<iframe src="https://www.googletagmanager.com/ns.html?id=GTM-M74D8PB" height="0" width="0" style="display:none;visibility:hidden">
Loading
Skip to NavigationSkip to Main Content
System Status
Announcements
Announcements
Search
Search
Select Language
Knowledge Base
Knowledge Articles
Support Videos ↗
Documentation
Product Documentation ↗
Developer Documentation ↗
Product Release Notes ↗
Community
Events & Webinars
Okta Ideas ↗
Resources
Product Hub
Customer Success Hub
Product Release Update
Learning
Okta Learning ↗
Get Support
Open a Case
HomeKnowledge Base
Sink Your Teeth into V2 Access Requests with Okta Workflows
Jun 2, 2025
Okta Classic Engine
Identity Governance
Okta Identity Engine
Workflows

When calling an Okta Workflow from Resource Centric Access Requests there are many values possible to send.  Let’s review what is supported.

OVERVIEW

Leveraging Okta Workflows for Enhanced Access Request Orchestration

Many organizations find it essential to orchestrate processes around access requests, extending beyond simple provisioning and deprovisioning. Okta Workflows provides a robust platform to achieve this, enabling the automation of tasks such as creating support tickets, sending customized notifications to relevant stakeholders, and logging access activities for audit purposes.

The true power of integrating Access Requests with Okta Workflows lies in the extensive library of pre-built connectors available within Okta Workflows. These out-of-the-box integrations allow seamless connectivity with a vast array of systems and services, including ITSM tools (e.g., ServiceNow, Jira), communication platforms (e.g., Slack, Microsoft Teams), email services, and other business applications. This broad integration capability unlocks a virtually limitless range of potential use cases.

The possibilities are truly expansive, allowing organizations to tailor their access management processes to their unique needs and security requirements, ultimately enhancing efficiency, security, and compliance.

APPLIES TO

  • V2 Resource Centric Access Requests

  • Okta Workflows

ASSUMPTIONS

  • You have enabled and configured the ability to call an Okta Workflow from any kind of OIG Access Request. See instructions here

WHAT DATA IS AVAILABLE

Two main categories of data can be passed from an Access Request to an Okta Workflow

  • Approval Sequence questions

  • Access Request Data

Approval Sequence Questions

When creating access requests with conditions and approval sequences, you can include mandatory questions for specific resources. These questions can be formatted as text fields, date pickers, or dropdown menus.  More information available here.

Note: The preceding image contains three questions: "Justification," "When do you need this resource?" and "Did you complete the training?".

 

Access Request Data

When initiating a workflow call, numerous data options are available for transfer to Okta Workflow, facilitating enterprise orchestration.

These are the default data fields passed with their definition.

 

  • Access Duration = Duration expressed in ISO 8601 format (i.e. P30D for 30 days).

  • Access Level Description = Description of Group, Bundle, or Collection requested. For Groups, it will be the group’s user-friendly description if defined.

  • Access Level Name = Group, Bundle, or Collection name. For Groups, it will be the group’s user-friendly name if defined.

  • Access Scope ID = Group, Bundle, or Collection ID.

  • Catalog Entry ID = Catalog Entry ID.

  • OIG Request ID = Request ID in req<ID> format

  • Request Assignee’s Email Address = ID of the Admin that took ownership of an inbound access request in Okta Access Requests.  Not advised to use this when calling Okta Workflows as requests generated by conditions do not have a request assignee defined by default so the flows won’t execute until an admin manually sets a Request Assignee.

  • Request Subject = User requesting an Application or Collection name.

  • Requested By = Okta ID of the user making the request for themself or on behalf of another

  • Requesters Email Address = the email address of the user requesting or the user for whom the request was made on behalf of.

  • Requester’s User ID = Okta ID of the user requesting or the user for whom the request was made on behalf of.

  • Resource Description = Description of the Application or Collection where the request condition exists.

  • Resource ID = ID of the Application or Collection where the request condition exists.

  • Resource Icon = Represents the URL location of any application Icon’s set within Okta.

  • Resource Name = Name of application or collection where the request condition exists.

  • Resource URL = Currently not utilized at this time.

Summary

This document explains how to call Okta Workflows from V2 Resource Centric Access Requests (RCAR). It details the data fields that can be passed to a workflow, including Access Duration, Access Level Description, Access Level Name, Access Scope ID, Catalog Entry ID, OIG Request ID, Request Subject, Requested By, Requesters Email Address, Resource Description, Resource ID, Resource Icon, and Resource Name. It also mentions Approval Sequence questions. The document assumes that the ability to call Okta Workflows from OIG Access Requests is already configured.

Related References



Recommended content

Still looking for help?
Loading
Sink Your Teeth into V2 Access Requests with Okta Workflows