> ## Documentation Index
> Fetch the complete documentation index at: https://explore.airia.com/llms.txt
> Use this file to discover all available pages before exploring further.
# Okta
> Manage Okta user accounts from inside an agent workflow.
Okta actions let an agent manage user accounts directly in a flow. An agent can create, update, look up, list, and delete users, then pass the results to later steps.
## Supported actions
| Group | Actions |
| -------- | ------------------------------------ |
| **User** | Create, Update, Get, Get All, Delete |
## Prerequisites
Generate an API token in your Okta admin console, then store it as an **Okta** credential in [Credential Management](/admin-hub/account_settings/credential-management). Select that credential on every Okta action.
## How to use these actions
* **Map text inputs from earlier steps.** Inputs such as **First Name**, **Last Name**, and **Email** accept a value mapped from a previous step.
* **Toggles and Limit take fixed values.** The **Activate** and **Send Email** toggles and the **Limit** take fixed values.
* **Login must be an email address.** The **Login** is the username and must be formatted as an email address.
* **Get accepts an ID or a login.** The Get action accepts either a user ID or a login email.
* **Get All searches with Okta filter syntax.** Use **Search Query** with Okta filter expressions such as `profile.lastName sw "Smi"`.
## Actions
### User
#### Okta User Create
Creates a new user.
| Input | Required | Description |
| ---------------- | -------- | ---------------------------------------------------------- |
| **First Name** | Yes | The user's first name. |
| **Last Name** | Yes | The user's last name. |
| **Email** | Yes | The user's email address. |
| **Login** | Yes | The username, which must be formatted as an email address. |
| **Activate** | No | Whether to activate the user on creation. Defaults to on. |
| **Mobile Phone** | No | The user's mobile phone number. |
| **Second Email** | No | A secondary email address for the user. |
| **Department** | No | The user's department. |
| **Title** | No | The user's job title. |
| **Display Name** | No | The name shown for the user. |
#### Okta User Update
Updates an existing user.
| Input | Required | Description |
| ---------------- | -------- | ---------------------------------------------------------- |
| **User ID** | Yes | The unique identifier of the user to update. |
| **First Name** | No | The user's first name. |
| **Last Name** | No | The user's last name. |
| **Email** | No | The user's email address. |
| **Login** | No | The username, which must be formatted as an email address. |
| **Mobile Phone** | No | The user's mobile phone number. |
| **Second Email** | No | A secondary email address for the user. |
| **Department** | No | The user's department. |
| **Title** | No | The user's job title. |
| **Display Name** | No | The name shown for the user. |
#### Okta User Get
Retrieves a user.
| Input | Required | Description |
| ----------- | -------- | ------------------------------------------------------------ |
| **User ID** | Yes | A user ID or a login email identifying the user to retrieve. |
#### Okta User Get All
Lists users.
| Input | Required | Description |
| ---------------- | -------- | ------------------------------------------------------------------------------ |
| **Search Query** | No | An Okta filter expression to match users, such as `profile.lastName sw "Smi"`. |
| **Limit** | No | Maximum number of users to return, from 1 to 200. Defaults to 200. |
#### Okta User Delete
Deletes a user.
| Input | Required | Description |
| -------------- | -------- | --------------------------------------------------------------------------- |
| **User ID** | Yes | The unique identifier of the user to delete. |
| **Send Email** | No | Whether to send a deactivation email to the administrator. Defaults to off. |
## Example
An agent that provisions an account for a new hire:
An **Okta User Get All** action sets **Search Query** to a filter on the new hire's email so a model step can confirm no account already exists.
An **Okta User Create** action sets **First Name**, **Last Name**, **Email**, and **Login**, and leaves **Activate** on to enable the account.
A model step summarizes the result, including the returned user ID, for the activity log.
## Troubleshooting
Confirm the stored API token is valid and has not expired or been revoked, and that it has permission to manage users in your Okta org.
The **Login** is the username and must be formatted as an email address. Supply a value such as `jdoe@example.com`.
The value passed to **User ID** does not match a user. Get accepts either a user ID or a login email. Use **Okta User Get All** to confirm the user before referencing it.
**Search Query** must use Okta filter syntax, for example `profile.lastName sw "Smi"`. An expression that does not parse returns no results.
For issues common to every vendor, see the [Actions overview](/building-and-deploying-agents/agent-basics/actions/overview#troubleshooting).