Jump to a Section
  • Introduction

    This walk-through demonstrates how to build a Flow from a common use case: importing users from an application (Active Directory), creating their email addresses, and resolving conflicts if the email addresses already exist.

    Familiarize yourself with the Workflows basics:

  • Create email addresses

    1. In Admin Console, go to Workflow > Workflows console.
    2. In Workflows console, click New Flow.
    3. Click Add Event, and then select API Endpoint from the Okta Apps section.
    4. In the body fields of the card, enter the following values. After you enter the value name, indicate its value type (in parentheses) by clicking the Aa icon in the field.
      • At the top level, enter data (object)
      • In the data object, enter appUser (object)
      • In the appUser object, enter profile (object)
      • In the profile object, enter firstName (text)
      • In the profile object, enter lastName (text)
    5. In Workflows console, click Function, and then select Concatenate.
    6. Drag and drop the firstName value from the API Endpoint card into text1 into the Concatenate card.
    7. In text 2, enter a period.
    8. Drag and drop the lastName value from the API Endpoint into the input field.
    9. To customize the output field name on the Concatenate card, click the output field and select Customize.
    10. Enter prefix in the display name field.
    11. In Workflows console, click Add Another > Function > Text > Concatenate.
    12. Drag and drop the prefix value from the previous Concatenate card to text 1 of the new Concatenate card.
    13. In text 2, enter @domain.com where domain.com is your prefered domain name.
    14. Click the output field of the Compose card and select Customize.
    15. Enter emailaddress in the display name field.
    16. In Workflows console, click Add Another > Function > Text > Compose.
    17. In the Compose card, enter the following: /api/v1/users?search=profile.email sw_ " "&limit=99 (leave a blank space after sw.)
    18. Drag and drop the emailaddress field from the Concatenate card to the blank space after sw in the Compose card.
    19. To construct an API call, in Workflows console, go to Add Another > App Action.
    20. Select Okta from the menu of applications, and then choose Custom API Action from the Actions menu.
    21. In the Custom API Actions card, select GET and then click Done.
    22. In the Custom API Actions card, clear the Query and Headers boxes, and then click Done.
    23. Drag and drop the output from the Compose card to the Relative URL field of the Custom API Action card.
  • Create an If/Else decision branch

    1. In Workflows console, click Add Another Function > Branching > If/Else.
    2. Drag and drop the body of the Custom API Action card to the value a field in the If/Else card.
    3. Select is empty from the comparison field and click Done
    4. In the Run when TRUE portion of the If/Else branch click Add Another > Function > Text > Compose.
    5. Enter the following:

      { "commands": [ { "type": "com.okta.appUser.profile.update", "value": { "email": "" } } ]}
    6. Drag and drop the emailaddress field from the Concatenate card into the blank space (after “email”:) of the compose card.

    7. Click the output field of the Compose card and select Customize.

    8. Enter import_inlinehook_response in the display name field.

    9. In the Run when TRUE portion of the If/Else branch, click Add Another > Function > Flow Control > Return Raw.

    10. Drag and drop the import_inlinehook_response field from the Compose card into the body of the Return Raw card.

  • Create the Else branch

    1. In the Run when FALSE portion of the If/Else branch, click Add Another > Function > Branching > Continue/If.
    2. Drag and drop the Body from the Custom API Actions card to the value a field of the Continue If card.
    3. In the comparison field, select is not empty.
    4. Click Add Another > Function > Date & Time > Now.
    5. Click Add Another > Function > Date & Time > Unix.
    6. Drag and drop the date field form the Now card to the start field of the Unix card.
    7. Click the output field of the Unix card and select Customize.
    8. In the Unix card, enter generatedID in the display name field.
    9. Click Add Another > Function > Text > Concatenate.
    10. Drag and drop the prefix value from the first Concatenate card into text1 of the new Concatenate card.
    11. Drag and drop generatedID from the Unix card into text2 of the new Concatenate card.
    12. In the input field, enter your preferred domain name (in the format @domain.com).
    13. Click the output field of the Concatenate card and select Customize.
    14. Enter _unique_email_address_ in the display name field.
    15. In the Run when FALSE portion of the If/Else branch click Add Another > Function > Text > Compose.
    16. Enter the following:

      { "commands": [ { "type": "com.okta.appUser.profile.update", "value": { "email": "" } } ]}
    17. Drag and drop the unique_email_address field from the Concatenate card into the blank space of the compose card (after email”:”).

    18. Click the output field of the Compose card and select Customize.

    19. Enter import_inlinehook_response in the display name field.

    20. In the Run when FALSE portion of the If/Else branch, click Add Another > Function > Flow Control > Return Raw.

    21. Drag and drop the import_inlinehook_response field from the Compose card into the body of the Return Raw card.

    22. Click Save, and then name your flow. Be sure to select Save All Data.

    23. In Workflow console, toggle the Flow is OFF switch to ON.

  • Trigger the Flow

    Note: It takes about 60 seconds for the flow to enable. After saving and turning on your flow, wait one minute before you attempt to trigger it.

    1. In Admin Console, go to Directory > Directory Integrations.
    2. Select Active Directory, and then click the Import tab.
    3. Click Import Now.
    4. In Workflows console, click Flow History.
    5. Verify that each card in your flow has a success check mark.
    6. Verify that your imported users have unique email addresses.
  • Video Walkthrough