- Okta Workflows
- Okta System Logs
The actions being attributed to a user account are not strictly a problem, as this complies with OAuth design. However, there are some considerations involved. If the user account used to authorize the Workflows connection is Suspended, Deactivated, Deleted, or has its active sessions cleared, Workflows invoking Okta API functions will cease to function as expected with either 401 Unauthorized or 403 Forbidden return codes, depending on the scenario.
In many cases, it is a better practice to create a specific Super Admin service account for Okta Workflows and authorize the connection with that account. This will attribute any actions taken to a descriptively named account and help to avoid scenarios where the account is Suspended, Deactivated, Deleted, or has its active sessions cleared mistakenly.
Related References
-
For best practices about the Okta connector in Okta Workflows, see Guidance for Okta connector
-
For details about the process of authorizing an account, see Authorization
-
For details about the actions available in the Okta connector, see Okta connector
-
For details about how to search the system log for Workflows actions, see How to search System Log for actions taken by Okta Workflows
