Last active
April 10, 2021 07:12
-
-
Save obsti8383/8433967a0faeeca41dc214a3baad8ed0 to your computer and use it in GitHub Desktop.
Okta Mini Helper Script to iterate all users and find out which have the same attribute content (here employeeNumber) and list them. Can be used to find out if there are double entries for attributes that should be unique (but not configured as such in Okta)
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Okta: Check Uniqeness of employeeNumber | |
| #Requires -Version 7.0 | |
| $ErrorActionPreference = "Stop" | |
| ########## helper functions ###### | |
| function iterateUsers($users){ | |
| $employeeNumberMap = @{} | |
| foreach($user in $users){ | |
| $userId = $user.id # example: 00u4rruv8mIU5CvRz4234 | |
| if(!$userId){ | |
| # something is wrong. exit. | |
| Write-Host "No field 'id' found - exiting." | |
| exit | |
| } | |
| $userLogin = $user.profile.login | |
| $employeeNumber = $user.profile.employeeNumber | |
| if(!$employeeNumber){ | |
| $employeeNumber = "empty" | |
| } | |
| if(!$employeeNumberMap.$employeeNumber){ | |
| # not found yet | |
| $employeeNumberMap.$employeeNumber = @($userLogin) | |
| } else { | |
| $employeeNumberMap.$employeeNumber += @($userLogin) | |
| } | |
| } | |
| foreach($emp in $employeeNumberMap.Keys){ | |
| if(($employeeNumberMap[$emp]).Count -gt 1){ | |
| $emp + " ("+ ($employeeNumberMap[$emp]).Count+"): "+$employeeNumberMap[$emp] | |
| } | |
| } | |
| } | |
| # get parameters | |
| $oktaTenant = read-host -Prompt "Please enter okta tenant URI" | |
| $apitoken = read-host "Please enter API Authorization Token" | |
| #$apitoken = read-host -AsSecureString "Please enter API Authorization Token" | |
| #$BSTR = [System.Runtime.InteropServices.Marshal]::SecureStringToBSTR($apitoken) | |
| #$apitoken = [System.Runtime.InteropServices.Marshal]::PtrToStringAuto($BSTR) | |
| # prepare http headers | |
| $headers = New-Object "System.Collections.Generic.Dictionary[[String],[String]]" | |
| $headers.Add("Authorization", "SSWS $apitoken") | |
| $headers.Add("Content-Type", "application/json") | |
| $url="https://$oktaTenant/api/v1/users" | |
| $users = (Invoke-RestMethod $url -FollowRelLink -Headers $headers | ForEach-Object { $_ }) | |
| "Nr. of results: "+$users.Count | |
| $urlDeprov = "https://$oktaTenant/api/v1/users?search="+'status eq "DEPROVISIONED"' | |
| $urlDeprov | |
| $usersDeprov = (Invoke-RestMethod $urlDeprov -FollowRelLink -Headers $headers | ForEach-Object { $_ }) | |
| "Nr. of deprovisioned users: "+$usersDeprov.Count | |
| $allusers = $users + $usersDeprov | |
| "Nr. of all users: "+$allusers.Count | |
| iterateUsers($allusers) |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment