Goal: Keep Gluu users, plans and roles in sync with Azure AD using CSV-based bulk updates and the users API.
Get your API token and read our API basics before starting.
Bulk update users (CSV) #
Use CSV (RFC 4180). Header names are case-insensitive.
Supported columns #
- Email – user’s email.
- Fullname – first + last; ignored if Firstname/Lastname present.
- Firstname, Lastname – preferred over Fullname.
- Plan – ESSENTIAL, ADVANCED or
NONE. - Location – site/department etc.
- Roles – comma-separated role names (case-insensitive). Unknown names are ignored (shown in dry run).
- RoleOperation –
add(only add new) orreplace(default; removes unlisted roles). - ExtId – your unique ID. We match on ExtId first, then fall back to Email.
Delete users #
Use IncludeAllUsers when you pass the full current list; users not in the CSV will be removed. Account Owners and Process Owners cannot be deleted until reassigned—dry run will report this.
Dry run: Test the import and see intended changes before applying.
API operation #
Use the token from above. Start with dryrun. To fetch current users, see list of users.
Get users from Azure Graph #
Connect-MgGraph -Scopes "User.Read.All" get-mguser -all | select displayname, givenName, Surname, Mail | Export-Csv -Encoding UTF8 -Path temp.csv
Rename headers to:
"Fullname","Firstname","Lastname","Email"
Example POST with more columns:
$content =
'fullname;firstname;lastname;email;roles;plan
John Wayne;John;Wayne;user1@local.test;"my role 1, my role 2";PRO'
Invoke-RestMethod -Uri "https://api.gluu.biz/users/sync" -Method POST `
-ContentType "csv/text" -Headers @{ "content-encoding" = "utf-8"; "Authorization" = "Bearer g_xxxx"} `
-Body $content
