get the user details from management account

0

Hi, I need to get user basic details from management identity center. Here AWS integrated with OKTA SSO. Manually i am able to login and can see list of the users and display name.

Here, i want to a code to get the display user name , email from passing user id. Please advice.

asked 18 days ago35 views
1 Answer
0

1. Using AWS SDK (Boto3)

AWS Identity Center (formerly AWS SSO) might not directly expose user details such as email and display name via its API, especially when integrated with an external IdP like Okta. However, you can fetch user details via the Okta API.

2. Using Okta API

Assuming you have access to the Okta API, you can use the Okta SDK or direct API calls to fetch user details by user ID. Below is an example using Python and the requests library:

Step 1: Install Required Libraries

pip install boto3 requests

Step 2: Okta API Token

Ensure you have an Okta API token with sufficient permissions to read user details. You can generate this from the Okta admin console.

Step 3: Python Script to Fetch User Details

Here’s a basic example of how to fetch user details from Okta:

import requests

# Okta API details
okta_domain = "https://your-okta-domain.okta.com"
api_token = "your_okta_api_token"

def get_user_details(user_id):
    # Endpoint to fetch user details
    url = f"{okta_domain}/api/v1/users/{user_id}"
    
    headers = {
        "Authorization": f"SSWS {api_token}",
        "Content-Type": "application/json"
    }
    
    response = requests.get(url, headers=headers)
    
    if response.status_code == 200:
        user_data = response.json()
        display_name = user_data.get('profile', {}).get('displayName')
        email = user_data.get('profile', {}).get('email')
        
        return {
            "displayName": display_name,
            "email": email
        }
    else:
        print(f"Failed to fetch user details: {response.status_code} - {response.text}")
        return None

# Example usage
user_id = "user_id_here"
user_details = get_user_details(user_id)
if user_details:
    print(f"User Display Name: {user_details['displayName']}")
    print(f"User Email: {user_details['email']}")

3. Integration with AWS SDK (Optional)

If you want to integrate this with AWS SDK (Boto3), you might fetch user-related data from Identity Center or IAM and then cross-reference with Okta for user-specific details.

Considerations:

Permissions: Ensure that the Okta API token has the required permissions to access user data.

Security: Store the Okta API token securely, avoiding hard-coding it in your scripts.

Rate Limits: Be aware of Okta's API rate limits when designing your solution.

EXPERT
answered 18 days ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions