Create Okta Groups In Bulk

If you work with Okta frequently, then it will take no time before you run into a situation where you need to create quite a few groups and doing so manually is such a tedious, soul-wrenching task. This rather short post details how to automate this process to save some time every day.

Create An API Key

To automate this process, you need an API key so you can call Okta's API service. To create one, follow these steps:

Login into Okta as an administrator.
Navigate to the Admin section.
Navigate to Security → API

Click on Create Token and give your key a name.

Once you click the Create Token button, you will be shown your token. Make sure to copy it as you will only get to see it once.

That's it. You now have an API key and ready to move on to the next step.

Prepare Your Groups

Let's prepare the information required for group creation. Any Okta group has two important pieces of information, a name, and a description. We need to list this information for each group.

💡

You can store this information in a file then read it in your script, or just put it in the script body. I will do the latter, but please don't hesitate to experiment and change how you handle this in your own version.

groups = [
		{"name":"group_name", "description":"group_description"},
		{"name":"group_name", "description":"group_description"},
        {"name":"group_name", "description":"group_description"},
        {"name":"group_name", "description":"group_description"},
        {"name":"group_name", "description":"group_description"},
        {"name":"group_name", "description":"group_description"}
]

Automate Group Creation Using Python

Before you can run the script below, you need to install some dependencies, that can be achieved using the following command:

pip3 install Okta

So, what does the script do? It's simple:

Initialize an Okta client.
Loop through the array of groups.
For each group, create a group profile and use that to create a group model.
Create the group using the create_group function.
Repeat until no more groups are left.
Success.

import asyncio
from okta.client import Client as OktaClient


groups = []


# Create an Okta client
config = {
	'orgUrl': 'ADD YOUR OKTA URL HERE',
	'token': 'PASTE YOUR API TOKEN HERE'
}

# Initialize the Okta client
okta_client = OktaClient(config)

async def main():
	# Loop through the groups and create them using the API
	for group in groups:
		
		# Create Group Model
		group_profile = okta.models.GroupProfile({
			'name': group['name'],
			'description': group['description']
		})
		group_model = okta.models.Group({
			'profile': group_profile
		})
		
		# Create Group
		group, resp, err = await okta_client.create_group(group_model)
		print("Group created successfully")
	

loop = asyncio.get_event_loop()
loop.run_until_complete(main())

That's it. You automated a simple task and saved yourself a small mental breakdown when creating hundreds of Okta groups. The script is rather primitive, and I will make some improvements later on (error handling, logging, ...), but for now, it does the job.

Links

#Okta #IAM #Tools

Create Okta Groups In Bulk

Create An API Key

Prepare Your Groups

Automate Group Creation Using Python

Links

Avoid Unwanted Slack SSO Redirection Loop When Rolling Out Google & Third-Party IdP Integration

Stream Okta Logs To Your Log Collector

Add Okta Authentication to any Website using Nginx and OAuth Proxy