If a large number of Group Rules need to be deactivated or activated in Okta, the best approach is to use the Okta Groups API and a tool such as Postman Runner.

NOTE: Postman and Rockstar are third-party tools. Okta is not responsible for any changes to the application, and Okta Technical Support cannot troubleshoot direct issues with these applications.

• Postman
• Postman Runner
• Okta API
• Okta Groups API

Prerequisites: 

• Postman is configured for the Okta org environment as described in How to Integrate Postman with Okta.
• An Okta Org.
• Okta API collections imported into Postman.
• A CSV file with the Group Rule IDs of the Group Rules that should be modified.

NOTE: Okta Technical Support strongly recommends testing Postman Runner with a small batch of Group Rule IDs before running the call for all Group Rule IDs.
 

Set up the environment: 

1. Set up the Postman app as described in the How to Integrate Postman with Okta article.

2. Prepare the data for the CSV by obtaining a list of Group Rule IDs. A list of Group Rule IDs can be obtained either by using the Rockstar Plugin or by leveraging the List Group Rules API call and converting the result into a CSV file.

3. Prepare the CSV with the ID header containing only the Group Rule ID.

4. Change the Activate Rule call to include the appropriate OAuth Authorization, and click Save. If additional instructions are needed on configuring the OAuth for Postman, please follow How to Integrate Postman with Okta.

5. Check the variable names of the API calls being made to match the headers of the table in the created CSV file.

Set up the runner:

1. On the bottom right of the Postman app page, click on Runner.

2. Drag the required collection that contains the call that will be used to the middle of the workspace.

3. Select the calls that need to be run and the CSV created earlier, ensuring the Deactivate Rule call is above the Activate Rule call. Also, provide a value for the Iterations field. This field represents how often Postman Runner will execute the specified API calls.
   
   NOTE: Test by calling Postman Runner against a small number of Group Rule IDs before increasing the iteration count to represent all of the Group Rule IDs in the CSV file.

4. Click on Run Collection_Name.

5. Postman Runner will start processing the CSV and return the results of each call. An HTTP 200 return means that the API call was successful.

Common Issues

• If a 400 Bad Request error is returned as a response on each iteration, check if the endpoint supports the method (GET, PUT, PATCH, POST) that is used on the call. This can be done by verifying the actual API call that is done on Postman Runner and changing the status by referencing API reference for public endpoints.

• If a 404 Not Found error is returned as a response on each iteration, check the CSV file. Ensure that the Headers of the CSV match the variables defined on the API call as per the CSV formatting guide found on the Using CSV and JSON Data Files in the Postman Collection Runner article.

Related References

• Postman
• Test the Okta REST APIs using Postman
• Using CSV and JSON Data Files in the Postman Collection Runner
• Core Okta API
• Okta error codes and descriptions
• How to Remove a User from a Group Rule Exclusion List
• How to Integrate Postman with Okta
• Okta Groups API
• Why You Should Migrate to OAuth 2.0 From Static API Tokens
• Implement OAuth for Okta
• Import a Postman Collection
• OAuth 2.0 Scopes
• Implement the Authorization Code with PKCE flow
• Okta API Error Codes and Descriptions