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "expand",
+ "tool_parameter_name": "include_scope_details",
+ "description": "Valid value: `scope`. If specified, scope details are included in the `_embedded` attribute.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Valid value: `scope`. If specified, scope details are included in the `_embedded` attribute."
+ },
+ "accepted_as": "query",
+ "required": false,
+ "deprecated": false,
+ "documentation_urls": []
+ },
+ {
+ "name": "userId",
+ "tool_parameter_name": "okta_user_id",
+ "description": "ID of an existing Okta user",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "ID of an existing Okta user"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ },
+ {
+ "name": "grantId",
+ "tool_parameter_name": "grant_id",
+ "description": "Grant ID",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Grant ID"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/RetrieveUserRisk.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/RetrieveUserRisk.json
new file mode 100644
index 000000000..100346a83
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/RetrieveUserRisk.json
@@ -0,0 +1,105 @@
+{
+ "name": "RetrieveUserRisk",
+ "fully_qualified_name": "OktaApi.RetrieveUserRisk@0.1.0",
+ "description": "Get the risk profile of a specific user by ID.\n\nUse this tool to obtain the risk profile associated with a specific user by their ID. It provides insights into potential security concerns or anomalies related to the user.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "user_id",
+ "required": true,
+ "description": "ID of an existing Okta user to retrieve the risk profile for.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "ID of an existing Okta user"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "userId"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'getUserRisk'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.userRisk.read"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/users/{userId}/risk",
+ "http_method": "GET",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "userId",
+ "tool_parameter_name": "user_id",
+ "description": "ID of an existing Okta user",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "ID of an existing Okta user"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/RetrieveUserRoleGovernanceResources.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/RetrieveUserRoleGovernanceResources.json
new file mode 100644
index 000000000..0a6a9bebc
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/RetrieveUserRoleGovernanceResources.json
@@ -0,0 +1,169 @@
+{
+ "name": "RetrieveUserRoleGovernanceResources",
+ "fully_qualified_name": "OktaApi.RetrieveUserRoleGovernanceResources@0.1.0",
+ "description": "Retrieve resources for a user's role governance.\n\nFetches resources associated with a specific governance source for a role assigned to a user by using the user ID, role assignment ID, and grant ID.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "okta_user_id",
+ "required": true,
+ "description": "ID of an existing Okta user for which the resources are being retrieved.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "ID of an existing Okta user"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "userId"
+ },
+ {
+ "name": "role_assignment_id",
+ "required": true,
+ "description": "The ID of the role assignment. Required to fetch governance resources for the user.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "The `id` of the role assignment"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "roleAssignmentId"
+ },
+ {
+ "name": "grant_id",
+ "required": true,
+ "description": "Specify the Grant ID to retrieve role governance resources for a user. This ID identifies the governance source related to the role.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Grant ID"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "grantId"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'getRoleAssignmentGovernanceGrantResources'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.roles.read"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/users/{userId}/roles/{roleAssignmentId}/governance/{grantId}/resources",
+ "http_method": "GET",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "userId",
+ "tool_parameter_name": "okta_user_id",
+ "description": "ID of an existing Okta user",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "ID of an existing Okta user"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ },
+ {
+ "name": "roleAssignmentId",
+ "tool_parameter_name": "role_assignment_id",
+ "description": "The `id` of the role assignment",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "The `id` of the role assignment"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ },
+ {
+ "name": "grantId",
+ "tool_parameter_name": "grant_id",
+ "description": "Grant ID",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Grant ID"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/RetrieveUserSchema.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/RetrieveUserSchema.json
new file mode 100644
index 000000000..5ac1ca51d
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/RetrieveUserSchema.json
@@ -0,0 +1,105 @@
+{
+ "name": "RetrieveUserSchema",
+ "fully_qualified_name": "OktaApi.RetrieveUserSchema@0.1.0",
+ "description": "Retrieve the schema for a specified user type.\n\nThis tool retrieves the schema information for a given user type using the provided schema ID. It is useful for obtaining details about the attributes and structure of specific user types.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "schema_identifier",
+ "required": true,
+ "description": "The ID for the user type schema to retrieve. Use 'default' for the default schema.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Schema ID. You can also use `default` to refer to the default user type schema."
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "schemaId"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'getUserSchema'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.schemas.read"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/meta/schemas/user/{schemaId}",
+ "http_method": "GET",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "schemaId",
+ "tool_parameter_name": "schema_identifier",
+ "description": "Schema ID. You can also use `default` to refer to the default user type schema.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Schema ID. You can also use `default` to refer to the default user type schema."
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/RetrieveUserTypeById.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/RetrieveUserTypeById.json
new file mode 100644
index 000000000..391ce2561
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/RetrieveUserTypeById.json
@@ -0,0 +1,105 @@
+{
+ "name": "RetrieveUserTypeById",
+ "fully_qualified_name": "OktaApi.RetrieveUserTypeById@0.1.0",
+ "description": "Retrieve user type information by ID from Okta.\n\nUse this tool to get details about a specific user type using its ID, including fetching the default type with 'default' as the ID.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "user_type_id",
+ "required": true,
+ "description": "The ID of the user type to retrieve. Use 'default' to fetch the default user type.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": ""
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "typeId"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'getUserType'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.userTypes.read"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/meta/types/user/{typeId}",
+ "http_method": "GET",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "typeId",
+ "tool_parameter_name": "user_type_id",
+ "description": "",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": ""
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/RetrieveWellKnownUris.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/RetrieveWellKnownUris.json
new file mode 100644
index 000000000..53d28f579
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/RetrieveWellKnownUris.json
@@ -0,0 +1,137 @@
+{
+ "name": "RetrieveWellKnownUris",
+ "fully_qualified_name": "OktaApi.RetrieveWellKnownUris@0.1.0",
+ "description": "Retrieve well-known URIs for a specified brand.\n\nThis tool retrieves the content from each of the well-known URIs for a specified brand. It should be called when you need to access information hosted at these URIs for a particular brand in Okta.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "brand_id",
+ "required": true,
+ "description": "The unique identifier for the brand whose well-known URIs you want to retrieve. This is required to specify which brand's data to access.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "The ID of the brand"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "brandId"
+ },
+ {
+ "name": "additional_metadata",
+ "required": false,
+ "description": "An array of strings specifying additional metadata to include in the response.",
+ "value_schema": {
+ "val_type": "array",
+ "inner_val_type": "string",
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Specifies additional metadata to include in the response"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "expand"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'getAllWellKnownURIs'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.brands.read"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/brands/{brandId}/well-known-uris",
+ "http_method": "GET",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "expand",
+ "tool_parameter_name": "additional_metadata",
+ "description": "Specifies additional metadata to include in the response",
+ "value_schema": {
+ "val_type": "array",
+ "inner_val_type": "string",
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Specifies additional metadata to include in the response"
+ },
+ "accepted_as": "query",
+ "required": false,
+ "deprecated": false,
+ "documentation_urls": []
+ },
+ {
+ "name": "brandId",
+ "tool_parameter_name": "brand_id",
+ "description": "The ID of the brand",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "The ID of the brand"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/RetrieveYubikeyOtpToken.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/RetrieveYubikeyOtpToken.json
new file mode 100644
index 000000000..7d3344d25
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/RetrieveYubikeyOtpToken.json
@@ -0,0 +1,105 @@
+{
+ "name": "RetrieveYubikeyOtpToken",
+ "fully_qualified_name": "OktaApi.RetrieveYubikeyOtpToken@0.1.0",
+ "description": "Retrieve a YubiKey OTP token using its ID.\n\nThis tool retrieves detailed information about a specific YubiKey OTP token by its ID. Use this tool when you need to access the details of a YubiKey OTP token from Okta.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "yubikey_otp_token_id",
+ "required": true,
+ "description": "The unique ID of the YubiKey OTP token to retrieve.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "The YubiKey OTP token ID"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "tokenId"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'getYubikeyOtpTokenById'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.users.read"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/org/factors/yubikey_token/tokens/{tokenId}",
+ "http_method": "GET",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "tokenId",
+ "tool_parameter_name": "yubikey_otp_token_id",
+ "description": "The YubiKey OTP token ID",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "The YubiKey OTP token ID"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/RetryAgentPoolUpdate.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/RetryAgentPoolUpdate.json
new file mode 100644
index 000000000..44de81614
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/RetryAgentPoolUpdate.json
@@ -0,0 +1,137 @@
+{
+ "name": "RetryAgentPoolUpdate",
+ "fully_qualified_name": "OktaApi.RetryAgentPoolUpdate@0.1.0",
+ "description": "Retry an agent pool update after failure or interruption.\n\nUse this tool to retry an agent pool update in Okta if the initial update fails or communication is interrupted during an auto-update process.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "agent_pool_id",
+ "required": true,
+ "description": "The ID of the agent pool to retry the update for.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "ID of the agent pool for which the settings apply to"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "poolId"
+ },
+ {
+ "name": "update_id",
+ "required": true,
+ "description": "The unique ID of the agent pool update to retry.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "ID of the update"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "updateId"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'retryAgentPoolsUpdate'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.agentPools.manage"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/agentPools/{poolId}/updates/{updateId}/retry",
+ "http_method": "POST",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "poolId",
+ "tool_parameter_name": "agent_pool_id",
+ "description": "ID of the agent pool for which the settings apply to",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "ID of the agent pool for which the settings apply to"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ },
+ {
+ "name": "updateId",
+ "tool_parameter_name": "update_id",
+ "description": "ID of the update",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "ID of the update"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/RevokeApiToken.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/RevokeApiToken.json
new file mode 100644
index 000000000..c91e30199
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/RevokeApiToken.json
@@ -0,0 +1,105 @@
+{
+ "name": "RevokeApiToken",
+ "fully_qualified_name": "OktaApi.RevokeApiToken@0.1.0",
+ "description": "Revoke an API token using its ID.\n\nUse this tool to revoke an API token by providing its unique ID. It will disable the specified token, preventing any further access or operations using that token.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "api_token_id",
+ "required": true,
+ "description": "The unique ID of the API token to revoke.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "id of the API Token"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "apiTokenId"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'revokeApiToken'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.apiTokens.manage"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/api-tokens/{apiTokenId}",
+ "http_method": "DELETE",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "apiTokenId",
+ "tool_parameter_name": "api_token_id",
+ "description": "id of the API Token",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "id of the API Token"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/RevokeAppOauth2Token.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/RevokeAppOauth2Token.json
new file mode 100644
index 000000000..468e49dc9
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/RevokeAppOauth2Token.json
@@ -0,0 +1,137 @@
+{
+ "name": "RevokeAppOauth2Token",
+ "fully_qualified_name": "OktaApi.RevokeAppOauth2Token@0.1.0",
+ "description": "Revoke a specific OAuth2 token for an application.\n\nUse this tool to revoke a specific OAuth2 token associated with a particular application. Ideal for cases where you want to invalidate a token, ensuring it can no longer be used for authorization.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "application_id",
+ "required": true,
+ "description": "The unique identifier for the application whose token is to be revoked.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Application ID"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "appId"
+ },
+ {
+ "name": "token_id",
+ "required": true,
+ "description": "The ID of the OAuth2 token to be revoked for the specified application.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "`id` of Token"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "tokenId"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'revokeOAuth2TokenForApplication'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.apps.manage"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/apps/{appId}/tokens/{tokenId}",
+ "http_method": "DELETE",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "appId",
+ "tool_parameter_name": "application_id",
+ "description": "Application ID",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Application ID"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ },
+ {
+ "name": "tokenId",
+ "tool_parameter_name": "token_id",
+ "description": "`id` of Token",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "`id` of Token"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/RevokeAppScopeConsent.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/RevokeAppScopeConsent.json
new file mode 100644
index 000000000..c4c196b64
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/RevokeAppScopeConsent.json
@@ -0,0 +1,137 @@
+{
+ "name": "RevokeAppScopeConsent",
+ "fully_qualified_name": "OktaApi.RevokeAppScopeConsent@0.1.0",
+ "description": "Revoke an app's permission for a specific scope grant.\n\nUse this tool to revoke the permission of an application to use a specific scope. This is useful for managing app permissions and ensuring security by withdrawing unnecessary or outdated consents.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "application_id",
+ "required": true,
+ "description": "The unique identifier for the application whose scope consent is being revoked.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Application ID"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "appId"
+ },
+ {
+ "name": "grant_id",
+ "required": true,
+ "description": "The ID of the grant to be revoked. This identifies the specific permission grant associated with the app.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Grant ID"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "grantId"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'revokeScopeConsentGrant'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.appGrants.manage"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/apps/{appId}/grants/{grantId}",
+ "http_method": "DELETE",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "appId",
+ "tool_parameter_name": "application_id",
+ "description": "Application ID",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Application ID"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ },
+ {
+ "name": "grantId",
+ "tool_parameter_name": "grant_id",
+ "description": "Grant ID",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Grant ID"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/RevokeCsrFromApplication.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/RevokeCsrFromApplication.json
new file mode 100644
index 000000000..02a4bd703
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/RevokeCsrFromApplication.json
@@ -0,0 +1,137 @@
+{
+ "name": "RevokeCsrFromApplication",
+ "fully_qualified_name": "OktaApi.RevokeCsrFromApplication@0.1.0",
+ "description": "Revoke a CSR and delete its key pair from an app.\n\nUse this tool to revoke a Certificate Signing Request and delete the associated key pair from a specified application. This is useful for managing certificate credentials within applications.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "application_id",
+ "required": true,
+ "description": "The ID of the application from which to revoke the CSR and delete the key pair.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Application ID"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "appId"
+ },
+ {
+ "name": "csr_id",
+ "required": true,
+ "description": "The unique ID of the Certificate Signing Request to revoke.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "`id` of the CSR"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "csrId"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'revokeCsrFromApplication'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.apps.manage"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/apps/{appId}/credentials/csrs/{csrId}",
+ "http_method": "DELETE",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "appId",
+ "tool_parameter_name": "application_id",
+ "description": "Application ID",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Application ID"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ },
+ {
+ "name": "csrId",
+ "tool_parameter_name": "csr_id",
+ "description": "`id` of the CSR",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "`id` of the CSR"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/RevokeIdentityProviderCsr.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/RevokeIdentityProviderCsr.json
new file mode 100644
index 000000000..44ec80cf3
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/RevokeIdentityProviderCsr.json
@@ -0,0 +1,137 @@
+{
+ "name": "RevokeIdentityProviderCsr",
+ "fully_qualified_name": "OktaApi.RevokeIdentityProviderCsr@0.1.0",
+ "description": "Revoke a CSR and delete key pair from an IdP.\n\nThis tool revokes a certificate signing request and deletes the associated key pair from a specified identity provider. It should be used when you need to remove an IdP's CSR and its keys from the system.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "identity_provider_id",
+ "required": true,
+ "description": "The unique identifier for the identity provider (IdP).",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "`id` of IdP"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "idpId"
+ },
+ {
+ "name": "identity_provider_csr_id",
+ "required": true,
+ "description": "The unique identifier for the CSR of the identity provider that needs to be revoked.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "`id` of the IdP CSR"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "idpCsrId"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'revokeCsrForIdentityProvider'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.idps.manage"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/idps/{idpId}/credentials/csrs/{idpCsrId}",
+ "http_method": "DELETE",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "idpId",
+ "tool_parameter_name": "identity_provider_id",
+ "description": "`id` of IdP",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "`id` of IdP"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ },
+ {
+ "name": "idpCsrId",
+ "tool_parameter_name": "identity_provider_csr_id",
+ "description": "`id` of the IdP CSR",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "`id` of the IdP CSR"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/RevokeOauth2TokensApp.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/RevokeOauth2TokensApp.json
new file mode 100644
index 000000000..8a72e5c53
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/RevokeOauth2TokensApp.json
@@ -0,0 +1,105 @@
+{
+ "name": "RevokeOauth2TokensApp",
+ "fully_qualified_name": "OktaApi.RevokeOauth2TokensApp@0.1.0",
+ "description": "Revoke all OAuth 2.0 tokens for a specific app.\n\nUse this tool to revoke all OAuth 2.0 refresh tokens and associated access tokens for a given application. It does not affect access tokens issued without a refresh token.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "application_id",
+ "required": true,
+ "description": "The unique identifier for the application whose OAuth 2.0 tokens are to be revoked.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Application ID"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "appId"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'revokeOAuth2TokensForApplication'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.apps.manage"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/apps/{appId}/tokens",
+ "http_method": "DELETE",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "appId",
+ "tool_parameter_name": "application_id",
+ "description": "Application ID",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Application ID"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/RevokeRefreshToken.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/RevokeRefreshToken.json
new file mode 100644
index 000000000..6070222b6
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/RevokeRefreshToken.json
@@ -0,0 +1,169 @@
+{
+ "name": "RevokeRefreshToken",
+ "fully_qualified_name": "OktaApi.RevokeRefreshToken@0.1.0",
+ "description": "Revoke a refresh token for a specific client.\n\nUse this tool to revoke a refresh token for a specific client within an authorization server. It is useful for managing and invalidating existing refresh tokens when they are no longer needed or should be explicitly invalidated.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "authorization_server_id",
+ "required": true,
+ "description": "The ID of the Authorization Server to revoke the refresh token from.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "`id` of the Authorization Server"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "authServerId"
+ },
+ {
+ "name": "client_app_id",
+ "required": true,
+ "description": "The ID of the client application for which the refresh token is being revoked.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Client app ID"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "clientId"
+ },
+ {
+ "name": "token_id",
+ "required": true,
+ "description": "The ID of the refresh token to be revoked. It is a string that uniquely identifies the token.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "`id` of Token"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "tokenId"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'revokeRefreshTokenForAuthorizationServerAndClient'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.authorizationServers.manage"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/authorizationServers/{authServerId}/clients/{clientId}/tokens/{tokenId}",
+ "http_method": "DELETE",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "authServerId",
+ "tool_parameter_name": "authorization_server_id",
+ "description": "`id` of the Authorization Server",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "`id` of the Authorization Server"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ },
+ {
+ "name": "clientId",
+ "tool_parameter_name": "client_app_id",
+ "description": "Client app ID",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Client app ID"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ },
+ {
+ "name": "tokenId",
+ "tool_parameter_name": "token_id",
+ "description": "`id` of Token",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "`id` of Token"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/RevokeRefreshTokensForClient.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/RevokeRefreshTokensForClient.json
new file mode 100644
index 000000000..e6ecdb760
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/RevokeRefreshTokensForClient.json
@@ -0,0 +1,137 @@
+{
+ "name": "RevokeRefreshTokensForClient",
+ "fully_qualified_name": "OktaApi.RevokeRefreshTokensForClient@0.1.0",
+ "description": "Revokes all refresh tokens for a specific client.\n\nUse this tool to revoke all refresh tokens associated with a particular client within a specific authorization server. This is useful for managing client access and ensuring security by invalidating existing tokens.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "authorization_server_id",
+ "required": true,
+ "description": "The ID of the Authorization Server to revoke tokens from.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "`id` of the Authorization Server"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "authServerId"
+ },
+ {
+ "name": "client_app_id",
+ "required": true,
+ "description": "The unique ID of the client application whose refresh tokens need to be revoked.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Client app ID"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "clientId"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'revokeRefreshTokensForAuthorizationServerAndClient'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.authorizationServers.manage"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/authorizationServers/{authServerId}/clients/{clientId}/tokens",
+ "http_method": "DELETE",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "authServerId",
+ "tool_parameter_name": "authorization_server_id",
+ "description": "`id` of the Authorization Server",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "`id` of the Authorization Server"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ },
+ {
+ "name": "clientId",
+ "tool_parameter_name": "client_app_id",
+ "description": "Client app ID",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Client app ID"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/RevokeTokensForUserClient.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/RevokeTokensForUserClient.json
new file mode 100644
index 000000000..6441a6178
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/RevokeTokensForUserClient.json
@@ -0,0 +1,169 @@
+{
+ "name": "RevokeTokensForUserClient",
+ "fully_qualified_name": "OktaApi.RevokeTokensForUserClient@0.1.0",
+ "description": "Revoke refresh and access tokens for a user and client.\n\nUse this tool to revoke specified refresh and access tokens associated with a particular user and client. This will terminate any sessions linked to these tokens.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "okta_user_id",
+ "required": true,
+ "description": "The unique ID of an existing Okta user whose tokens are to be revoked.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "ID of an existing Okta user"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "userId"
+ },
+ {
+ "name": "client_app_id",
+ "required": true,
+ "description": "Client app ID associated with the tokens to be revoked.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Client app ID"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "clientId"
+ },
+ {
+ "name": "token_id",
+ "required": true,
+ "description": "The unique ID of the token to be revoked. Required for identifying which token to revoke.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "`id` of Token"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "tokenId"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'revokeTokenForUserAndClient'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.users.manage"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/users/{userId}/clients/{clientId}/tokens/{tokenId}",
+ "http_method": "DELETE",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "userId",
+ "tool_parameter_name": "okta_user_id",
+ "description": "ID of an existing Okta user",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "ID of an existing Okta user"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ },
+ {
+ "name": "clientId",
+ "tool_parameter_name": "client_app_id",
+ "description": "Client app ID",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Client app ID"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ },
+ {
+ "name": "tokenId",
+ "tool_parameter_name": "token_id",
+ "description": "`id` of Token",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "`id` of Token"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/RevokeUserClientGrants.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/RevokeUserClientGrants.json
new file mode 100644
index 000000000..8ede9f733
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/RevokeUserClientGrants.json
@@ -0,0 +1,137 @@
+{
+ "name": "RevokeUserClientGrants",
+ "fully_qualified_name": "OktaApi.RevokeUserClientGrants@0.1.0",
+ "description": "Revoke all grants for a specified user and client.\n\nUse this tool to revoke all access grants for a specific user and client in the Okta system. It is called when needing to revoke permissions for user and client combinations.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "okta_user_id",
+ "required": true,
+ "description": "The ID of an existing Okta user whose grants will be revoked.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "ID of an existing Okta user"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "userId"
+ },
+ {
+ "name": "client_app_id",
+ "required": true,
+ "description": "The ID of the client application for which to revoke grants. This identifies the specific client in the Okta system for the operation.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Client app ID"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "clientId"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'revokeGrantsForUserAndClient'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.users.manage"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/users/{userId}/clients/{clientId}/grants",
+ "http_method": "DELETE",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "userId",
+ "tool_parameter_name": "okta_user_id",
+ "description": "ID of an existing Okta user",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "ID of an existing Okta user"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ },
+ {
+ "name": "clientId",
+ "tool_parameter_name": "client_app_id",
+ "description": "Client app ID",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Client app ID"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/RevokeUserGrant.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/RevokeUserGrant.json
new file mode 100644
index 000000000..58157d161
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/RevokeUserGrant.json
@@ -0,0 +1,137 @@
+{
+ "name": "RevokeUserGrant",
+ "fully_qualified_name": "OktaApi.RevokeUserGrant@0.1.0",
+ "description": "Revoke a specific grant for a user in Okta.\n\nThis tool revokes a specific access grant for a specified user in the Okta system, identified by user ID and grant ID.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "okta_user_id",
+ "required": true,
+ "description": "The unique identifier of an existing user in Okta whose grant is to be revoked.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "ID of an existing Okta user"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "userId"
+ },
+ {
+ "name": "grant_id",
+ "required": true,
+ "description": "The unique identifier of the grant to be revoked for the specified user.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Grant ID"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "grantId"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'revokeUserGrant'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.users.manage"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/users/{userId}/grants/{grantId}",
+ "http_method": "DELETE",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "userId",
+ "tool_parameter_name": "okta_user_id",
+ "description": "ID of an existing Okta user",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "ID of an existing Okta user"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ },
+ {
+ "name": "grantId",
+ "tool_parameter_name": "grant_id",
+ "description": "Grant ID",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Grant ID"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/RevokeUserGrants.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/RevokeUserGrants.json
new file mode 100644
index 000000000..0f04887cc
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/RevokeUserGrants.json
@@ -0,0 +1,105 @@
+{
+ "name": "RevokeUserGrants",
+ "fully_qualified_name": "OktaApi.RevokeUserGrants@0.1.0",
+ "description": "Revokes all user grants in Okta.\n\nCall this tool to revoke all access grants for a specified user in the Okta system. Use it when you need to remove a user's permissions or access rights.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "user_id",
+ "required": true,
+ "description": "The unique ID of an existing Okta user whose grants will be revoked.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "ID of an existing Okta user"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "userId"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'revokeUserGrants'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.users.manage"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/users/{userId}/grants",
+ "http_method": "DELETE",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "userId",
+ "tool_parameter_name": "user_id",
+ "description": "ID of an existing Okta user",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "ID of an existing Okta user"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/RevokeUserSession.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/RevokeUserSession.json
new file mode 100644
index 000000000..1b034a9ad
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/RevokeUserSession.json
@@ -0,0 +1,105 @@
+{
+ "name": "RevokeUserSession",
+ "fully_qualified_name": "OktaApi.RevokeUserSession@0.1.0",
+ "description": "Revoke a user's session using their session ID.\n\nThis tool is used to revoke a specific user session by providing the session ID. It should be called when a user's session needs to be terminated for security or administrative purposes.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "session_id",
+ "required": true,
+ "description": "The ID of the session to be revoked. Must be a valid session identifier string.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "`id` of the Session"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "sessionId"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'revokeSession'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.sessions.manage"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/sessions/{sessionId}",
+ "http_method": "DELETE",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "sessionId",
+ "tool_parameter_name": "session_id",
+ "description": "`id` of the Session",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "`id` of the Session"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/RevokeUserSessions.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/RevokeUserSessions.json
new file mode 100644
index 000000000..fff9ecaa8
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/RevokeUserSessions.json
@@ -0,0 +1,169 @@
+{
+ "name": "RevokeUserSessions",
+ "fully_qualified_name": "OktaApi.RevokeUserSessions@0.1.0",
+ "description": "Revoke all active sessions for a user in Okta.\n\nUse this tool to revoke all active identity provider sessions for a specified user in Okta. This action requires the user to re-authenticate on the next action. Optionally, you can also revoke associated OpenID Connect and OAuth tokens and clear remembered factors across devices. This does not affect sessions for web or native apps.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "okta_user_id",
+ "required": true,
+ "description": "The unique identifier for an existing Okta user whose sessions will be revoked.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "ID of an existing Okta user"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "userId"
+ },
+ {
+ "name": "revoke_oauth_tokens",
+ "required": false,
+ "description": "Set to true to revoke issued OpenID Connect and OAuth refresh and access tokens.",
+ "value_schema": {
+ "val_type": "boolean",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Revokes issued OpenID Connect and OAuth refresh and access tokens"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "oauthTokens"
+ },
+ {
+ "name": "clear_remembered_factors_for_all_devices",
+ "required": false,
+ "description": "Set to true to clear the user's remembered factors for all devices. Defaults to false in Classic Engine.",
+ "value_schema": {
+ "val_type": "boolean",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Clears the user's remembered factors for all devices.\n> **Note:** This parameter defaults to false in Classic Engine."
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "forgetDevices"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'revokeUserSessions'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.users.manage"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/users/{userId}/sessions",
+ "http_method": "DELETE",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "oauthTokens",
+ "tool_parameter_name": "revoke_oauth_tokens",
+ "description": "Revokes issued OpenID Connect and OAuth refresh and access tokens",
+ "value_schema": {
+ "val_type": "boolean",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Revokes issued OpenID Connect and OAuth refresh and access tokens"
+ },
+ "accepted_as": "query",
+ "required": false,
+ "deprecated": false,
+ "documentation_urls": []
+ },
+ {
+ "name": "forgetDevices",
+ "tool_parameter_name": "clear_remembered_factors_for_all_devices",
+ "description": "Clears the user's remembered factors for all devices.\n> **Note:** This parameter defaults to false in Classic Engine.",
+ "value_schema": {
+ "val_type": "boolean",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Clears the user's remembered factors for all devices.\n> **Note:** This parameter defaults to false in Classic Engine."
+ },
+ "accepted_as": "query",
+ "required": false,
+ "deprecated": false,
+ "documentation_urls": []
+ },
+ {
+ "name": "userId",
+ "tool_parameter_name": "okta_user_id",
+ "description": "ID of an existing Okta user",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "ID of an existing Okta user"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/RevokeUserTokens.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/RevokeUserTokens.json
new file mode 100644
index 000000000..7c4b5bed6
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/RevokeUserTokens.json
@@ -0,0 +1,137 @@
+{
+ "name": "RevokeUserTokens",
+ "fully_qualified_name": "OktaApi.RevokeUserTokens@0.1.0",
+ "description": "Revoke all refresh tokens for a user and client.\n\nThis tool revokes all refresh tokens issued for a specified user and client. It should be used when you need to invalidate a user's access through a particular client, such as in security cases or session management.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "user_id",
+ "required": true,
+ "description": "Specify the ID of an existing Okta user whose tokens are to be revoked.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "ID of an existing Okta user"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "userId"
+ },
+ {
+ "name": "client_application_id",
+ "required": true,
+ "description": "The unique identifier for the client application whose tokens you want to revoke.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Client app ID"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "clientId"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'revokeTokensForUserAndClient'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.users.manage"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/users/{userId}/clients/{clientId}/tokens",
+ "http_method": "DELETE",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "userId",
+ "tool_parameter_name": "user_id",
+ "description": "ID of an existing Okta user",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "ID of an existing Okta user"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ },
+ {
+ "name": "clientId",
+ "tool_parameter_name": "client_application_id",
+ "description": "Client app ID",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Client app ID"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/SendTestEmail.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/SendTestEmail.json
new file mode 100644
index 000000000..3af84591b
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/SendTestEmail.json
@@ -0,0 +1,169 @@
+{
+ "name": "SendTestEmail",
+ "fully_qualified_name": "OktaApi.SendTestEmail@0.1.0",
+ "description": "Send a test email to user's primary and secondary emails.\n\nThis tool sends a test email using the Okta service to the current user's primary and secondary email addresses. The email content is determined by customizations based on language priority and defaults if required. Ideal for verifying email template configurations.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "brand_id",
+ "required": true,
+ "description": "The ID of the brand for which the test email is sent. Required if the brand is applicable.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "The ID of the brand"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "brandId"
+ },
+ {
+ "name": "email_template_name",
+ "required": true,
+ "description": "Specify the name of the email template to use for the test email.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "The name of the email template"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "templateName"
+ },
+ {
+ "name": "email_language",
+ "required": false,
+ "description": "The language to use for the email. Defaults to the current user's language if unspecified.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "The language to use for the email. Defaults to the current user's language if unspecified."
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "language"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'sendTestEmail'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.templates.read"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/brands/{brandId}/templates/email/{templateName}/test",
+ "http_method": "POST",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "language",
+ "tool_parameter_name": "email_language",
+ "description": "The language to use for the email. Defaults to the current user's language if unspecified.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "The language to use for the email. Defaults to the current user's language if unspecified."
+ },
+ "accepted_as": "query",
+ "required": false,
+ "deprecated": false,
+ "documentation_urls": []
+ },
+ {
+ "name": "brandId",
+ "tool_parameter_name": "brand_id",
+ "description": "The ID of the brand",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "The ID of the brand"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ },
+ {
+ "name": "templateName",
+ "tool_parameter_name": "email_template_name",
+ "description": "The name of the email template",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "The name of the email template"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/SetAppAdminRoleTarget.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/SetAppAdminRoleTarget.json
new file mode 100644
index 000000000..f92331544
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/SetAppAdminRoleTarget.json
@@ -0,0 +1,169 @@
+{
+ "name": "SetAppAdminRoleTarget",
+ "fully_qualified_name": "OktaApi.SetAppAdminRoleTarget@0.1.0",
+ "description": "Assign an app target to an admin role for a user.\n\nAssigns a specific OIN app target to an admin user's APP_ADMIN role, reducing the role's scope to the specified app. Overrides existing app instance targets for the OIN app, making the user admin for all instances of the specified app.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "user_id",
+ "required": true,
+ "description": "ID of an existing Okta user to whom the app target will be assigned.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "ID of an existing Okta user"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "userId"
+ },
+ {
+ "name": "role_assignment_id",
+ "required": true,
+ "description": "The ID of the role assignment to identify which admin role to assign the app target to.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "The `id` of the role assignment"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "roleAssignmentId"
+ },
+ {
+ "name": "app_name",
+ "required": true,
+ "description": "Specify the name of the app definition as listed in the OIN catalog. This targets the app for admin role assignment.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Name of the app definition (the OIN catalog app key name)"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "appName"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'assignAppTargetToAdminRoleForUser'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.roles.manage"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/users/{userId}/roles/{roleAssignmentId}/targets/catalog/apps/{appName}",
+ "http_method": "PUT",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "userId",
+ "tool_parameter_name": "user_id",
+ "description": "ID of an existing Okta user",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "ID of an existing Okta user"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ },
+ {
+ "name": "roleAssignmentId",
+ "tool_parameter_name": "role_assignment_id",
+ "description": "The `id` of the role assignment",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "The `id` of the role assignment"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ },
+ {
+ "name": "appName",
+ "tool_parameter_name": "app_name",
+ "description": "Name of the app definition (the OIN catalog app key name)",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Name of the app definition (the OIN catalog app key name)"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/SetShowFooterPreference.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/SetShowFooterPreference.json
new file mode 100644
index 000000000..4f722d0dc
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/SetShowFooterPreference.json
@@ -0,0 +1,71 @@
+{
+ "name": "SetShowFooterPreference",
+ "fully_qualified_name": "OktaApi.SetShowFooterPreference@0.1.0",
+ "description": "Set the preference to show the Okta UI footer for end users.\n\nThis tool is used to configure the display of the Okta UI footer for all end users in your organization. It should be called when there is a need to update the visibility of the footer across the end-user interface.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": []
+ },
+ "output": {
+ "description": "Response from the API endpoint 'setOrgShowOktaUIFooter'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.orgs.manage"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/org/preferences/showEndUserFooter",
+ "http_method": "POST",
+ "headers": {},
+ "parameters": [],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/SignOutCurrentUser.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/SignOutCurrentUser.json
new file mode 100644
index 000000000..41da7c4c2
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/SignOutCurrentUser.json
@@ -0,0 +1,101 @@
+{
+ "name": "SignOutCurrentUser",
+ "fully_qualified_name": "OktaApi.SignOutCurrentUser@0.1.0",
+ "description": "Terminate the current user's session in a browser-based app.\n\nThis tool closes the session for a user currently signed in. It should be used in browser-based applications to log out a user. Note that a session cookie is required, and an API token is not allowed for this operation.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "session_cookie",
+ "required": false,
+ "description": "The session cookie string required to identify and terminate the active user session. This must be obtained from the user's browser to log them out.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": ""
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "Cookie"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'closeCurrentSession'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": null
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/sessions/me",
+ "http_method": "DELETE",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "Cookie",
+ "tool_parameter_name": "session_cookie",
+ "description": "",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": ""
+ },
+ "accepted_as": "header",
+ "required": false,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/StopAgentPoolUpdate.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/StopAgentPoolUpdate.json
new file mode 100644
index 000000000..611867f4c
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/StopAgentPoolUpdate.json
@@ -0,0 +1,137 @@
+{
+ "name": "StopAgentPoolUpdate",
+ "fully_qualified_name": "OktaApi.StopAgentPoolUpdate@0.1.0",
+ "description": "Stops an agent pool update process.\n\nUse this tool to stop an ongoing update for a specific agent pool in Okta. Ideal for halting updates when unexpected issues arise.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "agent_pool_id",
+ "required": true,
+ "description": "ID of the agent pool to stop the update for.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "ID of the agent pool for which the settings apply to"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "poolId"
+ },
+ {
+ "name": "update_id",
+ "required": true,
+ "description": "ID of the specific update to be stopped in the agent pool.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "ID of the update"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "updateId"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'stopAgentPoolsUpdate'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.agentPools.manage"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/agentPools/{poolId}/updates/{updateId}/stop",
+ "http_method": "POST",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "poolId",
+ "tool_parameter_name": "agent_pool_id",
+ "description": "ID of the agent pool for which the settings apply to",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "ID of the agent pool for which the settings apply to"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ },
+ {
+ "name": "updateId",
+ "tool_parameter_name": "update_id",
+ "description": "ID of the update",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "ID of the update"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/SubscribeRoleToNotification.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/SubscribeRoleToNotification.json
new file mode 100644
index 000000000..02aa48539
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/SubscribeRoleToNotification.json
@@ -0,0 +1,165 @@
+{
+ "name": "SubscribeRoleToNotification",
+ "fully_qualified_name": "OktaApi.SubscribeRoleToNotification@0.1.0",
+ "description": "Subscribe a role to a specific notification type.\n\nThis tool subscribes a specific role to a designated notification type in Okta, overriding individual user subscriptions within that role.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "role_reference",
+ "required": true,
+ "description": "Reference to an existing role. Use `roleType` for standard roles and `roleId` for custom roles. Check documentation for details.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "A reference to an existing role. Standard roles require a `roleType`, while Custom Roles require a `roleId`. See [Standard Roles](/openapi/okta-management/guides/roles/#standard-roles)."
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "roleRef"
+ },
+ {
+ "name": "notification_type",
+ "required": true,
+ "description": "The type of notification to subscribe the role to. Choose from: AD_AGENT, AGENT_AUTO_UPDATE_NOTIFICATION, AGENT_AUTO_UPDATE_NOTIFICATION_LDAP, APP_IMPORT, CONNECTOR_AGENT, IWA_AGENT, LDAP_AGENT, OKTA_ANNOUNCEMENT, OKTA_UPDATE, RATELIMIT_NOTIFICATION, REPORT_SUSPICIOUS_ACTIVITY, USER_DEPROVISION, USER_LOCKED_OUT.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": [
+ "AD_AGENT",
+ "AGENT_AUTO_UPDATE_NOTIFICATION",
+ "AGENT_AUTO_UPDATE_NOTIFICATION_LDAP",
+ "APP_IMPORT",
+ "CONNECTOR_AGENT",
+ "IWA_AGENT",
+ "LDAP_AGENT",
+ "OKTA_ANNOUNCEMENT",
+ "OKTA_UPDATE",
+ "RATELIMIT_NOTIFICATION",
+ "REPORT_SUSPICIOUS_ACTIVITY",
+ "USER_DEPROVISION",
+ "USER_LOCKED_OUT"
+ ],
+ "properties": null,
+ "inner_properties": null,
+ "description": ""
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "notificationType"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'subscribeByNotificationTypeRole'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.roles.manage"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/roles/{roleRef}/subscriptions/{notificationType}/subscribe",
+ "http_method": "POST",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "roleRef",
+ "tool_parameter_name": "role_reference",
+ "description": "A reference to an existing role. Standard roles require a `roleType`, while Custom Roles require a `roleId`. See [Standard Roles](/openapi/okta-management/guides/roles/#standard-roles).",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "A reference to an existing role. Standard roles require a `roleType`, while Custom Roles require a `roleId`. See [Standard Roles](/openapi/okta-management/guides/roles/#standard-roles)."
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ },
+ {
+ "name": "notificationType",
+ "tool_parameter_name": "notification_type",
+ "description": "",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": [
+ "AD_AGENT",
+ "AGENT_AUTO_UPDATE_NOTIFICATION",
+ "AGENT_AUTO_UPDATE_NOTIFICATION_LDAP",
+ "APP_IMPORT",
+ "CONNECTOR_AGENT",
+ "IWA_AGENT",
+ "LDAP_AGENT",
+ "OKTA_ANNOUNCEMENT",
+ "OKTA_UPDATE",
+ "RATELIMIT_NOTIFICATION",
+ "REPORT_SUSPICIOUS_ACTIVITY",
+ "USER_DEPROVISION",
+ "USER_LOCKED_OUT"
+ ],
+ "properties": null,
+ "inner_properties": null,
+ "description": ""
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/SubscribeUserToNotification.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/SubscribeUserToNotification.json
new file mode 100644
index 000000000..d57c86749
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/SubscribeUserToNotification.json
@@ -0,0 +1,165 @@
+{
+ "name": "SubscribeUserToNotification",
+ "fully_qualified_name": "OktaApi.SubscribeUserToNotification@0.1.0",
+ "description": "Subscribe a user to a specific notification type.\n\nUse this tool to subscribe the current user to a specified notification type in Okta. Access is denied if attempting to subscribe for another user.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "current_user_id",
+ "required": true,
+ "description": "The unique identifier of the current user to subscribe to the notification. Only the current user's ID is allowed.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": ""
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "userId"
+ },
+ {
+ "name": "notification_type",
+ "required": true,
+ "description": "Specify the type of notification to subscribe the user to. Choose from: AD_AGENT, AGENT_AUTO_UPDATE_NOTIFICATION, AGENT_AUTO_UPDATE_NOTIFICATION_LDAP, APP_IMPORT, CONNECTOR_AGENT, IWA_AGENT, LDAP_AGENT, OKTA_ANNOUNCEMENT, OKTA_UPDATE, RATELIMIT_NOTIFICATION, REPORT_SUSPICIOUS_ACTIVITY, USER_DEPROVISION, USER_LOCKED_OUT.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": [
+ "AD_AGENT",
+ "AGENT_AUTO_UPDATE_NOTIFICATION",
+ "AGENT_AUTO_UPDATE_NOTIFICATION_LDAP",
+ "APP_IMPORT",
+ "CONNECTOR_AGENT",
+ "IWA_AGENT",
+ "LDAP_AGENT",
+ "OKTA_ANNOUNCEMENT",
+ "OKTA_UPDATE",
+ "RATELIMIT_NOTIFICATION",
+ "REPORT_SUSPICIOUS_ACTIVITY",
+ "USER_DEPROVISION",
+ "USER_LOCKED_OUT"
+ ],
+ "properties": null,
+ "inner_properties": null,
+ "description": ""
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "notificationType"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'subscribeByNotificationTypeUser'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.users.manage"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/users/{userId}/subscriptions/{notificationType}/subscribe",
+ "http_method": "POST",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "userId",
+ "tool_parameter_name": "current_user_id",
+ "description": "",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": ""
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ },
+ {
+ "name": "notificationType",
+ "tool_parameter_name": "notification_type",
+ "description": "",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": [
+ "AD_AGENT",
+ "AGENT_AUTO_UPDATE_NOTIFICATION",
+ "AGENT_AUTO_UPDATE_NOTIFICATION_LDAP",
+ "APP_IMPORT",
+ "CONNECTOR_AGENT",
+ "IWA_AGENT",
+ "LDAP_AGENT",
+ "OKTA_ANNOUNCEMENT",
+ "OKTA_UPDATE",
+ "RATELIMIT_NOTIFICATION",
+ "REPORT_SUSPICIOUS_ACTIVITY",
+ "USER_DEPROVISION",
+ "USER_LOCKED_OUT"
+ ],
+ "properties": null,
+ "inner_properties": null,
+ "description": ""
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/SuspendDevice.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/SuspendDevice.json
new file mode 100644
index 000000000..f38864dc8
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/SuspendDevice.json
@@ -0,0 +1,105 @@
+{
+ "name": "SuspendDevice",
+ "fully_qualified_name": "OktaApi.SuspendDevice@0.1.0",
+ "description": "Suspend a device by setting its status to 'SUSPENDED'.\n\nThis tool is used to suspend a device in Okta by changing its status to 'SUSPENDED'. This status allows for temporary suspension intended for operations like creating and deleting device user links. It is a non-destructive, reversible status that can be lifted by unsuspending or deactivating the device.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "device_id",
+ "required": true,
+ "description": "The unique identifier (ID) of the device to be suspended. This ID is required for executing the suspension operation.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "`id` of the device"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "deviceId"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'suspendDevice'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.devices.manage"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/devices/{deviceId}/lifecycle/suspend",
+ "http_method": "POST",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "deviceId",
+ "tool_parameter_name": "device_id",
+ "description": "`id` of the device",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "`id` of the device"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/SuspendUser.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/SuspendUser.json
new file mode 100644
index 000000000..05f43dc15
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/SuspendUser.json
@@ -0,0 +1,105 @@
+{
+ "name": "SuspendUser",
+ "fully_qualified_name": "OktaApi.SuspendUser@0.1.0",
+ "description": "Suspend an active user in Okta.\n\nThis tool suspends a user with an active status in Okta, preventing sign-ins but retaining group and app assignments. It should be used only for users who are currently active.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "user_identifier",
+ "required": true,
+ "description": "An ID, login, or unambiguous login shortname of an existing active Okta user to suspend.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "An ID, login, or login shortname (as long as the shortname is unambiguous) of an existing Okta user"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "id"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'suspendUser'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.users.manage"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/users/{id}/lifecycle/suspend",
+ "http_method": "POST",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "id",
+ "tool_parameter_name": "user_identifier",
+ "description": "An ID, login, or login shortname (as long as the shortname is unambiguous) of an existing Okta user",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "An ID, login, or login shortname (as long as the shortname is unambiguous) of an existing Okta user"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/UnassignAppInstanceFromAdminRole.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/UnassignAppInstanceFromAdminRole.json
new file mode 100644
index 000000000..4a7300fb4
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/UnassignAppInstanceFromAdminRole.json
@@ -0,0 +1,201 @@
+{
+ "name": "UnassignAppInstanceFromAdminRole",
+ "fully_qualified_name": "OktaApi.UnassignAppInstanceFromAdminRole@0.1.0",
+ "description": "Unassign an app instance target from an admin role.\n\nUse this tool to unassign a specific app instance target from an `APP_ADMIN` role assigned to an admin user. Note that you cannot remove the last app instance target from a role assignment to avoid exceptions. If a role needs to apply to all apps, consider deleting and recreating the `APP_ADMIN` role assignment.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "okta_user_id",
+ "required": true,
+ "description": "ID of an existing Okta user to unassign the app instance target from.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "ID of an existing Okta user"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "userId"
+ },
+ {
+ "name": "role_assignment_id",
+ "required": true,
+ "description": "The unique identifier for the role assignment to unassign the app instance from.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "The `id` of the role assignment"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "roleAssignmentId"
+ },
+ {
+ "name": "app_name",
+ "required": true,
+ "description": "The official name of the app definition, as found in the OIN catalog.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Name of the app definition (the OIN catalog app key name)"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "appName"
+ },
+ {
+ "name": "application_id",
+ "required": true,
+ "description": "The unique identifier for the application instance to be unassigned from the admin role.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Application ID"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "appId"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'unassignAppInstanceTargetFromAdminRoleForUser'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.roles.manage"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/users/{userId}/roles/{roleAssignmentId}/targets/catalog/apps/{appName}/{appId}",
+ "http_method": "DELETE",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "userId",
+ "tool_parameter_name": "okta_user_id",
+ "description": "ID of an existing Okta user",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "ID of an existing Okta user"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ },
+ {
+ "name": "roleAssignmentId",
+ "tool_parameter_name": "role_assignment_id",
+ "description": "The `id` of the role assignment",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "The `id` of the role assignment"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ },
+ {
+ "name": "appName",
+ "tool_parameter_name": "app_name",
+ "description": "Name of the app definition (the OIN catalog app key name)",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Name of the app definition (the OIN catalog app key name)"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ },
+ {
+ "name": "appId",
+ "tool_parameter_name": "application_id",
+ "description": "Application ID",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Application ID"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/UnassignAppInstanceRoleGroup.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/UnassignAppInstanceRoleGroup.json
new file mode 100644
index 000000000..ef307e1b6
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/UnassignAppInstanceRoleGroup.json
@@ -0,0 +1,201 @@
+{
+ "name": "UnassignAppInstanceRoleGroup",
+ "fully_qualified_name": "OktaApi.UnassignAppInstanceRoleGroup@0.1.0",
+ "description": "Unassign an app instance target from a group's APP_ADMIN role.\n\nUse this tool to remove an app instance target from a group's APP_ADMIN role assignment. Note that this operation cannot remove the last app instance target. For a role assignment that applies to all apps, delete the role assignment instead.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "group_id",
+ "required": true,
+ "description": "The unique identifier of the group from which the app instance target will be unassigned.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "The `id` of the group"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "groupId"
+ },
+ {
+ "name": "role_assignment_id",
+ "required": true,
+ "description": "The ID of the role assignment to be unassigned from the group.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "The `id` of the role assignment"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "roleAssignmentId"
+ },
+ {
+ "name": "app_name",
+ "required": true,
+ "description": "Name of the app definition from the OIN catalog used to identify the app instance.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Name of the app definition (the OIN catalog app key name)"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "appName"
+ },
+ {
+ "name": "application_id",
+ "required": true,
+ "description": "The unique identifier for the application to be unassigned from the group role.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Application ID"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "appId"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'unassignAppInstanceTargetToAppAdminRoleForGroup'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.roles.manage"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/groups/{groupId}/roles/{roleAssignmentId}/targets/catalog/apps/{appName}/{appId}",
+ "http_method": "DELETE",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "groupId",
+ "tool_parameter_name": "group_id",
+ "description": "The `id` of the group",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "The `id` of the group"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ },
+ {
+ "name": "roleAssignmentId",
+ "tool_parameter_name": "role_assignment_id",
+ "description": "The `id` of the role assignment",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "The `id` of the role assignment"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ },
+ {
+ "name": "appName",
+ "tool_parameter_name": "app_name",
+ "description": "Name of the app definition (the OIN catalog app key name)",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Name of the app definition (the OIN catalog app key name)"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ },
+ {
+ "name": "appId",
+ "tool_parameter_name": "application_id",
+ "description": "Application ID",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Application ID"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/UnassignAppInstanceTarget.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/UnassignAppInstanceTarget.json
new file mode 100644
index 000000000..77e70b836
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/UnassignAppInstanceTarget.json
@@ -0,0 +1,201 @@
+{
+ "name": "UnassignAppInstanceTarget",
+ "fully_qualified_name": "OktaApi.UnassignAppInstanceTarget@0.1.0",
+ "description": "Unassign an app instance target from a client app role.\n\nThis tool removes an app instance target from a role assignment within a client application. It should be called when you need to unassign a specific app instance from a client app's role, ensuring you have more than one target assigned. For removing all targets, delete the whole role assignment instead.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "client_app_id",
+ "required": true,
+ "description": "The unique identifier for the client application from which an app instance target will be unassigned.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Client app ID"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "clientId"
+ },
+ {
+ "name": "role_assignment_id",
+ "required": true,
+ "description": "The ID of the role assignment to be unassigned from the app instance target.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "The `id` of the role assignment"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "roleAssignmentId"
+ },
+ {
+ "name": "app_name",
+ "required": true,
+ "description": "Specify the name of the app definition from the OIN catalog (app key name) to unassign the target from the client role.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Name of the app definition (the OIN catalog app key name)"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "appName"
+ },
+ {
+ "name": "application_id",
+ "required": true,
+ "description": "The unique identifier for the application to unassign from the role. This should match the app's ID in the OIN catalog.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Application ID"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "appId"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'removeAppTargetInstanceRoleForClient'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.roles.manage"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/oauth2/v1/clients/{clientId}/roles/{roleAssignmentId}/targets/catalog/apps/{appName}/{appId}",
+ "http_method": "DELETE",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "clientId",
+ "tool_parameter_name": "client_app_id",
+ "description": "Client app ID",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Client app ID"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ },
+ {
+ "name": "roleAssignmentId",
+ "tool_parameter_name": "role_assignment_id",
+ "description": "The `id` of the role assignment",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "The `id` of the role assignment"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ },
+ {
+ "name": "appName",
+ "tool_parameter_name": "app_name",
+ "description": "Name of the app definition (the OIN catalog app key name)",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Name of the app definition (the OIN catalog app key name)"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ },
+ {
+ "name": "appId",
+ "tool_parameter_name": "application_id",
+ "description": "Application ID",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Application ID"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/UnassignAppRoleFromClient.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/UnassignAppRoleFromClient.json
new file mode 100644
index 000000000..4f51bca4f
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/UnassignAppRoleFromClient.json
@@ -0,0 +1,169 @@
+{
+ "name": "UnassignAppRoleFromClient",
+ "fully_qualified_name": "OktaApi.UnassignAppRoleFromClient@0.1.0",
+ "description": "Unassigns a role target from a client app in Okta.\n\nUse this tool to unassign an OIN app target for a role assignment from a client app in Okta. Note that you cannot remove the last OIN app target from a role assignment. If a role assignment needs to apply to all apps, delete the existing assignment and create a new one.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "client_app_id",
+ "required": true,
+ "description": "The unique identifier for the client application from which to unassign the role.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Client app ID"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "clientId"
+ },
+ {
+ "name": "role_assignment_id",
+ "required": true,
+ "description": "The ID of the role assignment to unassign from the client app. Must be a valid string identifier.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "The `id` of the role assignment"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "roleAssignmentId"
+ },
+ {
+ "name": "app_name",
+ "required": true,
+ "description": "The name of the app definition from the OIN catalog, used to unassign the target role.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Name of the app definition (the OIN catalog app key name)"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "appName"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'removeAppTargetRoleFromClient'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.roles.manage"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/oauth2/v1/clients/{clientId}/roles/{roleAssignmentId}/targets/catalog/apps/{appName}",
+ "http_method": "DELETE",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "clientId",
+ "tool_parameter_name": "client_app_id",
+ "description": "Client app ID",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Client app ID"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ },
+ {
+ "name": "roleAssignmentId",
+ "tool_parameter_name": "role_assignment_id",
+ "description": "The `id` of the role assignment",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "The `id` of the role assignment"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ },
+ {
+ "name": "appName",
+ "tool_parameter_name": "app_name",
+ "description": "Name of the app definition (the OIN catalog app key name)",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Name of the app definition (the OIN catalog app key name)"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/UnassignAppTargetFromAdminRole.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/UnassignAppTargetFromAdminRole.json
new file mode 100644
index 000000000..daaba90d1
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/UnassignAppTargetFromAdminRole.json
@@ -0,0 +1,169 @@
+{
+ "name": "UnassignAppTargetFromAdminRole",
+ "fully_qualified_name": "OktaApi.UnassignAppTargetFromAdminRole@0.1.0",
+ "description": "Unassign an app target from an admin role for a group.\n\nUse this tool to remove an OIN app target from an `APP_ADMIN` role assigned to a group in Okta. Note: You can't remove the last app target from a role assignment. If needed, delete the entire `APP_ADMIN` role and create a new one for all apps.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "group_id",
+ "required": true,
+ "description": "The unique identifier of the group from which the app target is unassigned.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "The `id` of the group"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "groupId"
+ },
+ {
+ "name": "role_assignment_id",
+ "required": true,
+ "description": "The ID of the role assignment to be unassigned from the group.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "The `id` of the role assignment"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "roleAssignmentId"
+ },
+ {
+ "name": "app_name",
+ "required": true,
+ "description": "Name of the app definition, corresponding to the OIN catalog app key name.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Name of the app definition (the OIN catalog app key name)"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "appName"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'unassignAppTargetToAdminRoleForGroup'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.roles.manage"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/groups/{groupId}/roles/{roleAssignmentId}/targets/catalog/apps/{appName}",
+ "http_method": "DELETE",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "groupId",
+ "tool_parameter_name": "group_id",
+ "description": "The `id` of the group",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "The `id` of the group"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ },
+ {
+ "name": "roleAssignmentId",
+ "tool_parameter_name": "role_assignment_id",
+ "description": "The `id` of the role assignment",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "The `id` of the role assignment"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ },
+ {
+ "name": "appName",
+ "tool_parameter_name": "app_name",
+ "description": "Name of the app definition (the OIN catalog app key name)",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Name of the app definition (the OIN catalog app key name)"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/UnassignGroupAdminRole.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/UnassignGroupAdminRole.json
new file mode 100644
index 000000000..e7b2796a4
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/UnassignGroupAdminRole.json
@@ -0,0 +1,169 @@
+{
+ "name": "UnassignGroupAdminRole",
+ "fully_qualified_name": "OktaApi.UnassignGroupAdminRole@0.1.0",
+ "description": "Unassign a group target from an admin role.\n\nRemove a group target from admin roles such as USER_ADMIN, HELP_DESK_ADMIN, or GROUP_MEMBERSHIP_ADMIN assigned to a group.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "group_id",
+ "required": true,
+ "description": "The unique identifier of the group from which an admin role is being unassigned.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "The `id` of the group"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "groupId"
+ },
+ {
+ "name": "role_assignment_id",
+ "required": true,
+ "description": "The ID of the role assignment to unassign from the group.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "The `id` of the role assignment"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "roleAssignmentId"
+ },
+ {
+ "name": "target_group_id",
+ "required": true,
+ "description": "The unique identifier of the group target to be unassigned from the admin role.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": ""
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "targetGroupId"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'unassignGroupTargetFromGroupAdminRole'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.roles.manage"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/groups/{groupId}/roles/{roleAssignmentId}/targets/groups/{targetGroupId}",
+ "http_method": "DELETE",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "groupId",
+ "tool_parameter_name": "group_id",
+ "description": "The `id` of the group",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "The `id` of the group"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ },
+ {
+ "name": "roleAssignmentId",
+ "tool_parameter_name": "role_assignment_id",
+ "description": "The `id` of the role assignment",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "The `id` of the role assignment"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ },
+ {
+ "name": "targetGroupId",
+ "tool_parameter_name": "target_group_id",
+ "description": "",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": ""
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/UnassignGroupFromApp.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/UnassignGroupFromApp.json
new file mode 100644
index 000000000..51b0be25f
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/UnassignGroupFromApp.json
@@ -0,0 +1,137 @@
+{
+ "name": "UnassignGroupFromApp",
+ "fully_qualified_name": "OktaApi.UnassignGroupFromApp@0.1.0",
+ "description": "Unassign a group from a specific application.\n\nUse this tool to remove the association between a group and an application in Okta. It should be called when you need to revoke a group's access to a specific app.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "application_id",
+ "required": true,
+ "description": "The unique identifier of the application to unassign the group from.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Application ID"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "appId"
+ },
+ {
+ "name": "group_id",
+ "required": true,
+ "description": "The unique identifier for the group to be unassigned from the application.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "The `id` of the group"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "groupId"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'unassignApplicationFromGroup'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.apps.manage"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/apps/{appId}/groups/{groupId}",
+ "http_method": "DELETE",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "appId",
+ "tool_parameter_name": "application_id",
+ "description": "Application ID",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Application ID"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ },
+ {
+ "name": "groupId",
+ "tool_parameter_name": "group_id",
+ "description": "The `id` of the group",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "The `id` of the group"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/UnassignGroupFromUserAdminRole.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/UnassignGroupFromUserAdminRole.json
new file mode 100644
index 000000000..1a0749572
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/UnassignGroupFromUserAdminRole.json
@@ -0,0 +1,169 @@
+{
+ "name": "UnassignGroupFromUserAdminRole",
+ "fully_qualified_name": "OktaApi.UnassignGroupFromUserAdminRole@0.1.0",
+ "description": "Unassign a group from a user's admin role.\n\nUse this tool to unassign a group target from a `USER_ADMIN`, `HELP_DESK_ADMIN`, or `GROUP_MEMBERSHIP_ADMIN` role for an admin user. Note that you cannot remove the last group target if it causes an exception. Consider deleting and recreating the role assignment if needed.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "okta_user_id",
+ "required": true,
+ "description": "The unique identifier for an existing Okta user to be used in unassigning a group from their admin role.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "ID of an existing Okta user"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "userId"
+ },
+ {
+ "name": "role_assignment_id",
+ "required": true,
+ "description": "The ID of the role assignment to unassign a group from.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "The `id` of the role assignment"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "roleAssignmentId"
+ },
+ {
+ "name": "group_id",
+ "required": true,
+ "description": "The unique identifier for the group to be unassigned from the admin role.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "The `id` of the group"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "groupId"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'unassignGroupTargetFromUserAdminRole'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.roles.manage"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/users/{userId}/roles/{roleAssignmentId}/targets/groups/{groupId}",
+ "http_method": "DELETE",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "userId",
+ "tool_parameter_name": "okta_user_id",
+ "description": "ID of an existing Okta user",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "ID of an existing Okta user"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ },
+ {
+ "name": "roleAssignmentId",
+ "tool_parameter_name": "role_assignment_id",
+ "description": "The `id` of the role assignment",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "The `id` of the role assignment"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ },
+ {
+ "name": "groupId",
+ "tool_parameter_name": "group_id",
+ "description": "The `id` of the group",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "The `id` of the group"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/UnassignMemberFromRole.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/UnassignMemberFromRole.json
new file mode 100644
index 000000000..50831ea58
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/UnassignMemberFromRole.json
@@ -0,0 +1,169 @@
+{
+ "name": "UnassignMemberFromRole",
+ "fully_qualified_name": "OktaApi.UnassignMemberFromRole@0.1.0",
+ "description": "Unassign a member from a role resource set binding.\n\nUse this tool to remove a member from a specific role resource set binding in Okta by providing the member ID, role ID, and resource set ID.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "resource_set_id_or_label",
+ "required": true,
+ "description": "The `id` or `label` of the resource set to unassign a member from a role.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "`id` or `label` of the resource set"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "resourceSetIdOrLabel"
+ },
+ {
+ "name": "role_identifier_or_label",
+ "required": true,
+ "description": "Provide the ID or label of the role for unassignment.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "`id` or `label` of the role"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "roleIdOrLabel"
+ },
+ {
+ "name": "member_id",
+ "required": true,
+ "description": "The unique identifier for the member to be unassigned from the role.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "`id` of the member"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "memberId"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'unassignMemberFromBinding'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.roles.manage"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/iam/resource-sets/{resourceSetIdOrLabel}/bindings/{roleIdOrLabel}/members/{memberId}",
+ "http_method": "DELETE",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "resourceSetIdOrLabel",
+ "tool_parameter_name": "resource_set_id_or_label",
+ "description": "`id` or `label` of the resource set",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "`id` or `label` of the resource set"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ },
+ {
+ "name": "roleIdOrLabel",
+ "tool_parameter_name": "role_identifier_or_label",
+ "description": "`id` or `label` of the role",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "`id` or `label` of the role"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ },
+ {
+ "name": "memberId",
+ "tool_parameter_name": "member_id",
+ "description": "`id` of the member",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "`id` of the member"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/UnassignRoleFromClient.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/UnassignRoleFromClient.json
new file mode 100644
index 000000000..5fd188d42
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/UnassignRoleFromClient.json
@@ -0,0 +1,137 @@
+{
+ "name": "UnassignRoleFromClient",
+ "fully_qualified_name": "OktaApi.UnassignRoleFromClient@0.1.0",
+ "description": "Unassigns a role from a client app in Okta.\n\nUse this tool to remove a specific role assignment from a client app in Okta, specified by the role assignment ID and client ID.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "client_app_id",
+ "required": true,
+ "description": "The unique identifier for the client application from which the role will be unassigned.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Client app ID"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "clientId"
+ },
+ {
+ "name": "role_assignment_id",
+ "required": true,
+ "description": "The unique identifier for the role assignment to be unassigned from the client app.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "The `id` of the role assignment"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "roleAssignmentId"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'deleteRoleFromClient'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.roles.manage"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/oauth2/v1/clients/{clientId}/roles/{roleAssignmentId}",
+ "http_method": "DELETE",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "clientId",
+ "tool_parameter_name": "client_app_id",
+ "description": "Client app ID",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Client app ID"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ },
+ {
+ "name": "roleAssignmentId",
+ "tool_parameter_name": "role_assignment_id",
+ "description": "The `id` of the role assignment",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "The `id` of the role assignment"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/UnassignRoleFromGroup.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/UnassignRoleFromGroup.json
new file mode 100644
index 000000000..b098b7845
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/UnassignRoleFromGroup.json
@@ -0,0 +1,137 @@
+{
+ "name": "UnassignRoleFromGroup",
+ "fully_qualified_name": "OktaApi.UnassignRoleFromGroup@0.1.0",
+ "description": "Unassign a role from a specified group.\n\nUse this tool to unassign a specific role from a group by providing the roleAssignmentId and groupId. This tool is helpful for managing group roles within an organization.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "group_id",
+ "required": true,
+ "description": "The unique identifier of the group from which the role will be unassigned.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "The `id` of the group"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "groupId"
+ },
+ {
+ "name": "role_assignment_id",
+ "required": true,
+ "description": "The ID of the role assignment to unassign from a group.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "The `id` of the role assignment"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "roleAssignmentId"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'unassignRoleFromGroup'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.roles.manage"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/groups/{groupId}/roles/{roleAssignmentId}",
+ "http_method": "DELETE",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "groupId",
+ "tool_parameter_name": "group_id",
+ "description": "The `id` of the group",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "The `id` of the group"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ },
+ {
+ "name": "roleAssignmentId",
+ "tool_parameter_name": "role_assignment_id",
+ "description": "The `id` of the role assignment",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "The `id` of the role assignment"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/UnassignUserFromApp.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/UnassignUserFromApp.json
new file mode 100644
index 000000000..88a45f7db
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/UnassignUserFromApp.json
@@ -0,0 +1,169 @@
+{
+ "name": "UnassignUserFromApp",
+ "fully_qualified_name": "OktaApi.UnassignUserFromApp@0.1.0",
+ "description": "Unassign a user from a specified application.\n\nUse this tool to unassign a user from an application when managing directory services like Active Directory or LDAP. Note that this operation is irreversible and may deactivate the user in the target application if provisioning is enabled.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "application_id",
+ "required": true,
+ "description": "The unique identifier for the application from which the user will be unassigned. This ID is necessary to specify the target application.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Application ID"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "appId"
+ },
+ {
+ "name": "user_id",
+ "required": true,
+ "description": "The unique identifier for an existing Okta user to be unassigned from the application.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "ID of an existing Okta user"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "userId"
+ },
+ {
+ "name": "send_deactivation_email",
+ "required": false,
+ "description": "Set to true to send a deactivation email to the administrator upon unassignment.",
+ "value_schema": {
+ "val_type": "boolean",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Sends a deactivation email to the administrator if `true`"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "sendEmail"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'unassignUserFromApplication'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.apps.manage"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/apps/{appId}/users/{userId}",
+ "http_method": "DELETE",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "sendEmail",
+ "tool_parameter_name": "send_deactivation_email",
+ "description": "Sends a deactivation email to the administrator if `true`",
+ "value_schema": {
+ "val_type": "boolean",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Sends a deactivation email to the administrator if `true`"
+ },
+ "accepted_as": "query",
+ "required": false,
+ "deprecated": false,
+ "documentation_urls": []
+ },
+ {
+ "name": "appId",
+ "tool_parameter_name": "application_id",
+ "description": "Application ID",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Application ID"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ },
+ {
+ "name": "userId",
+ "tool_parameter_name": "user_id",
+ "description": "ID of an existing Okta user",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "ID of an existing Okta user"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/UnassignUserRole.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/UnassignUserRole.json
new file mode 100644
index 000000000..9c3b3a415
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/UnassignUserRole.json
@@ -0,0 +1,137 @@
+{
+ "name": "UnassignUserRole",
+ "fully_qualified_name": "OktaApi.UnassignUserRole@0.1.0",
+ "description": "Unassign a role from a specific user.\n\nThis tool removes a role assignment from a user based on provided `userId` and `roleAssignmentId`. It should be called when a user's role needs to be unassigned.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "user_id",
+ "required": true,
+ "description": "ID of an existing Okta user to unassign the role from.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "ID of an existing Okta user"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "userId"
+ },
+ {
+ "name": "role_assignment_id",
+ "required": true,
+ "description": "The ID of the role assignment to be unassigned from the user.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "The `id` of the role assignment"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "roleAssignmentId"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'unassignRoleFromUser'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.roles.manage"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/users/{userId}/roles/{roleAssignmentId}",
+ "http_method": "DELETE",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "userId",
+ "tool_parameter_name": "user_id",
+ "description": "ID of an existing Okta user",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "ID of an existing Okta user"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ },
+ {
+ "name": "roleAssignmentId",
+ "tool_parameter_name": "role_assignment_id",
+ "description": "The `id` of the role assignment",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "The `id` of the role assignment"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/UnenrollUserFactor.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/UnenrollUserFactor.json
new file mode 100644
index 000000000..55ef1b6e3
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/UnenrollUserFactor.json
@@ -0,0 +1,169 @@
+{
+ "name": "UnenrollUserFactor",
+ "fully_qualified_name": "OktaApi.UnenrollUserFactor@0.1.0",
+ "description": "Unenroll a factor from a specified user.\n\nThis tool unenrolls an existing factor for a specified user in Okta. It cannot unenroll a factor from a deactivated user. Use this to allow a user to enroll a new factor instead. Unenrolling certain factors may automatically unenroll related factors.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "user_id",
+ "required": true,
+ "description": "ID of an existing Okta user to unenroll the factor from.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "ID of an existing Okta user"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "userId"
+ },
+ {
+ "name": "user_factor_id",
+ "required": true,
+ "description": "ID of the existing user factor to be unenrolled.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "ID of an existing user factor"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "factorId"
+ },
+ {
+ "name": "remove_phone_number_as_recovery_method",
+ "required": false,
+ "description": "If true, removes the phone number as both a recovery method and a factor. Applicable only for 'sms' and 'call' factors.",
+ "value_schema": {
+ "val_type": "boolean",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "If `true`, removes the phone number as both a recovery method and a factor. This parameter is only used for the `sms` and `call` factors."
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "removeRecoveryEnrollment"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'unenrollFactor'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.users.manage"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/users/{userId}/factors/{factorId}",
+ "http_method": "DELETE",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "removeRecoveryEnrollment",
+ "tool_parameter_name": "remove_phone_number_as_recovery_method",
+ "description": "If `true`, removes the phone number as both a recovery method and a factor. This parameter is only used for the `sms` and `call` factors.",
+ "value_schema": {
+ "val_type": "boolean",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "If `true`, removes the phone number as both a recovery method and a factor. This parameter is only used for the `sms` and `call` factors."
+ },
+ "accepted_as": "query",
+ "required": false,
+ "deprecated": false,
+ "documentation_urls": []
+ },
+ {
+ "name": "userId",
+ "tool_parameter_name": "user_id",
+ "description": "ID of an existing Okta user",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "ID of an existing Okta user"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ },
+ {
+ "name": "factorId",
+ "tool_parameter_name": "user_factor_id",
+ "description": "ID of an existing user factor",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "ID of an existing user factor"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/UnlinkUserFromIdentityProvider.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/UnlinkUserFromIdentityProvider.json
new file mode 100644
index 000000000..d8281fd2b
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/UnlinkUserFromIdentityProvider.json
@@ -0,0 +1,137 @@
+{
+ "name": "UnlinkUserFromIdentityProvider",
+ "fully_qualified_name": "OktaApi.UnlinkUserFromIdentityProvider@0.1.0",
+ "description": "Unlink a user from their identity provider in Okta.\n\nThis tool unlinks an Okta user from their associated identity provider, requiring them to re-link their account upon next federation. Use this when you need to disconnect a user from a specific IdP.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "identity_provider_id",
+ "required": true,
+ "description": "The unique identifier for the Identity Provider (IdP) to unlink the user from.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "`id` of IdP"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "idpId"
+ },
+ {
+ "name": "okta_user_id",
+ "required": true,
+ "description": "The unique identifier of an existing Okta user to be unlinked from the IdP.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "ID of an existing Okta user"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "userId"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'unlinkUserFromIdentityProvider'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.idps.manage"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/idps/{idpId}/users/{userId}",
+ "http_method": "DELETE",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "idpId",
+ "tool_parameter_name": "identity_provider_id",
+ "description": "`id` of IdP",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "`id` of IdP"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ },
+ {
+ "name": "userId",
+ "tool_parameter_name": "okta_user_id",
+ "description": "ID of an existing Okta user",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "ID of an existing Okta user"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/UnlockUserAccount.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/UnlockUserAccount.json
new file mode 100644
index 000000000..dc92b50cb
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/UnlockUserAccount.json
@@ -0,0 +1,105 @@
+{
+ "name": "UnlockUserAccount",
+ "fully_qualified_name": "OktaApi.UnlockUserAccount@0.1.0",
+ "description": "Unlock a user account with a LOCKED_OUT status.\n\nThis tool unlocks a user account that is either in a `LOCKED_OUT` status or an `ACTIVE` status blocked from unknown devices, making it `ACTIVE` so they can sign in. Works with Okta-sourced users.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "user_identifier",
+ "required": true,
+ "description": "An ID, login name, or unique shortname of the existing Okta user to be unlocked.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "An ID, login, or login shortname (as long as the shortname is unambiguous) of an existing Okta user"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "id"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'unlockUser'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.users.manage"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/users/{id}/lifecycle/unlock",
+ "http_method": "POST",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "id",
+ "tool_parameter_name": "user_identifier",
+ "description": "An ID, login, or login shortname (as long as the shortname is unambiguous) of an existing Okta user",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "An ID, login, or login shortname (as long as the shortname is unambiguous) of an existing Okta user"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/UnsubscribeRoleFromNotification.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/UnsubscribeRoleFromNotification.json
new file mode 100644
index 000000000..9b9d6a32c
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/UnsubscribeRoleFromNotification.json
@@ -0,0 +1,165 @@
+{
+ "name": "UnsubscribeRoleFromNotification",
+ "fully_qualified_name": "OktaApi.UnsubscribeRoleFromNotification@0.1.0",
+ "description": "Unsubscribes a role from a specific notification type.\n\nUse this tool to unsubscribe a specified role from a particular notification type in Okta. Role unsubscriptions take precedence over individual user settings for notifications.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "role_reference",
+ "required": true,
+ "description": "A reference to an existing role. Standard roles require a `roleType`, while Custom Roles require a `roleId`.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "A reference to an existing role. Standard roles require a `roleType`, while Custom Roles require a `roleId`. See [Standard Roles](/openapi/okta-management/guides/roles/#standard-roles)."
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "roleRef"
+ },
+ {
+ "name": "notification_type",
+ "required": true,
+ "description": "Specifies the type of notification to unsubscribe the role from. Options include system updates, user actions, and agent alerts.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": [
+ "AD_AGENT",
+ "AGENT_AUTO_UPDATE_NOTIFICATION",
+ "AGENT_AUTO_UPDATE_NOTIFICATION_LDAP",
+ "APP_IMPORT",
+ "CONNECTOR_AGENT",
+ "IWA_AGENT",
+ "LDAP_AGENT",
+ "OKTA_ANNOUNCEMENT",
+ "OKTA_UPDATE",
+ "RATELIMIT_NOTIFICATION",
+ "REPORT_SUSPICIOUS_ACTIVITY",
+ "USER_DEPROVISION",
+ "USER_LOCKED_OUT"
+ ],
+ "properties": null,
+ "inner_properties": null,
+ "description": ""
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "notificationType"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'unsubscribeByNotificationTypeRole'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.roles.manage"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/roles/{roleRef}/subscriptions/{notificationType}/unsubscribe",
+ "http_method": "POST",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "roleRef",
+ "tool_parameter_name": "role_reference",
+ "description": "A reference to an existing role. Standard roles require a `roleType`, while Custom Roles require a `roleId`. See [Standard Roles](/openapi/okta-management/guides/roles/#standard-roles).",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "A reference to an existing role. Standard roles require a `roleType`, while Custom Roles require a `roleId`. See [Standard Roles](/openapi/okta-management/guides/roles/#standard-roles)."
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ },
+ {
+ "name": "notificationType",
+ "tool_parameter_name": "notification_type",
+ "description": "",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": [
+ "AD_AGENT",
+ "AGENT_AUTO_UPDATE_NOTIFICATION",
+ "AGENT_AUTO_UPDATE_NOTIFICATION_LDAP",
+ "APP_IMPORT",
+ "CONNECTOR_AGENT",
+ "IWA_AGENT",
+ "LDAP_AGENT",
+ "OKTA_ANNOUNCEMENT",
+ "OKTA_UPDATE",
+ "RATELIMIT_NOTIFICATION",
+ "REPORT_SUSPICIOUS_ACTIVITY",
+ "USER_DEPROVISION",
+ "USER_LOCKED_OUT"
+ ],
+ "properties": null,
+ "inner_properties": null,
+ "description": ""
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/UnsubscribeUserNotification.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/UnsubscribeUserNotification.json
new file mode 100644
index 000000000..51d0f900b
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/UnsubscribeUserNotification.json
@@ -0,0 +1,165 @@
+{
+ "name": "UnsubscribeUserNotification",
+ "fully_qualified_name": "OktaApi.UnsubscribeUserNotification@0.1.0",
+ "description": "Unsubscribe a user from a specific notification type.\n\nUse this tool to unsubscribe the current user from a specified notification type. This should be called when a user wants to stop receiving certain notifications. Only applicable to the current user; will return an error if attempted for another user.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "current_user_id",
+ "required": true,
+ "description": "The ID of the current user unsubscribing from the notification type. Must be the ID of the user making the request.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": ""
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "userId"
+ },
+ {
+ "name": "notification_type",
+ "required": true,
+ "description": "Specifies the type of notification to unsubscribe from. Valid types include 'AD_AGENT', 'APP_IMPORT', 'USER_LOCKED_OUT', etc.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": [
+ "AD_AGENT",
+ "AGENT_AUTO_UPDATE_NOTIFICATION",
+ "AGENT_AUTO_UPDATE_NOTIFICATION_LDAP",
+ "APP_IMPORT",
+ "CONNECTOR_AGENT",
+ "IWA_AGENT",
+ "LDAP_AGENT",
+ "OKTA_ANNOUNCEMENT",
+ "OKTA_UPDATE",
+ "RATELIMIT_NOTIFICATION",
+ "REPORT_SUSPICIOUS_ACTIVITY",
+ "USER_DEPROVISION",
+ "USER_LOCKED_OUT"
+ ],
+ "properties": null,
+ "inner_properties": null,
+ "description": ""
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "notificationType"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'unsubscribeByNotificationTypeUser'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.users.manage"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/users/{userId}/subscriptions/{notificationType}/unsubscribe",
+ "http_method": "POST",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "userId",
+ "tool_parameter_name": "current_user_id",
+ "description": "",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": ""
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ },
+ {
+ "name": "notificationType",
+ "tool_parameter_name": "notification_type",
+ "description": "",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": [
+ "AD_AGENT",
+ "AGENT_AUTO_UPDATE_NOTIFICATION",
+ "AGENT_AUTO_UPDATE_NOTIFICATION_LDAP",
+ "APP_IMPORT",
+ "CONNECTOR_AGENT",
+ "IWA_AGENT",
+ "LDAP_AGENT",
+ "OKTA_ANNOUNCEMENT",
+ "OKTA_UPDATE",
+ "RATELIMIT_NOTIFICATION",
+ "REPORT_SUSPICIOUS_ACTIVITY",
+ "USER_DEPROVISION",
+ "USER_LOCKED_OUT"
+ ],
+ "properties": null,
+ "inner_properties": null,
+ "description": ""
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/UnsuspendDevice.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/UnsuspendDevice.json
new file mode 100644
index 000000000..29e020476
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/UnsuspendDevice.json
@@ -0,0 +1,105 @@
+{
+ "name": "UnsuspendDevice",
+ "fully_qualified_name": "OktaApi.UnsuspendDevice@0.1.0",
+ "description": "Unsuspend a device to return its status to ACTIVE.\n\nUse this tool to change a device's status from SUSPENDED to ACTIVE. It is applicable only for devices that are currently suspended.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "device_id",
+ "required": true,
+ "description": "The unique `id` of the device to unsuspend. This ID is required and should refer to a device with a `SUSPENDED` status.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "`id` of the device"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "deviceId"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'unsuspendDevice'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.devices.manage"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/devices/{deviceId}/lifecycle/unsuspend",
+ "http_method": "POST",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "deviceId",
+ "tool_parameter_name": "device_id",
+ "description": "`id` of the device",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "`id` of the device"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/UnsuspendUser.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/UnsuspendUser.json
new file mode 100644
index 000000000..d4874e564
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/UnsuspendUser.json
@@ -0,0 +1,105 @@
+{
+ "name": "UnsuspendUser",
+ "fully_qualified_name": "OktaApi.UnsuspendUser@0.1.0",
+ "description": "Unsuspend a user and return them to ACTIVE state.\n\nUse this tool to activate a user who is currently suspended, provided they have a SUSPENDED status. This is useful for reactivating users who were previously deactivated.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "user_identifier",
+ "required": true,
+ "description": "An ID, login, or login shortname (unambiguous) of an existing Okta user to unsuspend.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "An ID, login, or login shortname (as long as the shortname is unambiguous) of an existing Okta user"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "id"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'unsuspendUser'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.users.manage"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/users/{id}/lifecycle/unsuspend",
+ "http_method": "POST",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "id",
+ "tool_parameter_name": "user_identifier",
+ "description": "An ID, login, or login shortname (as long as the shortname is unambiguous) of an existing Okta user",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "An ID, login, or login shortname (as long as the shortname is unambiguous) of an existing Okta user"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/UpdateDefaultProvisioningConnection.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/UpdateDefaultProvisioningConnection.json
new file mode 100644
index 000000000..f87998a2b
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/UpdateDefaultProvisioningConnection.json
@@ -0,0 +1,169 @@
+{
+ "name": "UpdateDefaultProvisioningConnection",
+ "fully_qualified_name": "OktaApi.UpdateDefaultProvisioningConnection@0.1.0",
+ "description": "Updates the default provisioning connection for an app.\n\nUse this tool to update the default provisioning connection for a specific application in Okta. This is typically called when changes to app provisioning configurations are needed.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "application_id",
+ "required": true,
+ "description": "The unique identifier for the specific application whose provisioning connection is to be updated.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Application ID"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "appId"
+ },
+ {
+ "name": "request_body_data",
+ "required": true,
+ "description": "JSON object with data needed to update the provisioning connection. Ensure it includes necessary fields for the app.",
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": ""
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "requestBody"
+ },
+ {
+ "name": "activate_provisioning_connection",
+ "required": false,
+ "description": "Set to true to activate the provisioning connection; false to keep it inactive.",
+ "value_schema": {
+ "val_type": "boolean",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Activates the provisioning connection"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "activate"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'updateDefaultProvisioningConnectionForApplication'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.apps.manage"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/apps/{appId}/connections/default",
+ "http_method": "POST",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "activate",
+ "tool_parameter_name": "activate_provisioning_connection",
+ "description": "Activates the provisioning connection",
+ "value_schema": {
+ "val_type": "boolean",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Activates the provisioning connection"
+ },
+ "accepted_as": "query",
+ "required": false,
+ "deprecated": false,
+ "documentation_urls": []
+ },
+ {
+ "name": "appId",
+ "tool_parameter_name": "application_id",
+ "description": "Application ID",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Application ID"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ },
+ {
+ "name": "requestBody",
+ "tool_parameter_name": "request_body_data",
+ "description": "",
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": ""
+ },
+ "accepted_as": "body",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/UpdateFeatureLifecycle.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/UpdateFeatureLifecycle.json
new file mode 100644
index 000000000..1db3abaf3
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/UpdateFeatureLifecycle.json
@@ -0,0 +1,175 @@
+{
+ "name": "UpdateFeatureLifecycle",
+ "fully_qualified_name": "OktaApi.UpdateFeatureLifecycle@0.1.0",
+ "description": "Enable or disable a feature's lifecycle status in Okta.\n\nUse this tool to update the lifecycle status of a feature, enabling or disabling it within your organization in Okta. Optionally, use 'mode=force' to override dependencies and ensure the feature's status change.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "feature_id",
+ "required": true,
+ "description": "The unique ID of the feature to update its lifecycle status.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "`id` of the feature"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "featureId"
+ },
+ {
+ "name": "feature_lifecycle_status",
+ "required": true,
+ "description": "Indicates whether to ENABLE or DISABLE the feature.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": [
+ "DISABLE",
+ "ENABLE"
+ ],
+ "properties": null,
+ "inner_properties": null,
+ "description": "Whether to `ENABLE` or `DISABLE` the feature"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "lifecycle"
+ },
+ {
+ "name": "force_mode",
+ "required": false,
+ "description": "Set to 'force' to override dependencies when enabling or disabling a feature.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Indicates if you want to force enable or disable a feature. Supported value is `force`."
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "mode"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'updateFeatureLifecycle'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.features.manage"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/features/{featureId}/{lifecycle}",
+ "http_method": "POST",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "mode",
+ "tool_parameter_name": "force_mode",
+ "description": "Indicates if you want to force enable or disable a feature. Supported value is `force`.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Indicates if you want to force enable or disable a feature. Supported value is `force`."
+ },
+ "accepted_as": "query",
+ "required": false,
+ "deprecated": false,
+ "documentation_urls": []
+ },
+ {
+ "name": "featureId",
+ "tool_parameter_name": "feature_id",
+ "description": "`id` of the feature",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "`id` of the feature"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ },
+ {
+ "name": "lifecycle",
+ "tool_parameter_name": "feature_lifecycle_status",
+ "description": "Whether to `ENABLE` or `DISABLE` the feature",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": [
+ "DISABLE",
+ "ENABLE"
+ ],
+ "properties": null,
+ "inner_properties": null,
+ "description": "Whether to `ENABLE` or `DISABLE` the feature"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/UpdateOktaGroupProfile.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/UpdateOktaGroupProfile.json
new file mode 100644
index 000000000..5f9de4ae8
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/UpdateOktaGroupProfile.json
@@ -0,0 +1,189 @@
+{
+ "name": "UpdateOktaGroupProfile",
+ "fully_qualified_name": "OktaApi.UpdateOktaGroupProfile@0.1.0",
+ "description": "Update the profile of an OKTA_GROUP type in your organization.\n\nUse this tool to replace the profile for a group of the OKTA_GROUP type in your Okta organization. This tool is suitable for modifying group profiles not managed by app imports. Ensure the group type is OKTA_GROUP, as APP_GROUP types like Active Directory groups cannot be modified with this tool.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "group_id",
+ "required": true,
+ "description": "The unique identifier for the group to be updated in Okta. This must be an OKTA_GROUP type.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "The `id` of the group"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "groupId"
+ },
+ {
+ "name": "group_profile",
+ "required": true,
+ "description": "JSON object containing standard and custom profile properties for an OKTA_GROUP type. It includes fields like 'name' and 'description'.",
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": {
+ "profile": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": {
+ "description": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Description of the group"
+ },
+ "name": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Name of the group"
+ }
+ },
+ "inner_properties": null,
+ "description": "Profile for any group that is not imported from Active Directory. Specifies the standard\nand custom profile properties for a group.\n\nThe `objectClass` for these groups is `okta:user_group`."
+ }
+ },
+ "inner_properties": null,
+ "description": ""
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "requestBody"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'replaceGroup'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.groups.manage"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/groups/{groupId}",
+ "http_method": "PUT",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "groupId",
+ "tool_parameter_name": "group_id",
+ "description": "The `id` of the group",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "The `id` of the group"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ },
+ {
+ "name": "requestBody",
+ "tool_parameter_name": "group_profile",
+ "description": "",
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": {
+ "profile": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": {
+ "description": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Description of the group"
+ },
+ "name": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Name of the group"
+ }
+ },
+ "inner_properties": null,
+ "description": "Profile for any group that is not imported from Active Directory. Specifies the standard\nand custom profile properties for a group.\n\nThe `objectClass` for these groups is `okta:user_group`."
+ }
+ },
+ "inner_properties": null,
+ "description": ""
+ },
+ "accepted_as": "body",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/UpdateSessionExpiry.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/UpdateSessionExpiry.json
new file mode 100644
index 000000000..7e0943d1d
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/UpdateSessionExpiry.json
@@ -0,0 +1,105 @@
+{
+ "name": "UpdateSessionExpiry",
+ "fully_qualified_name": "OktaApi.UpdateSessionExpiry@0.1.0",
+ "description": "Refresh an existing user session by ID for updated expiration.\n\nThis tool is used to refresh an existing user session by providing the session ID. It returns the refreshed session with an updated expiration timestamp after a successful operation.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "session_id",
+ "required": true,
+ "description": "The unique ID of the session to be refreshed. This ID is necessary to identify and update the session's expiration.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "`id` of the Session"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "sessionId"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'refreshSession'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.sessions.manage"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/sessions/{sessionId}/lifecycle/refresh",
+ "http_method": "POST",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "sessionId",
+ "tool_parameter_name": "session_id",
+ "description": "`id` of the Session",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "`id` of the Session"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/VerifyDomainStatus.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/VerifyDomainStatus.json
new file mode 100644
index 000000000..832706699
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/VerifyDomainStatus.json
@@ -0,0 +1,105 @@
+{
+ "name": "VerifyDomainStatus",
+ "fully_qualified_name": "OktaApi.VerifyDomainStatus@0.1.0",
+ "description": "Verify the status of a custom domain and DNS records.\n\nThis tool checks the verification status of a custom domain by domainId and validates DNS records. If the certificate source is OKTA_MANAGED, it attempts to manage, obtain, and install a certificate.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "domain_id",
+ "required": true,
+ "description": "The unique identifier for the domain to verify.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "`id` of the Domain"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "domainId"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'verifyDomain'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.domains.manage"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/domains/{domainId}/verify",
+ "http_method": "POST",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "domainId",
+ "tool_parameter_name": "domain_id",
+ "description": "`id` of the Domain",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "`id` of the Domain"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/VerifyEmailDomain.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/VerifyEmailDomain.json
new file mode 100644
index 000000000..f220697de
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/VerifyEmailDomain.json
@@ -0,0 +1,105 @@
+{
+ "name": "VerifyEmailDomain",
+ "fully_qualified_name": "OktaApi.VerifyEmailDomain@0.1.0",
+ "description": "Verify the status of an email domain.\n\nThis tool verifies an email domain using the unique `emailDomainId`. It should be called when there's a need to confirm the verification status of a specific email domain.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "email_domain_id",
+ "required": true,
+ "description": "The unique identifier for the email domain to be verified.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": ""
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "emailDomainId"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'verifyEmailDomain'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.emailDomains.manage"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/email-domains/{emailDomainId}/verify",
+ "http_method": "POST",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "emailDomainId",
+ "tool_parameter_name": "email_domain_id",
+ "description": "",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": ""
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/VerifyEventHook.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/VerifyEventHook.json
new file mode 100644
index 000000000..0cad1d73f
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/VerifyEventHook.json
@@ -0,0 +1,105 @@
+{
+ "name": "VerifyEventHook",
+ "fully_qualified_name": "OktaApi.VerifyEventHook@0.1.0",
+ "description": "Verify the status of an Okta event hook.\n\nThis tool verifies if an Okta event hook is correctly set up by matching the `eventHookId`. It ensures the event hook can receive events by confirming its status as either `ACTIVE` or `VERIFIED`. Call this tool to check the readiness of an event hook in Okta.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "event_hook_id",
+ "required": true,
+ "description": "The unique identifier for the Event Hook to verify its setup and status.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "`id` of the Event Hook"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "eventHookId"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'verifyEventHook'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.eventHooks.manage"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/eventHooks/{eventHookId}/lifecycle/verify",
+ "http_method": "POST",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "eventHookId",
+ "tool_parameter_name": "event_hook_id",
+ "description": "`id` of the Event Hook",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "`id` of the Event Hook"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/arcade_okta_api/wrapper_tools/VerifyOauth2Connection.json b/toolkits/okta_api/arcade_okta_api/wrapper_tools/VerifyOauth2Connection.json
new file mode 100644
index 000000000..4eaeece0b
--- /dev/null
+++ b/toolkits/okta_api/arcade_okta_api/wrapper_tools/VerifyOauth2Connection.json
@@ -0,0 +1,211 @@
+{
+ "name": "VerifyOauth2Connection",
+ "fully_qualified_name": "OktaApi.VerifyOauth2Connection@0.1.0",
+ "description": "Verify OAuth 2.0 provisioning for specific applications.\n\nThis tool verifies the OAuth 2.0-based connection as part of the consent flow for provisioning setup. It is specifically used with Office 365, Google, Zoom, and Slack applications. Use this tool to confirm that the last step of the OAuth provisioning process is complete.",
+ "toolkit": {
+ "name": "ArcadeOktaApi",
+ "description": null,
+ "version": "0.1.0"
+ },
+ "input": {
+ "parameters": [
+ {
+ "name": "application_name",
+ "required": true,
+ "description": "Specifies the application for OAuth 2.0 provisioning. Must be one of: google, office365, slack, zoomus.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": [
+ "google",
+ "office365",
+ "slack",
+ "zoomus"
+ ],
+ "properties": null,
+ "inner_properties": null,
+ "description": ""
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "appName"
+ },
+ {
+ "name": "application_id",
+ "required": true,
+ "description": "The unique identifier for the application. Use this to specify which application's OAuth 2.0 connection is being verified.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Application ID"
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "appId"
+ },
+ {
+ "name": "authorization_code",
+ "required": false,
+ "description": "The authorization code received after the OAuth 2.0 consent flow. This code is used to verify the provisioning connection for the application.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": ""
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "code"
+ },
+ {
+ "name": "oauth2_state_parameter",
+ "required": false,
+ "description": "A unique string to maintain state between the request and callback in the OAuth consent process.",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": ""
+ },
+ "inferrable": true,
+ "http_endpoint_parameter_name": "state"
+ }
+ ]
+ },
+ "output": {
+ "description": "Response from the API endpoint 'verifyProvisioningConnectionForApplication'.",
+ "available_modes": [
+ "value",
+ "error",
+ "null"
+ ],
+ "value_schema": {
+ "val_type": "json",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": null
+ }
+ },
+ "requirements": {
+ "authorization": {
+ "provider_id": "arcade-okta",
+ "provider_type": "oauth2",
+ "id": null,
+ "oauth2": {
+ "scopes": [
+ "okta.apps.manage"
+ ]
+ }
+ },
+ "secrets": null,
+ "metadata": null
+ },
+ "deprecation_message": null,
+ "metadata": {
+ "object_type": "api_wrapper_tool",
+ "version": "1.0.0",
+ "description": "Tools that enable LLMs to interact directly with the okta API."
+ },
+ "http_endpoint": {
+ "metadata": {
+ "object_type": "http_endpoint",
+ "version": "1.0.0",
+ "description": ""
+ },
+ "url": "https://{yourOktaDomain}/api/v1/apps/{appName}/{appId}/oauth2/callback",
+ "http_method": "POST",
+ "headers": {},
+ "parameters": [
+ {
+ "name": "code",
+ "tool_parameter_name": "authorization_code",
+ "description": "",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": ""
+ },
+ "accepted_as": "query",
+ "required": false,
+ "deprecated": false,
+ "documentation_urls": []
+ },
+ {
+ "name": "state",
+ "tool_parameter_name": "oauth2_state_parameter",
+ "description": "",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": ""
+ },
+ "accepted_as": "query",
+ "required": false,
+ "deprecated": false,
+ "documentation_urls": []
+ },
+ {
+ "name": "appName",
+ "tool_parameter_name": "application_name",
+ "description": "",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": [
+ "google",
+ "office365",
+ "slack",
+ "zoomus"
+ ],
+ "properties": null,
+ "inner_properties": null,
+ "description": ""
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ },
+ {
+ "name": "appId",
+ "tool_parameter_name": "application_id",
+ "description": "Application ID",
+ "value_schema": {
+ "val_type": "string",
+ "inner_val_type": null,
+ "enum": null,
+ "properties": null,
+ "inner_properties": null,
+ "description": "Application ID"
+ },
+ "accepted_as": "path",
+ "required": true,
+ "deprecated": false,
+ "documentation_urls": []
+ }
+ ],
+ "documentation_urls": [],
+ "secrets": [
+ {
+ "arcade_key": "auth_token",
+ "parameter_name": "Authorization",
+ "accepted_as": "header",
+ "formatted_value": "Bearer {authorization}",
+ "description": "The OAuth token to use for authentication.",
+ "is_auth_token": true
+ }
+ ]
+ }
+}
diff --git a/toolkits/okta_api/pyproject.toml b/toolkits/okta_api/pyproject.toml
new file mode 100644
index 000000000..fd6cbed9f
--- /dev/null
+++ b/toolkits/okta_api/pyproject.toml
@@ -0,0 +1,59 @@
+[build-system]
+requires = [ "hatchling",]
+build-backend = "hatchling.build"
+
+[project]
+name = "arcade_okta_api"
+version = "0.1.0"
+description = "Tools that enable LLMs to interact directly with the okta API."
+requires-python = ">=3.10"
+dependencies = [
+ "arcade-tdk>=2.0.0,<3.0.0",
+]
+[[project.authors]]
+email = "support@arcade.dev"
+
+
+[project.optional-dependencies]
+dev = [
+ "arcade-ai[evals]>=2.2.3,<3.0.0",
+ "arcade-serve>=2.0.0,<3.0.0",
+ "pytest>=8.3.0,<8.4.0",
+ "pytest-cov>=4.0.0,<4.1.0",
+ "pytest-mock>=3.11.1,<3.12.0",
+ "pytest-asyncio>=0.24.0,<0.25.0",
+ "mypy>=1.5.1,<1.6.0",
+ "pre-commit>=3.4.0,<3.5.0",
+ "tox>=4.11.1,<4.12.0",
+ "ruff>=0.7.4,<0.8.0",
+]
+
+# Tell Arcade.dev that this package is a toolkit
+[project.entry-points.arcade_toolkits]
+toolkit_name = "arcade_okta_api"
+
+# Use local path sources for arcade libs when working locally
+[tool.uv.sources]
+arcade-ai = { path = "../../", editable = true }
+arcade-serve = { path = "../../libs/arcade-serve/", editable = true }
+arcade-tdk = { path = "../../libs/arcade-tdk/", editable = true }
+[tool.mypy]
+files = [ "arcade_okta_api/**/*.py",]
+python_version = "3.10"
+disallow_untyped_defs = "True"
+disallow_any_unimported = "True"
+no_implicit_optional = "True"
+check_untyped_defs = "True"
+warn_return_any = "True"
+warn_unused_ignores = "True"
+show_error_codes = "True"
+ignore_missing_imports = "True"
+
+[tool.pytest.ini_options]
+testpaths = [ "tests",]
+
+[tool.coverage.report]
+skip_empty = true
+
+[tool.hatch.build.targets.wheel]
+packages = [ "arcade_okta_api",]
diff --git a/toolkits/okta_api/tests/__init__.py b/toolkits/okta_api/tests/__init__.py
new file mode 100644
index 000000000..e69de29bb
diff --git a/toolkits/worker.toml b/toolkits/worker.toml
new file mode 100644
index 000000000..37d5e6446
--- /dev/null
+++ b/toolkits/worker.toml
@@ -0,0 +1,10 @@
+[[worker]]
+
+[worker.config]
+id = "demo-worker"
+enabled = true
+timeout = 30
+retries = 3
+secret = "023632bd6fe5f18364bbe115456b2225"
+[worker.local_source]
+packages = [ "./okta_api",]