Automated Import of Users and Assignment to Roles

This document will explain how to import multiple users into strongDM using a single command. It will also explain how to update users and assign users into their roles via the sdm admin users command. You can do this either with JSON or with CSV.

Getting the JSON Template

You may use the sdm admin users add --template > import.json command to get a JSON template to modify for later import.

Example Import JSON

Here’s an example JSON for adding two users. Each user must have a unique email.

[
  {
    "firstName": "Engineer",
    "lastName": "One",
    "email": "engineer1@example.com"
  },
    {
    "firstName": "Sales",
    "lastName": "Two",
    "email": "sales2@example.com"
  }
]

Running the Import

Once you have created your JSON, you can easily import it into strongDM.

sdm admin users add --file import.json

Updating Users

To get the current state of strongDM users in JSON format run sdm admin users list -j > export.json. Once you have the state you can modify the JSON and update the users by running sdm admin users update --file export.json.

Assigning Roles

Similarly you can batch assign users to roles. Use this command to create a template: sdm admin users assign --template > assign.json.

[
  {
    "roleID": "1",
    "roleName": "Engineering",
    "users": [
      {
        "id": "0",
        "email": "engineer1@example.com"
      }
    ]
  }
]

You may use “No Role” as the roleName to unassign a user from any role. roleID is optional if you have a roleName. Similarly ,the user id is optional if you have a user email supplied.

You can add multiple role and user assignments into a single JSON. Once the JSON is ready, you can update role assignments using sdm admin users assign --file assign.json.

Using CSV

If you prefer, you can achieve the same results by using CSV files instead. You can import multiple users via CSV with the commandsdm admin users add -c <csvfile>. The format of this file is (no headers):

firstname,lastname,email

Adding users to roles is a little more involved, but it’s possible with a bit of bash scripting. Adding users to roles via the CLI uses this format: sdm admin users assign <role> <email1> <email2> ... <emailn> so you’ll need to create a CSV with this format (no headers):

role,email1,email2,...,emailn

With that file created, use the following script to import it. You can run the script as an admin or using an admin token.

#!/bin/bash

while IFS='' read -r line || [[ -n "$line" ]]; do
    expanded=`echo $line|sed -e 's/,/ /g'`
    sdm admin users assign $expanded
done < "$1"