Public/Okta/Report/Get-OktaAppGroupReport.ps1

function Get-OktaAppGroupReport {
    Param (
        [Parameter()]
        [string] $SearchString,

        [Parameter()]
        [string] $Filter,

        [Parameter()]
        [string] $Id
    )
    $Url = $OKTACredential.GetNetworkCredential().username
    $Token = $OKTACredential.GetNetworkCredential().Password

    $Group = Get-OktaGroupReport

    foreach ($CurGroup in $Group) {
        $Id = $CurGroup.Id
        $GName = $CurGroup.Name
        $GDescription = $CurGroup.Description

        $Headers = @{
            "Authorization" = "SSWS $Token"
            "Accept"        = "application/json"
            "Content-Type"  = "application/json"
        }
        $RestSplat = @{
            Uri     = 'https://{0}.okta.com/api/v1/apps?filter=group.id eq "{1}"' -f $Url, $Id
            Headers = $Headers
            Method  = 'Get'
        }

        do {
            [int]$NumberLimit = $Response.Headers.'x-rate-limit-remaining'
            [long][string]$UnixTime = $Response.Headers.'x-rate-limit-reset'

            if ($NumberLimit -and $NumberLimit -eq 1) {
                $ApiTime = $Response.Headers.'Date'
                $SleepTime = Convert-OktaRateLimitToSleep -UnixTime $UnixTime -ApiTime $ApiTime
                Start-Sleep -Seconds $SleepTime
            }

            $Response = Invoke-WebRequest @RestSplat -Verbose:$false
            $Headers = $Response.Headers
            $AppsInGroup = $Response.Content | ConvertFrom-Json

            if ($Response.Headers['link'] -match '<([^>]+?)>;\s*rel="next"') {
                $Next = $matches[1]
            }
            else {
                $Next = $null
            }

            $Headers = @{
                "Authorization" = "SSWS $Token"
                "Accept"        = "application/json"
                "Content-Type"  = "application/json"
            }
            $RestSplat = @{
                Uri     = $Next
                Headers = $Headers
                Method  = 'Get'
            }

            foreach ($App in $AppsInGroup) {
                [pscustomobject]@{
                    GroupName     = $GName
                    GroupDesc     = $GDescription
                    GroupId       = $Id
                    AppName       = $App.Name
                    AppLabel      = $App.Label
                    Template      = $App.Credentials.UserNameTemplate.Template
                    Type          = $App.Credentials.UserNameTemplate.Type
                    AppId         = $App.Id
                    AppStatus     = $App.Status
                    AppSignOnMode = $App.SignOnMode
                }
            }
        } until (-not $Next)
    }
}