Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
https://github.com/evotecit/powerfederateddirectory
PowerFederatedDirectory is a PowerShell module to interact with service https://www.federated.directory/. This module uses API exposed by Federated Directory and allows to Add, Get, Set and Remove users from Federated Directory.
https://github.com/evotecit/powerfederateddirectory
federateddirectory powershell
Last synced: 2 months ago
JSON representation
PowerFederatedDirectory is a PowerShell module to interact with service https://www.federated.directory/. This module uses API exposed by Federated Directory and allows to Add, Get, Set and Remove users from Federated Directory.
- Host: GitHub
- URL: https://github.com/evotecit/powerfederateddirectory
- Owner: EvotecIT
- License: mit
- Created: 2022-09-03T17:32:07.000Z (over 2 years ago)
- Default Branch: master
- Last Pushed: 2023-02-14T08:18:57.000Z (almost 2 years ago)
- Last Synced: 2024-10-29T21:06:11.362Z (2 months ago)
- Topics: federateddirectory, powershell
- Language: PowerShell
- Homepage:
- Size: 235 KB
- Stars: 5
- Watchers: 3
- Forks: 1
- Open Issues: 0
-
Metadata Files:
- Readme: README.MD
- Changelog: CHANGELOG.MD
- Funding: .github/FUNDING.yml
- License: License
Awesome Lists containing this project
README
# PowerFederatedDirectory - PowerShell Module
`PowerFederatedDirectory` is a PowerShell module to interact with service https://www.federated.directory/. This module uses API exposed by **Federated Directory** and allows to Add, Get, Set and Remove users from **Federated Directory**.
This is unofiicial module and is not supported by **Federated Directory**, but it does work just fine.
### Creating Token
1. Install OpenSSL (manually or using chocolatey)
```powershell
choco install openssl.light
```
2. Install PowerShell Module called `jwtPS`
Make sure to download 0.6.0 as the author changed the way it works in newer version
```powershell
Install-Module jwtPs -MaximumVersion 0.6.0 -Force -Verbose
```
1. Get the token by providing Key, Issuer and Private Key that are available on Federated Directory
```powershell
Import-Module jwtPs -MaximumVersion 0.6.0 -Force
$PrivateKeyPath = "C:\Support\Important\Password-FederatedDirectory-Key.txt"
$Key = Get-Content -Raw -LiteralPath $PrivateKeyPath # Saved private key from Federated Directory
$Payload = @{
aud = "eyJhbGciOin" # Key from Federated Directory
iss = "0snz1xgp7inutc" # Issuer name from Federated Directory
scope = @("directoryKey")
}
$JWT = New-Jwt -PrivateKey $Key -Algorithm RS256 -Payload $Payload
$JWT
```
4. Use the token in the `Connect-FederatedDirectory`. Once created token works forever, so the OpenSSL / jwtPS is not required on production environment.
### Using the module
Connect to Federated Directory using created token. This token will automatically be used for all commands.
```powershell
Connect-FederatedDirectory -Token $JWT -Suppress
```
#### Get users
```powershell
Get-FederatedDirectoryUser -Attributes id, userName, 'custom01', 'custom02', 'employeeNumber' -Verbose | Format-Table *
```
#### Create users
```powershell
for ($i = 1; $i -le 10; $i++) {
Add-FederatedDirectoryUser -UserName "[email protected]" -DisplayName "TestUserNew$i" -Suppress
}
```
#### Update users
```powershell
Set-FederatedDirectoryUser -Id '11105df0-31cf-11ed-ada4-2bbc677ce86d' -DisplayName 'New name' -FamilyName 'New namme' -EmailAddressHome '[email protected]' -PhoneNumberHome '50246000' -Verbose -Custom01 'test123' -Action Update
```
#### Remove users
```powershell
Remove-FederatedDirectoryUser -Id '11105df0-31cf-11ed-ada4-2bbc677ce86d' -Verbose
```
#### Send multiple actions in bulk
This will prepare a list of actins first that then is executed by `Invoke-FederatedDirectory` function
```powershell
$Operations = for ($i = 1; $i -le 100; $i++) {
Add-FederatedDirectoryUser -Verbose -UserName "[email protected]" -DisplayName "TestUserNew$i" -ManagerDisplayName 'TestUser' -FamilyName 'Kłys' -GivenName 'Przemysłąw' -BulkProcessing
Remove-FederatedDirectoryUser -Id '11105df0-31cf-11ed-ada4-2bbc677ce86d' -Verbose -BulkProcessing
Set-FederatedDirectoryUser -Id '11105df0-31cf-11ed-ada4-2bbc677ce86d' -DisplayName 'New name' -FamilyName 'New namme' -EmailAddressHome '[email protected]' -PhoneNumberHome '50246000' -Verbose -Custom01 'test123' -Action Update -BulkProcessing
}
$Response = Invoke-FederatedDirectory -Operations $Operations -Verbose -WhatIf
$Response | Format-Table *
```
### Attributes
The attributes, filter and sortBy parameters can be configured by the below list of attributes.
| Attribute | Filter operator |
| ------------------------------------------------------------------------- | ----------------------- |
| **id** | eq |
| externalId | eq |
| | co (admin only) |
| userName | eq |
| | co (admin only) |
| name.givenName | |
| name.familyName | |
| **displayName** | co |
| nickName | |
| profileUrl | |
| **title** | co |
| userType | |
| emails | |
| phoneNumbers | |
| addresses | |
| preferredLanguage | |
| locale | |
| timezone | |
| active | |
| **groups** | eq (group members only) |
| roles | |
| meta | |
| urn:ietf:params:scim:schemas:extension:enterprise:2.0:User:organization | |
| urn:ietf:params:scim:schemas:extension:enterprise:2.0:User:employeeNumber | |
| urn:ietf:params:scim:schemas:extension:enterprise:2.0:User:costCenter | |
| **urn:ietf:params:scim:schemas:extension:enterprise:2.0:User:division** | co |
| **urn:ietf:params:scim:schemas:extension:enterprise:2.0:User:department** | co |
| urn:ietf:params:scim:schemas:extension:enterprise:2.0:User:manager | eq (use manager.value) |
| urn:ietf:params:scim:schemas:extension:fd:2.0:User:description | |
| urn:ietf:params:scim:schemas:extension:fd:2.0:User:directoryId | eq |
| urn:ietf:params:scim:schemas:extension:fd:2.0:User:companyId | eq |
| urn:ietf:params:scim:schemas:extension:fd:2.0:User:companyLogos |
When no attributes are specified as a parameter in the query, it will default to the bold printed attributes above.
Every filter attribute has a default filter operator which will be used, no matter which filter operator you use in the query. This default filter operator query can be found in the above attribute table. You can only filter on those attributes that have a default filter operator value.
### Resources
- https://help.federated.directory/
- https://help.federated.directory/developer/getting-started.html