Documentation
¶
Index ¶
- Constants
- func CheckResponse(r *http.Response) error
- type ActivationResponse
- type ApiError
- type App
- type AppFilterOptions
- type AppUser
- type AppsService
- func (a *AppsService) GetAllApps(opt *AppFilterOptions) ([]App, *Response, error)
- func (a *AppsService) GetAppsForUser(userID string, opt *AppFilterOptions) ([]App, *Response, error)
- func (a *AppsService) GetByID(appID string) (*App, *Response, error)
- func (a *AppsService) GetUsers(appID string, opt *AppFilterOptions) (appUsers []AppUser, resp *Response, err error)
- func (a *AppsService) GetUsersWithPath(appID string, opt *AppFilterOptions, userPath string) (appUsers []AppUser, resp *Response, err error)
- type Client
- func NewClient(httpClient *http.Client, orgName string, apiToken string, isProduction bool) *Client
- func NewClientWithBaseURL(httpClient *http.Client, baseURL *url.URL, apiToken string) *Client
- func NewClientWithDomain(httpClient *http.Client, orgName string, domain string, apiToken string) (*Client, error)
- type ErrorResponse
- type Group
- type GroupFilterOptions
- type GroupUserFilterOptions
- type GroupsService
- func (g *GroupsService) Add(groupName string, groupDescription string) (*Group, *Response, error)
- func (g *GroupsService) Delete(groupID string) (*Response, error)
- func (g *GroupsService) GetByID(groupID string) (*Group, *Response, error)
- func (g *GroupsService) GetUsers(groupID string, opt *GroupUserFilterOptions) (users []User, resp *Response, err error)
- func (g *GroupsService) ListWithFilter(opt *GroupFilterOptions) ([]Group, *Response, error)
- type Log
- type LogActor
- type LogAuthContext
- type LogClient
- type LogGeo
- type LogIP
- type LogListFilterOptions
- type LogProps
- type LogSecContext
- type LogsService
- type NewUser
- type Rate
- type RateLimitError
- type ResetPasswordResponse
- type Response
- type User
- type UserListFilterOptions
- type UsersService
- func (s *UsersService) Activate(id string, sendEmail bool) (*ActivationResponse, *Response, error)
- func (s *UsersService) Create(userIn NewUser, createAsActive bool) (*User, *Response, error)
- func (s *UsersService) Deactivate(id string) (*Response, error)
- func (s *UsersService) GetByID(id string) (*User, *Response, error)
- func (s *UsersService) ListWithFilter(opt *UserListFilterOptions) ([]User, *Response, error)
- func (s *UsersService) NewUser() NewUser
- func (s *UsersService) PopulateEnrolledFactors(user *User) (*Response, error)
- func (s *UsersService) PopulateGroups(user *User) (*Response, error)
- func (s *UsersService) PopulateMFAFactors(user *User) (*Response, error)
- func (s *UsersService) ResetPassword(id string, sendEmail bool) (*ResetPasswordResponse, *Response, error)
- func (s *UsersService) SetPassword(id string, newPassword string) (*User, *Response, error)
- func (s *UsersService) Suspend(id string) (*Response, error)
- func (s *UsersService) Unlock(id string) (*Response, error)
- func (s *UsersService) Unsuspend(id string) (*Response, error)
Constants ¶
const ( // MFAStatusActive is a constant to represent OKTA User State returned by the API MFAStatusActive = "ACTIVE" // MFAStatusPending is a user MFA Status of NOT Active MFAStatusPending = "PENDING_ACTIVATION" )
const ( // GroupTypeOKTA - group type constant for an OKTA Mastered Group GroupTypeOKTA = "OKTA_GROUP" // GroupTypeBuiltIn - group type constant for a Built in OKTA groups GroupTypeBuiltIn = "BUILT_IN" // GroupTypeApp -- group type constant for app mastered group GroupTypeApp = "APP_GROUP" )
const ( // FilterEqualOperator Filter Operatorid for "equal" FilterEqualOperator = "eq" // FilterStartsWithOperator - filter operator for "starts with" FilterStartsWithOperator = "sw" // FilterGreaterThanOperator - filter operator for "greater than" FilterGreaterThanOperator = "gt" // FilterLessThanOperator - filter operator for "less than" FilterLessThanOperator = "lt" )
const ( // UserStatusActive is a constant to represent OKTA User State returned by the API UserStatusActive = "ACTIVE" // UserStatusStaged is a constant to represent OKTA User State returned by the API UserStatusStaged = "STAGED" // UserStatusProvisioned is a constant to represent OKTA User State returned by the API UserStatusProvisioned = "PROVISIONED" // UserStatusRecovery is a constant to represent OKTA User State returned by the API UserStatusRecovery = "RECOVERY" // UserStatusLockedOut is a constant to represent OKTA User State returned by the API UserStatusLockedOut = "LOCKED_OUT" // UserStatusPasswordExpired is a constant to represent OKTA User State returned by the API UserStatusPasswordExpired = "PASSWORD_EXPIRED" // UserStatusSuspended is a constant to represent OKTA User State returned by the API UserStatusSuspended = "SUSPENDED" // UserStatusDeprovisioned is a constant to represent OKTA User State returned by the API UserStatusDeprovisioned = "DEPROVISIONED" )
Variables ¶
This section is empty.
Functions ¶
func CheckResponse ¶
CheckResponse checks the API response for errors, and returns them if present. A response is considered an error if it has a status code outside the 200 range. API error responses are expected to have either no response body, or a JSON response body that maps to ErrorResponse. Any other response body will be silently ignored.
The error type will be *RateLimitError for rate limit exceeded errors, and *TwoFactorAuthError for two-factor authentication errors. TODO - check un-authorized
Types ¶
type ActivationResponse ¶
type ActivationResponse struct {
ActivationURL string `json:"activationUrl"`
}
ActivationResponse - Response coming back from a user activation
type ApiError ¶
type ApiError struct {
ErrorCode string `json:"errorCode"`
ErrorSummary string `json:"errorSummary"`
ErrorLink string `json:"errorLink"`
ErrorID string `json:"errorId"`
ErrorCauses []struct {
ErrorSummary string `json:"errorSummary"`
} `json:"errorCauses"`
}
ApiError is the Okta API error type
type App ¶
type App struct {
ID string `json:"id"`
Name string `json:"name"`
Label string `json:"label"`
Status string `json:"status"`
LastUpdated time.Time `json:"lastUpdated"`
Created time.Time `json:"created"`
Accessibility struct {
SelfService bool `json:"selfService"`
ErrorRedirectURL interface{} `json:"errorRedirectUrl"`
LoginRedirectURL interface{} `json:"loginRedirectUrl"`
} `json:"accessibility"`
Visibility struct {
AutoSubmitToolbar bool `json:"autoSubmitToolbar"`
Hide struct {
IOS bool `json:"iOS"`
Web bool `json:"web"`
} `json:"hide"`
AppLinks struct {
TestorgoneCustomsaml20App1Link bool `json:"testorgone_customsaml20app_1_link"`
} `json:"appLinks"`
} `json:"visibility"`
Features []interface{} `json:"features"`
SignOnMode string `json:"signOnMode"`
Credentials struct {
UserNameTemplate struct {
Template string `json:"template"`
Type string `json:"type"`
} `json:"userNameTemplate"`
Signing struct {
} `json:"signing"`
} `json:"credentials"`
Settings struct {
App struct {
} `json:"app"`
Notifications struct {
Vpn struct {
Network struct {
Connection string `json:"connection"`
} `json:"network"`
Message interface{} `json:"message"`
HelpURL interface{} `json:"helpUrl"`
} `json:"vpn"`
} `json:"notifications"`
SignOn struct {
DefaultRelayState string `json:"defaultRelayState"`
SsoAcsURL string `json:"ssoAcsUrl"`
IdpIssuer string `json:"idpIssuer"`
Audience string `json:"audience"`
Recipient string `json:"recipient"`
Destination string `json:"destination"`
SubjectNameIDTemplate string `json:"subjectNameIdTemplate"`
SubjectNameIDFormat string `json:"subjectNameIdFormat"`
ResponseSigned bool `json:"responseSigned"`
AssertionSigned bool `json:"assertionSigned"`
SignatureAlgorithm string `json:"signatureAlgorithm"`
DigestAlgorithm string `json:"digestAlgorithm"`
HonorForceAuthn bool `json:"honorForceAuthn"`
AuthnContextClassRef string `json:"authnContextClassRef"`
SpIssuer interface{} `json:"spIssuer"`
RequestCompressed bool `json:"requestCompressed"`
AttributeStatements []interface{} `json:"attributeStatements"`
} `json:"signOn"`
} `json:"settings"`
Links struct {
Logo []struct {
Name string `json:"name"`
Href string `json:"href"`
Type string `json:"type"`
} `json:"logo"`
AppLinks []struct {
Name string `json:"name"`
Href string `json:"href"`
Type string `json:"type"`
} `json:"appLinks"`
Help struct {
Href string `json:"href"`
Type string `json:"type"`
} `json:"help"`
Users struct {
Href string `json:"href"`
} `json:"users"`
Deactivate struct {
Href string `json:"href"`
} `json:"deactivate"`
Groups struct {
Href string `json:"href"`
} `json:"groups"`
Metadata struct {
Href string `json:"href"`
Type string `json:"type"`
} `json:"metadata"`
} `json:"_links"`
}
App is the Model for an OKTA Application
type AppFilterOptions ¶
type AppFilterOptions struct {
NextURL *url.URL `url:"-"`
GetAllPages bool `url:"-"`
NumberOfPages int `url:"-"`
Limit int `url:"limit,omitempty"`
}
AppFilterOptions is used to generate a "Filter" to search for different Apps The values here coorelate to API Search paramgters on the group API
type AppUser ¶
type AppUser struct {
ID string `json:"id"`
ExternalID string `json:"externalId"`
Created time.Time `json:"created"`
LastUpdated time.Time `json:"lastUpdated"`
Scope string `json:"scope"`
Status string `json:"status"`
StatusChanged *time.Time `json:"statusChanged"`
PasswordChanged *time.Time `json:"passwordChanged"`
SyncState string `json:"syncState"`
LastSync *time.Time `json:"lastSync"`
Credentials struct {
UserName string `json:"userName"`
Password struct {
} `json:"password"`
} `json:"credentials"`
Profile struct {
SecondEmail interface{} `json:"secondEmail"`
LastName string `json:"lastName"`
MobilePhone interface{} `json:"mobilePhone"`
Email string `json:"email"`
SalesforceGroups []string `json:"salesforceGroups"`
Role string `json:"role"`
FirstName string `json:"firstName"`
Profile string `json:"profile"`
} `json:"profile"`
Links struct {
App struct {
Href string `json:"href"`
} `json:"app"`
User struct {
Href string `json:"href"`
} `json:"user"`
} `json:"_links"`
}
AppUser is the model for a user of an OKTA App
type AppsService ¶
type AppsService service
AppsService is a service to retreives applications from OKTA.
func (*AppsService) GetAllApps ¶
func (a *AppsService) GetAllApps(opt *AppFilterOptions) ([]App, *Response, error)
GetAllApps returns all of the apps in the organization
func (*AppsService) GetAppsForUser ¶
func (a *AppsService) GetAppsForUser(userID string, opt *AppFilterOptions) ([]App, *Response, error)
GetAppsForUser returns the apps for one user
func (*AppsService) GetByID ¶
func (a *AppsService) GetByID(appID string) (*App, *Response, error)
GetByID gets a group from OKTA by the Gropu ID. An error is returned if the group is not found
func (*AppsService) GetUsers ¶
func (a *AppsService) GetUsers(appID string, opt *AppFilterOptions) (appUsers []AppUser, resp *Response, err error)
GetUsers returns all users for a given appID
func (*AppsService) GetUsersWithPath ¶
func (a *AppsService) GetUsersWithPath(appID string, opt *AppFilterOptions, userPath string) (appUsers []AppUser, resp *Response, err error)
GetUsersWithPath fetches users with the specified path
type Client ¶
type Client struct {
// Base URL for API requests.
// This will be built automatically based on inputs to NewClient
// If needed you can override this if needed (your URL is not *.okta.com or *.oktapreview.com)
BaseURL *url.URL
// User agent used when communicating with the GitHub API.
UserAgent string
PauseOnRateLimit bool
// RateRemainingFloor - If the API returns a "X-Rate-Limit-Remaining" header less than this the SDK will either pause
// Or throw RateLimitError depending on the client.PauseOnRateLimit value. It defaults to 30
// One client doing too much work can lock out all API Access for every other client
// We are trying to be a "good API User Citizen"
RateRemainingFloor int
Limit int
// Services used for talking to different parts of the API.
// Service for Working with Users
Users *UsersService
// Service for working with Logs
Logs *LogsService
// Service for Working with Groups
Groups *GroupsService
// Service for Working with Apps
Apps *AppsService
// contains filtered or unexported fields
}
A Client manages communication with the API.
func NewClient ¶
NewClient returns a new OKTA API client. If a nil httpClient is provided, http.DefaultClient will be used.
func NewClientWithBaseURL ¶
NewClientWithBaseURL creates a client based on the full base URL and api token
func NewClientWithDomain ¶
func NewClientWithDomain(httpClient *http.Client, orgName string, domain string, apiToken string) (*Client, error)
NewClientWithDomain creates a client based on the organziation name and base domain for requests (okta.com, okta-emea.com, oktapreview.com, etc).
func (*Client) Do ¶
Do sends an API request and returns the API response. The API response is JSON decoded and stored in the value pointed to by v, or returned as an error if an API error has occurred. If v implements the io.Writer interface, the raw response body will be written to v, without attempting to first decode it. If rate limit is exceeded and reset time is in the future, Do returns rate immediately without making a network API call.
func (*Client) NewRequest ¶
NewRequest creates an API request. A relative URL can be provided in urlStr, in which case it is resolved relative to the BaseURL of the Client. Relative URLs should always be specified without a preceding slash. If specified, the value pointed to by body is JSON encoded and included as the request body.
type ErrorResponse ¶
ErrorResponse is the Okta error response type
func (*ErrorResponse) Error ¶
func (r *ErrorResponse) Error() string
type Group ¶
type Group struct {
ID string `json:"id"`
Created time.Time `json:"created"`
LastUpdated time.Time `json:"lastUpdated"`
LastMembershipUpdated time.Time `json:"lastMembershipUpdated"`
ObjectClass []string `json:"objectClass"`
Type string `json:"type"`
Profile struct {
Name string `json:"name"`
Description string `json:"description"`
SamAccountName string `json:"samAccountName"`
Dn string `json:"dn"`
WindowsDomainQualifiedName string `json:"windowsDomainQualifiedName"`
ExternalID string `json:"externalId"`
} `json:"profile"`
Links struct {
Logo []struct {
Name string `json:"name"`
Href string `json:"href"`
Type string `json:"type"`
} `json:"logo"`
Users struct {
Href string `json:"href"`
} `json:"users"`
Apps struct {
Href string `json:"href"`
} `json:"apps"`
} `json:"_links"`
}
Group represents the Group Object from the OKTA API
type GroupFilterOptions ¶
type GroupFilterOptions struct {
// This will be built by internal - may not need to export
FilterString string `url:"filter,omitempty"`
NextURL *url.URL `url:"-"`
GetAllPages bool `url:"-"`
NumberOfPages int `url:"-"`
Limit int `url:"limit,omitempty"`
NameStartsWith string `url:"q,omitempty"`
GroupTypeEqual string `url:"-"`
LastUpdated dateFilter `url:"-"`
LastMembershipUpdated dateFilter `url:"-"`
}
GroupFilterOptions is used to generate a "Filter" to search for different groups The values here coorelate to API Search paramgters on the group API
type GroupUserFilterOptions ¶
type GroupUserFilterOptions struct {
Limit int `url:"limit,omitempty"`
NextURL *url.URL `url:"-"`
GetAllPages bool `url:"-"`
NumberOfPages int `url:"-"`
}
GroupUserFilterOptions is a struct that you populate which will limit or control group fetches and searches
The values here will coorelate to the search filtering allowed in the OKTA API. These values are turned into Query Parameters
type GroupsService ¶
type GroupsService service
GroupsService handles communication with the Groups data related methods of the OKTA API.
func (*GroupsService) Add ¶
Add - Adds an OKTA Mastered Group with name and description. GroupName is required.
func (*GroupsService) Delete ¶
func (g *GroupsService) Delete(groupID string) (*Response, error)
Delete - Delets an OKTA Mastered Group with ID
func (*GroupsService) GetByID ¶
func (g *GroupsService) GetByID(groupID string) (*Group, *Response, error)
GetByID gets a group from OKTA by the Gropu ID. An error is returned if the group is not found
func (*GroupsService) GetUsers ¶
func (g *GroupsService) GetUsers(groupID string, opt *GroupUserFilterOptions) (users []User, resp *Response, err error)
GetUsers returns the members in a group
Pass in an optional GroupFilterOptions struct to filter the results The Users in the group are returned
func (*GroupsService) ListWithFilter ¶
func (g *GroupsService) ListWithFilter(opt *GroupFilterOptions) ([]Group, *Response, error)
ListWithFilter - Method to list groups with different filter options.
Pass in a GroupFilterOptions to specify filters. Values in that struct will turn into Query parameters
type Log ¶
type Log struct {
UUID string `json:"uuid"`
Published time.Time `json:"published"`
EventType string `json:"eventType"`
Version string `json:"version"`
// one of DEBUG, INFO, WARN, ERROR
Severity string `json:"severity"`
LegacyEventType string `json:"legacyEventType"` // Optional
DisplayMessage string `json:"displayMessage"` // Optional
Actor LogActor `json:"actor"`
Client LogClient `json:"client"` // option
Outcome struct {
Results string `json:"result"` // one of: SUCCESS, FAILURE, SKIPPED, UNKNOWN, Required
Reason string `json:"reason"` // Optional
} `json:"outcome"` // Optional
// Targets The entity upon which an actor performs an action. Targets may be anything: an app user, a login token or anything else.
Targets []LogActor `json:"target"`
Transaction struct {
ID string `json:"id"` // Optional
Type string `json:"type"` // one of "WEB", "JOB", Optional
Details LogProps `json:"detail"`
} `json:"transaction"` // Optional
DebugContext struct {
// this always has a requestURI too
DebugData LogProps `json:"debugData"`
} `json:"debugContext"` // Optional
AuthContext LogAuthContext `json:"authenticationContext"`
SecContext LogSecContext `json:"securityContext"` // Optional
Req struct {
IPChain []LogIP `json:"ipChain"` // Optional
} `json:"request"` // Optional
}
Log describes a single logged action or “event” performed by a set of actors for a set of targets.
type LogActor ¶
type LogActor struct {
ID string `json:"id"`
Type string `json:"type"`
AlternateID string `json:"alternateId"` // Optional - this usually seems to be a user email
DisplayName string `json:"displayName"` // Optional
Details LogProps `json:"detailEntry"`
}
LogActor Describes the user, app, client, or other entity (actor) who performed an action on a target
type LogAuthContext ¶
type LogAuthContext struct {
AuthProvider string `json:"authenticationProvider"` // one of OKTA_AUTHENTICATION_PROVIDER, ACTIVE_DIRECTORY, LDAP, FEDERATION, SOCIAL, FACTOR_PROVIDER, Optional
CredProvider string `json:"credentialProvider"` // one of OKTA_CREDENTIAL_PROVIDER, RSA, SYMANTEC, GOOGLE, DUO, YUBIKEY, Optional
CredType string `json:"credentialType"` // one of OTP, SMS, PASSWORD, ASSERTION, IWA, EMAIL, OAUTH2, JWT, Optional
Issuer struct {
ID string `json:"id"` // Optional
Type string `json:"type"` // Optional
} `json:"issuer"` // Optional
SessID string `json:"externalSessionId"` // Optional
Inter string `json:"interface"` // Optional i.e. Outlook, Office365, wsTrust
}
LogAuthContext contains metadata about how the actor was authenticated
type LogClient ¶
type LogClient struct {
UserAgent struct {
Raw string `json:"rawUserAgent"`
OS string `json:"os"` // Optional
Browser string `json:"browser"`
} `json:"userAgent"` // optional
GeoContext LogGeo `json:"geographicalContext"` // Optional
Zone string `json:"zone"` // Optional
IPAdress string `json:"ipAddress"` // Optional
Device string `json:"device"` // Optional
ID string `json:"id"` // Optional
}
LogClient represents the client data from the log
type LogGeo ¶
type LogGeo struct {
GeoLoc struct {
Lat float64 `json:"lat"` // Optional
Lon float64 `json:"lon"` // Optional
} `json:"geolocation"` // Optional
City string `json:"city"` // Optional
State string `json:"state"` // Optional
Country string `json:"country"` // Optional
PostalCode string `json:"postalCode"` // Optional
}
LogGeo represents geo data for the log
type LogIP ¶
type LogIP struct {
IP string `json:"ip"` // Optional
GeoContext LogGeo `json:"geographicalContext"` // Optional
Version string `json:"version"` // one of V4, V6 Optional
Source string `json:"source"` // Optional
}
LogIP represents ip info of the log
type LogListFilterOptions ¶
type LogListFilterOptions struct {
NextURL *url.URL `url:"-"`
Limit int `url:"limit,omitempty"`
Since time.Time `url:"since,omitempty"`
Until time.Time `url:"until,omitempty"`
SortOrder string `url:"sortOrder,omitempty"`
Query string `url:"q,omitempty"`
EventType string `url:"-"`
FilterString string `url:"filter,omitempty"`
}
LogListFilterOptions is a struct that you can populate which will "filter" log searches. the exported field should allow you to do different filters based on what is allowed in the OKTA API.
type LogSecContext ¶
type LogSecContext struct {
AsNum int `json:"asNumber"` // Optional
AsOrg string `json:"asOrg"` // Optional
ISP string `json:"isp"` // Optional
Domain string `json:"domain"` // Optional
IsProxy bool `json:"isProxy"` // Optional
}
LogSecContext represents security info related to the ip of the log
type LogsService ¶
type LogsService service
LogsService handles communication with the log methods of the OKTA API
func (*LogsService) ListWithFilters ¶
func (s *LogsService) ListWithFilters(opt *LogListFilterOptions) ([]Log, *Response, error)
ListWithFilters will use the input list with filters to find logs return all log results that match that query. ListWithFilter doesn't support getting all logs at once bec it can be a ton of data
type NewUser ¶
type NewUser struct {
Profile userProfile `json:"profile"`
Credentials *credentials `json:"credentials,omitempty"`
}
NewUser object to create user objects in OKTA
func (*NewUser) SetPassword ¶
SetPassword Adds a specified password to the new User
func (*NewUser) SetRecoveryQuestion ¶
SetRecoveryQuestion - Sets a custom security question and answer on a user object
type Rate ¶
type Rate struct {
// The number of requests per minute the client is currently limited to.
RatePerMinuteLimit int
// The number of remaining requests the client can make this minute
Remaining int
// The time at which the current rate limit will reset.
ResetTime time.Time
}
Rate represents the rate limit for the current client.
type RateLimitError ¶
type RateLimitError struct {
Rate Rate // Rate specifies last known rate limit for the client
ErrorDetail ApiError
Response *http.Response //
}
RateLimitError occurs when OKTA returns 429 "Too Many Requests" response with a rate limit remaining value of 0, and error message starts with "API rate limit exceeded for ".
func (*RateLimitError) Error ¶
func (r *RateLimitError) Error() string
type ResetPasswordResponse ¶
type ResetPasswordResponse struct {
ResetPasswordURL string `json:"resetPasswordUrl"`
}
ResetPasswordResponse struct that returns data about the password reset
type Response ¶
type Response struct {
*http.Response
NextURL *url.URL
// PrevURL *url.URL
SelfURL *url.URL
OKTARequestID string
Rate
}
Response is a OKTA API response. This wraps the standard http.Response returned from OKTA and provides convenient access to things like pagination links.
type User ¶
type User struct {
Activated string `json:"activated,omitempty"`
Created string `json:"created,omitempty"`
Credentials credentials `json:"credentials,omitempty"`
ID string `json:"id,omitempty"`
LastLogin string `json:"lastLogin,omitempty"`
LastUpdated string `json:"lastUpdated,omitempty"`
PasswordChanged string `json:"passwordChanged,omitempty"`
Profile userProfile `json:"profile"`
Status string `json:"status,omitempty"`
StatusChanged string `json:"statusChanged,omitempty"`
Links userLinks `json:"_links,omitempty"`
MFAFactors []userMFAFactor `json:"-,"`
Groups []Group `json:"-"`
}
User is a struct that represents a user object from OKTA.
type UserListFilterOptions ¶
type UserListFilterOptions struct {
Limit int `url:"limit,omitempty"`
EmailEqualTo string `url:"-"`
LoginEqualTo string `url:"-"`
StatusEqualTo string `url:"-"`
IDEqualTo string `url:"-"`
FirstNameEqualTo string `url:"-"`
LastNameEqualTo string `url:"-"`
// This will be built by internal - may not need to export
FilterString string `url:"filter,omitempty"`
NextURL *url.URL `url:"-"`
GetAllPages bool `url:"-"`
NumberOfPages int `url:"-"`
LastUpdated dateFilter `url:"-"`
}
UserListFilterOptions is a struct that you can populate which will "filter" user searches the exported struct fields should allow you to do different filters based on what is allowed in the OKTA API.
The filter OKTA API is limited in the fields it can search NOTE: In the current form you can't add parenthesis and ordering
OKTA API Supports only a limited number of properties: status, lastUpdated, id, profile.login, profile.email, profile.firstName, and profile.lastName. http://developer.okta.com/docs/api/resources/users.html#list-users-with-a-filter
type UsersService ¶
type UsersService service
UsersService handles communication with the User data related methods of the OKTA API.
func (*UsersService) Activate ¶
func (s *UsersService) Activate(id string, sendEmail bool) (*ActivationResponse, *Response, error)
Activate Activates a user. You can have OKTA send an email by including a "sendEmail=true" If you pass in sendEmail=false, then activationResponse.ActivationURL will have a string URL that can be sent to the end user. You can discard response if sendEmail=true
func (*UsersService) Create ¶
Create - Creates a new user. You must pass in a "newUser" object created from Users.NewUser() There are many differnt reasons that OKTA may reject the request so you have to check the error messages
func (*UsersService) Deactivate ¶
func (s *UsersService) Deactivate(id string) (*Response, error)
Deactivate - Deactivates a user
func (*UsersService) GetByID ¶
func (s *UsersService) GetByID(id string) (*User, *Response, error)
GetByID returns a user object for a specific OKTA ID. Generally the id input string is the cryptic OKTA key value from User.ID. However, the OKTA API may accept other values like "me", or login shortname
func (*UsersService) ListWithFilter ¶
func (s *UsersService) ListWithFilter(opt *UserListFilterOptions) ([]User, *Response, error)
ListWithFilter will use the input UserListFilterOptions to find users and return a paged result set
func (*UsersService) NewUser ¶
func (s *UsersService) NewUser() NewUser
NewUser - Returns a new user object. This is used to create users in OKTA. It only has the properties that OKTA will take as input. The "User" object has more feilds that are OKTA returned like the ID, etc
func (*UsersService) PopulateEnrolledFactors ¶
func (s *UsersService) PopulateEnrolledFactors(user *User) (*Response, error)
PopulateEnrolledFactors will populate the Enrolled MFA Factors a user is a member of. You pass in a pointer to an existing users http://developer.okta.com/docs/api/resources/factors.html#list-enrolled-factors
func (*UsersService) PopulateGroups ¶
func (s *UsersService) PopulateGroups(user *User) (*Response, error)
PopulateGroups will populate the groups a user is a member of. You pass in a pointer to an existing users
func (*UsersService) PopulateMFAFactors ¶
func (s *UsersService) PopulateMFAFactors(user *User) (*Response, error)
PopulateMFAFactors will populate the MFA Factors a user is a member of. You pass in a pointer to an existing users
func (*UsersService) ResetPassword ¶
func (s *UsersService) ResetPassword(id string, sendEmail bool) (*ResetPasswordResponse, *Response, error)
ResetPassword - Generates a one-time token (OTT) that can be used to reset a user’s password. The OTT link can be automatically emailed to the user or returned to the API caller and distributed using a custom flow. http://developer.okta.com/docs/api/resources/users.html#reset-password If you pass in sendEmail=false, then resetPasswordResponse.resetPasswordUrl will have a string URL that can be sent to the end user. You can discard response if sendEmail=true
func (*UsersService) SetPassword ¶
SetPassword - Sets a user password to an Admin provided String
func (*UsersService) Suspend ¶
func (s *UsersService) Suspend(id string) (*Response, error)
Suspend - Suspends a user - If user is NOT active an Error will come back based on OKTA API: http://developer.okta.com/docs/api/resources/users.html#suspend-user
func (*UsersService) Unlock ¶
func (s *UsersService) Unlock(id string) (*Response, error)
Unlock - Unlocks a user - Per docs, only for OKTA Mastered Account http://developer.okta.com/docs/api/resources/users.html#unlock-user
func (*UsersService) Unsuspend ¶
func (s *UsersService) Unsuspend(id string) (*Response, error)
Unsuspend - Unsuspends a user - If user is NOT SUSPENDED, an Error will come back based on OKTA API: http://developer.okta.com/docs/api/resources/users.html#unsuspend-user
Source Files