macOS
brew install okta-awsclilocal Homebrew formula metadata
brew
Okta authentication for awscli. Version 0.5.5 via Homebrew; verified 2026-05-14.
install
brew install okta-awsclilocal Homebrew formula metadata
overview
Okta authentication for awscli
history
okta-awscli is a Python command-line bridge between Okta SSO and AWS command-line credentials. It authenticates a user with Okta, obtains a SAML assertion, and exchanges that assertion for temporary AWS STS credentials that can be used by awscli, boto, boto3, and other AWS API tooling.
The GitHub repository was created on 2017-07-22. Its README positions the project as a successor-style implementation inspired by nimbusscale/okta_aws_login, with the important design difference that okta-awscli uses Okta APIs during authentication rather than scraping and parsing HTML.
The package sits in the long-running niche of enterprise AWS federation helpers. Okta developer forum threads from 2017 and AWS documentation for AssumeRoleWithSAML show the underlying need: organizations wanted AWS CLI access without distributing long-lived IAM user keys, using a corporate identity provider and AWS STS instead.
Operators configure Okta and AWS profile details in a local okta-awscli configuration file, then run the executable to populate or refresh AWS credential material. The practical workflow is less about general Okta administration and more about making federated, MFA-backed AWS access feel like normal AWS CLI profile usage.
For package nerds, okta-awscli is a good example of a small package that encodes an enterprise identity pattern: browser SSO and SAML federation collapsed into a repeatable CLI credential flow. Its continued Homebrew packaging also records the era before vendor-provided AWS federation CLIs fully absorbed this use case.
security posture
No matching local secret-handling manifest was found for okta-awscli. Nucleus package metadata is still published here so future coverage has a stable package URL.
Before unattended agent use, check whether the tool reads plaintext credentials, writes remote state, publishes artifacts, or shells out to plugins.
local files
These source-backed paths show where this package keeps local settings or durable credentials. Automic Vault can use them as review targets for secret scanning, migration, and command approval.
Config paths the tool may read or write during local use.
~/.okta-awsCredential-bearing paths to review before unattended agent runs.
~/.aws/credentials~/.okta-credentials.cacheexecutables
| Command | Kind | Exposure | Note |
|---|---|---|---|
okta-awscli | cli | global executable |
freshness
These signals separate page generation age, package-manager activity, and upstream release comparison. Version lag is warned only when an evidence URL and comparable versions are present.
https://github.com/okta-awscli/okta-awscli
install metadata
| Package key | brew:okta-awscli |
|---|---|
| Version | 0.5.5 |
| Package manager | Homebrew |
| Package manager page | https://formulae.brew.sh/formula/okta-awscli |
| Homepage | https://github.com/okta-awscli/okta-awscli |
| Repository | https://github.com/okta-awscli/okta-awscli |
| Upstream docs | https://github.com/okta-awscli/okta-awscli#readme |
| License | Apache-2.0 |
| Source archive | https://files.pythonhosted.org/packages/ed/2c/153d8ba330660d756fe6373fb4d1c13b99e63675570042de45aedf300bb7/okta-awscli-0.5.5.tar.gz |
| Last updated | 2026-05-14T09:56:38Z |
| Pulse | updated |
| Dependencies | certifi, python@3.14 |
| Bottle | available (on all) |
| Homebrew post-install | not defined |
| Service | none declared |
registry facts
| Source Database | Homebrew formula API |
|---|---|
| Tap | homebrew/core |
| Full Name | okta-awscli |
| Version Scheme | 0 |
| Revision | 9 |
| Bottle Stable Root URL | https://ghcr.io/v2/homebrew/core |
| Deprecated | no |
| Disabled | no |
| Keg Only | no |
| URL Keys |
|
source trail
This page is generated by av-web from the private package SQLite artifact built by scripts/generate-pkg-sqlite.py.
View the package source record on GitHub.