Jump to a Section
  • Introduction

    This walk-through demonstrates how to use Workflows to onboard contractors using time-based actions. We’ll create a user in Okta in a Staged status, and then activate their account on their start date. Later, we’ll automatically suspend their account after a designated time.

    Familiarize yourself with the Workflows basics:

    Prerequisites:

    • Okta and Slack connections
    • Postman
    • Custom attributes in your Okta profile (see below)

    Add custom attributes

    1. In Admin Console, go to Directory > Profile Editor.
    2. Select your Okta profile, and then click Edit.
    3. In Profile Editor, click Add Attribute.
      • In the Data type field, select boolean.
      • In the Display Name field, enter contractor.
      • In the Variable name field, enter contractor.
      • Click Save and Add Another.
      • Leave Data type set to _string.
      • In the Display Name field, enter Activation Date.
      • In the Variable name field, enter activationDate.
    4. Click Save.
  • Create a table

    1. In Admin Console, go to Workflow > Workflows console.
    2. In the Tables tab, click Create a Table Now.
    3. Name your table Contractor Access, and then click Save.
    4. Click New Column, and name your column userID.
    5. Click Add Another, and then create the following columns:
      • displayName
      • userName
      • oktaCreateDate (change this field type to Date)
      • activateDate (change this field type to Date)
      • suspendDate (change this field type to Date)
      • status
      • Click Create.
  • Build a user creation Flow

    1. In the Flows tab, click Create a Flow Now.
    2. Name your Flow 1) User Created in Okta, and select Save All Data. Click Save.
    3. Click Add Event, and then select Okta from the menu of applications.
    4. In the Okta Events menu, select User Created.
    5. Click Add Action, and then select Okta from the menu of applications.
    6. In the Okta Actions menu, select Read User.
    7. In the Attributes list, select Username, First name, Last name, contractor, and Activation Date. Click Done.
    8. Drag and drop the Okta User ID from the User Created card to the ID or Login field of the Read User card.
    9. Click Add Another > Function > Branching > Continue If.
    10. In the Continue If card, change the value a and value b field types to T/F.
    11. Drag and drop the contractor field from the Read User card to the value a field of the Continue If card.
    12. In the Continue If card, set the comparison field to True.
    13. In the Continue If card, enter the following in the message field: User is not a contractor.
    14. Save the Flow.
  • Calculate term dates

    1. In the same Flow, click Add Another > Function > Date and Time > Add.
    2. Drag and drop the Activation Date field from the Read User card to the Start Date field on the Add card.
    3. In the Add card, enter 30 into the Add field.
    4. In the Unit field, select Days.
    5. Click the Edit icon on the Add Card, and then select Edit Card.
    6. Change the output field to suspendDate, and then click Done.
    7. Save the Flow.
  • Create a row in the table

    1. In the same Flow, click Add Another > Function > Tables > Create Row.
    2. In the Create Row card, click Choose Table, and then select your Contractor Access table.
    3. Select all fields in your table, and then click Done.
    4. Drag and drop the Okta User ID from the User Created card to the userID field in the Create Row card.
    5. Drag and drop the Okta Display Name from the User Created card to the displayName field in the Create Row card.
    6. Drag and drop the username from the Read User card to the userName field in the Create Row card.
    7. Drag and drop the Date and Time from the User Created card to the userCreateDate field in the Create Row card.
    8. Drag and drop the Activation Date from the User Created card to the activationDate field in the Create Row card.
    9. Drag and drop the suspendDate from the Add card to the suspendDate field in the Create Row card.
    10. Drag and drop the Status from the Read User card to the status field in the Create Row card.
    11. Save the Flow.
  • Send a Slack message

    1. In the same Flow, click Add Another > Function > Text > Compose.
    2. In the Compose card, enter the following message: *New contractor added to Okta*.
    3. Drag and drop the displayName from the User Created card to the Compose card.
    4. Drag and drop the userName from the Read User card to the Compose card. Put this attribute in parentheses.
    5. Enter Activation Date: and Suspend Date: in the Compose card.
    6. Drag and drop the Activation Date from the Read User card to the Compose card.
    7. Drag and drop the Suspend Date from the Add card to the Compose card.
    8. Click Add Another > Action.
    9. Select Slack from the list of applications, and then select Send Message to Channel. (You may be prompted to choose your Slack connection).
    10. Select the channel you want to send the message. Our selected channel is contractor_onboarding.
    11. Select Yes to send the message as a bot, and then click Done.
    12. Select all Inputs and Outputs, and then click Done.
    13. Drag and drop the output from the Compose card to the Text field in the Send Message to Channel card.
    14. In the Name field, enter Onboarding Bot.
    15. Save the Flow.
  • Build a Flow to activate users

    1. In Workflows console, click New Flow.
    2. Name your Flow 1) Activate User on Activation Date, and then click Save.
    3. Click Add Event, and then select Schedule from the Okta apps.
    4. In the Flow Schedule window, set the Frequency to daily at midnight, and then click Save.
    5. Click Add Function > Table > Search Rows.
    6. In the Search Rows card, click Choose Table, and then select your Contractor Access table.
    7. In the Result Set field, choose All matching rows.
    8. Click Done, and then be sure that all attributes are selected. Click Done.
    9. Click Filter, and then set the first condition to status with a value of STAGED.
    10. Click Add Another, and set the condition to activation date <=.
    11. Drag and drop the Current Time field from the Scheduled Flow card to the activation date value field.
    12. Click Done.
    13. Click Add Another > Function > List > For Each.
    14. Drag and drop the Rows field from the Search Rows card to the For each item in this list field of the For Each card.
  • Build a child Flow

    1. In the For Each card, click Choose Flow.
    2. Click New Flow.
    3. Name your child Flow 2a) Activate user, and then click Save.
    4. Click Add Event, and then select Child Flow from the Okta Apps.
    5. In the first field, enter contractorRecord. Change the field type to Object.
    6. In the contractorRecord subfields, enter userID, row, Row ID, and suspendDate.
    7. Click Function > Error Handling > If Error.
    8. In the If Error card, select Try.
    9. In the If Error card, click + (Add), and then select Okta.
    10. Choose Activate User.
    11. In the Send Email field, select Yes.
    12. Click Done.
    13. Drag and drop the userID from the Child Flow card to the ID or Login field on the If Error > Try > Activate User card.
    14. In the If Error card, select Error.
    15. In the If Error card, click + Function > Error Handling > Return Error.
    16. Drag and drop the Error from the Error card to the message field of the Return Error card.
    17. Save the child Flow.
  • Send a User Activated Slack message

    1. In your child Flow, click Add Another > App Action.
    2. Select Okta, and then choose Read User.
    3. In addition to the selected attributes, choose Username, First name, and Last name. Click Done.
    4. Drag and drop the userID from the Child Flow card to the ID or Login field on the Read User card.
    5. Click Add Another > Function > Text > Compose.
    6. In the Compose card, enter your message. Drag and drop the values from the other cards where applicable: Contractor [First Name] [Last Name] ([Username]) has been [status]. Their account will be automatically suspended on [suspendDate].
    7. Save the Flow.
    8. Click Add Another > Action.
    9. Select Slack from the list of applications, and then select Send Message to Channel. (You may be prompted to choose your Slack connection.)
    10. Select the channel you want to send the message. Our selected channel is contractor_onboarding.
    11. Select Yes to send the message as a bot, and then click Done.
    12. Select all Inputs and Outputs, and then click Done.
    13. Drag and drop the output from the Compose card to the Text field in the Send Message to Channel card.
    14. In the Name field, enter Onboarding Bot.
  • Update the row in your table

    1. Click Add Another > Function > Tables > Update Row.
    2. In the Update Row card, click Choose Table, and then select your Contractor Access table.
    3. Click Done.
    4. In the attributes list, select status, and then click Done.
    5. Drag and drop the Row ID from the Child Flow card to the Row ID field of the Update Row card.
    6. Drag and drop the Status from the Read User card to the Status field of the Update Row card.
    7. Save the Flow.
  • Trigger the Flow with Postman

    1. Create a test user in Postman with the following attributes:
      • firstName
      • lastName
      • Email
      • Login
      • Contractor (true)
      • activationDate
    2. Click Send.
    3. Verify that the Onboarding Bot sends you an activation message on Slack.
  • Video Walkthrough