search

gabrielsroka / gabrielsroka.github.io

My website, including rockstar: Export Okta Users, Groups, etc. to CSV. Show SAML assertion.
https://gabrielsroka.github.io/
MIT License
92 stars 37 forks source link

Feature: Rockstar: In "Export Group Members (custom)" include how the user is "Managed" in the group #32

Closed seanorama closed 2 years ago

seanorama commented 2 years ago

In Okta, the Group member list has a column titled "Managed" which will contain:

  1. Manually managed: When the user was manually added to the group
  2. Managed by MyOktaRule: When the membership is managed by an Okta rule.

It would be useful to get this as a field in the "Export Group Members (custom)" function.

For example, when you need to audit/reconcile the manual users. Or find a common pattern for the manual users, in order to improve the Okta rule.

gabrielsroka commented 2 years ago

It would be, but it's not available via the public API.

seanorama commented 2 years ago

It would be, but it's not available via the public API.

Wow. Okta strikes again. 😭

Thanks for the quick reply.

gabrielsroka commented 2 years ago

not available via the public API

but it is available via a private API.

EDIT: see code in next comment

gabrielsroka commented 8 months ago

the code above stopped working because the private Okta API changed.

here's an updated version that uses my console: https://gabrielsroka.github.io/console

it also paginates and exports to csv

// List group members using https://gabrielsroka.github.io/console

members = []
limit = 200
start = 0
sColumns = 'user.id,user.fullName,user.login,status.statusLabel,managedBy.rules'
keys = sColumns.split(',')
do {
  url = '/admin/users/search?' + new URLSearchParams({groupId: id, iDisplayStart: start, iDisplayLength: limit, 
    iColumns: 6, sColumns, orderBy: 'membershipId',
    enableSQLQueryGenerator: true, enableESUserLookup: true, sortDirection: 'desc', sSearch: ''})
  page = await getJson(url)
  page.aaData.forEach(row => {
    member = {}
    keys.forEach((key, col) => {
        val = row[col]
        member[key] = typeof val == 'object' ? Object.entries(val).join() : val
    })
    members.push(member)
  })
  start += limit
  results.innerHTML = members.length + ' members'
  if (cancel) break
} while (members.length < page.iTotalRecords)

results.innerHTML += '<br><button id=exportCSV>Export CSV</button>'
table(members)
exportCSV.onclick = () => downloadCSV(csv(members), 'members')