get the user details from management account

0

Hi, I need to get user basic details from management identity center. Here AWS integrated with OKTA SSO. Manually i am able to login and can see list of the users and display name.

Here, i want to a code to get the display user name , email from passing user id. Please advice.

已提問 2 個月前檢視次數 50 次
1 個回答
0

1. Using AWS SDK (Boto3)

AWS Identity Center (formerly AWS SSO) might not directly expose user details such as email and display name via its API, especially when integrated with an external IdP like Okta. However, you can fetch user details via the Okta API.

2. Using Okta API

Assuming you have access to the Okta API, you can use the Okta SDK or direct API calls to fetch user details by user ID. Below is an example using Python and the requests library:

Step 1: Install Required Libraries

pip install boto3 requests

Step 2: Okta API Token

Ensure you have an Okta API token with sufficient permissions to read user details. You can generate this from the Okta admin console.

Step 3: Python Script to Fetch User Details

Here’s a basic example of how to fetch user details from Okta:

import requests

# Okta API details
okta_domain = "https://your-okta-domain.okta.com"
api_token = "your_okta_api_token"

def get_user_details(user_id):
    # Endpoint to fetch user details
    url = f"{okta_domain}/api/v1/users/{user_id}"
    
    headers = {
        "Authorization": f"SSWS {api_token}",
        "Content-Type": "application/json"
    }
    
    response = requests.get(url, headers=headers)
    
    if response.status_code == 200:
        user_data = response.json()
        display_name = user_data.get('profile', {}).get('displayName')
        email = user_data.get('profile', {}).get('email')
        
        return {
            "displayName": display_name,
            "email": email
        }
    else:
        print(f"Failed to fetch user details: {response.status_code} - {response.text}")
        return None

# Example usage
user_id = "user_id_here"
user_details = get_user_details(user_id)
if user_details:
    print(f"User Display Name: {user_details['displayName']}")
    print(f"User Email: {user_details['email']}")

3. Integration with AWS SDK (Optional)

If you want to integrate this with AWS SDK (Boto3), you might fetch user-related data from Identity Center or IAM and then cross-reference with Okta for user-specific details.

Considerations:

Permissions: Ensure that the Okta API token has the required permissions to access user data.

Security: Store the Okta API token securely, avoiding hard-coding it in your scripts.

Rate Limits: Be aware of Okta's API rate limits when designing your solution.

專家
已回答 2 個月前

您尚未登入。 登入 去張貼答案。

一個好的回答可以清楚地回答問題並提供建設性的意見回饋,同時有助於提問者的專業成長。

回答問題指南