file - users.csv <div class="snippet-clipboard-content notranslate position-relati

<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/us

Bulk import into Okta,about gabrielsroka/oktaapi.psm1

Comments (25)

gabrielsroka commented on September 16, 2024

@srirao28
Import-Users calls New-OktaUser which is:
https://github.com/gabrielsroka/OktaAPI.psm1/blob/master/Modules/OktaAPI.psm1#L240-L242

from oktaapi.psm1.

srirao28 commented on September 16, 2024

Thank you for the comments !

Could you please elaborate a little more on how to achieve my above two tasks.

from oktaapi.psm1.

gabrielsroka commented on September 16, 2024

@srirao28

As I wrote in the readme file, this module assumes you're familiar with the Okta API.

For example:
https://developer.okta.com/docs/reference/api/users/#create-user-with-password

from oktaapi.psm1.

srirao28 commented on September 16, 2024

Great,

I am a begginer to powershell and so finding it difficult to consume all the pointers you are helping me with.

For now, configured a virtual box and trying to figure out by running every cmdlet you created in your module.

Will spend time to obsorb the concepts. Thank you for so much for your time !!

from oktaapi.psm1.

gabrielsroka commented on September 16, 2024

You're welcome.

If you noticed, Import-Users doesn't actually mention passwords anywhere, but there are other examples in the same file that do. If you combine the pieces together, you can probably do what you need. For example:

function Import-UsersWithPassword() {
<# Sample users.csv file. Make sure you include the header line as the first record.
login,email,firstName,lastName,password,groupId
[email protected],[email protected],Test,A1,password1,00g5gtwaaeOe7smEF0h7
[email protected],[email protected],Test,A2,password2,00g5gtwaaeOe7smEF0h7
#>
    $users = Import-Csv users.csv
    $importedUsers = @()
    foreach ($user in $users) {
        $newUser = @{
            profile = @{
                login = $user.login
                email = $user.email
                firstName = $user.firstName
                lastName = $user.lastName
            }
            credentials = @{
                password = @{
                    value = $user.password
                }
            }
            groupIds = @($user.groupId)
        }
        $message = ""
        try {
            $oktaUser = New-OktaUser $newUser $true
        } catch {
            try {
                $oktaUser = Get-OktaUser $user.login
            } catch {
                $oktaUser = $null
                $message = "Invalid user."
            }
        }
        $importedUsers += [PSCustomObject]@{id = $oktaUser.id; login = $user.login; message = $message}
    }
    $importedUsers | Export-Csv importedUsers.csv -NoTypeInformation
    "$($users.count) users read."
}

from oktaapi.psm1.

srirao28 commented on September 16, 2024

wow !!

This is really awesome and nice of you !!

I will save above contents to a file with extension .ps1 and run it for myself on my virtualbox.

Will keep you informed on my outcomes, thank you again so much !!

from oktaapi.psm1.

gabrielsroka commented on September 16, 2024

You're welcome.

May I ask why you're running virtualbox? PowerShell runs on Windows, mac and Linux (see my readme for more info).

from oktaapi.psm1.

srirao28 commented on September 16, 2024

Sure !!

I am using my work laptop, it does have PowerShell, but it has a rule that blocks me from executing any scripts. So, had to set up VBox/CentOS, configure PowerShell and trigger the script from there.

from oktaapi.psm1.

gabrielsroka commented on September 16, 2024

I see. It makes sense that it might be locked down.

Did you look at:
https://docs.microsoft.com/en-us/powershell/module/microsoft.powershell.security/set-executionpolicy?view=powershell-7.1

from oktaapi.psm1.

srirao28 commented on September 16, 2024

Thank you for the reference document !!

I will surely review and see if that works for me.

from oktaapi.psm1.

gabrielsroka commented on September 16, 2024

hi @srirao28

i'm following up. did this work for you? if so, please close this issue (or i'll do it in a few days).

you can always reopen it if necessary.

thanks.

from oktaapi.psm1.

srirao28 commented on September 16, 2024

Sorry for the delay. Yes, this did work for me, this is great !

QQ - any inputs on the best approach to create groups in okta via csv file.

When to use below snippet ?

# Create a group.
$profile = @{name = $name; description = $description}
$group = New-OktaGroup @{profile = $profile}

** planning to follow below steps:

add below function to file and name it as importgroups.ps1
prepare csv file with required group name & description.
trigger the ps1 script

# Read groups from CSV and create them in Okta.
function New-Groups() {
<# Sample groups.csv file with 2 fields. Make sure you include the header line as the first record.
name,description
PowerShell Group,Members of this group are awesome.
#>
    $groups = Import-Csv groups.csv
    $importedGroups = @()
    foreach ($group in $groups) {
        $profile = @{name = $group.name; description = $group.description}
        try {
            $oktaGroup = New-OktaGroup @{profile = $profile}                   # <---- SEE HERE
            $message = "New group"
        } catch {
            Get-Error $_
            try {
                $oktaGroup = Get-OktaGroups $group.name 'type eq "OKTA_GROUP"'
                $message = "Found group"
            } catch {
                Get-Error $_
                $oktaGroup = $null
                $message = "Invalid group"
            }
        }
        $importedGroups += [PSCustomObject]@{id = $oktaGroup.id; name = $group.name; message = $message}
    }
    $importedGroups | Export-Csv importedGroups.csv -notype
    "$($groups.count) groups read." 
}

Any inputs appreciated !!

from oktaapi.psm1.

gabrielsroka commented on September 16, 2024

the 3-line snippet is just an example of how to use New-OktaGroup by itself.

the New-Groups function already calls New-OktaGroup, in a loop, with other stuff (it's about the 12th line in the function).

here's a shorter, simpler version without error checking that might be easier to understand. see line 10 (SEE HERE)

function New-GroupsNoErrorChecking() {
<# Sample groups.csv file with 2 fields. Make sure you include the header line as the first record.
name,description
PowerShell Group,Members of this group are awesome.
#>
    $groups = Import-Csv groups.csv
    $importedGroups = @()
    foreach ($group in $groups) {
        $profile = @{name = $group.name; description = $group.description}
        $oktaGroup = New-OktaGroup @{profile = $profile}                             # <----- SEE HERE
        $importedGroups += [PSCustomObject]@{id = $oktaGroup.id; name = $group.name}
    }
    $importedGroups | Export-Csv importedGroups.csv -notype
    "$($groups.count) groups read." 
}

from oktaapi.psm1.

srirao28 commented on September 16, 2024

Nice explanation, Thank you for all your time !!

I will run it for myself and see how things works for me and share my further thoughts..

from oktaapi.psm1.

srirao28 commented on September 16, 2024

Update:

Unfortunately, your script is not working for me. Looks like I messed up something..

---contents of csv file- groups.csv
name, group description
cog-readonly, read only group - cognos
cog-admins, admin group - cognos
cog-sit, sit environment group - cognos

--- contents of ./New-Groups.ps1

#import the OktaAPI module
Import-Module OktaAPI
#Connect-Okta "<API Token>" "https://tenant.okta.com"

#function New-Groups() {
function New-Groups($csvPath){

# Sample groups.csv file with 2 fields. Make sure you include the header line as the first record.
# name,description
# PowerShell Group,Members of this group are awesome.
#
#    $groups = Import-Csv groups.csv
     $groups = Import-Csv $csvPath
    $importedGroups = @()
    foreach ($group in $groups) {
        $profile = @{name = $group.name; description = $group.description}
        try {
            $oktaGroup = New-OktaGroup @{profile = $profile}                   # <---- SEE HERE
            $message = "New group"
        } catch {
            Get-Error $_
            try {
                $oktaGroup = Get-OktaGroups $group.name 'type eq "OKTA_GROUP"'
                $message = "Found group"
            } catch {
                Get-Error $_
                $oktaGroup = $null
                $message = "Invalid group"
            }
        }
        $importedGroups += [PSCustomObject]@{id = $oktaGroup.id; name = $group.name; message = $message}
    }
    $importedGroups | Export-Csv importedGroups.csv -notype
    "$($groups.count) groups read." 
}

any suggestions appreciated !!

from oktaapi.psm1.

gabrielsroka commented on September 16, 2024

the header line in csv has to match the code that reads the CSV:

# Sample groups.csv file with 2 fields. Make sure you include the header line as the first record.
# name,description
# PowerShell Group,Members of this group are awesome.

has to match this

        $profile = @{name = $group.name; description = $group.description}

your file is using group description. change it to description and see if it works better.

from oktaapi.psm1.

srirao28 commented on September 16, 2024

Thank you for your email and details !! I did update the input file as per your recommendations. But, still no luck, will continue to get a full understanding of the logic....

…

-- contents of groups.csv name,description cogreadonly, read only group cognos cogadmins, admin group cognos cogsit, sit environment group cognos cogqa, qa environment group cognos Was checking in Okta GUI under 'Add Group' to see what fields are listed while creating a group. I see only two as you mentioned. name and description [image: image.png] Also I will spend time to get some kind of error messages once i trigger the script that way it will help to troubleshoot exact cause... Will keep you posted with more findings to take guidance from your expertise ! Thank you !! Sri #import the OktaAPI module Import-Module OktaAPI #Connect-Okta "<API Token>" "https://tenant.okta.com" Connect-Okta "<xxxxxxxxxxxxxxxxx>" "https://xxyyzzaabbccdd.okta.com" #function New-Groups() { function New-Groups($csvPath) { # Sample groups.csv file with 2 fields. Make sure you include the header line as the first record. #name,description #PowerShell Group,Members of this group are awesome. # # $groups = Import-Csv groups.csv $groups = Import-Csv $csvPath $importedGroups = @() foreach ($group in $groups) { $profile = @{name = $group.name; description = $group.description} try { $oktaGroup = New-OktaGroup @{profile = $profile} # <---- SEE HERE $message = "New group" } catch { Get-Error $_ try { $oktaGroup = Get-OktaGroups $group.name 'type eq "OKTA_GROUP"' $message = "Found group" } catch { Get-Error $_ $oktaGroup = $null $message = "Invalid group" } } $importedGroups += [PSCustomObject]@{id = $oktaGroup.id; name = $group.name; message = $message} } $importedGroups | Export-Csv importedGroups.csv -notype "$($groups.count) groups read." }

On Mon, Mar 8, 2021 at 8:52 PM Gabriel Sroka ***@***.***> wrote: the header line in csv has to match the code that reads the CSV: # Sample groups.csv file with 2 fields. Make sure you include the header line as the first record. # name,description # PowerShell Group,Members of this group are awesome. has to match this $profile = @{name = $group.name; description = $group.description} your file is using group description — You are receiving this because you were mentioned. Reply to this email directly, view it on GitHub <#17 (comment)>, or unsubscribe <https://github.com/notifications/unsubscribe-auth/ASX33LSY572N3YL3ZLSG2YLTCV5O5ANCNFSM4XGWYWEA> .

from oktaapi.psm1.

gabrielsroka commented on September 16, 2024

You said "it's not working". I would need more information in order to help you.

Are getting an error? If so, what is it? Is it doing anything? Are you calling the New-Groups function? You've defined it, but I don't see where you're calling it. Is there more code?

from oktaapi.psm1.

srirao28 commented on September 16, 2024

Thank you for the follow up !! Your questions had an hidden answer for me. I called the function within the script and now I am able to see the groups in my okta tenant. You are the best ! [image: image.png] [image: image.png] [image: image.png]

…

On Tue, Mar 9, 2021 at 12:00 PM Gabriel Sroka ***@***.***> wrote: You said "it's not working". I would need more information in order to help you. Are getting an error? If so, what is it? Is it doing anything? Are you calling the New-Groups function? You've defined it, but I don't see where you're calling it. Is there more code? — You are receiving this because you were mentioned. Reply to this email directly, view it on GitHub <#17 (comment)>, or unsubscribe <https://github.com/notifications/unsubscribe-auth/ASX33LU23SY3NJQU2FX3PS3TCZAZLANCNFSM4XGWYWEA> .

from oktaapi.psm1.

srirao28 commented on September 16, 2024

Need your expertise on the below.. I have group - cogprod already in my tenant. Trying to understand what does the script do if a group already exists.. any advice to deal with this ? PS /home/powershell/Scripts> ./New-Groups.ps1 ./groups.csv Creating group for cogprod InvalidOperation: /root/.local/share/powershell/Modules/OktaAPI/1.0.19/OktaAPI.psm1:325 Line | 325 | $responseStream = $_.Exception.Response.GetResponseStream() | ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ | Method invocation failed because [System.Net.Http.HttpResponseMessage] does not contain a method | named 'GetResponseStream'. 1 groups read.

…

On Tue, Mar 9, 2021 at 2:41 PM v s ***@***.***> wrote: Thank you for the follow up !! Your questions had an hidden answer for me. I called the function within the script and now I am able to see the groups in my okta tenant. You are the best ! [image: image.png] [image: image.png] [image: image.png] On Tue, Mar 9, 2021 at 12:00 PM Gabriel Sroka ***@***.***> wrote: > You said "it's not working". I would need more information in order to > help you. > > Are getting an error? If so, what is it? Is it doing anything? Are you > calling the New-Groups function? You've defined it, but I don't see > where you're calling it. Is there more code? > > — > You are receiving this because you were mentioned. > Reply to this email directly, view it on GitHub > <#17 (comment)>, > or unsubscribe > <https://github.com/notifications/unsubscribe-auth/ASX33LU23SY3NJQU2FX3PS3TCZAZLANCNFSM4XGWYWEA> > . >

from oktaapi.psm1.

gabrielsroka commented on September 16, 2024

It looks like Get-Error code no longer works. in Windows PowerShell 5, i get nothing. In PowerShell 6/7, I get an error.

I don't have time to fix this now.

I suggest you re-write the code. Here are two approaches:

if you get an error, just continue, or
search for the group. If it exists, skip it. If it doesn't exist, import it. this is slower than approach 1, but won't create errors

Unless you're finding other problems with my module, I'm going to close this issue. If you need additional help writing your code, I'm available at an hourly rate.

from oktaapi.psm1.

srirao28 commented on September 16, 2024

Good to know. Thank you for all the inputs and help ! I am also running version 7. Will spend time on internet to see if I can get this fixed. PS /home/powershell/Scripts> pwsh -v PowerShell 7.1.1

…

On Tue, Mar 9, 2021 at 6:08 PM Gabriel Sroka ***@***.***> wrote: Closed #17 <#17>. — You are receiving this because you were mentioned. Reply to this email directly, view it on GitHub <#17 (comment)>, or unsubscribe <https://github.com/notifications/unsubscribe-auth/ASX33LRJ3ONJQPBHICRY2Z3TC2L5BANCNFSM4XGWYWEA> .

from oktaapi.psm1.

srirao28 commented on September 16, 2024

Hello, I am newbie with programming / okta. Could you please help me with a few pointers on below. 1) what would be an ideal way to ACTIVATE users in bulk in okta. 2) Assign users to a group in bulk your inputs highly appreciated. Thanks! Sri

from oktaapi.psm1.

gabrielsroka commented on September 16, 2024

OktaAPI.psm1/Modules/OktaAPI.psm1

Lines 269 to 271 in 71f1dac

 function Enable-OktaUser($id, $sendEmail = $true) { 

 Invoke-Method POST "/api/v1/users/$id/lifecycle/activate?sendEmail=$sendEmail" 

 }

OktaAPI.psm1/Modules/OktaAPI.psm1

Lines 179 to 181 in 71f1dac

 function Add-OktaGroupMember($groupid, $userid) { 

 $null = Invoke-Method PUT "/api/v1/groups/$groupid/users/$userid" 

 }

There are no bulk operations in the API as far as I know. You can check the documentation. Otherwise you'll have to call these functions in a loop.

from oktaapi.psm1.

gabrielsroka commented on September 16, 2024

Bulk import into Okta about oktaapi.psm1 HOT 25 CLOSED

Comments (25)

Related Issues (18)

Recommend Projects

React

Vue.js

Typescript

TensorFlow

Django

Laravel

D3

Recommend Topics

javascript

web

server

Machine learning

Visualization

Game

Recommend Org

Facebook

Microsoft

Google

Alibaba

D3

Tencent

	function Enable-OktaUser($id, $sendEmail = $true) {
	Invoke-Method POST "/api/v1/users/$id/lifecycle/activate?sendEmail=$sendEmail"
	}

	function Add-OktaGroupMember($groupid, $userid) {
	$null = Invoke-Method PUT "/api/v1/groups/$groupid/users/$userid"
	}

	# Read users from CSV, create them in Okta, and add to a group. See also next function.
	function Import-Users() {
	<# Sample users.csv file with 5 fields. Make sure you include the header line as the first record.
	login,email,firstName,lastName,groupId
	[email protected],[email protected],Test,A1,00g5gtwaaeOe7smEF0h7
	[email protected],[email protected],Test,A2,00g5gtwaaeOe7smEF0h7
	#>
	$users = Import-Csv users.csv
	$importedUsers = @()
	foreach ($user in $users) {
	$profile = @{login = $user.login; email = $user.email; firstName = $user.firstName; lastName = $user.lastName}
	$message = ""
	try {
	$oktaUser = New-OktaUser @{profile = $profile} $false
	} catch {
	try {
	$oktaUser = Get-OktaUser $user.login
	} catch {
	$oktaUser = $null
	$message = "Invalid user."
	}
	}
	if ($oktaUser) {
	try {
	Add-OktaGroupMember $user.groupId $oktaUser.id
	} catch {
	$message = "Invalid group."
	}
	}
	$importedUsers += [PSCustomObject]@{id = $oktaUser.id; login = $user.login; message = $message}
	}
	$importedUsers \| Export-Csv importedUsers.csv -NoTypeInformation
	"$($users.count) users read."
	}