<iframe src="https://www.googletagmanager.com/ns.html?id=GTM-M74D8PB" height="0" width="0" style="display:none;visibility:hidden">
Loading
Skip to NavigationSkip to Main Content
System Status
Announcements
Announcements
Search
Search
Select Language
Knowledge Base
Knowledge Articles
Support Videos ↗
Documentation
Product Documentation ↗
Developer Documentation ↗
Product Release Notes ↗
Community
Events & Webinars
Okta Ideas ↗
Resources
Product Hub
Customer Success Hub
Product Release Update
Learning
Okta Learning ↗
Get Support
Open a Case
HomeCommunityForum
0D54z00009B9N2OCAVOkta Identity EngineWorkflowsAnswered2024-10-10T22:46:06.000Z2023-05-18T19:03:42.000Z2023-05-22T07:27:18.000Z

LosJ.77330 (Customer) asked a question.

May 18, 2023 at 7:03 PM
Workflow for group assignment approval?

Is it possible to create an Okta workflow that will send an approval to a non admin user for approval on adding someone to a certain group?

 

Basically i have another workflow used by our sales team that is kicked off when a user is assigned to a group, but right now i have to manually add the user to the group when i receive a ticket from the sales team member. Id like to remove myself from the equation and create a workflow that people can kick off and acts as a request to be added to a group and have this sales team member receive the approvals and then they get added to the group, thus kicking off my workflow, and automating the process fully

  • 4 answers
  • 949 views

  • TimL.58332 (Workflows)

    It sounds like you are describing the functionality of the Okta Identity Governance offering which provides access request options with approvers and actions such as adding users to a group (permanently or for a period of time).

  • LosJ.77330 (Customer)

    is there anywhere I could find an example or explanation on how to set this up?

  • NiallM.34104 (Atlas Identity)

    Hi CL. There internal Okta request/approval model isn't exposed as an API, so you are looking at rolling something yourself.

     

    I haven't thought it through fully, but you could look at the new functionality for delegated workflows. That allows users that don't have access to Workflows console to run workflows and leverage fields for data input.

    https://help.okta.com/wf/en-us/Content/Topics/Workflows/build/build-delegated-flow.htm

     

    So the notification part should be easy. Trigger notification to the Sales team that requires approval. Have it include a link and/or instructions to the Okta console.

    Setup a delegate workflow that the Sales team have access to. Allow them to enter the user ID and potentially the group ( or have a del w/flow per group ). This is effectively the approval step. They login to Okta, plug in the details needed and hit the button. User is added to group.

     

     

    Expand Post
This question is closed.
Loading
Workflow for group assignment approval?