So if ‘there are groups set up that turn certain features on or off’ then it sound like you know the groups in question…
So why can’t you dump a user’s group membership: Get User’s Groups and just check if the returned object contains the group(s) in question?
So I posted my generic powershell script here: Powershell function for Okta API
Using that script I would do this:
$userGroups = getHTML -uri “https://yourOktaDomain/api/v1/users/USER_ID_HERE/groups”
$groupsToFind = @{“group1”,“group2”,“group3”}
foreach ($group in $userGroups ) {
# do your check for matching group here:
foreach ($groupToFind in $groupsToFind ) {
if($group.profile.name -like “$($groupToFind )”) {
# we found a match…do something
}
}
}
That’s how I would do it?