I would like to export a list of users contained in one of our AD synced Okta group. There are some missing members in the Okta group compared with our AD source group and I would like to compare to see which members are missing and figure out why.
So, I've also had this need and found a workaround, it's a bit of a hack but it works. (no API needed)
- If you don't already have the 'App Access Audit' report available, call Okta and have it turned on for your Org. I'm not sure if it's EA or GA - Create a new hidden SAML app via the wizard (use http://okta.com or something trivial for the 'Single Sign On URL') -make sure it's hidden! - Go to the App -> Sign On -> Edit -> Username -> Change the username to 'email' - Assign the app to the 'Everyone' group or to the group you want to download (I assign it to myself and double-check that it's hidden AND the email is the username) .. this may take a few minutes to complete assignment, so I'd give it 2-5mins before running next step - Go to Reports -> Application Access Audit -> Current Assignments -> Find the app -> Run Report. - Download CSV - The email shows up as 'Application Login' All done, have a cookie