How to get role constrained resource from api

I see we can get the std and custom roles from the api. We can also get the bulk undocumented all admin roles api. /api/internal/administrators

But in each of those, if I am a group admin I might be admin of only certain groups. The api call just shows group admin and does not seem to show WHICH groups I’m admin of. Same with app admin

In the admin roles report sent by email it shows a column for contained resources.

Is there a way to get that via API? Even if there is a report api the fetches the same csv report by email, that would work. Any way to get that beyond email?

Thank you!

I guess you can try and check with this API Administrator Roles | Okta Developer Though it’s not a super convenient way, I understand.

Thanks. That kind of works. If the role was added by the group, then it still seems to not show the targets. If I assign to the user directly, it shows the targets. That’s great. But if you have the role because of a group, then it won’t show the targets. Very strange.

True, b/c admin roles are assigned to the group and not to the user directly. You’d need to iterate through all user groups to validate if any has admin role assignment