RajK.51787 (American Automobile Association) asked a question.
Is there a way to get list of Okta Admin Roles assigned to an user using Okta Expression Language? I am looking create a group rule to list all users with certain Okta admin roles to a group so that I can enforce specific password or authentication and other policies.
For example: I have custom role defined. I need to identify the users assigned to this role and enforce a specific password policy. Each user in this role may have different resource sets assigned to them. So, I cannot assign a custom role based on a group, rather need to assign the role individually. Then, I want to use a rule to create a group so that I assign security policies.
If there is any other ways to achieve this with in the Okta admin portal, it would be great.
Hi @RajK.51787 (American Automobile Association) , Thank you for reaching out to the Okta Community!
This is currently not supported as the roles/admin permissions are viewed as separate entities on to themselves as opposed to profile attributes or group memberships that can be called on with functions. There currently is no function in the Okta Expression Language to look up the user's role.
You can suggest a Feature Enhancement based on this requriement on the Okta Community page by going to the Community→ Ideas tab. Features suggested in our community are reviewed and can be voted and commented on by other members. High popularity will increase the likelihood of it being picked up by the Product Team and it being implemented.
More details here:
https://support.okta.com/help/s/blog/a674z000001cj7YAAQ/okta-ideas-faq
If my answer helped, remember to mark it as best to increase its visibility for other members of the Okta Community who might have the same questions as you.
Hope my answer helps!
--------------------------------
Community members help others by clicking Like or Select as Best on responses. Try it today.