Last active
March 3, 2023 15:31
-
-
Save phi1ipp/f201b42d564174e63e1023f190550657 to your computer and use it in GitHub Desktop.
How to collect Okta group membership information from a browser to figure manually assigned users vs. assigned by a rule (make sure you are not using new Group UX feature enabled)
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
function loop(i) { | |
setTimeout(() => { | |
fetch('https://' + domain + '/admin/users/search?sEcho=1&iColumns=9&sColumns=user.id%2Cuser.fullName%2Cuser.lastName%2Cuser.email%2Cuser.login%2Cstatus.statusLabel%2Cstatus.loginStatus%2Cstatus.statusCode%2CmanagedBy.rules&iDisplayStart=' + i +'&iDisplayLength=100&sSearch=&bRegex=false&sSearch_0=&bRegex_0=false&bSearchable_0=true&sSearch_1=&bRegex_1=false&bSearchable_1=true&sSearch_2=&bRegex_2=false&bSearchable_2=true&sSearch_3=&bRegex_3=false&bSearchable_3=true&sSearch_4=&bRegex_4=false&bSearchable_4=true&sSearch_5=&bRegex_5=false&bSearchable_5=true&sSearch_6=&bRegex_6=false&bSearchable_6=true&sSearch_7=&bRegex_7=false&bSearchable_7=true&sSearch_8=&bRegex_8=false&bSearchable_8=true&iSortingCols=1&iSortCol_0=1&sSortDir_0=asc&bSortable_0=true&bSortable_1=true&bSortable_2=true&bSortable_3=true&bSortable_4=true&bSortable_5=false&bSortable_6=true&bSortable_7=true&bSortable_8=false&orderBy=lastName&sortDirection=asc&groupId=' + grpId) | |
.then(resp => resp.text()) | |
.then(data => { | |
var json = JSON.parse(data.substring(11)); // 11 is a number of first symbols to remove from the result, | |
// as it's always "while(1){};" | |
console.log(json.aaData); // just for visual progress tracking | |
aaData = aaData.concat(json.aaData); | |
if (i < upper) | |
loop(i + 100) | |
}) | |
}, 10000) | |
} | |
var domain = 'your_domain.okta.com'; | |
var grpId = 'target_group_guid' // group Okta GUID | |
var timeout = 10000; //timeout between calls to preserve rate limit | |
var upper = 2000; // as calls are for 100 users per call, upper limit is rounded to the lowest | |
// for 2054 it's 2000, for example | |
var i = 0; | |
var aaData = []; | |
loop(i) |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
After the script finished its work, the result will be in
aaData
and you can do whatever you need with it. Something likeaaData.filter(el => Object.keys(el[8]).length == 0).map(el => {console.log(el[0])})
will produce GUIDs of all manually assigned users