<iframe src="https://www.googletagmanager.com/ns.html?id=GTM-M74D8PB" height="0" width="0" style="display:none;visibility:hidden">
Loading
Skip to NavigationSkip to Main Content
System Status
Announcements
Announcements
Search
Search
Select Language
Knowledge Base
Knowledge Articles
Support Videos ↗
Documentation
Product Documentation ↗
Developer Documentation ↗
Product Release Notes ↗
Community
Events & Webinars
Okta Ideas ↗
Resources
Product Hub
Customer Success Hub
Product Release Update
Learning
Okta Learning ↗
Get Support
Open a Case
HomeCommunityForum
0D50Z00008C3jkTSAROkta Classic EngineIntegrationsAnswered2024-04-16T13:33:40.000Z2017-10-22T01:39:14.000Z2019-12-30T06:36:25.000Z

mlmk2 (mlmk2) asked a question.

Edited by varun.kavoori1.5210444522562532E12 September 5, 2018 at 1:19 AM
How to update AWS Connected Accounts IDs via OKTA API?
We automating the provisioning and configuration of the Amazon Web Services App using the OKTA API (we are using Scenario B, multiple accounts via a master account).

 

So far we can successfully assign the App to Groups including the profile/samlRoles for each group, this is working nicely.

 

We would like to programmatically add new accounts to this integration as they are setup in AWS, without needing to use the OKTA Admin GUI.

 

To achieve this, we would need to be able to update the Amazon Web Services App using the API to update the "Connected Accounts IDs" parameter on the Provisioning "tab" of the Amazon Web Services App onfiguration page, and also request a refresh of the Application (which should happen when we add connected IDs I guess).

 

Can't seem to reverse engineer the required PUT body for 

  
  1.  PUT /api/v1/apps/:aid
 

by getting the App, as the GET request does not include any of the Connected Accounts IDs I have manually setup so far in the GUI for testing.

 

Any suggestions?

 

Thanks!

 

Leigh
  • 9 answers
  • 1.32K views

  • josh.skeen1.4283705083512795E12 (Okta, Inc.)

    Hi Leigh,

     

    I checked on my end for you, and currently our AWS app connector does not have the capability to update accounts in the manner you described.

     

    What I would recommend would be to create a new feature request for this functionality. To submit this as a feature request, go to https://community.okta.com/ and then log in and click on the "Ideas" button in the top-right hand corner of the page, and then select "Post Idea" on the next page. This will open a feature request for other members of the community, including our own Product Managers, to see and vote on.

     

    Please let us know if you have any additional questions and we will be happy to assist.

     

    Josh Skeen

    Okta Customer Support
    Expand Post

  • mlmk2 (mlmk2)

    Hi Josh, I've submitted the idea - can you verify I tagged it correctly please? Thanks! Leigh

  • f1dxk (f1dxk)

    Hi,

     

    I also have the same request. Could I know about the status of this request? Thanks!

     

    Hieu

  • mlmk2 (mlmk2)

    Hieu,

     

    We still do this manually – as far as I am aware, no API update has been made. Thankfully our adds/moves/changes at the account level aren’t that frequent so it isn’t a big problem.

     

    Regards,

     

    Leigh

    Expand Post

  • qwfw6 (qwfw6)

    This is really unfortunate. I'm working on automating a chunk of AWS integration, and we really needed this to be capable of being updated via API.

  • q98y4 (q98y4)

    Any update on this? I'd make good use of such api as well.

     

    Somebody was able to find a workaround?

  • qwfw6 (qwfw6)

    We developed a really awful workaround. A coworker and I have golang code that uses a headless chrome browser to log into Okta using a real user, and click on and off the buttons that make an AWS application rescan AWS for potential roles. We could technically modify it to onboard AWS accounts by adding the account IDs, but that is still rare enough to be done manually.

  • y3n8o (y3n8o)

    Any update on this request?? Its been pending for a long time now.

This question is closed.
Loading
How to update AWS Connected Accounts IDs via OKTA API?