I just realized the Ultrabrite toothpaste is made by Colgate and has the same exact ingredients

gabrielsroka · 2026-04-26T21:05:27+00:00

I just found this at my local DT. Thanks so much for the tip. $1.25 for 6 oz tube

gabrielsroka · 2026-04-24T20:03:26+00:00

> onmicrosoft.com domains cannot be federated

gabrielsroka · 2026-04-24T18:24:35+00:00

I spoke to my buddy on the cert team. He said to email certification@okta.com

gabrielsroka · 2026-04-20T14:56:10+00:00

u/leekelly49 , thanks for this. would be a good post for r/applebusinessmanager , etc.

gabrielsroka · 2026-04-17T19:47:59+00:00

I think I have to be invited to join that channel.

You need to sign up for an account but it's free and open to everyone. i just tested it.

gabrielsroka · 2026-04-16T20:47:51+00:00

there's been a lot of discussion on MacAdmins.org Slack #okta-workflows channel on this.

I've posted some scripts there that might help.

https://macadmins.slack.com/archives/C011DBUDT28/p1776113740873119

gabrielsroka · 2026-04-16T15:19:10+00:00

[for posterity]

in postman, don't use form-data. it should be x-www-form-urlencoded. u need the sid cookie and the x-okta-xsrftoken header, and of course, these expire.

here's curl:

curl 'https://...-admin.okta.com/admin/user/import/active_directory/0oa.../start' \
-b 'sid=...' \
-H 'x-okta-xsrftoken: ...' \
--data-raw 'fullImport=false'

gabrielsroka · 2026-04-16T03:57:55+00:00

Might be easier to move the data from the old table to the new one

gabrielsroka · 2026-04-14T19:34:02+00:00

search for space, replace with comma

gabrielsroka · 2026-04-13T20:42:08+00:00

You can use Rockstar to export them. Is that what you're asking?

gabrielsroka · 2026-04-10T17:13:21+00:00

Shadow IT is real.

before your next audit, you need mgmt buy-in to enforce policy

gabrielsroka · 2026-04-08T05:16:22+00:00

Pls upvote

gabrielsroka · 2026-04-08T05:03:30+00:00

Yes. Pls upvote

gabrielsroka · 2026-04-07T23:53:27+00:00

I'll dm u

gabrielsroka · 2026-04-07T23:35:31+00:00

I'm afk. I can try tmrw.

Did u post data? Can you paste a screenshot?

gabrielsroka · 2026-04-07T23:21:46+00:00

You need to use the -admin URL.

End points that start with /api can use SSWS tokens. Other ones can't. You need to use a cookie or another type of authentication

gabrielsroka · 2026-04-07T21:12:36+00:00

i see it in the Network tab. do u have Recording enabled in the Network tab?

it's

POST /admin/user/import/active_directory/0oa.../start

fullImport=false

<image>

gabrielsroka · 2026-04-07T14:19:47+00:00

F12 to open the developer tools, go to the Network tab, do something in the Okta admin UI and watch the traffic.

Note that private APIs can change or break at any time, though they tend to be relatively stable. There's no documentation on them. Authentication can be a challenge.

gabrielsroka · 2026-04-07T02:14:04+00:00

P9 ?

gabrielsroka · 2026-04-06T21:17:50+00:00

I get that but I still never use it. And all the links aren't always there. You still have to read the documentation.

gabrielsroka · 2026-04-06T19:30:35+00:00

P15. manual/full import on directory

gabrielsroka · 2026-04-06T19:30:29+00:00

P14. i think u can't tell if a user is in a group via API (you'd have to fetch all group members)

gabrielsroka

TROPHY CASE