<iframe src="https://www.googletagmanager.com/ns.html?id=GTM-M74D8PB" height="0" width="0" style="display:none;visibility:hidden">
Loading
Skip to NavigationSkip to Main Content
System Status
Announcements
Announcements
Search
Search
Select Language
Knowledge Base
Knowledge Articles
Support Videos ↗
Documentation
Product Documentation ↗
Developer Documentation ↗
Product Release Notes ↗
Community
Events & Webinars
Okta Ideas ↗
Resources
Product Hub
Customer Success Hub
Product Release Update
Learning
Okta Learning ↗
Get Support
Open a Case
HomeKnowledge Base
OIG Access Requests – Requesting Access in Slack
Jul 26, 2024
Okta Classic Engine
Identity Governance
Okta Identity Engine

By David Edwards, Okta Senior Product Acceleration Specialist

OVERVIEW

A key benefit of Okta Identity Governance is the ability to interface with access request flows via chat tools such as Slack and Microsoft Teams. This article provides a summary of the different ways users can request access in Slack and how to monitor the progress of a request in Slack.

For getting the Access Requests Slack App installed on user's sidebar (allowing interaction and to receive notifications from the app), see Can the Access Request Slack App Installation Be Automated or Managed by the Slack Admin.

Overview of OIG Access Requests and Slack

Okta Identity Governance Access Requests provides the ability to build and execute access request workflows. There are multiple ways that users can interact with these workflows, including using the Request Access UI or a chat tool like Slack and Microsoft Teams. Both Slack and Teams run apps that provide this access and interact with the OIG Access Requests workflow engine. This is shown in the figure below.

blobOIG Architectural Overview with the Chat Interfaces highlighted

When using the Slack access request app, there are multiple ways you can initiate an access request flow. Once a workflow has been initiated you normally monitor its progress in the Messages tab of the app. These are covered in the following sections. Of course, living in Slack (or Teams) means that requesters and reviewers can message directly to improve the responsiveness of requesting access.

Requesting Access via Slack

There are four ways to initiate an access request flow in Slack:

  1. Selecting the flow in the Home tab of the App

  2. Messaging the app in the Messages tab of the App

  3. Using the /access command in any channel

  4. Messaging the App user in any channel

These are shown in the following sections.

Selecting an Access Request Flow from the App List

The Okta access requests app appears in the Apps list in Slack. In my example it has been renamed to okta_accessrequests, but it may be named something like okta or oktapreview. When selecting the app, the Home tab provides a pulldown list of access request workflows.

blobSelecting an Access Request Flow in the App

The user selects from the list to start the access request workflow. If there are questions to be answered, a dialog is presented in Slack for the requester to supply information.

blobQuestions Dialog for the Flow in Slack

When the user Submits the request, Access Requests will continue the workflow. The progress and final result will be displayed in the Messages view (see below).

Messaging the App Directly

The second way is to use the chat function to message the app directly in the Messages tab of the app.

blobMessaging the App Directly

The access requests app will use its AI to try to match the access request flow and offer the best match or prompt you to select from the list.

blobAccess Request flow not foundblobSelecting a Flow from the List

Once selected, it will present a dialog as shown above, and continue the flow.

Use of the /access Command in Any Channel

You can call the app from any channel by using the /access command.

blobDetails of the /access command in SlackblobUsing the /access CommandblobResults of the /access Command

From here the access request is processed as above.

Message to the App User from any Channel

The last way to initiate an access request flow is to message the app user from any channel. As you type @ and the app name, Slack will find the matching user.

blobSearching for the App User in Slack

Click to complete the name and enter the access you want.

blobRequesting Access via the App User

It will find the access request workflow (or not) as above.

blobInitiating the Access Request Flow

Then the flow proceeds.

This concludes the four ways to initiate an access request flow in Slack. The next section looks at how you can monitor a submitted flow.

Monitoring the Access Request in Slack

Once the request has been submitted by one of the means above, you can monitor its progress in the Messages tab of the app (and you will see visual notification of updates if you’re in other Slack channels). When the request is first submitted, there is an update to say it’s submitted.

blobMessages After a Request is Submitted

When it has been through the various flow steps (like approvals and provisioning) the view is updated to show the completion status.

blobMessages After a Request is Completed

You can click on the link (e.g. I need carpark access #117) to be taken to the Request Access UI to see all details. A summary can be found in the Replies (click on the view thread link).

blobMessage Thread in Slack on Completion

Conclusion

Using a chat tool like Slack to request access is a great for end users – it provides the function where they work, rather than needing to go off to another website. Okta Identity Governance provides apps to initiate and monitor Access Request flows. This article has shown the four different ways users can use the Slack app to request access and how to monitor their access request.

Recommended content

Still looking for help?
Loading
OIG Access Requests – Requesting Access in Slack