<iframe src="https://www.googletagmanager.com/ns.html?id=GTM-M74D8PB" height="0" width="0" style="display:none;visibility:hidden">
Loading
Skip to NavigationSkip to Main Content
System Status
Announcements
Announcements
Search
Search
Select Language
Knowledge Base
Knowledge Articles
Support Videos ↗
Documentation
Product Documentation ↗
Developer Documentation ↗
Product Release Notes ↗
Community
Events & Webinars
Okta Ideas ↗
Resources
Product Hub
Customer Success Hub
Product Release Update
Learning
Okta Learning ↗
Get Support
Open a Case
HomeCommunityForum
0D50Z00008G7VEoSANOkta Classic EngineIntegrationsAnswered2024-08-11T09:04:05.000Z2017-06-13T00:47:30.000Z2017-06-13T00:47:30.000Z

  • josh.skeen1.4283705083512795E12 (Okta, Inc.)

    Hi Al,

     

    Our Developer support team actually came up with a Python script that can achieve this goal. This action is not reversible, however, so I would strongly advise testing this script in a Preview/test Org before running it in any Production Org.

     

    There are instructions for running this script here: https://github.com/SohaibAjmal/Okta-UD-Scripts#how-to-run-script.

     

    The script itself is here: https://github.com/SohaibAjmal/Okta-UD-Scripts/blob/master/delete_users.py

     

    I hope this helps!
    Expand Post

  • j5v7c (j5v7c)

    I cobbled together a powershell script for this as well. 

     

    FYI, I cobbled together a powershells script that we run on a schedule to keep our deactivated users tidy.  I am by no means elegant at scripting, but it works.

     

    # this script uses the Okta module (https://github.com/mbegan/Okta-PSModule)  to get a list of deprovisioned accounts that havent had a status changed in X days and outputs it to a CSV.

    # It then users the Okta.Core.Automation module (https://github.com/okta/okta-sdk-dotnet/tree/legacy/Okta.Core.Automation) to delete said accounts from Okta

    # not elegant, but functional until there are better powershell tools out there

    # Last modified 7/6/17 - Nikki D

     

    #Set the Variables

    $TerminatedAccountWhen = ((Get-Date).AddDays(-45)). date

    $logfile = "C:\Scripts-IDM\Results\Oktadeactivateduserstargetedfordelete_$((Get-Date).ToString('MM-dd-yyyy_hh-mm-ss')).txt"

    $recoveryfile = "c:\scripts-idm\results\oktadeactivate.csv"

    $workfile = "c:\scripts-idm\results\workfile.csv"

    $path = "C:\Scripts-IDM\Results"

    $limit = (Get-Date).AddDays(-95). date

     

    # creating a transcript for auditing

    $ErrorActionPreference="SilentlyContinue"

    Stop-Transcript | out-null

    $ErrorActionPreference = "Continue"

    Start-Transcript -path $logfile

     

    #Generating the list with Okta module

    $env:PSModulePath

    import-module Okta

    oktaListDeprovisionedUsers -oOrg prev | where {$_.statusChanged -lt $terminatedaccountwhen} | export-csv -path $recoveryfile -notypeinformation

    oktaListDeprovisionedUsers -oOrg prev | where {$_.statusChanged -lt $terminatedaccountwhen} | Select id | export-csv -path $workfile -notypeinformation

     

    #executing delete with core.automation

    Import-Module Okta.Core.Automation

    Connect-Okta -Token "XXXXXXXXX" -FullDomain "https://yourorg.oktapreview.com"

    Import-csv $workfile | % {

    Delete-OktaUser $_.id

    }

     

    Stop-Transcript

     

    #Clean up old CSVs

    Get-ChildItem -Path $path -Recurse -Force | Where-Object { !$_.PSIsContainer -and $_.CreationTime  -lt $limit } | Remove-Item -Force
    Expand Post

  • nwpyu (nwpyu)

    I tried to use the Python script and it used to work a few moneths ago but now is just giving me 0 results for everything

    Deactivated Users: 0

    Deleted Users: 0

    Not Deleted Users: 0

     

This question is closed.
Loading
Bulk delete for the deactivated users via API?