An Amazon Web Services Account Federation Application integration is configured in Okta, and some groups are assigned to this app (Group1 and Group2 ). Each group has an AWS Role and SAML User Roles assigned to it.

Group1 has AWS Role and SAML User Roles assigned as shown below:

Group2 has AWS Role and SAML User Roles assigned as shown below:

• Amazon Web Services Account Federation App
• Groups API
• Okta Classic Engine
• Okta Identity Engine (OIE)

To pull a list of the AWS Roles and SAML User Roles assigned to Group1 and Group2 follow the steps below:

1. Download and Install Postman.

2. Next, download the desired collections.

3. Use the Groups (Okta API) / Group Operations / List Groups API command.

{{url}}/api/v1/apps/{{appId}}/groups

4. Replace {{appId}} with the application ID. In Postman, go to the Apps collection and use the API command List Apps to retrieve the appId for the Amazon Web Services Account Federation app, for which a list of the AWS Role and SAML User Roles assigned to groups should be pulled.

   Another way to get the appId: In the Okta Admin Console, navigate to Applications > Applications > Amazon Web Services Account Federation app. From the browser URL, copy the appId as shown below.
   
    

5. API call {{url}}/api/v1/apps/{{appId}}/groups will list all the groups assigned to the Amazon Web Services Account Federation app and include AWS Role and SAML User Roles for each group assigned to the app.
   
    

Related References

• Download and install Postman
• Import a Postman Collection
• Configure the Amazon