<iframe src="https://www.googletagmanager.com/ns.html?id=GTM-M74D8PB" height="0" width="0" style="display:none;visibility:hidden">
Loading
Skip to NavigationSkip to Main Content
System Status
Announcements
Announcements
Search
Search
Select Language
Knowledge Base
Knowledge Articles
Support Videos ↗
Documentation
Product Documentation ↗
Developer Documentation ↗
Product Release Notes ↗
Community
Events & Webinars
Okta Ideas ↗
Resources
Product Hub
Customer Success Hub
Product Release Update
Learning
Okta Learning ↗
Get Support
Open a Case
HomeCommunityForum
0D50Z00008C3jcKSAROkta Classic EngineIntegrationsAnswered2024-04-30T09:18:25.000Z2018-01-30T21:17:17.000Z2018-10-03T23:57:49.000Z

j5v7c (j5v7c) asked a question.

Edited by varun.kavoori1.5210444522562532E12 September 5, 2018 at 1:19 AM
Using Powershell with the Okta API
We have a few dozen 3rd party web sites that we use for various things and for some of them we have an ID for each of our branches (and we open new branches frequently), others use an ID for each employee, others use an ID for everyone to share. I'd like to automate the creation of these apps for the new offices we open using PowerShell. Is that possible with the API? If so, are there examples anywhere?

 

Thanks!
  • 11 answers
  • 10.29K views

  • gabriel.sroka1.4374539321839353E12 (Okta, Inc.)

    Hi Keith

    I'm not sure what your exact use case is. Can you work thru the steps? eg:

    1. create a new app

    2. assign a user to the app

    etc

     

    Also, see Okta Developer Docs:

    https://developer.okta.com/docs/api/resources/apps

    https://developer.okta.com/docs/api/resources/users

     

    And Unofficial PowerShell Modules:

    https://github.com/gabrielsroka/OktaAPI.psm1

    https://github.com/mbegan/Okta-PSModule

     

    Thanks.

     

    Gabriel Sroka
    Expand Post

  • j5v7c (j5v7c)

    Yeah thanks Gabriel. Basically suppose I have an account set up with Office Depot for each of my offices (300 of them). Each has an ID like "MyOffice1", "MyOffice2", etc and their own password to login to OfficeDepot.com and order supplies. I open new offices at the rate of 1 a week and I'd like to automate the process of creating Okta "apps" for each office when they open. So "MyOffice301" will need a new app set up with their unique credentials and assigned to members of an AD group I've populated.

     

    I'd like to do that with 50 different apps for each restaurant. So it'll need to be scripted somehow. That make sense?

     

    Or, to boil it down, how do I create apps in Okta with PowerShell? The developer site doesn;t seem to have any resources for that...

     

    Thanks!
    Expand Post

  • gabriel.sroka1.4374539321839353E12 (Okta, Inc.)

    Hi Keith

    You can create apps in Okta with PowerShell.

     

    This page shows you how to do it from the API:

    https://developer.okta.com/docs/api/resources/apps#add-application

    https://developer.okta.com/docs/api/resources/apps#assign-user-to-application-for-sso

     

    So you should be able to translate that into PowerShell using one of the resources I mentioned in my reply above.

     

    Do you need a unique OfficeDepot app for each office (ie 300 apps)? Or 1 app with 300 users assigned to it? Answering this question will help you decide which APIs you need to call.
    Expand Post

  • j5v7c (j5v7c)

    We have a mix of sites we use: 
    • For those that use individual user-based logins, they can have a single app and maintain their own log in for it.
    • For those that have a login for their office (the most common scenario), we want them to be automatically authenticated without knowing the credentials so I assume that means 1 app per office, per web site, right?
    • For those with a common shared login, we can set up a single app and all users can be assigned to it.
     That sound like a plan? Thanks.
    Expand Post

  • j5v7c (j5v7c)

    Oh and I was hoping you might have an example of the PowerShell to use your APIs - it must be a common thing for admins to do right?

  • gabriel.sroka1.4374539321839353E12 (Okta, Inc.)

    Hi Keith 

    I added an example of creating a SWA app and assigning a user to it. I hope that helps get you started. Please see:

    https://github.com/gabrielsroka/OktaAPI.psm1

     

    I modified OktaAPI.psm1 to include New-OktaApp and Add-OktaAppUser and added a sample in CallOktaAPI.ps1:

      
    1.  function Add-SwaApp() {  $me = Get-OktaUser "me"  # see https://developer.okta.com/docs/api/resources/apps#add-custom-swa-application  $app = @{label = "AAA Test App";    settings = @{signOn = @{loginUrl = "https://aaatest.oktapreview.com"}};  signOnMode = "AUTO_LOGIN"; visibility = @{autoSubmitToolbar = $false}}  $app = New-OktaApp $app  # see https://developer.okta.com/docs/api/resources/apps#assign-user-to-application-for-sso  $appuser = @{id = $me.id; scope = "USER"}  Add-OktaAppUser $app.id $appuser }
    Expand Post

  • j5v7c (j5v7c)

    Thanks Gabriel! You are a life saver!

  • j5v7c (j5v7c)

    Oh have you published this to the PowerShell Gallery? So I can install it from the console? Looks like 1.07 was published January 22.
10 of 11
This question is closed.
Loading
Using Powershell with the Okta API