Documentation
¶
Index ¶
- Constants
- type App
- type AppAccessibility
- type AppAddSAMLAppParams
- type AppAuthenticationScheme
- type AppCredential
- type AppCredentialOAuthCredential
- type AppCredentialSigningCredential
- type AppCredentialsUserNameTemplate
- type AppName
- type AppPassword
- type AppSAMLAttributeStatement
- type AppSignOnMode
- type AppUser
- type AppVisability
- type AppVisabilityHide
- type AppsService
- func (s *AppsService) Add(ctx context.Context, appIn *App, activate bool) (*App, *Response, error)
- func (s *AppsService) AddBookmarkApp(ctx context.Context, label string, activate bool, url *url.URL) (*App, *Response, error)
- func (s *AppsService) AddSAMLApp(ctx context.Context, label string, activate bool, params *AppAddSAMLAppParams) (*App, *Response, error)
- func (s *AppsService) GetByID(ctx context.Context, id string) (*App, *Response, error)
- func (s *AppsService) ListAssignedUsers(ctx context.Context, id string) ([]*AppUser, *Response, error)
- type Client
- type ErrorCause
- type ErrorResponse
- type Group
- type GroupProfile
- type GroupsService
- func (s *GroupsService) Add(ctx context.Context, profile *GroupProfile) (*Group, *Response, error)
- func (s *GroupsService) GetByID(ctx context.Context, id string) (*Group, *Response, error)
- func (s *GroupsService) List(ctx context.Context) ([]*Group, *Response, error)
- func (s *GroupsService) ListFilter(ctx context.Context, filter string) ([]*Group, *Response, error)
- func (s *GroupsService) ListMembers(ctx context.Context, id string) ([]*User, *Response, error)
- func (s *GroupsService) ListSearchByName(ctx context.Context, partialName string) ([]*Group, *Response, error)
- func (s *GroupsService) Remove(ctx context.Context, id string) (*Response, error)
- func (s *GroupsService) Update(ctx context.Context, id string, profile *GroupProfile) (*Group, *Response, error)
- func (s *GroupsService) UpdateWithGroup(ctx context.Context, id string, group *Group) (*Group, *Response, error)
- func (s *GroupsService) UpdateWithProfile(ctx context.Context, id string, profile *GroupProfile) (*Group, *Response, error)
- type Pagination
- type Rate
- type RateLimitError
- type Response
- type Timestamp
- type User
- type UserCredentials
- type UsersService
- func (s *UsersService) GetByID(ctx context.Context, id string) (*User, *Response, error)
- func (s *UsersService) List(ctx context.Context) ([]*User, *Response, error)
- func (s *UsersService) ListFilter(ctx context.Context, filter string) ([]*User, *Response, error)
- func (s *UsersService) UpdateProfileDelta(ctx context.Context, id string, userRawProfile *json.RawMessage) (*User, *Response, error)
Constants ¶
const ( AppSignOnModeBookmark AppSignOnMode = "BOOKMARK" AppSignOnModeBasicAuth = "BASIC_AUTH" AppSignOnModeBrowserPlugin = "BROWSER_PLUGIN" AppSignOnModeSecurePasswordStore = "SECURE_PASSWORD_STORE" AppSignOnModeSAML2 = "SAML_2_0" AppSignOnModeWSFederation = "WS_FEDERATION" AppSignOnModeAutoLogin = "AUTO_LOGIN" AppSignOnModeOpenIDConnect = "OPENID_CONNECT" AppSignOnModeCustom = "Custom" )
AppSignOnMode Constants
https://developer.okta.com/docs/api/resources/apps#signon-modes
const ( ExternalPasswordSync = "EXTERNAL_PASSWORD_SYNC" EditUsernameAndPassword = "EDIT_USERNAME_AND_PASSWORD" EditPasswordOnly = "EDIT_PASSWORD_ONLY" AdminSetsCredentials = "ADMIN_SETS_CREDENTIALS" )
AppAuthenticationScheme Constants
https://developer.okta.com/docs/api/resources/apps#authentication-schemes
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type App ¶
type App struct {
ID string `json:"id,omitempty"`
Name AppName `json:"name,omitempty"`
Label string `json:"label,omitempty"`
Created Timestamp `json:"created,omitempty"`
LastUpdated Timestamp `json:"lastUpdated,omitempty"`
Status string `json:"status,omitempty"`
Features []string `json:"features,omitempty"`
SignOnMode AppSignOnMode `json:"signOnMode"`
Accessibility AppAccessibility `json:"accessibility"`
Visibility AppVisability `json:"visibility"`
Credentials AppCredential `json:"credentials"`
Settings interface{} `json:"settings,omitempty"`
Profile interface{} `json:"profile,omitempty"`
}
App represents an application in Okta
type AppAccessibility ¶
type AppAccessibility struct {
SelfService bool `json:"selfService"`
ErrorRedirectURL string `json:"errorRedirectUrl"`
LoginRedirectURL string `json:"loginRedirectUrl"`
}
AppAccessibility determines accessibility settings for the application.
https://developer.okta.com/docs/api/resources/apps#accessibility-object
type AppAddSAMLAppParams ¶
type AppAddSAMLAppParams struct {
DefaultRelayState string
SsoAcsURL *url.URL
Recipient *url.URL
Destination *url.URL
Audience string
IdpIssuer string
SubjectNameIDTemplate string
SubjectNameIDFormat string
ResponseSigned bool
AssertionSigned bool
SignatureAlgorithm string
DigestAlgorithm string
HonorForceAuthn bool
AuthnContextClassRef string
AttributeStatements []AppSAMLAttributeStatement
}
AppAddSAMLAppParams is a helper struct for calling AddSAMLApp().
type AppAuthenticationScheme ¶
type AppAuthenticationScheme string
AppAuthenticationScheme is the type for the AppAuthenticationScheme enum
https://developer.okta.com/docs/api/resources/apps#authentication-schemes
type AppCredential ¶
type AppCredential struct {
Scheme AppAuthenticationScheme `json:"scheme,omitempty"`
UserNameTemplate AppCredentialsUserNameTemplate `json:"userNameTemplate,omitempty"`
Signing AppCredentialSigningCredential `json:"signing,omitempty"`
UserName string `json:"username,omitempty"`
Password AppPassword `json:"password,omitempty"`
OAuthClient AppCredentialOAuthCredential `json:"oauthClient,omitempty"`
}
AppCredential specifies credentials and scheme for the application’s signOnMode
https://developer.okta.com/docs/api/resources/apps#application-credentials-object
type AppCredentialOAuthCredential ¶
type AppCredentialOAuthCredential struct {
ClientID string `json:"client_id,omitempty"`
ClientSecret string `json:"client_secret,omitempty"`
TokenEndpointAuthMethod string `json:"token_endpoint_auth_method,omitempty"`
AutoKeyRotation bool `json:"autoKeyRotation,omitempty"`
}
AppCredentialOAuthCredential determines how to authenticate the OAuth 2.0 client.
https://developer.okta.com/docs/api/resources/apps#oauth-credential-object
type AppCredentialSigningCredential ¶
type AppCredentialSigningCredential struct {
KID string `json:"kid,omitempty"`
}
AppCredentialSigningCredential determines the key used for signing assertions for the signOnMode.
https://developer.okta.com/docs/api/resources/apps#signing-credential-object
type AppCredentialsUserNameTemplate ¶
type AppCredentialsUserNameTemplate struct {
Template string `json:"template,omitempty"`
// Type has possible values of: "NONE", "BUILT_IN", "CUSTOM"
Type string `json:"type,omitempty"`
UserSuffix string `json:"userSuffix,omitempty"`
}
AppCredentialsUserNameTemplate represents the template used to generate the username when an app is assigend to a user.
https://developer.okta.com/docs/api/resources/apps#username-template-object
type AppName ¶
type AppName string
AppName is a type for the AppName enum. Note that name in the okta context is used to delinate the type of app. Shared apps, which can be used by multiple Okta Customers, aren't implemented.
https://developer.okta.com/docs/api/resources/apps#app-names--settings
const ( AppNameBookmark AppName = "bookmark" AppNameSAML2 = "Custom SAML 2.0" )
AppName Constants Note that name in the okta context is used to delinate the type of app. Shared apps, which can be used by multiple Okta Customers, aren't implemented.
https://developer.okta.com/docs/api/resources/apps#app-names--settings
type AppPassword ¶
type AppPassword struct {
// Value is a write only property. An empty object represents a password exists.
Value string `json:"value,omitempty"`
}
AppPassword represents a password for user:app combination.
It has one attribute, value which is write only.
https://developer.okta.com/docs/api/resources/apps#password-object
type AppSAMLAttributeStatement ¶
type AppSAMLAttributeStatement struct {
Type string `json:"type"`
Name string `json:"name"`
Namespace string `json:"namespace"`
Values []string `json:"values"`
}
AppSAMLAttributeStatement represents Attribute Statements for SAML apps.
https://developer.okta.com/docs/api/resources/apps#attribute-statements-object
type AppSignOnMode ¶
type AppSignOnMode string
AppSignOnMode is a type for the SignOnMode enum
https://developer.okta.com/docs/api/resources/apps#signon-modes
type AppUser ¶
type AppUser struct {
ID string `json:"id"`
ExternalID string `json:"externalId"`
Created time.Time `json:"created"`
LastUpdated time.Time `json:"lastUpdated"`
Scope string `json:"scope"`
Status string `json:"status"`
StatusChanged time.Time `json:"statusChanged"`
PasswordChanged time.Time `json:"passwordChanged"`
SyncState string `json:"syncState"`
LastSync time.Time `json:"lastSync"`
Credentials struct {
UserName string `json:"userName"`
Password struct {
} `json:"password"`
} `json:"credentials"`
Profile struct{} `json:"profile"`
Links struct {
App struct {
Link string `json:"href"`
} `json:"app"`
User struct {
Link string `json:"href"`
} `json:"user"`
} `json:"_links"`
}
AppUser represents a user that is assigned to an App.
https://developer.okta.com/docs/api/resources/apps#application-user-model
type AppVisability ¶
type AppVisability struct {
AutoSubmitToolbar bool `json:"autoSubmitToolbar"`
Hide AppVisabilityHide `json:"hide"`
}
AppVisability represents where an app is shown.
https://developer.okta.com/docs/api/resources/apps#visibility-object
func NewAppVisability ¶
func NewAppVisability() AppVisability
NewAppVisability is a helper method to create a new AppVisability object with default settings.
type AppVisabilityHide ¶
AppVisabilityHide is a helper struct.
https://developer.okta.com/docs/api/resources/apps#hide-object
type AppsService ¶
type AppsService service
AppsService is the service providing access to the App Resource in the Okta API
func (*AppsService) Add ¶
Add creates a new application. Most people will want to call one of the helper methods instead.
https://developer.okta.com/docs/api/resources/apps#add-application
func (*AppsService) AddBookmarkApp ¶
func (s *AppsService) AddBookmarkApp(ctx context.Context, label string, activate bool, url *url.URL) (*App, *Response, error)
AddBookmarkApp creates a new bookmark application, it wraps Add().
https://developer.okta.com/docs/api/resources/apps#add-bookmark-application
func (*AppsService) AddSAMLApp ¶
func (s *AppsService) AddSAMLApp( ctx context.Context, label string, activate bool, params *AppAddSAMLAppParams, ) (*App, *Response, error)
AddSAMLApp creates a new SAML application, it wraps Add(). Caveats:
Okta Docs: Fields that require certificate uploads can’t be enabled through the API, such as Single Log Out and Assertion Encryption. These must be updated through the UI.
Implementation Limitation: Override attributes aren't supported.
https://developer.okta.com/docs/api/resources/apps#add-custom-saml-application
func (*AppsService) GetByID ¶
GetByID fetches a single application by its ID
https://developer.okta.com/docs/api/resources/apps#get-application
func (*AppsService) ListAssignedUsers ¶
func (s *AppsService) ListAssignedUsers(ctx context.Context, id string) ([]*AppUser, *Response, error)
ListAssignedUsers fetches the users assigned to the specified application id.
https://developer.okta.com/docs/api/resources/apps#list-users-assigned-to-application
type Client ¶
type Client struct {
UserAgent string
BaseURL *url.URL
Apps *AppsService
Groups *GroupsService
Users *UsersService
// contains filtered or unexported fields
}
Client represents an Okta API client.
type ErrorCause ¶
type ErrorCause struct {
Summary string `json:"errorSummary"`
}
ErrorCause represents on cause for an error
func (*ErrorCause) Error ¶
func (e *ErrorCause) Error() string
type ErrorResponse ¶
type ErrorResponse struct {
Response *http.Response
Code string `json:"errorCode"`
Summary string `json:"errorSummary"`
Link string `json:"errorLink"`
ID string `json:"errorId"`
Causes []ErrorCause `json:"errorCauses"`
}
ErrorResponse represents a response from the Okta API when an error occurs.
func (*ErrorResponse) Error ¶
func (r *ErrorResponse) Error() string
type Group ¶
type Group struct {
ID string `json:"id,omitempty"`
Created Timestamp `json:"created,omitempty"`
LastUpdated Timestamp `json:"lastUpdated,omitempty"`
LastMembershipUpdated Timestamp `json:"lastMembershipUpdated,omitempty"`
ObjectClass []string `json:"objectClass,omitempty"`
Type string `json:"type,omitempty"`
Profile GroupProfile `json:"profile"`
}
Group represents an Okta Group.
https://developer.okta.com/docs/api/resources/groups#group-model
type GroupProfile ¶
type GroupProfile struct {
Name string `json:"name,omitempty"`
Description string `json:"description,omitempty"`
SamAccountName string `json:"samAccountName,omitempty"`
DN string `json:"dn,omitempty"`
WindowsDomainQualifiedName string `json:"windowsDomainQualifiedName,omitempty"`
ExternalID string `json:"externalId,omitempty"`
}
GroupProfile represents an Okta Group Profile.
https://developer.okta.com/docs/api/resources/groups#profile-object
type GroupsService ¶
type GroupsService service
GroupsService is the service providing access to the Groups Resource in the Okta API
func (*GroupsService) Add ¶
func (s *GroupsService) Add(ctx context.Context, profile *GroupProfile) (*Group, *Response, error)
Add creates a new group.
https://developer.okta.com/docs/api/resources/groups#add-group
func (*GroupsService) GetByID ¶
GetByID fetches a group by ID.
https://developer.okta.com/docs/api/resources/groups#get-group
func (*GroupsService) List ¶ added in v0.1.2
List fetches a list of all groups. nameSearch and filter are mutually exclusive. In either case pagination is disabled.
https://developer.okta.com/docs/api/resources/groups#list-groups
func (*GroupsService) ListFilter ¶ added in v0.1.2
ListFilter fetches a list of all groups who match a given filter. nameSearch and filter are mutually exclusive. In either case pagination is disabled.
https://developer.okta.com/docs/api/resources/groups#filters
func (*GroupsService) ListMembers ¶ added in v0.1.2
ListMembers fetches the users who are members of the given group.
https://developer.okta.com/docs/api/resources/groups#list-group-members
func (*GroupsService) ListSearchByName ¶ added in v0.1.2
func (s *GroupsService) ListSearchByName(ctx context.Context, partialName string) ([]*Group, *Response, error)
ListSearchByName fetches a list of all groups whose name start with a given string. nameSearch and filter are mutually exclusive. In either case pagination is disabled.
https://developer.okta.com/docs/api/resources/groups#search-groups
func (*GroupsService) Remove ¶
Remove deletes a group.
https://developer.okta.com/docs/api/resources/groups#remove-group
func (*GroupsService) Update ¶
func (s *GroupsService) Update(ctx context.Context, id string, profile *GroupProfile) (*Group, *Response, error)
Update modifies a group.
Note that delta updates are not supported. You must pass a full GroupProfile object.
https://developer.okta.com/docs/api/resources/groups#update-group
func (*GroupsService) UpdateWithGroup ¶
func (s *GroupsService) UpdateWithGroup(ctx context.Context, id string, group *Group) (*Group, *Response, error)
UpdateWithGroup modifies a group using a Group object, from which the GroupProfile is extracted, it's a wrapper for Update().
Note that delta updates are not supported. You must pass a full Group object.
func (*GroupsService) UpdateWithProfile ¶
func (s *GroupsService) UpdateWithProfile(ctx context.Context, id string, profile *GroupProfile) (*Group, *Response, error)
UpdateWithProfile modifies a group using a GroupProfile object, it's a wrapper for Update().
Note that delta updates are not supported. You must pass a full GroupProfile object.
type Pagination ¶
type Pagination struct {
Prev string `json:"prev"`
Next string `json:"next"`
Self string `json:"self"`
}
Pagination represents the pagination primiatives of the Okta API.
type RateLimitError ¶
type RateLimitError struct {
Rate Rate // Rate specifies last known rate limit for the client
Response *http.Response // HTTP response that caused this error
Message string `json:"message"` // error message
}
RateLimitError represents an error when RateLimits are exceeded.
func (*RateLimitError) Error ¶
func (r *RateLimitError) Error() string
type Response ¶
type Response struct {
*http.Response
Pagination
Rate
OktaRequestID string
}
Response represents a response from the Okta API.
type Timestamp ¶
Timestamp represents a time that can be unmarshalled from a JSON string formatted as either an RFC3339 or Unix timestamp. This is necessary for some fields since the GitHub API is inconsistent in how it represents times. All exported methods of time.Time can be called on Timestamp.
func (*Timestamp) UnmarshalJSON ¶
UnmarshalJSON implements the json.Unmarshaler interface. Time is expected in RFC3339 or Unix format.
type User ¶
type User struct {
ID string `json:"id"`
Status string `json:"status"`
Created time.Time `json:"created"`
Activated time.Time `json:"activated"`
StatusChanged time.Time `json:"statusChanged"`
LastLogin time.Time `json:"lastLogin"`
LastUpdated time.Time `json:"lastUpdated"`
PasswordChanged time.Time `json:"passwordChanged"`
RawProfile *json.RawMessage `json:"profile"`
Credentials UserCredentials `json:"credentials"`
Links struct {
ResetPassword struct {
Link string `json:"href"`
} `json:"resetPassword"`
ResetFactors struct {
Link string `json:"href"`
} `json:"resetFactors"`
ExpirePassword struct {
Link string `json:"href"`
} `json:"expirePassword"`
ForgotPassword struct {
Link string `json:"href"`
} `json:"forgotPassword"`
ChangeRecoveryQuestion struct {
Link string `json:"href"`
} `json:"changeRecoveryQuestion"`
Deactivate struct {
Link string `json:"href"`
} `json:"deactivate"`
ChangePassword struct {
Link string `json:"href"`
} `json:"changePassword"`
} `json:"_links"`
}
User represents a user in Okta
https://developer.okta.com/docs/api/resources/users#user-model
type UserCredentials ¶
type UserCredentials struct {
Password struct {
Value string `json:"value,omitempty"`
Hash struct {
Algorithm string `json:"algorithm"`
WorkFactor int `json:"workFactor"`
Salt string `json:"salt"`
Value string `json:"value"`
} `json:"hash,omitempty"`
} `json:"password"`
RecoveryQuestion struct {
Question string `json:"question"`
} `json:"recovery_question"`
Provider struct {
Type string `json:"type"`
Name string `json:"name"`
} `json:"provider"`
}
UserCredentials represents the credentials object in Okta.
https://developer.okta.com/docs/api/resources/users#credentials-object
type UsersService ¶
type UsersService service
UsersService is the service providing access to the Users Resource in the Okta API
func (*UsersService) GetByID ¶
GetByID fetches a user by ID.
https://developer.okta.com/docs/api/resources/users#get-user-with-id
func (*UsersService) List ¶ added in v0.1.4
List fetches all users.
https://developer.okta.com/docs/reference/api/users/#list-all-users
func (*UsersService) ListFilter ¶ added in v0.1.4
ListFilter fetches a list of all users who match a given filter.
https://developer.okta.com/docs/reference/api/users/#list-users-with-a-filter
func (*UsersService) UpdateProfileDelta ¶ added in v0.1.4
func (s *UsersService) UpdateProfileDelta(ctx context.Context, id string, userRawProfile *json.RawMessage) (*User, *Response, error)
UpdateProfileDelta modifies a user profile using partial update semantics.
https://developer.okta.com/docs/api/resources/users#update-user
Source Files