From 336be926408a908cf2e3dffbddca88ba6497a195 Mon Sep 17 00:00:00 2001 From: sophiajose-okta Date: Mon, 9 Mar 2026 12:38:42 +0530 Subject: [PATCH 1/5] docker updates --- .../docs/guides/mcp-server/main/index.md | 40 +- .../guides/start-mcp-server/main/index.md | 378 ++++++++++++++---- 2 files changed, 335 insertions(+), 83 deletions(-) diff --git a/packages/@okta/vuepress-site/docs/guides/mcp-server/main/index.md b/packages/@okta/vuepress-site/docs/guides/mcp-server/main/index.md index 9f75eb88dc6..dc8a109d8ec 100644 --- a/packages/@okta/vuepress-site/docs/guides/mcp-server/main/index.md +++ b/packages/@okta/vuepress-site/docs/guides/mcp-server/main/index.md @@ -31,11 +31,43 @@ This guide explains how to initialize the Okta MCP server project and install th --- -## Install and configure the Okta MCP server +## Install the Okta MCP server -### Set up the project +You can install the Okta MCP server using one of the following two methods: -Install and configure the Okta MCP server project for integration with your chosen MCP client. +* [Method 1: Using docker](#method-1-using-docker) +* [Method 2: Using uv](#method-2-using-uv) + +### Method 1: Using docker + +Docker provides a consistent environment without needing to install Python or uv locally. + +1. Clone the repository: + + ```shell + # Clone the Git repo + git clone https://github.com/okta/okta-mcp-server.git + + # Change directory + cd okta-mcp-server + ``` + +1. Configure environment variables as follows: + + ``` + cp .env.example .env + ``` + +1. Edit .env and add your Okta credentials. + +1. Build and run with docker compose: + ``` + docker-compose up -d + ``` + +### Method 2: Using uv + +Use this method for local development or if you prefer a lightweight Python environment. 1. Initialize the Okta MCP server project: @@ -57,4 +89,4 @@ Install and configure the Okta MCP server project for integration with your chos ## Next steps -[Set up Okta app authentication](/docs/guides/configure-mcp-authentication/main/) for the Okta MCP server to create the required credentials and grant API scopes. +[Set up Okta app authentication](/docs/guides/configure-mcp-authentication/main/) for the Okta MCP server to create the required credentials and grant API scopes. \ No newline at end of file diff --git a/packages/@okta/vuepress-site/docs/guides/start-mcp-server/main/index.md b/packages/@okta/vuepress-site/docs/guides/start-mcp-server/main/index.md index cc60dfa0901..8f73500e076 100644 --- a/packages/@okta/vuepress-site/docs/guides/start-mcp-server/main/index.md +++ b/packages/@okta/vuepress-site/docs/guides/start-mcp-server/main/index.md @@ -49,96 +49,316 @@ The Okta MCP server works with any MCP-compatible client. While this guide focus 1. Open the **Copilot chat** view in VS Code. 1. Enable agent mode by following the steps in the [VS Code documentation](https://code.visualstudio.com/docs/copilot/chat/chat-agent-mode#_enable-agent-mode-in-vs-code). 1. Update your VS Code settings to include the Okta MCP server configuration: - * Press `Command + Shift + P` (MacOS) or `Ctrl + Shift + P` (Windows) open the command palette. + * Press `Command + Shift + P` (macOS) or `Ctrl + Shift + P` (Windows) open the command palette. * Type "Preferences: Open User Settings (JSON)" and press **Enter**. 1. Define the connection parameters for the Okta MCP server: * Create a folder named `.vscode` in your project directory. * Create a file named `mcp.json` in the `.vscode` folder. +1. Add the required configuration to your `mcp.json` file by copying the appropriate JSON file and save it using one of the following options: + * [Option 1: Configure using docker](#option-1-configure-using-docker) + * [Option 2: Configure using uv](#option-2-configure-using-uv) 1. Replace `/path/to/okta-mcp-server` in the following configuration with the actual path to your cloned repository. 1. Add the following configuration to your `mcp.json` file and save it. - ```json - { - "mcp": { - "inputs": [ - { - "type": "promptString", - "description": "Okta org URL (for example, https://dev-123456.okta.com)", - "id": "OKTA_ORG_URL" - }, - { - "type": "promptString", - "description": "Okta client ID", - "id": "OKTA_CLIENT_ID", - "password": true - }, - { - "type": "promptString", - "description": "Okta scopes (separated by whitespace, e.g., 'okta.users.read okta.groups.manage')", - "id": "OKTA_SCOPES" - }, - { - "type": "promptString", - "description": "Okta private key. Required for 'browserless' auth.", - "id": "OKTA_PRIVATE_KEY", - "password": true - }, - { - "type": "promptString", - "description": "Okta key ID (KID) for the private key. Required for 'browserless' auth.", - "id": "OKTA_KEY_ID", - "password": true - } - ], - "servers": { - "okta-mcp-server": { - "command": "uv", - "args": [ - "run", - "--directory", - "/path/to/okta-mcp-server", - "okta-mcp-server" - ], - "env": { - "OKTA_ORG_URL": "${input:OKTA_ORG_URL}", - "OKTA_CLIENT_ID": "${input:OKTA_CLIENT_ID}", - "OKTA_SCOPES": "${input:OKTA_SCOPES}", - "OKTA_PRIVATE_KEY": "${input:OKTA_PRIVATE_KEY}", - "OKTA_KEY_ID": "${input:OKTA_KEY_ID}" - } +#### Option 1: Configure using docker + +Choose the authentication method that best fits your environment. + +**Private Key JWT:** +```json +{ + "mcp": { + "inputs": [ + { + "type": "promptString", + "description": "Okta Organization URL (e.g., https://dev-123456.okta.com)", + "id": "OKTA_ORG_URL" + }, + { + "type": "promptString", + "description": "Okta Client ID", + "id": "OKTA_CLIENT_ID", + "password": true + }, + { + "type": "promptString", + "description": "Okta Scopes (separated by whitespace)", + "id": "OKTA_SCOPES" + }, + { + "type": "promptString", + "description": "Okta Private Key (for browserless auth)", + "id": "OKTA_PRIVATE_KEY", + "password": true + }, + { + "type": "promptString", + "description": "Okta Key ID (for browserless auth)", + "id": "OKTA_KEY_ID", + "password": true + } + ], + "servers": { + "okta-mcp-server": { + "command": "docker", + "args": [ + "run", "-i", "--rm", + "-e", "OKTA_ORG_URL=${input:OKTA_ORG_URL}", + "-e", "OKTA_CLIENT_ID=${input:OKTA_CLIENT_ID}", + "-e", "OKTA_SCOPES=${input:OKTA_SCOPES}", + "-e", "OKTA_PRIVATE_KEY=${input:OKTA_PRIVATE_KEY}", + "-e", "OKTA_KEY_ID=${input:OKTA_KEY_ID}", + "okta-mcp-server" + ] + } + } + } +} +``` + +**Device Authorization Grant:** + +>**Note:** Device Authorization requires manual browser interaction. When the server starts, check the MCP output panel for the authentication URL, and then copy and paste it into your browser. + +```json +{ + "mcp": { + "inputs": [ + { + "type": "promptString", + "description": "Okta Organization URL (e.g., https://dev-123456.okta.com)", + "id": "OKTA_ORG_URL" + }, + { + "type": "promptString", + "description": "Okta Client ID", + "id": "OKTA_CLIENT_ID", + "password": true + }, + { + "type": "promptString", + "description": "Okta Scopes (separated by whitespace)", + "id": "OKTA_SCOPES" + } + ], + "servers": { + "okta-mcp-server": { + "command": "docker", + "args": [ + "run", "-i", "--rm", + "-v", "okta-keyring:/home/appuser/.local/share/python_keyring", + "-e", "OKTA_ORG_URL=${input:OKTA_ORG_URL}", + "-e", "OKTA_CLIENT_ID=${input:OKTA_CLIENT_ID}", + "-e", "OKTA_SCOPES=${input:OKTA_SCOPES}", + "-e", "PYTHON_KEYRING_BACKEND=keyrings.alt.file.PlaintextKeyring", + "okta-mcp-server" + ] + } + } + } +} +``` + +**Alternatively, use docker-compose:** + +This method requires an `.env` file in your repository. Use the following configuration: + +``` json +{ + "mcp": { + "servers": { + "okta-mcp-server": { + "command": "docker-compose", + "args": [ + "-f", + "/path/to/okta-mcp-server/docker-compose.yml", + "run", + "--rm", + "okta-mcp-server" + ] + } + } + } +} +``` + +**Alternatively, build and run directly:** + +Build the image + +``` +docker build -t okta-mcp-server +``` + +Run the container + +``` +docker run -i --rm \ + -e OKTA_ORG_URL="" \ + -e OKTA_CLIENT_ID="" \ + -e OKTA_SCOPES="" \ + okta-mcp-server +``` + +#### Option 2: Configure using UV + +Ensure that you replace `/path/to/okta-mcp-server` with the absolute path to your cloned repository. + +```json +{ + "mcp": { + "inputs": [ + { + "type": "promptString", + "description": "Okta org URL (for example, https://dev-123456.okta.com)", + "id": "OKTA_ORG_URL" + }, + { + "type": "promptString", + "description": "Okta client ID", + "id": "OKTA_CLIENT_ID", + "password": true + }, + { + "type": "promptString", + "description": "Okta scopes (separated by whitespace, e.g., 'okta.users.read okta.groups.manage')", + "id": "OKTA_SCOPES" + }, + { + "type": "promptString", + "description": "Okta private key. Required for 'browserless' auth.", + "id": "OKTA_PRIVATE_KEY", + "password": true + }, + { + "type": "promptString", + "description": "Okta key ID (KID) for the private key. Required for 'browserless' auth.", + "id": "OKTA_KEY_ID", + "password": true + } + ], + "servers": { + "okta-mcp-server": { + "command": "uv", + "args": [ + "run", + "--directory", + "/path/to/okta-mcp-server", + "okta-mcp-server" + ], + "env": { + "OKTA_ORG_URL": "${input:OKTA_ORG_URL}", + "OKTA_CLIENT_ID": "${input:OKTA_CLIENT_ID}", + "OKTA_SCOPES": "${input:OKTA_SCOPES}", + "OKTA_PRIVATE_KEY": "${input:OKTA_PRIVATE_KEY}", + "OKTA_KEY_ID": "${input:OKTA_KEY_ID}" } } } } - ``` +} +``` ### Configure Claude Desktop 1. Open your Claude Desktop configuration file. -1. Update the settings file with the following configuration and replace the placeholder values with your Okta credentials: - - ```json - { - "mcpServers": { - "okta-mcp-server": { - "command": "uv", - "args": [ - "run", - "--directory", - "/path/to/okta-mcp-server", - "okta-mcp-server" - ], - "env": { - "OKTA_ORG_URL": "https://your-org.okta.com", - "OKTA_CLIENT_ID": "your-client-id", - "OKTA_SCOPES": "okta.users.read okta.groups.read", - "OKTA_PRIVATE_KEY": "your-private-key-if-using-jwt", - "OKTA_KEY_ID": "your-key-id-if-using-jwt" - } - } - } - } - ``` +1. Update the settings file with the following configuration and replace the placeholder values with your Okta credentials. You can do this configuration settings update using one of the following options: + +* [Option 1: Configure using docker](#option-1-configure-using-docker-2) +* [Option 2: Configure using uv](#option-2-configure-using-uv-2) + +#### Option 1: Configure using docker + +Choose the authentication method that best fits your environment. + +**Private key JWT:** + +This method is ideal for containerized environments because it requires no browser interaction. + +```json +{ + "mcpServers": { + "okta-mcp-server": { + "command": "docker", + "args": [ + "run", "-i", "--rm", + "-e", "OKTA_ORG_URL", + "-e", "OKTA_CLIENT_ID", + "-e", "OKTA_SCOPES", + "-e", "OKTA_PRIVATE_KEY", + "-e", "OKTA_KEY_ID", + "okta-mcp-server" + ], + "env": { + "OKTA_ORG_URL": "https://your-org.okta.com", + "OKTA_CLIENT_ID": "your-client-id", + "OKTA_SCOPES": "okta.users.read okta.groups.read", + "OKTA_PRIVATE_KEY": "-----BEGIN RSA PRIVATE KEY-----\nYour private key content here\n-----END RSA PRIVATE KEY-----", + "OKTA_KEY_ID": "your-key-id" + } + } + } +} +``` + +**Device Authorization Grant:** + +Use this method if you prefer browser-based authentication. When the server starts, it displays an authentication URL in the logs. Copy and paste this URL into your browser to complete the authentication. + +>**Note:** Docker containers can’t open a browser on the host automatically. You must manually copy the URL from docker logs okta-mcp-server and paste it into your browser. + +```json +{ + "mcpServers": { + "okta-mcp-server": { + "command": "docker", + "args": [ + "run", "-i", "--rm", + "-v", "okta-keyring:/home/appuser/.local/share/python_keyring", + "-e", "OKTA_ORG_URL", + "-e", "OKTA_CLIENT_ID", + "-e", "OKTA_SCOPES", + "-e", "PYTHON_KEYRING_BACKEND=keyrings.alt.file.PlaintextKeyring", + "okta-mcp-server" + ], + "env": { + "OKTA_ORG_URL": "https://your-org.okta.com", + "OKTA_CLIENT_ID": "your-client-id", + "OKTA_SCOPES": "okta.users.read okta.groups.read" + } + } + } +} +``` + +The `-v okta-keyring:/home/appuser/.local/share/python_keyring` volume persists tokens between container restarts. + +#### Option 2: Configure using uv + +Use this configuration for local python-based execution. Replace `/path/to/okta-mcp-server` with the actual absolute path to your cloned repository. + +```json +{ + "mcpServers": { + "okta-mcp-server": { + "command": "uv", + "args": [ + "run", + "--directory", + "/path/to/okta-mcp-server", + "okta-mcp-server" + ], + "env": { + "OKTA_ORG_URL": "https://your-org.okta.com", + "OKTA_CLIENT_ID": "your-client-id", + "OKTA_SCOPES": "okta.users.read okta.groups.read", + "OKTA_PRIVATE_KEY": "your-private-key-if-using-jwt", + "OKTA_KEY_ID": "your-key-id-if-using-jwt" + } + } + } +} +``` ## Other MCP Clients @@ -168,7 +388,7 @@ The steps to start the server vary by client. To start the Okta MCP server in VS | `OKTA_PRIVATE_KEY` | Your private key in PEM format (starts with `-----BEGIN PRIVATE KEY-----`). | Private key JWT only | | `OKTA_KEY_ID` | The key ID (KID) for your private key. | Private key JWT only | - > **Note**: If you use the device authorization grant, press **Enter** to skip the `OKTA_PRIVATE_KEY` and `OKTA_KEY_ID` prompts. + > **Note**: If you use the Device Authorization grant, press **Enter** to skip the `OKTA_PRIVATE_KEY` and `OKTA_KEY_ID` prompts. 1. [Optional]: To use the Okta MCP server with other MCP clients, manually add the following configuration to your client’s configuration file and restart the app for the changes to take effect: @@ -244,8 +464,8 @@ You configured your environment variables, started the Okta MCP server, and veri Now that your Okta MCP server is running, explore advanced use cases to manage your Okta org: -* User onboarding automation: Create workflows that provision users, assign groups, and grant app access with a single command. -* Audit security logs: Query system logs to identify unusual sign-in activity or configuration changes. +* User onboarding automation: Create Workflows that provision users, assign groups, and grant app access with a single command. +* Audit security logs: Query System Logs to identify unusual sign-in activity or configuration changes. * Policy automation: Manage authentication policies and MFA requirements programmatically. -For a complete list of supported operations and tools, see the [Okta MCP server repo](https://github.com/okta/okta-mcp-server). +For a complete list of supported operations and tools, see the [Okta MCP server repo](https://github.com/okta/okta-mcp-server). \ No newline at end of file From 1ac3ed0739c23d68ca2dd54d155d86221c145fcb Mon Sep 17 00:00:00 2001 From: sophiajose-okta Date: Thu, 12 Mar 2026 09:13:33 +0530 Subject: [PATCH 2/5] test build --- .../vuepress-site/docs/guides/start-mcp-server/main/index.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/packages/@okta/vuepress-site/docs/guides/start-mcp-server/main/index.md b/packages/@okta/vuepress-site/docs/guides/start-mcp-server/main/index.md index 8f73500e076..9efadd3f35d 100644 --- a/packages/@okta/vuepress-site/docs/guides/start-mcp-server/main/index.md +++ b/packages/@okta/vuepress-site/docs/guides/start-mcp-server/main/index.md @@ -305,7 +305,7 @@ This method is ideal for containerized environments because it requires no brows Use this method if you prefer browser-based authentication. When the server starts, it displays an authentication URL in the logs. Copy and paste this URL into your browser to complete the authentication. ->**Note:** Docker containers can’t open a browser on the host automatically. You must manually copy the URL from docker logs okta-mcp-server and paste it into your browser. +>**Note:** Docker containers can’t open a browser on the host automatically. You must manually copy the URL from docker logs `okta-mcp-server` and paste it into your browser. ```json { From a5d299bc875b32981c8859fa3e2ec15d1a5bfa34 Mon Sep 17 00:00:00 2001 From: sophiajose-okta Date: Thu, 12 Mar 2026 14:29:14 +0530 Subject: [PATCH 3/5] self review --- .../vuepress-site/docs/guides/start-mcp-server/main/index.md | 1 - 1 file changed, 1 deletion(-) diff --git a/packages/@okta/vuepress-site/docs/guides/start-mcp-server/main/index.md b/packages/@okta/vuepress-site/docs/guides/start-mcp-server/main/index.md index 9efadd3f35d..8dfdccb6b88 100644 --- a/packages/@okta/vuepress-site/docs/guides/start-mcp-server/main/index.md +++ b/packages/@okta/vuepress-site/docs/guides/start-mcp-server/main/index.md @@ -58,7 +58,6 @@ The Okta MCP server works with any MCP-compatible client. While this guide focus * [Option 1: Configure using docker](#option-1-configure-using-docker) * [Option 2: Configure using uv](#option-2-configure-using-uv) 1. Replace `/path/to/okta-mcp-server` in the following configuration with the actual path to your cloned repository. -1. Add the following configuration to your `mcp.json` file and save it. #### Option 1: Configure using docker From e4aab6e57eb79c9e0c2324a3d09d33ed96d1dd0c Mon Sep 17 00:00:00 2001 From: sophiajose-okta Date: Mon, 16 Mar 2026 14:03:42 +0530 Subject: [PATCH 4/5] test --- .../docs/guides/mcp-server/main/index.md | 10 +++---- .../guides/start-mcp-server/main/index.md | 30 +++++++++---------- 2 files changed, 20 insertions(+), 20 deletions(-) diff --git a/packages/@okta/vuepress-site/docs/guides/mcp-server/main/index.md b/packages/@okta/vuepress-site/docs/guides/mcp-server/main/index.md index dc8a109d8ec..c7199a529de 100644 --- a/packages/@okta/vuepress-site/docs/guides/mcp-server/main/index.md +++ b/packages/@okta/vuepress-site/docs/guides/mcp-server/main/index.md @@ -19,7 +19,7 @@ Get started with the Okta Model Context Protocol (MCP) server setup and prerequi #### What you need * An [Okta Integrator Free Plan org](https://developer.okta.com/signup) with admin permissions. -* Select an admin role. See [Learn about administrators](https://help.okta.com/okta_help.htm?type=oie&id=administrators-learn-about-admins). +* Select an Okta admin role. See [Learn about administrators](https://help.okta.com/okta_help.htm?type=oie&id=administrators-learn-about-admins). * The [uv](https://docs.astral.sh/uv/getting-started/installation/) package manager. * [Python 3.8](https://python.org/downloads) or higher. @@ -35,10 +35,10 @@ This guide explains how to initialize the Okta MCP server project and install th You can install the Okta MCP server using one of the following two methods: -* [Method 1: Using docker](#method-1-using-docker) +* [Method 1: Using Docker](#method-1-using-docker) * [Method 2: Using uv](#method-2-using-uv) -### Method 1: Using docker +### Method 1: Using Docker Docker provides a consistent environment without needing to install Python or uv locally. @@ -60,14 +60,14 @@ Docker provides a consistent environment without needing to install Python or uv 1. Edit .env and add your Okta credentials. -1. Build and run with docker compose: +1. Build and run the environment with Docker Compose: ``` docker-compose up -d ``` ### Method 2: Using uv -Use this method for local development or if you prefer a lightweight Python environment. +Use this method for local development or if you prefer to use a lightweight Python environment. 1. Initialize the Okta MCP server project: diff --git a/packages/@okta/vuepress-site/docs/guides/start-mcp-server/main/index.md b/packages/@okta/vuepress-site/docs/guides/start-mcp-server/main/index.md index 8dfdccb6b88..428c945e815 100644 --- a/packages/@okta/vuepress-site/docs/guides/start-mcp-server/main/index.md +++ b/packages/@okta/vuepress-site/docs/guides/start-mcp-server/main/index.md @@ -54,12 +54,12 @@ The Okta MCP server works with any MCP-compatible client. While this guide focus 1. Define the connection parameters for the Okta MCP server: * Create a folder named `.vscode` in your project directory. * Create a file named `mcp.json` in the `.vscode` folder. -1. Add the required configuration to your `mcp.json` file by copying the appropriate JSON file and save it using one of the following options: - * [Option 1: Configure using docker](#option-1-configure-using-docker) +1. Add the required configuration to your `mcp.json` file by copying the appropriate JSON file. Save it using one of the following options: + * [Option 1: Configure using Docker](#option-1-configure-using-docker) * [Option 2: Configure using uv](#option-2-configure-using-uv) 1. Replace `/path/to/okta-mcp-server` in the following configuration with the actual path to your cloned repository. -#### Option 1: Configure using docker +#### Option 1: Configure using Docker Choose the authentication method that best fits your environment. @@ -115,9 +115,9 @@ Choose the authentication method that best fits your environment. } ``` -**Device Authorization Grant:** +**Device authorization grant:** ->**Note:** Device Authorization requires manual browser interaction. When the server starts, check the MCP output panel for the authentication URL, and then copy and paste it into your browser. +>**Note:** Device authorization requires manual browser interaction. When the server starts, check the MCP output panel for the authentication URL, and then copy and paste it into your browser. ```json { @@ -158,7 +158,7 @@ Choose the authentication method that best fits your environment. } ``` -**Alternatively, use docker-compose:** +**Alternatively, use Docker Compose for this task:** This method requires an `.env` file in your repository. Use the following configuration: @@ -181,7 +181,7 @@ This method requires an `.env` file in your repository. Use the following config } ``` -**Alternatively, build and run directly:** +**Alternatively, you can choose to build and run the MCP server directly:** Build the image @@ -199,7 +199,7 @@ docker run -i --rm \ okta-mcp-server ``` -#### Option 2: Configure using UV +#### Option 2: Configure using uv Ensure that you replace `/path/to/okta-mcp-server` with the absolute path to your cloned repository. @@ -261,12 +261,12 @@ Ensure that you replace `/path/to/okta-mcp-server` with the absolute path to you ### Configure Claude Desktop 1. Open your Claude Desktop configuration file. -1. Update the settings file with the following configuration and replace the placeholder values with your Okta credentials. You can do this configuration settings update using one of the following options: +1. Update the file with the following configuration. Replace the placeholder values with your Okta credentials. You can do this in one of the following ways: -* [Option 1: Configure using docker](#option-1-configure-using-docker-2) +* [Option 1: Configure using Docker](#option-1-configure-using-docker-2) * [Option 2: Configure using uv](#option-2-configure-using-uv-2) -#### Option 1: Configure using docker +#### Option 1: Configure using Docker Choose the authentication method that best fits your environment. @@ -300,11 +300,11 @@ This method is ideal for containerized environments because it requires no brows } ``` -**Device Authorization Grant:** +**Device Authorization Grant** Use this method if you prefer browser-based authentication. When the server starts, it displays an authentication URL in the logs. Copy and paste this URL into your browser to complete the authentication. ->**Note:** Docker containers can’t open a browser on the host automatically. You must manually copy the URL from docker logs `okta-mcp-server` and paste it into your browser. +>**Note:** Docker containers can’t open a browser on the host automatically. You must manually copy the URL from the Docker logs `okta-mcp-server` and paste it into your browser. ```json { @@ -330,11 +330,11 @@ Use this method if you prefer browser-based authentication. When the server star } ``` -The `-v okta-keyring:/home/appuser/.local/share/python_keyring` volume persists tokens between container restarts. +The `-v okta-keyring:/home/appuser/.local/share/python_keyring` volume ensures that tokens remain available even after the container restarts. #### Option 2: Configure using uv -Use this configuration for local python-based execution. Replace `/path/to/okta-mcp-server` with the actual absolute path to your cloned repository. +Use this configuration for a local Python-based execution. Replace `/path/to/okta-mcp-server` with the absolute path to your cloned repository. ```json { From c1ad99b059365b446fe52ef9ea5ad64b6e257a5a Mon Sep 17 00:00:00 2001 From: sophiajose-okta Date: Mon, 16 Mar 2026 14:26:08 +0530 Subject: [PATCH 5/5] further edit --- .../docs/guides/start-mcp-server/main/index.md | 18 +++++++++--------- 1 file changed, 9 insertions(+), 9 deletions(-) diff --git a/packages/@okta/vuepress-site/docs/guides/start-mcp-server/main/index.md b/packages/@okta/vuepress-site/docs/guides/start-mcp-server/main/index.md index 428c945e815..e65a9c302a9 100644 --- a/packages/@okta/vuepress-site/docs/guides/start-mcp-server/main/index.md +++ b/packages/@okta/vuepress-site/docs/guides/start-mcp-server/main/index.md @@ -81,18 +81,18 @@ Choose the authentication method that best fits your environment. }, { "type": "promptString", - "description": "Okta Scopes (separated by whitespace)", + "description": "Okta scopes (separated by whitespace)", "id": "OKTA_SCOPES" }, { "type": "promptString", - "description": "Okta Private Key (for browserless auth)", + "description": "Okta private key (for browserless authentication)", "id": "OKTA_PRIVATE_KEY", "password": true }, { "type": "promptString", - "description": "Okta Key ID (for browserless auth)", + "description": "Okta key ID (for browserless authentication)", "id": "OKTA_KEY_ID", "password": true } @@ -125,18 +125,18 @@ Choose the authentication method that best fits your environment. "inputs": [ { "type": "promptString", - "description": "Okta Organization URL (e.g., https://dev-123456.okta.com)", + "description": "Okta org URL (for example, https://dev-123456.okta.com)", "id": "OKTA_ORG_URL" }, { "type": "promptString", - "description": "Okta Client ID", + "description": "Okta client ID", "id": "OKTA_CLIENT_ID", "password": true }, { "type": "promptString", - "description": "Okta Scopes (separated by whitespace)", + "description": "Okta scopes (separated by whitespace)", "id": "OKTA_SCOPES" } ], @@ -220,7 +220,7 @@ Ensure that you replace `/path/to/okta-mcp-server` with the absolute path to you }, { "type": "promptString", - "description": "Okta scopes (separated by whitespace, e.g., 'okta.users.read okta.groups.manage')", + "description": "Okta scopes (separated by whitespace). For example, 'okta.users.read okta.groups.manage',", "id": "OKTA_SCOPES" }, { @@ -231,7 +231,7 @@ Ensure that you replace `/path/to/okta-mcp-server` with the absolute path to you }, { "type": "promptString", - "description": "Okta key ID (KID) for the private key. Required for 'browserless' auth.", + "description": "Okta key ID (KID) for the private key. This is required for browserless authentication.", "id": "OKTA_KEY_ID", "password": true } @@ -302,7 +302,7 @@ This method is ideal for containerized environments because it requires no brows **Device Authorization Grant** -Use this method if you prefer browser-based authentication. When the server starts, it displays an authentication URL in the logs. Copy and paste this URL into your browser to complete the authentication. +Use this method if you prefer browser-based authentication. When the Okta MCP server starts, it displays an authentication URL in the server logs. Copy and paste this URL into your browser to complete the authentication. >**Note:** Docker containers can’t open a browser on the host automatically. You must manually copy the URL from the Docker logs `okta-mcp-server` and paste it into your browser.