darrenjrobinson/SailPoint IdentityNow Security Configuration Report.ps1

## SailPoint IdentityNow Security Configuration Report.ps1
import-module SailPointIdentityNow

Get-IdentityNowOrg
Set-IdentityNowOrg -orgName 'yourOrgName'

# Document IdentityNow Security Configuration
$orgName = (Get-IdentityNowOrg).'Organisation Name'

# Output Path and Image
$reportImagePath = "C:\Reports\SailPoint IdentityNow 240px.png"
$ReportOutputPath = "C:\Reports\IdentityNowConfigReports"

$utime = [int][double]::Parse((Get-Date -UFormat %s))

# IWA
$IWAConfig = Invoke-IdentityNowRequest -uri "https://$($orgName).api.identitynow.com/cc/api/org/getSSOSettings?_dc=$($utime)&config=kerberos" -method Get -headers Headersv3

# Service Provider
$ssoSP = Invoke-IdentityNowRequest -uri "https://$($orgName).api.identitynow.com/cc/api/org/getSSOSettings?_dc=$($utime)&config=saml2-hosted-sp" -method get -headers Headersv3
$ssoIDP = Invoke-IdentityNowRequest -uri "https://$($orgName).api.identitynow.com/cc/api/org/getSSOSettings?_dc=$($utime)&config=saml2-remote-idp" -method get -headers Headersv3

# oAuth API Clients
$oAuthClients = Get-IdentityNowOAuthAPIClient

# v2 Clients
$apiClients = Get-IdentityNowAPIClient

# Global Security Config Settings
$globalSecurityConfig = Invoke-IdentityNowRequest -uri "https://$($orgName).api.identitynow.com/cc/api/org/get?_dc=$($utime)" -method get -headers Headersv3_JSON

try {
    $ImageData = [Convert]::ToBase64String((Get-Content $reportImagePath -Encoding Byte))
    $ImageFile = Get-Item $reportImagePath
    $ImageType = $ImageFile.Extension.Substring(1) #strip off the leading .
    $ImageTag = "<Img src='data:image/$ImageType;base64,$($ImageData)' Alt='$($ImageFile.Name)' width='240' height='82' hspace=10>"
}
catch {
    Write-Error "Report Image Path/Filename not found"
    break
}

$reportDate = get-date -format "dd-MMM-yyyy HH-mm"
# Create Folder for Output in Path provided above with Report Date
$dir = "$($ReportOutputPath)\$($reportDate)"
if (!(Test-Path -Path $dir )) {
    New-Item -ItemType directory -Path $dir
}

# Build up the HTML Report
$htmlFragments = @()
# Headings and Title
$top = @"
    <center>
        <h1>SailPoint IdentityNow Security Settings Configuration Report</h1>
        <h2>Organisation - `'$($orgName.ToUpper())`'</h2>
        <b><center>$ImageTag</center></b>
    </center>
"@
$htmlFragments += $top

$h2Text = "IdentityNow Security Settings Configuration"
$div = $h2Text.Replace(" ", "_")
$htmlFragments += "<center><a href='javascript:toggleDiv(""$div"");' title='click to collapse or expand this section'><h2>$h2Text</h2></a><div id=""$div""><a href='javascript:toggleAll();' title='  Click to toggle all sections'>+ / -</a></center>"

if ($globalSecurityConfig) {
    # Global Security Settings
    Write-host -ForegroundColor Blue "     Global Security Configuration"
    # Output template to File
    $globalSecurityConfig | Export-Clixml -Path "$($dir)\$($orgName)-Global-SecurityConfig-Details-$($reportDate).xml"

    $H3Text = "Global Security Settings Details"
    $div = $H3Text.Replace(" ", "_")
    $htmlFragments += "<a href='javascript:toggleDiv(""$div"");' title='click to collapse or expand this section'><center><h4>$H3Text</h4></center></a><div id=""$div"" style=""display: none;"">"
    $htmlFragments += "<center>"

    $attrObjects = $globalSecurityConfig | Get-Member | Where-Object { $_.Definition.contains("Object[]") } | Select-Object
    foreach ($attrObj in $attrObjects) {
        $attrName = $attrObj.name
        $globalSecurityConfig.$attrName = $globalSecurityConfig.$attrName | convertto-json
    }

    $htmlFragments += $globalSecurityConfig | ConvertTo-Html -As LIST
    $htmlFragments += "</center>"
    $htmlFragments += "</div>"
}

if ($IWAConfig) {
    # IWA Config
    Write-host -ForegroundColor Blue "     IWA Configuration"
    # Output template to File
    $IWAConfig | Export-Clixml -Path "$($dir)\$($orgName)-IWA-Details-$($reportDate).xml"

    $H3Text = "IWA Configuration Details"
    $div = $H3Text.Replace(" ", "_")
    $htmlFragments += "<a href='javascript:toggleDiv(""$div"");' title='click to collapse or expand this section'><center><h4>$H3Text</h4></center></a><div id=""$div"" style=""display: none;"">"
    $htmlFragments += "<center>"

    $attrObjects = $IWAConfig | Get-Member | Where-Object { $_.Definition.contains("Object[]") } | Select-Object
    foreach ($attrObj in $attrObjects) {
        $attrName = $attrObj.name
        #$eTemplate.$attrName = $eTemplate.$attrName -join ','
        $IWAConfig.$attrName = $IWAConfig.$attrName | convertto-json
    }

    $htmlFragments += $IWAConfig | ConvertTo-Html -As LIST
    $htmlFragments += "</center>"
    $htmlFragments += "</div>"
}

if ($ssoSP) {
    # SSO SP Config
    Write-host -ForegroundColor Blue "     SSO SP Configuration"
    # Output template to File
    $ssoSP | Export-Clixml -Path "$($dir)\$($orgName)-SSO-SP-Details-$($reportDate).xml"

    # Template Details
    $H3Text = "SSO SP Configuration Details"
    $div = $H3Text.Replace(" ", "_")
    $htmlFragments += "<a href='javascript:toggleDiv(""$div"");' title='click to collapse or expand this section'><center><h4>$H3Text</h4></center></a><div id=""$div"" style=""display: none;"">"
    $htmlFragments += "<center>"

    $attrObjects = $ssoSP | Get-Member | Where-Object { $_.Definition.contains("Object[]") } | Select-Object
    foreach ($attrObj in $attrObjects) {
        $attrName = $attrObj.name
        #$eTemplate.$attrName = $eTemplate.$attrName -join ','
        $ssoSP.$attrName = $ssoSP.$attrName | convertto-json
    }

    $htmlFragments += $ssoSP | ConvertTo-Html -As LIST
    $htmlFragments += "</center>"
    $htmlFragments += "</div>"
}

if ($ssoIDP) {
    # SSO IDP Config
    Write-host -ForegroundColor Blue "     SSO IDP Configuration"
    # Output template to File
    $ssoIDP | Export-Clixml -Path "$($dir)\$($orgName)-SSO-IDP-Details-$($reportDate).xml"

    # Template Details
    $H3Text = "SSO IDP Configuration Details"
    $div = $H3Text.Replace(" ", "_")
    $htmlFragments += "<a href='javascript:toggleDiv(""$div"");' title='click to collapse or expand this section'><center><h4>$H3Text</h4></center></a><div id=""$div"" style=""display: none;"">"
    $htmlFragments += "<center>"

    $attrObjects = $ssoIDP | Get-Member | Where-Object { $_.Definition.contains("Object[]") } | Select-Object
    foreach ($attrObj in $attrObjects) {
        $attrName = $attrObj.name
        #$eTemplate.$attrName = $eTemplate.$attrName -join ','
        $ssoIDP.$attrName = $ssoIDP.$attrName | convertto-json
    }

    $htmlFragments += $ssoIDP | ConvertTo-Html -As LIST
    $htmlFragments += "</center>"
    $htmlFragments += "</div>"
}

if ($oAuthClients) {
    # oAuth Clients
    Write-host -ForegroundColor Blue "     oAuth Clients Configuration"
    # Output template to File
    $oAuthClients | Export-Clixml -Path "$($dir)\$($orgName)-oAuth-Clients-Details-$($reportDate).xml"

    foreach ($oAuthClient in $oAuthClients) {
        $H3Text = "oAuth $($oAuthClient.name) Details"
        $div = $H3Text.Replace(" ", "_")
        $htmlFragments += "<a href='javascript:toggleDiv(""$div"");' title='click to collapse or expand this section'><center><h4>$H3Text</h4></center></a><div id=""$div"" style=""display: none;"">"
        $htmlFragments += "<center>"

        $attrObjects = $oAuthClient | Get-Member | Where-Object { $_.Definition.contains("Object[]") } | Select-Object
        foreach ($attrObj in $attrObjects) {
            $attrName = $attrObj.name
            #$eTemplate.$attrName = $eTemplate.$attrName -join ','
            $oAuthClient.$attrName = $oAuthClient.$attrName | convertto-json
        }

        $htmlFragments += $oAuthClient | ConvertTo-Html -As LIST
        $htmlFragments += "</center>"
        $htmlFragments += "</div>"
    }
}

if ($apiClients) {
    # API Clients
    Write-host -ForegroundColor Blue "     API Clients Configuration"
    # Output template to File
    $apiClients | Export-Clixml -Path "$($dir)\$($orgName)-API-Clients-Details-$($reportDate).xml"
    $i = 0
    foreach ($apiClient in $apiClients) {
        if ($apiClient.description) {
            $H3Text = "API $($apiClient.description) Details"
        } else {
            $i++
            $H3Text = "API $($i) Details"
        }
        $div = $H3Text.Replace(" ", "_")
        $htmlFragments += "<a href='javascript:toggleDiv(""$div"");' title='click to collapse or expand this section'><center><h4>$H3Text</h4></center></a><div id=""$div"" style=""display: none;"">"
        $htmlFragments += "<center>"

        $attrObjects = $apiClient | Get-Member | Where-Object { $_.Definition.contains("Object[]") } | Select-Object
        foreach ($attrObj in $attrObjects) {
            $attrName = $attrObj.name
            #$eTemplate.$attrName = $eTemplate.$attrName -join ','
            $apiClient.$attrName = $apiClient.$attrName | convertto-json
        }

        $htmlFragments += $apiClient | ConvertTo-Html -As LIST
        $htmlFragments += "</center>"
        $htmlFragments += "</div>"
    }
}

# Footer
$htmlFragments += "<center><p class='footer'>Report Generated $($reportDate)</p></center>"

# Header
$head = @"
<Title>SailPoint IdentityNow Security Settings Report - $($orgName.ToUpper())</Title>
<style>
body {background-color:#ffffff; font:70%/1.5em Lato,sans-serif; padding:10px }
td,th {padding-left:8px}
th {color:black; background-color:cornflowerblue;}
table {border-spacing:1px; border-collapse:collapse; background:#F7F6F6; border-radius:6px; overflow:hidden; max-width:480px; width:70%; margin:0 auto; position:relative;}
table, tr, td, th {padding: 10px; margin: 0px ;white-space:pre; word-break:break-all; width:70%;}
tr:nth-child(even) {background-color:#dae5f4;}
tr:nth-child(odd) {background:#b8d1f3;}
thead tr {height:60px;background:#367AB1;color:#F5F6FA;font-size:1.2em;font-weight:700;text-transform:uppercase}
tbody tr {height:35px;border-bottom:1px solid #367AB1; word-break:break-all; text-transform:capitalize; font-size:1em;}
h1 {font-family:Tahoma;color:#A9A9A9;}
h2 {font-family:Tahoma;color:#6D7B8D;}
h3 {font-family:Tahoma;color:#6D7B8D;}
.alert {color: red;}
.footer {color:green; margin-left:10px; font-family:Tahoma; font-size:8pt; font-style:italic;}
.transparent {background-color:#ffffff;}
</style>
<script type='text/javascript' src='https://ajax.googleapis.com/ajax/libs/jquery/1.4.4/jquery.min.js'>
</script>
<script type='text/javascript'>
function toggleDiv(divId) {
   `$("#"+divId).toggle();
}
function toggleAll() {
    var divs = document.getElementsByTagName('div');
    for (var i = 0; i < divs.length; i++) {
        var div = divs[i];
        `$("#"+div.id).toggle();
    }
}
</script>
"@

# Output the Report
$convertParams = @{
    head = $head
    body = $htmlFragments
}

convertto-html @convertParams | out-file -FilePath "$($dir)\$($orgName)-SecurityConfigReport-$($reportDate).html"
	import-module SailPointIdentityNow

	Get-IdentityNowOrg
	Set-IdentityNowOrg -orgName 'yourOrgName'

	# Document IdentityNow Security Configuration
	$orgName = (Get-IdentityNowOrg).'Organisation Name'

	# Output Path and Image
	$reportImagePath = "C:\Reports\SailPoint IdentityNow 240px.png"
	$ReportOutputPath = "C:\Reports\IdentityNowConfigReports"

	$utime = [int][double]::Parse((Get-Date -UFormat %s))

	# IWA
	$IWAConfig = Invoke-IdentityNowRequest -uri "https://$($orgName).api.identitynow.com/cc/api/org/getSSOSettings?_dc=$($utime)&config=kerberos" -method Get -headers Headersv3

	# Service Provider
	$ssoSP = Invoke-IdentityNowRequest -uri "https://$($orgName).api.identitynow.com/cc/api/org/getSSOSettings?_dc=$($utime)&config=saml2-hosted-sp" -method get -headers Headersv3
	$ssoIDP = Invoke-IdentityNowRequest -uri "https://$($orgName).api.identitynow.com/cc/api/org/getSSOSettings?_dc=$($utime)&config=saml2-remote-idp" -method get -headers Headersv3

	# oAuth API Clients
	$oAuthClients = Get-IdentityNowOAuthAPIClient

	# v2 Clients
	$apiClients = Get-IdentityNowAPIClient

	# Global Security Config Settings
	$globalSecurityConfig = Invoke-IdentityNowRequest -uri "https://$($orgName).api.identitynow.com/cc/api/org/get?_dc=$($utime)" -method get -headers Headersv3_JSON

	try {
	$ImageData = [Convert]::ToBase64String((Get-Content $reportImagePath -Encoding Byte))
	$ImageFile = Get-Item $reportImagePath
	$ImageType = $ImageFile.Extension.Substring(1) #strip off the leading .
	$ImageTag = "<Img src='data:image/$ImageType;base64,$($ImageData)' Alt='$($ImageFile.Name)' width='240' height='82' hspace=10>"
	}
	catch {
	Write-Error "Report Image Path/Filename not found"
	break
	}

	$reportDate = get-date -format "dd-MMM-yyyy HH-mm"
	# Create Folder for Output in Path provided above with Report Date
	$dir = "$($ReportOutputPath)\$($reportDate)"
	if (!(Test-Path -Path $dir )) {
	New-Item -ItemType directory -Path $dir
	}

	# Build up the HTML Report
	$htmlFragments = @()
	# Headings and Title
	$top = @"
	<center>
	<h1>SailPoint IdentityNow Security Settings Configuration Report</h1>
	<h2>Organisation - `'$($orgName.ToUpper())`'</h2>
	<b><center>$ImageTag</center></b>
	</center>
	"@
	$htmlFragments += $top

	$h2Text = "IdentityNow Security Settings Configuration"
	$div = $h2Text.Replace(" ", "_")
	$htmlFragments += "<center><a href='javascript:toggleDiv(""$div"");' title='click to collapse or expand this section'><h2>$h2Text</h2></a><div id=""$div""><a href='javascript:toggleAll();' title=' Click to toggle all sections'>+ / -</a></center>"

	if ($globalSecurityConfig) {
	# Global Security Settings
	Write-host -ForegroundColor Blue " Global Security Configuration"
	# Output template to File
	$globalSecurityConfig \| Export-Clixml -Path "$($dir)\$($orgName)-Global-SecurityConfig-Details-$($reportDate).xml"

	$H3Text = "Global Security Settings Details"
	$div = $H3Text.Replace(" ", "_")
	$htmlFragments += "<a href='javascript:toggleDiv(""$div"");' title='click to collapse or expand this section'><center><h4>$H3Text</h4></center></a><div id=""$div"" style=""display: none;"">"
	$htmlFragments += "<center>"

	$attrObjects = $globalSecurityConfig \| Get-Member \| Where-Object { $_.Definition.contains("Object[]") } \| Select-Object
	foreach ($attrObj in $attrObjects) {
	$attrName = $attrObj.name
	$globalSecurityConfig.$attrName = $globalSecurityConfig.$attrName \| convertto-json
	}

	$htmlFragments += $globalSecurityConfig \| ConvertTo-Html -As LIST
	$htmlFragments += "</center>"
	$htmlFragments += "</div>"
	}

	if ($IWAConfig) {
	# IWA Config
	Write-host -ForegroundColor Blue " IWA Configuration"
	# Output template to File
	$IWAConfig \| Export-Clixml -Path "$($dir)\$($orgName)-IWA-Details-$($reportDate).xml"

	$H3Text = "IWA Configuration Details"
	$div = $H3Text.Replace(" ", "_")
	$htmlFragments += "<a href='javascript:toggleDiv(""$div"");' title='click to collapse or expand this section'><center><h4>$H3Text</h4></center></a><div id=""$div"" style=""display: none;"">"
	$htmlFragments += "<center>"

	$attrObjects = $IWAConfig \| Get-Member \| Where-Object { $_.Definition.contains("Object[]") } \| Select-Object
	foreach ($attrObj in $attrObjects) {
	$attrName = $attrObj.name
	#$eTemplate.$attrName = $eTemplate.$attrName -join ','
	$IWAConfig.$attrName = $IWAConfig.$attrName \| convertto-json
	}

	$htmlFragments += $IWAConfig \| ConvertTo-Html -As LIST
	$htmlFragments += "</center>"
	$htmlFragments += "</div>"
	}

	if ($ssoSP) {
	# SSO SP Config
	Write-host -ForegroundColor Blue " SSO SP Configuration"
	# Output template to File
	$ssoSP \| Export-Clixml -Path "$($dir)\$($orgName)-SSO-SP-Details-$($reportDate).xml"

	# Template Details
	$H3Text = "SSO SP Configuration Details"
	$div = $H3Text.Replace(" ", "_")
	$htmlFragments += "<a href='javascript:toggleDiv(""$div"");' title='click to collapse or expand this section'><center><h4>$H3Text</h4></center></a><div id=""$div"" style=""display: none;"">"
	$htmlFragments += "<center>"

	$attrObjects = $ssoSP \| Get-Member \| Where-Object { $_.Definition.contains("Object[]") } \| Select-Object
	foreach ($attrObj in $attrObjects) {
	$attrName = $attrObj.name
	#$eTemplate.$attrName = $eTemplate.$attrName -join ','
	$ssoSP.$attrName = $ssoSP.$attrName \| convertto-json
	}

	$htmlFragments += $ssoSP \| ConvertTo-Html -As LIST
	$htmlFragments += "</center>"
	$htmlFragments += "</div>"
	}

	if ($ssoIDP) {
	# SSO IDP Config
	Write-host -ForegroundColor Blue " SSO IDP Configuration"
	# Output template to File
	$ssoIDP \| Export-Clixml -Path "$($dir)\$($orgName)-SSO-IDP-Details-$($reportDate).xml"

	# Template Details
	$H3Text = "SSO IDP Configuration Details"
	$div = $H3Text.Replace(" ", "_")
	$htmlFragments += "<a href='javascript:toggleDiv(""$div"");' title='click to collapse or expand this section'><center><h4>$H3Text</h4></center></a><div id=""$div"" style=""display: none;"">"
	$htmlFragments += "<center>"

	$attrObjects = $ssoIDP \| Get-Member \| Where-Object { $_.Definition.contains("Object[]") } \| Select-Object
	foreach ($attrObj in $attrObjects) {
	$attrName = $attrObj.name
	#$eTemplate.$attrName = $eTemplate.$attrName -join ','
	$ssoIDP.$attrName = $ssoIDP.$attrName \| convertto-json
	}

	$htmlFragments += $ssoIDP \| ConvertTo-Html -As LIST
	$htmlFragments += "</center>"
	$htmlFragments += "</div>"
	}

	if ($oAuthClients) {
	# oAuth Clients
	Write-host -ForegroundColor Blue " oAuth Clients Configuration"
	# Output template to File
	$oAuthClients \| Export-Clixml -Path "$($dir)\$($orgName)-oAuth-Clients-Details-$($reportDate).xml"

	foreach ($oAuthClient in $oAuthClients) {
	$H3Text = "oAuth $($oAuthClient.name) Details"
	$div = $H3Text.Replace(" ", "_")
	$htmlFragments += "<a href='javascript:toggleDiv(""$div"");' title='click to collapse or expand this section'><center><h4>$H3Text</h4></center></a><div id=""$div"" style=""display: none;"">"
	$htmlFragments += "<center>"

	$attrObjects = $oAuthClient \| Get-Member \| Where-Object { $_.Definition.contains("Object[]") } \| Select-Object
	foreach ($attrObj in $attrObjects) {
	$attrName = $attrObj.name
	#$eTemplate.$attrName = $eTemplate.$attrName -join ','
	$oAuthClient.$attrName = $oAuthClient.$attrName \| convertto-json
	}

	$htmlFragments += $oAuthClient \| ConvertTo-Html -As LIST
	$htmlFragments += "</center>"
	$htmlFragments += "</div>"
	}
	}

	if ($apiClients) {
	# API Clients
	Write-host -ForegroundColor Blue " API Clients Configuration"
	# Output template to File
	$apiClients \| Export-Clixml -Path "$($dir)\$($orgName)-API-Clients-Details-$($reportDate).xml"
	$i = 0
	foreach ($apiClient in $apiClients) {
	if ($apiClient.description) {
	$H3Text = "API $($apiClient.description) Details"
	} else {
	$i++
	$H3Text = "API $($i) Details"
	}
	$div = $H3Text.Replace(" ", "_")
	$htmlFragments += "<a href='javascript:toggleDiv(""$div"");' title='click to collapse or expand this section'><center><h4>$H3Text</h4></center></a><div id=""$div"" style=""display: none;"">"
	$htmlFragments += "<center>"

	$attrObjects = $apiClient \| Get-Member \| Where-Object { $_.Definition.contains("Object[]") } \| Select-Object
	foreach ($attrObj in $attrObjects) {
	$attrName = $attrObj.name
	#$eTemplate.$attrName = $eTemplate.$attrName -join ','
	$apiClient.$attrName = $apiClient.$attrName \| convertto-json
	}

	$htmlFragments += $apiClient \| ConvertTo-Html -As LIST
	$htmlFragments += "</center>"
	$htmlFragments += "</div>"
	}
	}

	# Footer
	$htmlFragments += "<center><p class='footer'>Report Generated $($reportDate)</p></center>"

	# Header
	$head = @"
	<Title>SailPoint IdentityNow Security Settings Report - $($orgName.ToUpper())</Title>
	<style>
	body {background-color:#ffffff; font:70%/1.5em Lato,sans-serif; padding:10px }
	td,th {padding-left:8px}
	th {color:black; background-color:cornflowerblue;}
	table {border-spacing:1px; border-collapse:collapse; background:#F7F6F6; border-radius:6px; overflow:hidden; max-width:480px; width:70%; margin:0 auto; position:relative;}
	table, tr, td, th {padding: 10px; margin: 0px ;white-space:pre; word-break:break-all; width:70%;}
	tr:nth-child(even) {background-color:#dae5f4;}
	tr:nth-child(odd) {background:#b8d1f3;}
	thead tr {height:60px;background:#367AB1;color:#F5F6FA;font-size:1.2em;font-weight:700;text-transform:uppercase}
	tbody tr {height:35px;border-bottom:1px solid #367AB1; word-break:break-all; text-transform:capitalize; font-size:1em;}
	h1 {font-family:Tahoma;color:#A9A9A9;}
	h2 {font-family:Tahoma;color:#6D7B8D;}
	h3 {font-family:Tahoma;color:#6D7B8D;}
	.alert {color: red;}
	.footer {color:green; margin-left:10px; font-family:Tahoma; font-size:8pt; font-style:italic;}
	.transparent {background-color:#ffffff;}
	</style>
	<script type='text/javascript' src='https://ajax.googleapis.com/ajax/libs/jquery/1.4.4/jquery.min.js'>
	</script>
	<script type='text/javascript'>
	function toggleDiv(divId) {
	`$("#"+divId).toggle();
	}
	function toggleAll() {
	var divs = document.getElementsByTagName('div');
	for (var i = 0; i < divs.length; i++) {
	var div = divs[i];
	`$("#"+div.id).toggle();
	}
	}
	</script>
	"@

	# Output the Report
	$convertParams = @{
	head = $head
	body = $htmlFragments
	}

	convertto-html @convertParams \| out-file -FilePath "$($dir)\$($orgName)-SecurityConfigReport-$($reportDate).html"