> ## Documentation Index > Fetch the complete documentation index at: https://bloodhound.specterops.io/llms.txt > Use this file to discover all available pages before exploring further. # Okta_AuthorizationServer > An authorization server in Okta Applies to BloodHound Enterprise and CE ## Overview Authorization servers in Okta are used to issue OAuth 2.0 access tokens for API access. They define the scopes, claims, and access policies that control how tokens are issued and what permissions they grant. Each Okta organization has a default authorization server, and administrators can create additional custom authorization servers for specific use cases. Authorization servers are represented as Okta\_AuthorizationServer nodes in BloodHound. The relationships between authorization servers and applications are currently not evaluated in BloodHound. ## Edges The tables below list edges defined by the Okta extension only. Additional edges to or from this node may be created by other extensions. ### Inbound Edges | Edge Type | Source Node Types | Traversable | | -------------------------------------------------------------------------------------- | ---------------------------------------------------------------------------- | ----------- | | [Okta\_Contains](/opengraph/extensions/okta/edges/okta_contains) | [Okta\_Organization](/opengraph/extensions/okta/nodes/okta_organization) | ✅ | | [Okta\_ResourceSetContains](/opengraph/extensions/okta/edges/okta_resourcesetcontains) | [Okta\_ResourceSet](/opengraph/extensions/okta/nodes/okta_resourceset) | ✅ | | [Okta\_ScopedTo](/opengraph/extensions/okta/edges/okta_scopedto) | [Okta\_RoleAssignment](/opengraph/extensions/okta/nodes/okta_roleassignment) | ❌ | ### Outbound Edges No outbound edges are defined by the Okta extension for this node. ## Properties | Name | Source | Type | Description | | ------------- | --------------------------- | ---------- | --------------------------------------------------------------- | | `id` | `server.id` | `string` | Unique authorization server identifier. | | `name` | `server.name` | `string` | Authorization server name. | | `displayName` | `server.name` | `string` | Display label used in BloodHound. | | `oktaDomain` | Collector context (non-API) | `string` | Okta organization domain where the authorization server exists. | | `description` | `server.description` | `string` | Human-readable server description. | | `status` | `server.status` | `string` | Current lifecycle status. | | `issuer` | `server.issuer` | `string` | Token issuer URL. | | `issuerMode` | `server.issuerMode` | `string` | Issuer mode selected in Okta. | | `audiences` | `server.audiences` | `string[]` | Allowed audience values for issued tokens. | | `created` | `server.created` | `datetime` | Authorization server creation timestamp. | | `lastUpdated` | `server.lastUpdated` | `datetime` | Last update timestamp for the server configuration. | ## Sample Property Values ```yaml theme={null} id: ausz6ipkn4u0hDzyf697 name: app creation displayName: app creation oktaDomain: contoso.okta.com status: INACTIVE issuer: https://contoso.okta.com/oauth2/ausz6ipkn4u0hDzyf697 issuerMode: DYNAMIC audiences: - test created: 2026-01-14T15:41:28+00:00 lastUpdated: 2026-01-14T16:09:30+00:00 ```