<iframe src="https://www.googletagmanager.com/ns.html?id=GTM-M74D8PB" height="0" width="0" style="display:none;visibility:hidden">
Loading
Skip to NavigationSkip to Main Content
System Status
Announcements
Announcements
Search
Search
Select Language
Knowledge Base
Knowledge Articles
Support Videos ↗
Documentation
Product Documentation ↗
Developer Documentation ↗
Product Release Notes ↗
Community
Events & Webinars
Okta Ideas ↗
Resources
Product Hub
Customer Success Hub
Product Release Update
Learning
Okta Learning ↗
Get Support
Open a Case
HomeCommunityForum
0D54z00009uIumpCACOkta Identity EngineWorkflowsAnswered2024-01-16T11:47:07.000Z2023-12-15T15:07:08.000Z2024-01-16T11:47:07.000Z

SarahS.89561 (Customer) asked a question.

December 15, 2023 at 3:07 PM
How do I determine when a device becomes "Managed"

I can see it triggers when a user enrols a device, but, I need to know when it's Fastpass that is used and when the device status is Managed. I would like to force out users to enroll and login with fastpass, then once the device is managed, remove the user from a group which forces them to enroll and login with fastpass

 

I can't see a way to query the device after enrollment to check status, The event device.enrollment.create shows the device status managed to false as at that point it's only enrolled not managed

 

 

  • 2 answers
  • 1.14K views
kbazp likes this.

  • TimL.58332 (Workflows)

    @SarahS.89561 (Customer)​  -- I don't have much to give you here as this question is probably better posted into the "Devices" subcategory and not Workflows.

     

    Looking at the event catalog documentation found here:

    https://developer.okta.com/docs/reference/api/event-types/#catalog

     

    We see there is a new event with OIE (devices in general are OIE only) named:

     

    pki.cert.bind

    Triggered when a certificate is bound to a device. You can use the event to audit certificate device binding relationship. When triggered, the device appears in the Admin Console as managed device.

     

    This is not an event-hook-eligible event which means you would first need to confirm this event contains the data you are looking for by doing some testing. Once you have confirmed you could then setup a scheduled flow that does a "look-back" for new records of that event in the system log.

     

    So something like this: (note: I have no way to setup/test this for this specific use case. This is just a general how-to leverage scheduled flow to pull non-event-hook-eligible event data in a consistent way)

     

    • table) -- Table has one column and just has a single date/time value
    • flow 1) -- Parent flow, Starts on a schedule and runs repeatedly. The flow contains a "now" card to get the current "until" date. It contains a search table to pull the previously stored date "the since". An update table is then ran to update the table with the new value. A query is then made against the System log for the event in question. All results will be passed to a Helper flow for processing.
    • flow 2) Performs processing on the event data to do the action you want accomplished.

     

     

     

    Expand Post

  • SarahS.89561 (Customer)

    Thanks Tim, managed to do something with searching logs as advised, it then queries the device to get the users and that staus

This question is closed.
Loading
How do I determine when a device becomes "Managed"