-1

Question

I am running Jenkins for job automation and using Okta for authentication. I would like to create a Jenkins job that I can run on demand to create a user in Okta. The user will have the the attributes required by Okta: email, username, etc.

How can I accomplish this in Jenkins?

Ronita Roy
  • 3
  • 2
  • I did my best to edit your question and provide an appropriate answer. Please reference https://stackoverflow.com/help/how-to-ask before asking additional questions because your question does not meet quality criteria for StackOverflow – Chris Maggiulli Nov 02 '21 at 18:01
  • Please clarify your specific problem or provide additional details to highlight exactly what you need. As it's currently written, it's hard to tell exactly what you're asking. – Community Nov 02 '21 at 19:41

1 Answers1

0

Initial Setup

I wrote a Jenkinsfile that will create an Okta user via the Okta API Documentation. Before you can run this script you need to install the following plugin's in Jenkins.

After installing the aforementioned plugins you will need to create an Okta API Token and save it in Jenkin's Credential Manager of kind Secret Text ( and give it an ID of okta-api-token ).

Proof-of-Concept

The following is a proof-of-concept Jenkinsfile that will use the following plugins to create a user in Okta

pipeline {
    
    agent {
        label 'master'
    }
    
    options {
        buildDiscarder( logRotator( numToKeepStr: "30" ) )
    }
        
    parameters { 
        string(name: 'firstName', description: 'New users first name') 
        string(name: 'lastName', description: 'New users last name') 
        string(name: 'email', description: 'New users email') 
        string(name: 'mobilePhone', description: 'New users phone') 
        password(name: 'password', description: 'Enter Password')
    }
    
    environment {
        oktaDomain = "yourdomain.com"
    }
    
    stages {
        
        stage('Execute') { 
            steps {
                script {
                    
                    // Create payload based on https://developer.okta.com/docs/reference/api/users/#request-example-3
                    def payload = """
                        { "profile":{"firstname": "$firstName","lastNAme": "$lastName","email": "$email","login": "$email","mobilePhone": "$mobilePhone"}, "credentials": { "password:{ "value": "$password"}}}
                    """
                    
                    // Send HTTP Post request with API Token saved in credential manager
                    withCredentials([string(credentialsId: 'apiToken', variable: 'okta-api-token')]) {
                        def response = httpRequest( 
                                        acceptType: 'APPLICATION_JSON', 
                                        contentType: 'APPLICATION_JSON', 
                                        httpMode: 'POST', 
                                        requestBody: payload, 
                                        url: "https://${oktaDomain}/api/v1/users?activate=true", 
                                        customHeaders: [[Authentication: "SSWS ${apiToken}"]]
                                    )
                    }
                    
                    def json = readJSON text: response.content
                    
                    echo json['id']
                        
                }
            }
        }
    }
    
    
    post {
        changed {
            emailext subject: 'Your Okta user has been created',
                body: 'Your Okta user has been created',
                replyTo: '$DEFAULT_REPLYTO',
                to: "$email"
        }
    }
}

Assuming you followed the steps listed above you should only need to change the oktaDomain variable to your Okta domain.

Chris Maggiulli
  • 3,375
  • 26
  • 39
  • The script should use the Okta API to perform this work. JSON payloads. Try to create a new user in Okta. Take note of the required fields (username, email, etc). Create a script that takes JSON as input and checks that the required fields are present (username, email, etc). If all fields are present, call the Okta API to create a user using the provided information. Create a Jenkins job to run this script. Create test payload data and execute the Jenkins job to ensure it is working as expected. – Ronita Roy Nov 16 '21 at 05:25
  • If you can help me with this updation:)) – Ronita Roy Nov 16 '21 at 05:26
  • @RonitaRoy no update is needed because this is exactly what the script I provided does. I see you made another post today ( which was closed ) on the same topic. I'm not sure what you are having an issue with, but the provided example meets all your criteria. If you have questions please ask here. If the script works for you please accept the answer and upvote – Chris Maggiulli Nov 16 '21 at 13:46
  • Thanks for the answer, but the required fields for creating/adding the user are a little different in my case(some of them are optional as well.) Attaching the link to the screenshot of required fields for creating a user below: https://i.stack.imgur.com/lYoUu.png If you can tell the changes needed to be done in script according to the above requirements. – Ronita Roy Nov 19 '21 at 17:25
  • @ronitaroy so modify the proof of concept I provided as follows: 1) add the additional attributes as parameters ( or environment variables if they’re constants ), then 2) modify the json object to include them as attributes. Should be fairly straight forward because you have the other attributes as examples – Chris Maggiulli Nov 20 '21 at 18:19