TAKO MCP Server for Okta

Enables AI assistants to securely query and manage Okta resources for IAM and security administration. It supports dual-mode operation for standard tool interaction or autonomous agent workflows with sandboxed code execution.

→ fctr-identity/fctr-okta-mcp-server · listed on glama

Is this your MCP?

Claim it to get a verified publisher badge, a free copy of our full audit findings, and direct contact for any high-priority issues we find.

Install from

Glama

M8ven verifies MCPs across every public registry — install directly from whichever one you prefer.

// key findings

✅

25 tools verified — handlers match their declared behaviour

24 read-only tools verified — handlers contain no write/delete/exec

✅

No credential exfiltration, no sensitive file access, no obfuscation

Static analysis found nothing flowing your secrets to unexpected places.

✅

Open source with a license and README

Anyone can audit the code, the license is declared, and the publisher documents what it does.

🔐

You'll be asked for 2 credentials: OKTA_API_TOKEN, SSWS_API_KEY

These are read from process.env at runtime. Make sure you trust where they’ll be sent.

// required environment variables

This server reads these from process.env. You'll be asked to provide them before it can run.

configOKTA_CLIENT_ORGURL— Yes - Okta org URL (e.g., https://example.okta.com)

configOKTA_ORG_URL

configOKTA_CONCURRENT_LIMIT— 10 Max concurrent API requests ([configure by plan](#-rate-limits))

configTOKEN_METHOD— API_TOKEN Auth method: API_TOKEN or OAUTH2

🔐 secretOKTA_API_TOKEN— API token (required if TOKEN_METHOD=API_TOKEN)

🔐 secretSSWS_API_KEY

configAPI_PROGRESS_MAX_EVENTS

configOKTA_OAUTH2_CLIENT_ID— OAuth2 client ID (required if TOKEN_METHOD=OAUTH2)

configOKTA_OAUTH2_PRIVATE_KEY_PEM— Private key in PEM format

configOKTA_OAUTH2_SCOPES— okta.users.read okta.groups.read okta.apps.read OAuth2 scopes

configOKTA_MCP_EXECUTION_TIMEOUT_SECONDS— 300 Code execution timeout

configENABLE_AGENT_MODE— Controls how the AI interacts with the server. Set via environment variable.

configMCP_HOST

configMCP_PORT

configMCP_BASE_URL— e =http://localhost:8000 \

config_MCP_HTTP_BASE_URL

configOKTA_MCP_LOG_DIR

configOKTA_MCP_LOG_LEVEL— INFO Log level: DEBUG, INFO, WARNING, ERROR

configOKTA_MCP_MAX_LOG_SIZE

configOKTA_MCP_LOG_BACKUP_COUNT

configOKTA_MCP_CONSOLE_LOGGING

// full audit trail

The full breakdown of what we checked, the deductions that landed, the network hosts, the dependency advisories, and concrete fix guidance is available to verified publishers.

// improvement guidance — verified publishers only

We have 5 concrete improvements we can share with the publisher of this MCP. Each comes with specific guidance to raise the trust score.

// embed badge in your README

[![M8ven Score](https://m8ven.ai/badge/mcp/fctr-identity-fctr-okta-mcp-server-1hiesl)](https://m8ven.ai/mcp/fctr-identity-fctr-okta-mcp-server-1hiesl)

commit: 23a98ea6d370e46cf02d5e62e5a237802e9d5636

code hash: 03276a35836ecfeb73e1c12da7b400ebda1c8ad8effc2cf9c43eaf36b4019fd2

verified: 6/17/2026, 12:10:12 PM

view raw JSON →