If you work with Okta frequently, then it will take no time before you run into a situation where you need to create quite a few groups and doing so manually is such a tedious, soul-wrenching task. This rather short post details how to automate this process to save some time every day.
Create An API Key
To automate this process, you need an API key so you can call Okta's API service. To create one, follow these steps:
- Login into Okta as an administrator.
- Navigate to the Admin section.
- Navigate to Security → API
- Click on Create Token and give your key a name.
- Once you click the Create Token button, you will be shown your token. Make sure to copy it as you will only get to see it once.
That's it. You now have an API key and ready to move on to the next step.
Prepare Your Groups
Let's prepare the information required for group creation. Any Okta group has two important pieces of information, a name, and a description. We need to list this information for each group.
groups = [
{"name":"group_name", "description":"group_description"},
{"name":"group_name", "description":"group_description"},
{"name":"group_name", "description":"group_description"},
{"name":"group_name", "description":"group_description"},
{"name":"group_name", "description":"group_description"},
{"name":"group_name", "description":"group_description"}
]
Automate Group Creation Using Python
Before you can run the script below, you need to install some dependencies, that can be achieved using the following command:
pip3 install Okta
So, what does the script do? It's simple:
- Initialize an Okta client.
- Loop through the array of groups.
- For each group, create a group profile and use that to create a group model.
- Create the group using the create_group function.
- Repeat until no more groups are left.
- Success.
import asyncio
from okta.client import Client as OktaClient
groups = []
# Create an Okta client
config = {
'orgUrl': 'ADD YOUR OKTA URL HERE',
'token': 'PASTE YOUR API TOKEN HERE'
}
# Initialize the Okta client
okta_client = OktaClient(config)
async def main():
# Loop through the groups and create them using the API
for group in groups:
# Create Group Model
group_profile = okta.models.GroupProfile({
'name': group['name'],
'description': group['description']
})
group_model = okta.models.Group({
'profile': group_profile
})
# Create Group
group, resp, err = await okta_client.create_group(group_model)
print("Group created successfully")
loop = asyncio.get_event_loop()
loop.run_until_complete(main())
That's it. You automated a simple task and saved yourself a small mental breakdown when creating hundreds of Okta groups. The script is rather primitive, and I will make some improvements later on (error handling, logging, ...), but for now, it does the job.
Links
- https://developer.okta.com/docs/reference/
- https://developer.okta.com/docs/reference/core-okta-api/
- https://developer.okta.com/
- https://github.com/okta/okta-sdk-python