Closed ber4444 closed 2 years ago
JayNewstrom
commented
2 years ago Hi @ber4444 you're correct, the users API is not designed to be used by a client side app. I'm not aware of a way to do this given our current APIs. But I'll reach out to the team to see if anyone else is familiar with an API that could be used.
JayNewstrom
commented
2 years ago @ber4444 myaccount APIs are what you're looking for. https://developer.okta.com/docs/reference/api/myaccount/
They're still in EA, and only available with identity engine (which is what you're using if you're using this SDK).
I'm going to close this since it won't be part of this SDK, and no further actions to take.
Current example uses Oidc /v1/userinfo to pull name etc but if I want lastLogin field then /v1/users/me is needed.
Now /v1/users/me would require an api_token as opposed to an access token, which in turn would need to be shipped and hardcoded in the mobile app -- that's a security issue, since api_token comes with admin access.
Related: https://devforum.okta.com/t/api-token-to-access-small-number-of-speciic-apis/18763 https://developer.okta.com/docs/reference/api/users/#get-current-user
Is there a way to pull last login date et al from all devices the user used without exposing an admin key?