Thanks for taking a minute to look at this.
Scenario: Move users from a series of groups based on a filter to another series of groups based on a separate filter.
I created some code that grabs all the groups based on the filter and can get all of the users but am having a hard time translating that into the individual pieces. For each group I want just that groups members and then add them to a group with the same name but of a different type (one is OKTA_GROUP and the other is APP_GROUP).
Here is what I have so far.
function get-oktaInvokeGroupMembers () {
$groups = Invoke-Method GET "/api/v1/groups?filter=type+eq+%22APP_GROUP%22&q=p.tableau"
Write-Output $groups
foreach ($group in $groups) {
$members = Get-OktaGroupMember $group.id
Write-Output $members
}
}
This is helpful as step 3 was missing from my logic. My concern here is that it would just take all of the users from step 2 and put them in each of the groups from step 4.I can run it and see what happens.
Hmm, I forgot that you wanted to move users FROM group to group. In that case you would also want to incorporate a call to remove users from the Okta group in step 4 as well. So:
DELETE /api/v1/groups/{{groupId from step 1}}/users/{{userId}}
Actually, I want them to stay in both groups. It’s part of a migration where I need to test the future state before deleting the old groups. This is me learning and building a functional library of tasks to better automate our environment overall as well.
Were you able to successfully copy over those APP_GROUPS as an OKTA_GROUP?
I am also doing the similar things as we have tons of Namely group that I want to copy over as Okta group with the existing memberships.
There are some API constraints that prevent it from being done with scripting. I forget exactly but it has to do with how variables get passed to the API and the API not being able to use variables are various stages that are needed to make this work. I ended up using workflows to solve the problem. It’s a bit of a beast but it works, though it took me about a week to build this thing. You can copy these item by item and learn and test as you go but child flows take some getting used to. Good luck.