“{{url}}/api/v1/users/{{userId}}/factors” in the OKTA Factors API gets me all the factors for an individual user.
“{{url}}/api/v1/users?limit=25” in the OKTA Users API gets me all the users in my OKTA domain.
Is there some way to combine these two API calls, such that I can get a JSON of all the users and all their enrolled factors at once?
Use a pagination loop, i.e. for powershell:
$uri = “https://{{url}}/api/v1/users”
DO
{
$webrequest = Invoke-WebRequest -TimeoutSec 300 -Headers @{“Authorization” = $apiKey} -Method Get -Uri $uri
$link = $webrequest.Headers.Link.Split("<").Split(">")
$uri = $link[3]
$json = $webrequest | ConvertFrom-Json
$allusers += $json
} while ($webrequest.Headers.Link.EndsWith(‘rel=“next”’))
https://developer.okta.com/docs/api/getting_started/design_principles/#pagination explains how pagination works.
I have sample PowerShell code (search for Get-MfaUsers in this file):
Should this module still work? I’m not a developer and have followed instructions but I think something is missing as I’m getting a 401 Unauthorised error running your script. I’m running the connect command manually as I don’t know where I should be putting the OktaAPISettings.ps1 file
Yes, did you check the readme?
Yes I did. Ive installed the 2 modules, connected to oktaapi (although an example of the exact syntax for the connect-okta command would be great) with the information provided a few different ways. Still get 401 error.
Invoke-RestMethod : The remote server returned an error: (401) Unauthorized.
At C:\Program Files\WindowsPowerShell\Modules\OktaAPI\1.0.19\OktaAPI.psm1:283 char:5
Invoke-RestMethod $url -Method $method -Headers $headers -Body $j ...
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~