get the user details from management account

0

Hi, I need to get user basic details from management identity center. Here AWS integrated with OKTA SSO. Manually i am able to login and can see list of the users and display name.

Here, i want to a code to get the display user name , email from passing user id. Please advice.

질문됨 2달 전49회 조회
1개 답변
0

1. Using AWS SDK (Boto3)

AWS Identity Center (formerly AWS SSO) might not directly expose user details such as email and display name via its API, especially when integrated with an external IdP like Okta. However, you can fetch user details via the Okta API.

2. Using Okta API

Assuming you have access to the Okta API, you can use the Okta SDK or direct API calls to fetch user details by user ID. Below is an example using Python and the requests library:

Step 1: Install Required Libraries

pip install boto3 requests

Step 2: Okta API Token

Ensure you have an Okta API token with sufficient permissions to read user details. You can generate this from the Okta admin console.

Step 3: Python Script to Fetch User Details

Here’s a basic example of how to fetch user details from Okta:

import requests

# Okta API details
okta_domain = "https://your-okta-domain.okta.com"
api_token = "your_okta_api_token"

def get_user_details(user_id):
    # Endpoint to fetch user details
    url = f"{okta_domain}/api/v1/users/{user_id}"
    
    headers = {
        "Authorization": f"SSWS {api_token}",
        "Content-Type": "application/json"
    }
    
    response = requests.get(url, headers=headers)
    
    if response.status_code == 200:
        user_data = response.json()
        display_name = user_data.get('profile', {}).get('displayName')
        email = user_data.get('profile', {}).get('email')
        
        return {
            "displayName": display_name,
            "email": email
        }
    else:
        print(f"Failed to fetch user details: {response.status_code} - {response.text}")
        return None

# Example usage
user_id = "user_id_here"
user_details = get_user_details(user_id)
if user_details:
    print(f"User Display Name: {user_details['displayName']}")
    print(f"User Email: {user_details['email']}")

3. Integration with AWS SDK (Optional)

If you want to integrate this with AWS SDK (Boto3), you might fetch user-related data from Identity Center or IAM and then cross-reference with Okta for user-specific details.

Considerations:

Permissions: Ensure that the Okta API token has the required permissions to access user data.

Security: Store the Okta API token securely, avoiding hard-coding it in your scripts.

Rate Limits: Be aware of Okta's API rate limits when designing your solution.

전문가
답변함 2달 전

로그인하지 않았습니다. 로그인해야 답변을 게시할 수 있습니다.

좋은 답변은 질문에 명확하게 답하고 건설적인 피드백을 제공하며 질문자의 전문적인 성장을 장려합니다.

질문 답변하기에 대한 가이드라인

관련 콘텐츠