Tracecat

Okta MCP server

Manage users, groups, applications, and access policies across your Okta tenant.

Identity
stdio
Official docs

About

Connect Tracecat to Okta to drive the IAM backbone the same way a SOC analyst or IAM engineer would for phishing response, suspicious sign-in triage, and offboarding. You can list users, deactivate a compromised account, and revoke group memberships from a workflow. From there, search Okta System Log for the full sign-in trail, review authentication policies, and audit app assignments with every action traceable back to the agent and the connected admin account.

Setup

  1. 1

    Sign in with OAuth

    You'll authorize Tracecat to access Okta on your behalf. No API keys to manage.

  2. 2

    Select the Okta tile in the Tracecat MCP catalog

    Open the MCP catalog in your workspace, select the Okta tile, and complete the OAuth flow.

  3. 3

    Enable Okta in your agent

    In your ai.agent action or Agents tools tab, select Okta from the MCP integrations dropdown.

Tools

list_users

List Okta users with filters for status, profile attributes, and search query.

get_user

Fetch a single user's profile, credentials metadata, and group memberships.

deactivate_user

Deactivate a user as part of a JML or incident response runbook.

list_groups

List Okta groups with type, source, and member counts.

add_user_to_group

Grant a user access by adding them to an Okta group.

remove_user_from_group

Revoke access by removing a user from an Okta group.

list_applications

List app integrations in the tenant with sign-on mode and assignment counts.

list_policies

List access, authentication, or password policies with priority order.

get_logs

Pull Okta System Log events for investigation and audit trails.

Deploy the Okta MCP server in minutes

Connect your security agents to 50+ hosted MCP servers.

Self-host free